Commission Finds Meta Breached Digital Services Act Over Underage Access

The European Commission has found that Meta’s Instagram and Facebook platforms are not complying with the Digital Services Act (DSA) concerning the protection of minors under 13 years old. Despite Meta’s own rules setting the minimum age at 13, the company’s methods to prevent younger children from accessing these services are ineffective. Children can easily enter false birth dates to bypass age restrictions, and there are no strong checks to verify the accuracy of the information provided during account creation.

The Commission also criticized Meta’s reporting tool for minors under 13 as complicated and inefficient. Users must click through several steps to report underage accounts, and the forms are not pre-filled with relevant information to speed up the process. Even when underage users are reported, Meta often fails to follow up properly, allowing these minors to continue using the services without additional verification or removal.

Meta’s risk assessment process for protecting minors was found to be incomplete and inconsistent with evidence from across the European Union. Studies show that about 10-12% of children under 13 use Instagram or Facebook, yet Meta’s assessments do not fully acknowledge this or the increased vulnerability of younger children to harm on these platforms. The Commission demands that Meta improve its risk evaluation methods and implement stronger measures to detect, prevent, and remove underage users.

The Commission has given Meta the opportunity to respond and fix the issues in line with the 2025 DSA Guidelines on minors’ protection. If Meta fails to comply, the Commission may issue a formal decision and impose fines up to 6% of Meta’s total worldwide annual turnover, which could amount to billions of euros. The investigation also continues into other possible breaches, including risks related to platform design that may encourage addictive behavior among minors.