While European leaders have, in recent months, urged the adoption of digital reforms aimed at protecting child safety, critics are concerned that the proposals would endanger civil liberties.
Among proposed measures is an age verification system preventing minors under 16 years of age from using social media. In an attempt to prevent age verification workarounds, some have also suggested restricting the use of virtual private networks, or VPNs.
The European Union has denied an interest in banning VPNs, but some politicians have been skeptical. As recently as May, European Commission Executive Vice President Henna Virkkunen said that VPNs must not be allowed to serve as a loophole.
The proposal is rooted in a resolution adopted by the European Parliament in November 2025, which established the age of 16 as the default threshold below which minors should not access social platforms without parental consent.
The resolution is non-binding, but it sets a clear political direction that Brussels intends to translate into law. Lawmakers presented the vote as a response to what they call a youth mental health crisis driven by addictive platform design.
The enforcement lever is the Digital Services Act, the EU’s sweeping content-and-platform law. It empowers Brussels to fine companies up to 6 percent of their global annual revenue for non-compliance.
To make verification work, the European Commission has built its own age-checking app, anchored in the EU’s digital identity wallet.
The wallet framework would eventually let citizens store IDs, diplomas, and other credentials in a single government-recognized system.
Evidence on Social Media Use
Supporters of this measure argue that the status quo is untenable. Socialist Danish lawmaker Christel Schaldemose, who sponsored the Parliament resolution, told colleagues that platform services “are not designed for children.”
Backers noted addictive features such as infinite scrolling, autoplay, and reward loops as deliberate engineering choices that exploit developing minds.
Drawing on a study commissioned by the Scientific Foresight Unit of the European Parliamentary Research Service, the European Parliament’s in-house research arm, the resolution noted that “one in four children and young people display ‘problematic’ or ‘dysfunctional’ smartphone use, meaning behavioural patterns mirroring addiction.”
However, the Electronic Frontier Foundation (EFF), a leading American digital rights organization, has cautioned that the debate on the links between social media and youth mental health is far less settled than political rhetoric often suggests.
The EFF noted that “many of these concerns lack robust scientific evidence,” and that “studies have drawn a far more complex and nuanced picture about how social media and young people’s mental health interact.”
“Still, calls for mandatory age verification have become as ubiquitous as they have become trendy,” it stated.
Who Controls?
The plan to develop these age verifications has also drawn sharp resistance from within the Parliament itself. Barbara Bonte, a Belgian MEP from the Patriots for Europe group, argued in an interview with The Epoch Times that decisions about children’s access belong with families and national governments, not Brussels.
Privacy advocates also warn that the deeper problem is the verification machinery, not the age itself. Because platforms would need to confirm every user’s age, critics said adults could ultimately be required to present a digital ID to use social media at all. Some have compared the underlying infrastructure to the bloc’s controversial COVID-era digital certificate system.
A coalition of 438 security and privacy researchers has called large-scale age-verification mandates “dangerous and socially unacceptable” absent a clear grasp of their consequences.
The digital-rights group European Digital Rights also argued that such checks are invasive, excludes more groups than just children, and are easily circumvented.
Virginie Joron, a French MEP in the Patriots for Europe group, expressed skepticism about the motives of those pushing the legislation. “The EU appears primarily intent on ending anonymity on social media, rather than ensuring the safety of minors,” she told The Epoch Times.
“This tightening comes after record-breaking fines and sustained regulatory pressure directed at Elon Musk and X, as well as at Google and Meta,” she said, arguing that “an American congress report has revealed in February a European censorship complex.”
On Feb. 3, an interim staff report by the U.S. House Judiciary Committee, titled “The Foreign Censorship Threat, Part II,” accused the Commission of a decade-long campaign to censor the global internet, citing more than 100 closed-door meetings with platforms since 2020. It followed a first report in July 2025 that cast the Digital Services Act itself as a tool of global censorship.
Drawing on documents subpoenaed from Meta, Google, TikTok, and X, the report says platforms were pressed to censor lawful political speech on the COVID-19 crisis, mass migration, and transgender issues.
Christine Anderson, a German MEP in the Europe of Sovereign Nations group, said in an interview with The Epoch Times that Brussels is “not credible” in its claim to protect children as “it has no issue exposing kids to gender propaganda and aggressively promoted untested vaccines for children during the COVID crisis, despite kids facing an extremely low risk of severe illness and the vaccines failing to prevent transmission.”
“Protecting minors is legitimate. Our concern is the method,” Barbara Bonte told The Epoch Times.
“The EU can impose strict duties on platforms, such as safer design, no addictive features, no targeted advertising to minors, and real accountability. But it should not use child protection as a pretext to build an identity-checked internet for everyone,” she said.
Experts Question Security of EU Age-Verification App
Effectiveness also remains an open question. The Commission’s age-verification app, unveiled by President Ursula von der Leyen in April 2026 to help enforce social media bans on minors, was quickly undermined by its own open-source design.
Within hours, researchers auditing the GitHub code reported serious flaws. Security consultant Paul Moore claimed in April on X that he breached it in about two minutes and that it stored sensitive data unprotected.
Brussels responded to security concerns by stating that the build was an unfinished demonstration and that the flaw was already patched, but the researchers said they had tested the most current published version.
VPNs in the Crosshairs
Because VPNs let users mask their location and bypass national age gates with a few taps, the tools have also landed squarely in the regulatory crosshairs across the EU and the United Kingdom.
The clearest signal came last month from a briefing by the European Parliamentary Research Service, which warned that VPNs are increasingly used to bypass age verification, calling the trend “a loophole in the legislation that needs closing.”
Senior officials have taken up the theme. At an April 29 press conference unveiling the bloc’s new age-verification app, Virkkunen said the system “shouldn’t be circumvented” while addressing a question regarding the use of VPNs.
National governments are sounding similar notes. French Digital Affairs Minister Anne Le Hénanff said earlier this year that VPNs are “next on my list” as France prepares to bar children under 15 from social media.
A law targeting VPNs would not be the first proposed in the EU. A French bill adopted in May 2024—aimed at making the internet safer for minors while combating “online hate speech” and “disinformation”—sparked controversy over one measure while moving through Parliament: a proposal, backed by several MPs from President Emmanuel Macron’s party, to bar social media users from posting or interacting while on a VPN.
Sponsors argued VPNs obscure users’ identities, shielding them from accountability for unlawful behavior. After strong public backlash, the ban was dropped from the final law.
As it pushes to protect minors online, Brussels is strengthening its case with hard data from across the Channel.
When the UK’s Online Safety Act age checks took effect in mid-July 2025, “half of the top 10 free apps in app-download charts in UK app stores have reportedly been VPN services,” the European Parliamentary Research Service noted, adding that “one app developer reported a 1,800% spike in downloads in the first month after the legislation started to apply.”
For regulators, the math has recast VPNs from privacy tools into obstacles.
However, opponents of the control measures argue that there is no evidence that children are bypassing age checks, and that the surge in VPN downloads is primarily driven by adults.
Proton VPN, which reported a 1,800 percent spike in UK daily sign-ups immediately after age verification rules took effect, attributed the behavior to adults who “are concerned about the impact universal age verification laws will have on their privacy.”
Internet Matters, a leading UK nonprofit dedicated to children’s online safety, reported that there is “no evidence that children are turning to Virtual Private Networks (VPNs) to get around new age checks designed to prevent under-18s from accessing pornography and other harmful content.”
The organization released these findings from research conducted five months after the UK’s Online Safety Act came into force.
Childnet International, a UK charity and partner organization in the UK Safer Internet Centre, has reached the same conclusion alongside the IT company Nominet: “This spike cannot be attributed to children.”
Privacy advocates and digital-rights groups also warn that scrutinizing or restricting VPNs would push Europe toward the kind of internet controls associated with China and Russia.
They tie the VPN debate to the broader Digital Services Act agenda and the contested “Chat Control” proposal, formally the Child Sexual Abuse Regulation, which critics say could erect surveillance infrastructure and weaken encrypted communication.
The European Data Protection Supervisor, the EU’s independent data protection authority, has warned that this proposal “could become the basis for de facto generalized and indiscriminate scanning of the content of virtually all types of electronic communications of all users in the EU.”
Opposition also came from segments of the left. The Greens/European Free Alliance, a left-wing group in the European Parliament, has accused Brussels of seeking to “weaken” the right to privacy “under false pretenses.” “Your private messages should stay private,” the group said.
Guillaume Bigot, a National Rally MP at the French National Assembly, told The Epoch Times “there are other solutions than imposing a universal digital identity and going against VPNs. For example, we could implement automated parental controls,” he said.
“Rather than forcing operating systems to make this simple adjustment, the EU prefers to monitor everyone, even if it means moving closer to North Korea in banning VPNs,” he added.
Some strong pro-EU voices also opposed restrictions on VPNs. “Just NO! … Prohibiting VPNs under the guise of children’s rights is not acceptable,” Svenja Hahn, a German MEP from the Renew Europe Group, wrote on X.
Facing the uproar, the Commission has moved to tamp down expectations. Virkkunen’s office said there was “absolutely no crackdown on VPNs,” and a spokesperson said the EU remained committed to a free and open internet while strengthening child protections.
Whether that assurance holds as the bloc’s end-of-2026 verification deadline approaches is the question now hanging over the debate.
Friends Read Free
Copy
Facebook
Tweet
