Brazil’s Data Protection Agency to update digital age assurance guidelines

On May 22, 2026, the Brazilian Data Protection Agency (ANPD) opened a public consultation regarding its Age Assurance Mechanisms Guide.

The preliminary guidelines were published in March 2026 and address how age-assurance solutions should be implemented under Brazil’s Digital Child and Adolescent Statute (Law No. 15,211/2025 – ECA Digital). The guidelines provided six general categories of requirements for such solutions:

• Proportionality;
• Accuracy, robustness, and reliability;
• Privacy and personal data protection;
• Inclusion and non-discrimination;
• Transparency and auditability; and
• Interoperability.

The new version of the ANPD’s guide expands on these preliminary guidelines and introduces specific requirements for using technical solutions such as facial age estimation and document verification, as well as covering the digital chain of responsibility and other relevant concepts.

The updated guide is in line with the provisions of Decree No. 12,880/2026 (Article 49), which state that the ANPD is to define the steps for implementing age-assurance solutions.

Digital chain of responsibility

The guide emphasizes that age-assurance obligations under the ECA Digital are allocated according to each provider’s position within the digital ecosystem, and that effective implementation requires coordinated action among various actors so that solutions work in a complementary, interconnected manner.

The framework establishes a two-tier protective system in which age assurance takes place at two stages: first, at the app-store and operating-system level, and second, at the level of other providers.

App stores and operating systems must carry out age assurance processes and share an age signal with providers via an API. Other product and service providers, in turn, must ensure they properly receive and process these age signals and must have contingency measures in place to address failures or systemic disruptions in signal transmission. Depending on the nature of their product or service, providers may also be required to implement additional age-assurance mechanisms.

To clarify these obligations further, the ANPD has included a table in the guide setting out recommended assurance mechanisms based on the risk level associated with the product or service.

General requirements

From a practical standpoint, the ANPD’s guide sets out the following recommendations to assist in complying with each of the general requirements:

Proportionality

Select the most appropriate age‑assurance solution only after identifying and assessing the risks inherent to the use of the product or service, the chosen assurance mechanism, the context, the nature of the service, its features, and the supply environment. Mechanisms that have a greater impact on privacy, personal data protection, safety, health, or the well‑being of children and adolescents should be reserved for high‑risk scenarios in the digital environment. Governance tools such as data protection impact assessments and other impact reports are important for identifying and assessing such risks.

Accuracy, robustness, and reliability

Document the mechanisms’ accuracy. Adopt technical and organizational measures to detect attempts to bypass controls or commit fraud (for example, automated validation of official documents, consistency checks between the document used for age assurance and the user, and automatic invalidation of expired tokens or credentials).

Personal data protection

Operate age‑assurance systems separately from the platform’s other data‑processing infrastructure. Apply strict access controls to personal data collected during the verification process so that only systems and professionals directly involved in verification can access it. Where possible, delete raw data used during the age assurance process immediately after it has been completed.

Inclusion and non-discrimination

Implementation must not directly or indirectly exclude people from digital life or disproportionately impede access to legitimate products and services. Providers should periodically evaluate the performance of AI systems to detect algorithmic bias. Age‑assurance systems should be usable on devices with lower technical capacity or limited internet connectivity.

Transparency and auditability

Provide clear, precise, and accessible information (in plain, understandable language) about the types of age‑assurance mechanisms in use, their purposes, the data involved, and other relevant details. Once a mechanism is in place, maintain audit logs of its operation, including records of granted or denied access, the age assurance result, the time of access, and the method used.

Interoperability

Favoring interoperable solutions that share only the age attribute is recommended. However, this should not be understood as creating extensive, integrated databases or enabling the permanent transmission of personal data among different providers of products, services, or information technology.

Specific requirements

The guide makes clear that the scenarios below are illustrative and do not amount to validation, endorsement, or unrestricted authorization by the ANPD. Rather, they are benchmarks for how certain mechanisms may be implemented:

Facial estimation

This method seeks to estimate an individual’s age from biometric attributes captured in images or video, without requiring the user to present an identity document. Providers must prepare a data protection impact report, ensure the method is not used to identify or authenticate a specific person, and adopt anti‑circumvention measures, high‑reliability systems, and strong technical security safeguards.

Document verification

This mechanism validates the data contained in a document against the provider’s age criteria, and is generally more appropriate for higher‑risk services. Providers must ensure the document’s authenticity, integrity, and validity; protect against circumvention and forgery; and comply with data‑protection and privacy requirements.

Verifiable credentials

This method involves the user presenting an age attribute previously issued by a trusted entity (for example, a government authority such as Gov.BR or a certified issuer). Verifiable credentials must include only the attributes strictly necessary to prove age or age range. The issuer validates the user’s identity and attributes and issues the credential; the holder (the user) stores it (e.g., on their device); and the verifier requests and checks the credential to determine whether the user may access the product or service.

Deadline for contributions to the guide

Interested parties may submit contributions for each section of the guide. Contributions may be submitted online via the Brasil Participativo platform until July 9, 2026.

For more information on this topic, please contact Mattos Filho’s Technology practice.