Discord has announced the global rollout of “teen-by-default” safety settings, mandating age-appropriate protections across its platform for all users, starting in March 2026.
The update introduces stricter content filters, restrictions on age-gated areas, and changes to direct messaging rules, marking a major expansion of features initially piloted in the UK and Australia. However, the move is raising fresh concerns among privacy advocates and users, especially in light of Discord’s high-profile ID data breach just months earlier.
Founded in 2015, Discord has evolved into one of the most prominent communication platforms for gamers and online communities, with over 150 million monthly active users. As its user base skews younger, the platform has faced mounting pressure to adopt safety standards on par with those of other major social networks, especially amid increasing regulatory scrutiny of child online safety in the US, UK, and EU.
The changes aim to ensure that users aged 13–17 receive a safer, more controlled experience by default. Discord’s Head of Product Policy, Savannah Badalich, stated the changes are rooted in longstanding safety principles and were designed in collaboration with experts, policymakers, and the Discord user community.
To enforce these protections, Discord is introducing a new age assurance system. This includes both voluntary facial age estimation and ID-based verification handled by third-party vendors, as well as Discord’s own machine learning age inference model. This model runs passively to help determine user age without requiring manual verification in all cases.
Discord has emphasized a privacy-first approach, claiming that video selfies used for facial estimation never leave the device, while government-issued ID images submitted to vendors are deleted “quickly,” often immediately after use. Age verification status is not visible to other users, and Discord says it will not use email or SMS to prompt verification to mitigate phishing risks.
Despite these assurances, user trust remains shaken. In October 2025, Discord disclosed a breach involving a third-party support vendor that exposed approximately 70,000 government ID images uploaded during age-appeal processes. That breach also exposed usernames, IP addresses, email addresses, and support conversations, raising serious questions about data retention and third-party risk. While Discord claimed the breach was limited and involved no passwords or private messages, the attackers alleged a far broader compromise affecting up to 5.5 million users and 1.6 TB of data, including access to Discord’s internal tools.
This recent breach, coupled with new verification requirements, has sparked skepticism about whether Discord’s current infrastructure and vendor relationships can securely handle sensitive identity data, particularly when it concerns teens.
As part of its broader initiative, Discord is also launching a Teen Council, composed of 10–12 users aged 13–17. The council is intended to provide real-time feedback to product teams, ensuring that youth perspectives are reflected in future features and policy decisions. Applications are open through May 1, 2026.
Beginning in March, all Discord users, new and existing, will be subject to new default settings based on their age group. Users should avoid clicking verification links sent via email or DM, as Discord has stated it will only prompt for age verification within the platform.
Leave a Reply