According to engadget, the UK regulator Ofcom has fined a porn operator called AVS Group a hefty £1 million, which is about $1.33 million, for failing to implement strong enough age verification checks. The company also got hit with an additional £50,000 fine for not responding to an information request. Now, they have just 72 hours to introduce effective age checks or face a further penalty of £1,000 per day. This crackdown stems from rules announced in July, where the government said it would start enforcing compliance for sites to use “highly effective age checks.” Approved methods include credit card checks, photo ID matching, and even estimating age from a selfie. This marks the third penalty under the UK’s Online Safety Act, following a £20,000 fine against 4Chan in October for similar non-compliance.
The age check arms race
Here’s the thing: this is a classic cat-and-mouse game. Ofcom is pushing for these robust checks—credit cards, official ID, facial analysis—but users are already finding ways around them. The article mentions people using VPNs and even fake IDs generated by tools like ChatGPT. So you have to wonder, how “highly effective” can these systems really be if a clever teenager with a VPN and some AI tools can bypass them? It feels like we’re building a very expensive, regulation-heavy fence that might have a giant, obvious hole in it. The intent, protecting kids from harmful content, is absolutely valid. But the practical execution seems fraught with the same evasion tactics we’ve seen with every other geo-blocking or age-gating effort in internet history.
A global trend with mixed results
The UK isn’t alone in this push. As noted, about half of U.S. states have some form of age check law now, and countries like France, Italy, Australia, and China are on board too. Australia even went nuclear by proposing to ban social media for kids under 16, targeting platforms like Twitch and YouTube. But that raises a whole other set of questions about enforcement and privacy. When you require a credit card or a government ID to access a website, you’re creating massive data trails and honeypots for sensitive information. Are these systems secure? What happens when one gets breached? We’re trading one risk for another, potentially bigger one. It’s a messy compromise.
Enforcement meets reality
Oliver Griffiths, Ofcom’s safety director, says the “tide on online safety is beginning to turn” and they’ll “use our full powers” if companies fall short. The fine against 4Chan and now this massive penalty against AVS Group show they’re serious. But I’m skeptical. Fining a relatively known entity is one thing. The real test will be policing the vast, decentralized underbelly of the internet. How do you enforce this on thousands of smaller, offshore, or torrent-based sites? You probably can’t. So the law ends up primarily affecting the larger, more visible companies that are somewhat easier to regulate, while the wild west continues unabated elsewhere. It creates an uneven playing field and might just drive traffic to less savory, less compliant corners of the web. Basically, the road to a safer internet is paved with good intentions, but the map might be leading us in circles.
