Germany

[DE] Age Verification System Standards for Youth Protection

IRIS 2003-10:1/30

Carmen Palzer

Institute of European Media Law (EMR), Saarbrücken/Brussels

The Kommission für Jugendmedienschutz (Commission for Youth Protection in the Media - KJM) has laid down standards for age verification systems designed to protect minors in the telemedia sector in accordance with the rules contained in the Jugendmedienschutz-Staatsvertrag (Inter-State Agreement on Youth Protection in the Media - JMStV).

Under Article 4 JMStV, the broadcasting of pornography is totally forbidden. However, pornography is admissible in telemedia if the provider ensures that it can only be accessed by adults (restricted user group). Under the youth protection reforms carried out in Germany in April this year (see IRIS 2002-7: 13 and IRIS 2002-9: 15), the KJM is now responsible for monitoring compliance with the provisions of the JMStV. Age verification systems designed to meet the requirements of Art. 4 JMStV may be submitted to the KJM for checking before they are placed on the market. Although the KJM's decision does not imply official recognition of the system concerned, it does give the company a degree of legal certainty. If the age verification system functions in practice as it did in theory when presented to the KJM, the provider can be sure that it restricts use as required by Art. 4.2.2 JMStV and that the KJM will not query the system when it monitors its implementation.

In this connection, on 24 June 2003 the KJM reached a decision in principle that a restricted user group would be produced if two conditions were met: firstly, the user's age must be checked in person (face-to-face) and secondly, there must be some form of authentication process each time access is required in order to prevent access data from being passed on to minors. The KJM applied these principles for the first time on 24 September 2003, when it decided that two of the age verification systems it had received met the relevant criteria.

The first was the so-called "X-Check" system devised by Coolspot AG, which involves one-off customer identification using a procedure administered by Deutsche Post AG. The customer's age is verified by post office staff by means of the person's identity card. Then each time the customer requires access to the service, authentication is carried out by a mainframe computer, for which the customer needs their own software, hardware (ID-chip) and a PIN.

The second approved system was submitted by Vodafone D2. In this case, the customer's age is verified when they sign an agreement in a Vodafone D2 shop or an associated store. Each time access is required, an individualised Adult-PIN is used in connection with a hardware component (SIM-card).