Digital Age Assurance Act (DAAA)
With the ever-growing web of digital access, safeguarding of children on the internet and preservation of privacy alongside free access to the internet have resulted in a major issue among legislators across the world. The past age verification systems that use self-certification on websites or applications have not been reliable. Privacy is also a serious issue that has been raised with the use of the platforms in age checks.
What is the DAAA? Contemporary Framework of Age Verification
The Digital Age Assurance Act (DAAA) or the DAAA Proposed Model Bill was initially developed by the International Centre of Missing and Exploited Children (ICMEC) in order to promote a device-based age verification. Instead of requesting the users to constantly verify their age on various online platforms, the DAAA requires a single-time verification when the device is activated or when the operating system is updated.
Upon verification, the age of a user will be saved on his/her own device. When the user accesses age-restricted services, only a basic verified status will be communicated via an API that is secure API. This will remove the privacy risks, duplication of data entry, and it will provide a stable and constitutional way of securing children on the internet, as their age will be automatically checked and they will not have to create any nuisance.
In 2025, lawmakers Buffy Wicks and Tom Umberg of California, with ICMEC and Children Now as co-sponsors, put forward Assembly Bill 1043 (AB 1043). With this, California became the first state in the US to formally introduce the DAAA structure. It is hoped that this legislative initiative will show that the device-based verification is not only workable, but enforceable and therefore place the DAAA in the position to serve as a benchmark of future laws governing online child safety. The bill is, however, in the legislative stages before it is enacted as law.
How age assurance under DAAA Works:
1. Device Activation
Upon the very first activation of a new device, the users will be questioned about their age. This liability lies on the design, production and sale companies of internet-based gadgets such as smartphones. The DAAA will offer age assurance on all devices by transferring the responsibility onto manufacturers, meaning that all devices will have built-in age assurance at the point of sale.
2. Older Devices
In the case of devices sold prior to the enactment of the law, the manufacturers must come up with the same device-based age verification by updating the operating system (OS). This will put existing devices, which are already on the market, into conformity without requiring users to buy new hardware.
3. Secure Age Storage
After age verification of a user, the data is saved in the device itself. When a user signs in on any platform, the device will only identify whether he/she are above the age of 18 or not, and will not distribute their data across several platforms. It implies that the users will not have to enter personal information multiple times whenever their age is required to access an online platform.
4. API Communication
When the user visits a site, application, or other online service that needs to authenticate the age of the user, the operating system of the device verifies the user via a secure API that determines whether he/she is of the age that is acceptable by the online service. The only information that is shared is the verification status and not personal information. This maintains the confidentiality and privacy of data.
Strength of the DAAA Constitutionally and legally
The advocate and proponent of DAAA claims that the act has been tailored in such a way that it evades the constitutional issues that are present in the current laws. In their case, they have: Strengths that consist of:
- Adults also confirm that once the setup of the device is complete, it prevents repeated ransacking of legal content.
- The DAAA has no limitations on access to constitutionally guarded content.
- The law can fulfil its mission without resorting to too many restrictions, as the Users are verified at the source (the device).
- No one shares their personal data with anyone, as it is stored in the local device.
- All device manufacturers have to do is introduce verification during installation or through software updates.
To most, these strengths explain why the DAAA is a viable right-respecting alternative to platform-based laws.
Global Relevance of the DAAA
Similar to the GDPR, establishing a standard of data privacy, the DAAA is also being debated as a possible way of digital age verification and child protection. Its structure comprises aspects of privacy and constitutionality. It can be used as an example by other nations that are investigating ways to implement online child safety frameworks.
Final Thoughts
The Digital Age Assurance Act (DAAA) is a suggested framework that deals with internet age checking by pushing the procedure from the single systems to a device-based framework. Under this act, a user is required to verify his or her age once at the device level, and the device provides secure communication of the status of verification in case it is required.
Advocates of the DAAA emphasise a number of the perceived advantages of this model, such as minimising the privacy risks, limiting the number of constitutional issues, preventing minors from accessing sexual content and having an explicit enforcement mechanism. The proposal has been framed in the sense that it can be adopted as an alternative to online age verification by businesses as well as policymakers.