On May 21, 2026, the French digital-rights group La Quadrature du Net published a detailed critique of France's plan to bar under-15s from social media, arguing that the policy amounts to "la généralisation du contrôle d'identité en ligne" — the generalization of online identity control — rather than meaningful child protection (La Quadrature du Net). The intervention lands as the bill, already adopted in first reading, heads toward enforcement by France's audiovisual and digital regulator, ARCOM.
What France actually passed
The proposal, sponsored by centrist deputy Laure Miller, cleared the National Assembly in first reading on the night of January 26–27, 2026, by 130 votes to 21 (Al Jazeera). It prohibits under-15s from holding social-media accounts, requires platforms to deactivate existing accounts of younger minors, and carves out educational services and private messaging such as WhatsApp (Assemblée nationale). President Emmanuel Macron, who called the vote a major step, said he wanted it in force by the September 2026 school year. Critically, a ban on under-15 accounts is only as good as the system that tells a platform how old a visitor is — and that is where the mechanism swallows everyone, not just children.
The strongest case for the ban
The case for acting is real and should not be dismissed. Miller told the Assembly that French children "are reading less, sleeping less, and comparing themselves to one another more," and a substantial body of parental and clinical concern backs the intuition that engagement-optimized feeds are not designed with adolescent wellbeing in mind. France is not legislating in a vacuum: Australia's under-16 ban and a cluster of EU governments — Denmark, Greece, Spain — are moving in the same direction. If platforms will not build meaningful guardrails voluntarily, the argument runs, a statutory age floor is a legitimate democratic choice.
Why the verification design undercuts the goal
The problem is architectural. To enforce an age floor for minors, a platform must verify the age of every user, because it cannot know who is a minor without checking. France and the European Commission answer this with the language of privacy: the EU's age-verification blueprint, published July 14, 2025 and declared feature-ready on April 15, 2026, uses zero-knowledge proofs so a user can prove they are over a threshold "without sharing any other personal information" (European Commission). French authorities market their version as "double anonymat" — double anonymity.
La Quadrature's central charge is that this is branding, not engineering. "Le « double-anonymat » n'offre aucun anonymat," the group writes — double anonymity offers no anonymity whatsoever. The zero-knowledge step may hide a birthdate from the platform, but the user must still establish their civil identity upstream, typically through an ID document or a state digital-identity system such as France Connect. The result is not anonymity; it is a verified identity event for every adult who wants to read a feed. That is a structural change to how the open web works, justified by a children's-safety rationale that the verification touches only incidentally.
Who gets locked out
The critique also flags distributional harm that the headline debate ignores. Undocumented residents and others without standard French ID cannot satisfy a document-based check, so an identity-gated internet quietly excludes them. Biometric age-estimation systems — the fallback for users without papers — "reproduisent par nature les biais sexistes et racistes de nos sociétés," La Quadrature warns: they inherit the gender and racial error rates documented across facial-analysis tooling, meaning some users are systematically misjudged and shut out. A measure sold as protecting the vulnerable may hardest hit those already on the margins.
The collateral damage to the open internet
The definition of "social network" is broad enough to capture decentralized, non-commercial platforms like Mastodon and PeerTube — federated services run by volunteers and small associations that have no engagement-maximizing algorithm and no compliance department to build identity pipelines. Forcing them to verify every user does nothing to curb the addictive design the bill purports to target, while threatening the very alternatives that policymakers elsewhere claim to want. This is the proportionality failure: the burden falls heaviest where the harm is least.
The Electronic Frontier Foundation has reached the same conclusion about the parallel wave of U.S. state bans, calling them "the latest wave of censorship bills masquerading as 'children's online safety' measures" and warning that age gates build "a dangerous new system of control" (EFF). The convergence is notable: across very different legal systems, the same design choice — verify everyone to police a minority — keeps producing the same civil-liberties bill.
A proportionate path
None of this requires accepting that adolescent feeds are harmless. It requires matching the remedy to the harm. Device-level and app-store age signals, default-private settings for minors, transparency mandates on recommender systems, and enforceable design codes target addictive mechanics without conscripting the entire adult population into an identity-verification regime. France is right that platforms should not treat children as inventory. But a child-protection law whose load-bearing feature is universal identity verification protects children mainly as a side effect — and reshapes the internet for everyone as its main one.