Australia’s bold experiment to wall off under 16s from social media is colliding with a simple truth: machines that guess our age are far easier to fool than policymakers hoped
The rule, the clock, the stakes
From 10 December 2025, social media services that meet eSafety’s definition will be legally required to take reasonable steps to stop Australians under 16 creating or keeping accounts. Failure can invite penalties up to A$49.5 million. This is not a criminal ban on kids, but a compliance regime for platforms that eSafety will oversee. Facebook, Instagram, Snapchat, TikTok, X and YouTube are all in scope, with exclusions for pure messaging and some other services set in legislative rules.
The Albanese Government framed the minimum age as a child safety measure endorsed by National Cabinet, tying it to a broader online safety agenda and giving companies a year to prepare. The policy intent is to curb addictive design, reduce exposure to harmful content and reset how platforms treat young users.
AI checks at the front door
Can AI tell a 15 year old from a 16 year old well enough to police a national rule at scale? The government’s Age Assurance Technology Trial, a ten part assessment delivered on 31 August, says age assurance can be private, robust and effective when layered. It examined age estimation, document verification, inference methods and parental tools, and recommended stacking techniques to reduce errors and limit data collection.
Regulators have also told companies to favour minimally invasive approaches. eSafety’s regulatory guidance and public statements warn that blanket identity checks for everyone would be unreasonable, urging platforms to use existing signals and AI to infer age, escalating to firmer checks only when needed.
The mask that fooled the machine
Independent researchers have now demonstrated an uncomfortable gap. In testing three top performing facial age estimation systems likely to be used here, a University of Melbourne and Princeton team found that cheap party disguises and “old man” masks bought for around $22 could reliably tip a face scanner into declaring a minor to be an adult, sometimes within 20 minutes of trial and error. The researchers also reproduced well known “liveness” bypasses using game avatars and exaggerated expressions. Their findings are preliminary, but they spotlight an attack surface that is accessible to any determined teenager.
Industry counters that certification labs test against mask attacks and that up to date models catch most tricks. Yet even trade groups concede no system will block every bypass, and that configuration choices made by platforms, such as allowing unlimited retries, can quietly open the back door.
The grey zone near the line
The trial’s own data accepts that errors are inevitable around the threshold. Systems perform well for over 19s, but accuracy degrades for those aged 14 to 17, the very cohort targeted by the law. Government commissioned analysis and independent reporting highlight demographic skews too, with higher error rates for some non-Caucasian users, Indigenous Australians and those close to 16, prompting calls for stronger fairness metrics and clearer fallbacks when the AI is unsure.
Vendors say they are improving. Leading suppliers report month on month accuracy gains for teens, along with tighter bias controls, and point to the UK’s Online Safety Act as proof that scaled enforcement is possible. But improvements do not eliminate the fundamental trade off between friction, privacy and precision, especially for edge cases.
VPNs, loopholes and the coming cat and mouse
Age checks are only one layer. Policymakers have watched the UK experience, where VPN use spiked as age gates went live and social media was flooded with tips on bypassing enforcement using doctored IDs and AI edits. eSafety says platforms here will be expected to monitor for VPN traffic, correlate geolocation and behaviour, and limit retry abuse. Experts agree detection is feasible, but establishing that a user is “regularly resident in Australia” is much harder at scale.
Who is covered, who is not
Scope matters. After initially considering an exemption, the government added YouTube to the list of age-restricted platforms, while signalling that 4chan is unlikely to be covered because it functions more like an image board and does not align with the statutory definition. Both decisions illustrate the line drawing that will shape enforcement and evasions alike.
Reasonable steps or wishful thinking
Australia’s scheme hinges on the legal phrase “reasonable steps.” eSafety’s page stresses layered approaches, privacy preserving methods and proportionate data use. The trial echoes this, recommending successive validation rather than one shot checks, and escalation pathways that move from inference to estimation to ID only when warranted. The design gives companies flexibility and gives the regulator auditing power, but flexibility cuts both ways. Bad configurations and permissive retry logic can erase the benefits of the most sophisticated model.
What success looks like on 10 December
If “success” means no under 16s ever slip through, the policy will fail on day one. If it means driving down the prevalence of underage accounts and forcing platforms to invest in safety, the architecture gives eSafety a lever. The test will be whether platforms adopt conservative settings, pair AI with human-centred design and accept friction where it matters, rather than gaming “reasonable steps” to protect growth. ABC’s reporting on mask bypasses is a warning that a clever configuration can be undone by a cheap prop, especially if retries are unlimited and liveness signals are weak.
The path forward
There is a pragmatic middle course. First, treat age estimation as triage, not truth. When the model is uncertain or detects spoof risk, escalate to document checks with privacy safeguards such as one-time verification tokens and strict data minimisation. Second, rate-limit and randomise challenges to stop trial and error attacks. Third, publish accuracy and fairness dashboards so parents and teens can see when systems are wrong, and why they were escalated. Finally, set baseline standards for anti-circumvention and bias mitigation that vendors must meet to count toward “reasonable steps,” rather than leaving performance to voluntary promises. The regulatory guidance already nods in this direction. It now needs teeth.
The verdict
Australia is attempting something ambitious and, in many respects, overdue. But an age gate guarded by AI is only as strong as its weakest configuration. On 10 December, the country will learn whether “reasonable steps” means resilient engineering or a revolving door that a paper mask can walk through. The difference will be measured not in technical white papers, but in whether teenagers find themselves quietly back online by Christmas.
