What are the specific laws regarding age verification in norway

1. What the government has proposed: a hard 15 and an amended Personal Data Act

The government has presented a public-consultation proposal to make it illegal for social media platforms to offer services to children under 15, including amending the Personal Data Act so that platforms may only lawfully process personal data of users who are at least 15 years old—thus tying consent and access to a statutory age threshold ^[1][2]. The proposal is explicitly linked to implementing the Digital Services Act (DSA) youth guidelines and the EU eID framework (eIDAS 2), signalling an intention to align Norwegian law with EU digital and identity rules ^[5][1].

2. How age verification is envisioned: eID, BankID and third‑party solutions

Officials and reporting identify electronic identity systems—most prominently BankID and related eID providers—as the likely backbone for verification, and the government is considering models where verified digital IDs on smartphones confirm users’ ages without platforms learning raw birthdates ^[3][1]. Industry and civil-society actors are discussing biometric selfie checks, trusted eID brokers and parental authorisation mechanisms; Norway’s digital identity market (including firms like Criipto connected to BankID infrastructure) is already mentioned as a likely provider ecosystem ^[3][6].

3. Legal scope and interplay with EU rules: DSA, eIDAS and cross‑border enforcement

The Norwegian proposal frames the age limit and verification duties in the context of the DSA’s youth-protection measures and the forthcoming eIDAS 2 rules, meaning platforms operating in Norway would face obligations mirroring EU expectations for age-appropriate design and privacy-preserving verification ^[5][1]. Norway is explicitly working “closely with the EU” on joint solutions for large tech companies, implying regulatory harmonisation rather than a wholly standalone national model ^[1].

4. Enforcement, penalties and practical contingencies—still undefined

Public reporting emphasises strengthened penalties for violations of marketing rules aimed at children and plans to address online exploitation, but concrete enforcement mechanisms, penalty scales and operational responsibilities for audits or compliance checks remain part of the consultation—not finalized statutory detail in the sources reviewed ^[1][7]. The proposal raises practical questions acknowledged in public debate—such as what to do about people without BankID, refugees without national ID, and whether requiring bank accounts or national eID would create exclusion or privacy risks—issues noted by government spokespeople and advocacy groups ^[8][6].

5. Debate, pushback and likely real‑world outcomes

Supporters frame the move as child protection: surveys cited by government indicate broad public backing for electronic age checks and document increased exposure of children to harmful content ^[1]. Critics and scholars warn that hard age gates can drive young people to unregulated platforms, produce false attestations, and create tensions between protection and minors’ rights to information and participation—evidence from comparable reforms in France, Australia and U.S. states shows significant evasion and technical circumvention is common ^[9][6]. Industry and rights groups also flag privacy trade-offs of centralised ID checks and the need for privacy-preserving designs under eIDAS/DSA guidance ^[5][3].

6. Bottom line: law in formation, not finished—what is specific today

The concrete legal specifics currently on the table are: a proposed statutory minimum age of 15 for social media access tied to consent under an amended Personal Data Act, an expectation that age verification will be required (likely via eID/BankID or approved third‑party systems), and alignment with DSA and eIDAS 2 frameworks; however, the technical standards, enforcement details, exemptions (parental consent regimes) and penalty mechanics remain subject to consultation and further rule‑making ^[1][5][2].