Australia has activated a new requirement for search engines to verify the ages of their signed-in users, with companies now facing a six-month countdown to full compliance.
The rule, which began on December 27, sits within a newly registered industry code under the authority of the eSafety Commissioner and extends the country’s expanding system of online content controls.
Search services such as Google and Bing must soon introduce age-assurance checks when logged-in users perform searches that might surface adult or otherwise “high-impact” material.
The mechanisms vary, but common approaches include prompting users to confirm their age through a pop-up screen or submitting an official document, credit card details, or digital ID.
The eSafety framework allows companies to choose their method, yet the guidance materials show a narrow range of real-world options: facial-recognition age estimates, photo ID scans, parent verification for minors, or reliance on third-party verification services already holding age data.
All options are privacy-invasive and would end anonymous searches.
For those not logged in, searches will still function, but some content may appear blurred.
Logged-in users under 18 will automatically receive filtered results excluding topics the government labels as harmful.
How these controls will coexist with privacy-focused or anonymous search engines remains unclear.
Google, which controls more than 90 percent of Australia’s search market, and Microsoft both risk penalties of up to about $50 million per breach if they fail to comply by the June 27, 2026, deadline.
The new obligations form part of a longer campaign by Canberra to tighten online speech and access to speech.
Over the past several years, lawmakers have broadened the eSafety Commissioner’s mandate and pushed for stricter age limits on social media use.
The government’s rhetoric has framed these efforts as protective, but the architecture being built effectively positions identity verification as a precondition for access to key parts of the internet.
Although the code took effect at the end of 2025, the change drew little public attention. That is partly because the rules emerged through administrative regulation rather than new legislation, sidestepping open parliamentary debate.
The eSafety Commissioner, Julie Inman Grant, briefly referenced the measures during her address to the National Press Club, stating, “These provisions will serve as a bulwark and operate in lock step with the new social media age limits,” and, “It’s critical to ensure the layered safety approach…including on the app stores and at the device level, the physical gateways to the internet where kids sign up and first declare their ages.”
Her comments suggest an ambition to extend verification across more digital environments, possibly to app stores and operating systems themselves.
The broader question, however, concerns how far a government will go in mandating identity checks for access to online information. While officials frame the policy as protective, the infrastructure it introduces risks eroding the ability to search and browse freely without identification.
For those committed to a free and open internet, the new code is a move toward conditional access, a system in which anonymity and information freedom may soon depend on government-approved credentials.
