"The open internet is a global public resource that has long since become foundational to the flourishing of individuals, businesses, and societies," the letter states, warning that "this openness and the opportunities it affords are coming under threat in the UK."
The signatories: EFF, Mozilla, Open Rights Group, Proton and the Tor Project
Privacy groups, VPN providers, and civil liberties outfits have joined a single, public pushback against new UK proposals. The joint statement names the Electronic Frontier Foundation, Mozilla, the Open Rights Group, Proton, and the Tor Project among its signatories, and argues ministers' plans will do more harm than good if carried out on the scale now being consulted on.
Children's Wellbeing and Schools Bill cleared Parliament and ministers are consulting
The proposals under scrutiny have moved forward after the Children's Wellbeing and Schools Bill cleared Parliament. Ministers are now consulting on measures that could include curfews for younger users and restrictions across services ranging from games and VPNs to static websites, the letter says. Those consultations are the immediate policy moment; the groups warn the consultation's current scope risks a broad roll-out of access controls.
Proposed measures: curfews, age checks for games, VPNs and static websites
The plans under discussion would not be limited to a handful of social platforms. The signatories point to potential restrictions for "games and VPNs to static websites," and warn that when access restrictions are implemented they will "hinge on all users having to verify their ages, not just young people." The letter frames the approach as one that targets access rather than the design choices and business models of services.
Accuracy, privacy and security concerns — and the drawn-on mustache
Signatories cite early results from existing systems as evidence the technology is imperfect. The letter notes it has been months since tougher checks under the Online Safety Act began rolling out, and that some systems have already been fooled "by little more than a drawn-on mustache," raising questions about how effective those checks are at keeping minors out. The groups state plainly: "Existing age assurance technologies are either insufficiently accurate, undermine privacy and data security, or are not widely available across populations."
They also warn that a universal rollout of imperfect systems "creates serious new security threats," arguing that the technical and privacy trade-offs are not negligible and could introduce new points of failure across widely used services.
Market impact: cementing the dominance of gatekeeper app stores, operating systems and platforms' walled gardens
The letter frames the proposals as market-shaping as well as safety-focused. Requiring age verification broadly, the signatories argue, risks "cementing the dominance of gatekeeper app stores, operating systems, and platforms' walled gardens" and could turn the web into "a patchwork of age-gated jurisdictions." In their view, mandating external access controls may entrench a smaller set of providers that already control identity and distribution, rather than change the underlying drivers of harm.
How technologists, policymakers and end users are likely to respond
- Technologists and security teams: The letter explicitly warns that broad adoption of current age-assurance technology "creates serious new security threats," so engineers and security teams will be watching verification designs and data flows closely for new attack surfaces and privacy risks.
- Policymakers and regulators: Ministers are consulting now after the Children's Wellbeing and Schools Bill cleared Parliament; the signatories press regulators to address business models built on the "massive collection of user data" rather than focusing solely on access bans.
- End users and the general public: The groups say a system of widespread age gates will quickly require "all users having to verify their ages, not just young people," shifting practical burdens and privacy trade-offs onto ordinary internet users.
The letter ends with a challenge to the direction of policy: "Now is the time to hold tech to account, not undermine the open internet." That closing line crystallizes the signatories' core objection — ministers are consulting on measures that could reshape access, privacy and market power simultaneously, and the groups are asking whether restricting access is the right lever when they say the underlying problem sits with business models that rely on "massive collection of user data." The consultations are the near-term next step; how ministers respond will determine whether the UK moves toward more pervasive age gates or toward other interventions addressing data-driven harms.
