Trigger: an AI system may process, profile, or address a person under 18.

Minor-facing AI · GDPR Art. 8 · DSA Art. 28

AI that reaches a child
carries the record for life.

Recommenders, companions, age assurance, and welfare triage all behave differently on users under 18 — and are measured as if they did not. Currents scans them, Ripples record what was actually tested on the youth cohort, Droplets attach the strictest conditions we issue.

GDPR Art. 8 · DSA Art. 28 · AI Act Art. 5Human oversight non-negotiableNo child-safety approval claimedSafeguarding lead in the workflow
Under-18 Feed Ranker v3.1Human Review Required
Age assuranceSelf-declaration is defeated by design — DSA Art. 28 gap
GDPR Art. 8 basisGuardian consent · 13–16 as set by each member state
Art. 5(1)(f) emotionAffect inference disabled — prohibited, not mitigated
Art. 5(1)(b) screenEngagement objective capped — no exploitation of age vulnerability
DSA Art. 28(2)No profiling-based ads on any account with a minor signal
DSA Art. 28GDPR Art. 8AI Act Art. 5Art. 14

Context Droplet — Conditions

No emotion or affect inference on a minor — Art. 5(1)(f) is a prohibition, not a risk to manage
Any safeguarding escalation is reviewed by a named human before action — Art. 14
Visa suspends automatically if the ranker is retrained or the provider swaps the model behind the endpoint

Sensitive context

Why minor-facing AI is the strictest context we issue for.

A child cannot give the consent an adult gives, and the AI Act reflects that in a prohibition rather than a control: Art. 5(1)(b) bans exploiting the vulnerabilities of a person due to age, and Art. 5(1)(f) bans emotion inference in education and workplace settings outright. GDPR Art. 8 makes consent for information-society services conditional on parental authorisation below a member-state age between 13 and 16 — which means an age-assurance mechanism must exist and must work. Where health, safeguarding, or welfare data is involved, Art. 9 applies, and large-scale profiling of children is close to a per-se Art. 35 DPIA trigger. On platforms, DSA Art. 28 requires a high level of privacy, safety, and security for minors and prohibits profiling-based advertising to them, and for very large platforms Art. 34 makes the protection of minors a named systemic risk. The technical problem underneath the law is narrower and harder: safety systems are validated on adults and deployed on children, and almost nobody measures the difference.

Data categories in scope

Under-16 personal data processed under GDPR Art. 8
Age signals, age-assurance and age-estimation outputs
Companion and chatbot conversation history with a minor
Recommender exposure and engagement profiles for youth accounts
Welfare, safeguarding, and child-protection flags — Art. 9 data
Biometric and emotion-inference outputs, which Art. 5 may prohibit outright

People affected

Children below the member-state Art. 8 ageAdolescents mistakenly profiled as adults by age assuranceChildren in care, and children with a welfare flag on fileChildren with disabilities or additional needsParents and carers whose authorisation was assumed rather than obtained

Risk scenarios

What typically goes wrong.

Specific failure modes seen in this sensitive context — without structured evidence.

An information-society service relies on a self-declared date of birth as its age assurance.

GDPR Art. 8 requires reasonable effort to verify parental authorisation below the member-state age. A tickbox is not that effort. Adult defaults are applied to children, and no log records what age the system believed at the time of processing.

A companion chatbot's safety classifier was validated on an adult evaluation set.

Distribution shift on the youth cohort is unmeasured. Recall on self-harm and grooming cues drops on youth vernacular and code-switched input. The evaluation reports a number that does not describe the population actually using the product.

A recommender is tuned for engagement and served identically to under-18 accounts.

No exposure evidence for the minor cohort. DSA Art. 28 requires a high level of safety for minors, and Art. 34 names their protection a systemic risk. Escalation is measurable — nobody measured it.

A welfare or child-protection triage model flags a child, and the flag is actioned.

The output is a special-category inference under Art. 9, and Art. 14 oversight means a trained safeguarding professional reviewing before action — not after. No override rate, no reconstructable decision, no appeal route for the family.

An emotion-inference feature is switched on in a learning or classroom product.

Art. 5(1)(f) prohibits emotion inference in education and workplace settings. This is not a risk to be mitigated with evidence — it is a prohibited practice, and the correct output of the scan is the word blocked.

A vendor asserts that the product is child-safe and compliant with children's codes.

No age-assurance evidence, no youth-cohort safety evaluation, no retention schedule, no jailbreak testing, no model version pin. Procurement approves the assertion because there is nothing else in the file.

Border control, applied here

Scan the system. Issue the passport. Grant the visa.

What the scan finds in this context, what the passport records, and what conditions the visa attaches.

01

Currents

the scan

What AI is running, and what do we not know about it?

Currents opens the file. It finds every system a person under 18 can reach, what the age-assurance mechanism actually is and whether its result is logged, whether any feature falls under an Art. 5 prohibition rather than a risk control, whether the safety evaluation was ever run on the youth cohort, and where a child's data is retained past the purpose that justified it.

02

Ripples

the passport

What is this system, and what is proven about it?

The Ripple is the evidence passport. It records the Art. 8 consent and age-assurance basis, the safety evaluation broken out on the youth cohort rather than the adult set, jailbreak and injection resistance, recommender exposure for under-18 accounts, the retention schedule and deletion proof, the Art. 12 log configuration including agent tool-calls — and, plainly, that developmental impact is not something we can measure.

03

Droplets

the visa

May it operate HERE, on THIS data, under WHAT conditions?

The Droplet is the context visa, and here it is the strictest we issue. Human review by a trained professional before any output affects a child, no profiling-based advertising, no emotion inference, model version pinned so a swap cannot invalidate the safety evidence silently, a retention clock, and an expiry short enough that the evidence is re-earned rather than inherited.

Scope

What needs a Ripple.

Companion, character, and conversational AI reachable by minors
Recommender and feed-ranking systems serving under-18 accounts
Age assurance and age-estimation systems
Content moderation and safety classifiers acting on youth content
Welfare, safeguarding, and child-protection triage models
Advertising and audience-targeting models with under-18 reach
Any general-purpose assistant a minor can reach without an adult gate

Stakeholder workflow

From trigger to access decision.

1

Scan

Art. 6 route · Annex III test

2

Evidence call

Annex IV · Art. 10 bias file

3

Seal Review

DPO · CISO · Art. 14 owner

4

Droplet

Conditions bound · expiring

5

Re-scan

On retrain, drift or model swap

DPO

A system processes the data of a person under the member-state Art. 8 age.

Require the age-assurance mechanism, its measured error rate, the Art. 8 basis, and the DPIA before clearance. Self-declaration is not a mechanism.

Safeguarding Lead

An AI output could trigger a welfare, disciplinary, or protective action about a child.

Require a human review gate before action, a documented escalation route, and reported override rates. Review the Ripple before the system reaches a child.

Trust & Safety Lead

A recommender, moderation, or companion model reaches under-18 accounts.

Require youth-cohort safety metrics, jailbreak testing on the pinned version, and exposure evidence for minors under DSA Art. 28.

Access decisions

Context Droplet conditions.

The access decisions that apply in this sensitive context — and the evidence conditions that produce them.

Human Review Required
  • Any output affecting a child is reviewed by a trained professional before action
  • Welfare and safeguarding flags reviewed before, not after, intervention
  • Escalation route to a named human reachable by the child and the carer
  • Override rates reported — Art. 14 oversight evidenced, not asserted
Cleared with Limits
  • Age assurance verified and its result logged per session
  • Safety evaluation run on the youth cohort, not inherited from the adult set
  • No profiling-based advertising to minors — DSA Art. 28
  • Retention schedule enforced with deletion proof; short renewal cycle
Review Needed
  • Age assurance is self-declaration only
  • Safety metrics reported on an adult evaluation set
  • DPIA incomplete or not accepted for large-scale profiling of children
  • Jailbreak and injection resistance untested for the deployed model version
Blocked
  • Emotion inference in an education or workplace setting — Art. 5(1)(f) prohibition
  • Techniques exploiting age-related vulnerability — Art. 5(1)(b) prohibition
  • Under-16 data processed with no Art. 8 basis and no working age assurance
  • A welfare or disciplinary output actioned with no human review gate

Measurement

Evidence families we can structure.

The measurable evidence categories relevant to this context and the evidence signals they produce.

Age Assurance & Legal Basis (GDPR Art. 8)

What the age-assurance mechanism is, its measured error rate in both directions, whether its result is logged per session, and the Art. 8 parental-authorisation basis for every under-age user it admits.

Safety Evaluation, Jailbreak Resistance & Drift

Safety and refusal metrics measured on the youth cohort — youth vernacular, code-switching, emoji-dense input — plus jailbreak and injection testing against the pinned model version, re-run when it changes.

Fairness & Subgroup Performance on Youth Cohorts

Where the system ranks, moderates, or scores: subgroup performance for minors against adults, and exposure differences for under-18 accounts under DSA Art. 28 and Art. 34.

Human Oversight & Escalation (Art. 14)

Evidence that a trained professional reviews before a child is affected, has authority to override, and does so — with an escalation route the child or carer can actually reach.

Retrieval Grounding & Document Boundary

For assistants over safeguarding, welfare, or pastoral records: retrieval scope, grounding, and evidence that a child's file cannot surface in another session.

Logging, Lineage & Retention (Art. 12)

Per-interaction logs including agent tool-calls, the age the system believed, the model version in force — plus an enforced retention schedule and deletion proof, so the record does not outlive the purpose.

Agent Containment

For assistants with tools: which actions they may take on a child's behalf, which are gated on a human, and evidence that the ungated set is empty where it must be.

Data protection · GDPR Art. 9 / 35Bias examination · Art. 10(2)(f)Drift vs operating point · Art. 15Retrieval grounding · injection testedData lineage · Annex IVHuman oversight · Art. 14

Honest scope

What remains not assessable.

AffectLog does not overclaim. These items require external expertise, regulatory process, or long-term study.

Developmental impact of AI use on a child

Developmental effects unfold over years and require longitudinal study with ethical oversight. No runtime measurement substitutes for that, and we will not imply one does.

Instead: Engage developmental psychologists and reference the longitudinal literature. Treat our evidence as the operational floor, not the safety answer.

Child-safety approval or age-appropriate design conformity

Conformity against children's codes is assessed by specialist bodies and regulators with statutory remit. An evidence platform can supply inputs; it cannot issue the conclusion.

Instead: Engage the relevant supervisory authority or a recognised age-appropriate design assessor. Our records travel with the submission.

Whether a given feature is a prohibited practice under Art. 5

We can flag the pattern — emotion inference in an education setting, age-targeted persuasion — and we do, loudly. Whether it meets the legal threshold of a prohibition is for counsel and, ultimately, an authority.

Instead: Route the flagged feature to legal immediately. Where Art. 5 is plausibly engaged, the correct interim decision is to block, not to gather more evidence.

Whether a child was actually harmed

Harm to a specific child is established by safeguarding investigation, not by model metrics. Our logs support the investigation; they do not conduct it.

Instead: Follow the safeguarding process. Preserve the Art. 12 logs — they are frequently the only reconstructable account of what the system did and when.

Example

Sample Ripple for this context.

Ripple — evidence passportCleared with Limits

Companion Assistant (Under-16 Mode)

Conversational assistant reachable by minors · Consumer service

Evidence68%
Expiry31 Jul 2026
Raw data exportoff
ALP-2026-MIN-A7Q1

Access conditions

Age assurance verified per session and logged — self-declaration insufficient
Art. 8 parental authorisation confirmed for every under-16 account
Safety metrics measured on the youth cohort — adult evaluation set not accepted
Jailbreak and injection testing re-run on every model version change
No profiling-based advertising to minors — DSA Art. 28
Emotion inference disabled — Art. 5(1)(f) prohibition respected
Conversation retention capped; deletion proof required at renewal
Human escalation route to a trained professional, reachable by child and carer

What we will not overclaim

AL360° Oceans does not approve a system as child-safe and does not measure developmental impact. We show the age-assurance mechanism and its error rate, whether safety was ever evaluated on the youth cohort, what the retention schedule actually enforces, and what remains untested — so a decision about a child is made on evidence rather than on an assertion.

Common questions

Questions this context raises.

Our vendor has children's-code alignment and a compliance attestation.

An attestation is a commitment. Ask for the three measurements underneath it: the age-assurance error rate in both directions, the safety metrics computed on the youth cohort rather than the adult set, and the deletion proof for the retention schedule. Those are the numbers that fail.

The model already refuses harmful content — we tested it.

Tested on whom. A refusal rate measured on adult prompts does not describe a 13-year-old's phrasing, and the gap is largest exactly where the harm is. The Ripple records the cohort the evaluation was run on, which is usually the finding.

We have run this learning tool for a year with no incident.

No incident recorded is not the same as no incident. Without per-interaction logs, the age the system believed, and the model version in force, an incident would have left no evidence to find. Absence of a record is not a record of absence.

Get started

Prove what the system does to a child
before it reaches one.

Map every system a person under 18 can reach, find which ones inherited their safety evidence from an adult evaluation set, which retain a child's record past its purpose, and which are running a feature that Art. 5 does not permit at all.

AL360° Oceans provides technical and operational evidence. Not child-safety approval, age-appropriate design conformity, or legal advice.