Indonesia Enforces Under-16 Social Media Ban, Mandates Age Checks

Indonesia’s Ministry of Communication and Digital Affairs brought its under-16 social media ban into force on March 28, 2026, requiring eight platforms designated “high-risk” to verify the age of their users and deactivate accounts belonging to children. The measure, issued as Minister of Communication and Digital Regulation No. 9 of 2026, implements the broader Government Regulation No. 17 of 2025 and gives platforms until a reported deadline of March 28, 2027 to comply before facing fines, suspension, or loss of access to the Indonesian market.

Eight Named Platforms Must Deactivate Under-16 Accounts

According to JURIST, Regulation No. 9 of 2026 took effect on March 28, 2026 and names eight services as high-risk: YouTube, TikTok, Facebook, Instagram, Threads, X, Bigo Live, and Roblox. These platforms must identify and remove account holders under the age of 16. As reported by TechCrunch, children aged 13 and older may use platforms the government classifies as lower-risk, while high-risk services remain restricted to users over 16.

Enforcement falls to the Ministry of Communication and Digital Affairs, which can issue a written warning, an administrative fine, a temporary suspension, and ultimately termination of access for non-compliant providers, according to law firm SSEK. The sanctions target the platforms rather than children or their parents, and the ministry is authorised to publicly announce any penalties it imposes.

Indonesia Joins a Widening Regional Crackdown on Minors’ Access

Indonesia is the latest jurisdiction to legislate a social media age floor, following Australia’s ban on under-16 account holders and active debate over similar measures across the European Union. Government Regulation No. 17 of 2025, the parent rule, reaches well beyond the eight named platforms. As outlined by law firm DFDL, it applies to any electronic system reasonably accessible to children, classifies products as high or low risk, and requires operators to embed “safety by design” and “privacy by design” into their services. The regulation took effect in March 2025 with a two-year transition window for providers to adapt.

Self-Declared Birthdates Offer No Real Barrier

The core weakness the regulation targets is the age gate most platforms still rely on: a self-declared date of birth that any child can falsify in seconds. Removing existing under-16 accounts and screening new sign-ups demands verification that holds up to regulatory inspection, not a checkbox. The challenge is sharpened by GR 17/2025’s own privacy-by-design provisions, which discourage operators from amassing large stores of children’s personal data. Platforms must therefore prove a user’s age accurately while collecting as little sensitive information as possible, a balance that conventional ID-upload flows handle poorly.

Layered Age Assurance Closes the Verification Gap

Platforms operating in Indonesia now need age verification that satisfies regulators without turning onboarding into a data-collection exercise. That calls for AI-driven checks capable of estimating age from a facial scan, confirming a genuine identity document when one is required, and detecting forged credentials, all within seconds and across the many nationalities present in one of the world’s largest mobile-first markets.

Shufti’s age verification solution combines facial biometric age estimation with document verification and is certified by Germany’s KJM age-assurance body, with document coverage spanning 220+ countries. Social platforms weighing how to meet the March 2027 deadline can request a demo to see how layered age assurance works in practice.