Summary
- The UK Government wants device-level controls on smartphones and tablets used by children.
- The plans could affect operating system providers and others in the device supply chain, including retailers.
- The proposal raises product governance, age assurance, privacy, platform-control, and enforcement questions.
The UK Government is pressing technology companies to introduce device-level controls that would stop children taking, sharing, receiving, or viewing nude images on smartphones and tablets.
The Home Office said companies including Apple and Google must activate built-in features or implement technical solutions that detect and block nude images for children. Companies have three months to act before ministers bring forward legislation, including potential fines. Criminal liability for technology executives is also being explored as a last resort.
The plan was set out during London Tech Week and sits alongside the wider UK online safety regime. It would apply to UK devices, including existing and newly sold smartphones and tablets. Future legislation could cover operating system providers and others in the supply chain, including retailers. Adults would still be able to take, share, or view nude content through an age verification process.
The Home Office policy update says Apple has already introduced age checks for iPhone users in the UK, but that nudity detection does not apply across the camera, broader apps, third-party messaging services, or search functions. Ministers want Apple and Google to block nudity across the whole device by default, with deactivation only through age assurance.
The proposal is primarily framed around child protection, yet it also creates a technology governance problem that reaches into product architecture. Device-level controls of this kind sit at the intersection of operating system design, content detection, identity, age assurance, parental consent, privacy, encryption, app ecosystems, and retailer obligations.
Device makers and operating system providers would need to solve more than image detection. Controls would have to work across local storage, cameras, messaging, browsers, apps, and potentially cloud-linked services. They would also need to distinguish child and adult users, handle shared family devices, prevent easy bypass, and avoid collecting or exposing sensitive content in the process.
The privacy and security requirements are substantial. Any system that analyses intimate images, even for child safety purposes, needs safeguards that limit data exposure, prevent misuse, and avoid creating a new surveillance or abuse risk. Age assurance carries its own data protection burden, particularly where vendors need to verify adulthood without building excessive identity databases.
The supply chain wording is notable. By suggesting that operating system providers and retailers could fall within future legislation, the Government is signalling that accountability may extend beyond social media services and messaging platforms to the device distribution and software ecosystem. That would create duties for companies that do not directly host content but control the technical environment in which it is created, viewed, or shared.
The UK has already shown a willingness to use online safety law to impose technical duties on platforms. Extending that logic to device-level controls would move regulatory pressure deeper into product architecture, while potentially creating tension with global product strategies. Vendors prefer consistent operating system behaviour across markets, but governments increasingly want jurisdiction-specific safety and security controls.
A workable regime would need clear safeguards, transparent enforcement, proportionality, and a precise allocation of responsibility across device makers, operating system providers, app ecosystems, retailers, parents, and users. Without that detail, a policy designed to protect children could become intrusive, brittle, or easy to bypass.





