Greece has announced a legislative initiative to prohibit access to social media platforms for children under the age of 15, with entry into force on 1 January 2027. The measure, announced in April 2026, forms part of a broader social policy framework aimed at addressing issues of addiction and psychological strain among minors, while at the same time assigning responsibility for age verification and user identification to service providers.
This development constitutes a significant intervention in the way the national legal order seeks to regulate the presence of minors in the digital environment, in alignment with EU law and relevant European Union guidelines. It is not merely a protective measure against online risks, but one that is intrinsically linked to the broader framework of personal data protection.
A key challenge arises in relation to the practical implementation of the measure, as the imposition of an age restriction necessarily entails the development of reliable age verification mechanisms. Such mechanisms involve the processing of identity and age-related data, thereby making it essential that data protection principles be embedded from the design stage. In particular, age verification must comply with the principle of data minimization, through technical solutions that limit data collection strictly to what is necessary for confirming the relevant age threshold.
Particular importance is also attached to the choice of the age limit at 15 years. According to Article 8 of the GDPR, a minor’s consent to the processing of personal data in the context of information society services is, in principle, valid from the age of 16, while allowing Member States to set a lower threshold. The Greek legislator, through the national implementing law (Law 4624/2019), set this threshold at 15 y.o., recognizing that from this age onwards minors possess a sufficient level of digital maturity to provide valid consent independently. In this light, the adoption of the same age threshold within the emerging regulatory framework governing access to social media does not appear arbitrary but rather reflects a coherent and consistent legislative approach aligned with the national legal understanding of minors’ digital maturity.
The real challenge, therefore, lies not in the age threshold itself, but in its implementation. The objective is to design age verification mechanisms that effectively protect minors without resulting in excessive collection or processing of personal data, and without undermining in practice the level of privacy protection that data protection law seeks to guarantee.