Brazil: Ministry of Justice and Public Security published report on methodology and minimum requirements for age verification in digital services

On 3 February 2026, the National Secretariat for Digital Rights (SEDIGI) of the Brazilian Ministry of Justice and Public Security published a report analysing public consultation inputs to support the regulation of age verification mechanisms under Law No. 15.211/2025 on the Digital Statute of Children and Adolescents (ECA Digital). The report identifies convergence around a risk-based, proportional framework that rejects self-declaration as a valid method for high-risk services, and outlines a dual-layer architecture in which operating systems or application stores would provide a baseline age signal and applications would conduct context-specific verification. Preferred technical approaches identified include digital identity systems, verifiable credentials, and zero-knowledge proofs, while the report highlights concerns around facial biometrics, surveillance risks, data centralisation, and misuse of data for profiling or artificial intelligence (AI) training. The report further recommends data minimisation, restrictions on secondary data use, interoperable Application Programming Interface (API) standards, certification and audit mechanisms, regulatory sandboxes, and differentiated compliance obligations to reduce burdens on small and medium enterprises. The report also addresses risks arising from digital exclusion, enforcement challenges, and circumvention through virtual private networks or deepfakes.