Young people have unique needs online and offline, so developers should implement additional safeguards when using our API to serve minors (under 18 years old). These are in addition to requirements under our usage policies and terms and conditions.
Regulatory Standards
Organizations serving minors must comply with all applicable child protection, safety, and privacy laws, including the Children’s Online Privacy Protection Act (COPPA). You should not use OpenAI services to process any personal data of children under 13 or the applicable age of digital consent without first implementing zero data retention in our API. You are solely responsible for ensuring that you and your users use OpenAI services in compliance with applicable law.
Safety Standards
Organizations serving minors must take reasonable steps to ensure that the content they are serving to minors via the API is safe and age appropriate, in line with our usage policies to “Keep minors safe.” This may include, but is not limited to:
- Providing age-appropriate disclosures to minors about AI tools and how to use them responsibly.
- Implementing age-appropriate content filters to address potentially sensitive content.
- Implementing reasonable monitoring and reporting mechanisms, including escalation paths for high-risk interactions.
- Where required or otherwise appropriate for your use case, using age assurance systems to ensure only intended users can access the product.
Best Practices
Organizations serving minors should follow these best practices when interacting with our API:
- Exercise heightened care when handling minors’ data and interactions and take appropriate action when risks to young users are identified.
- Leverage available safety tools and follow technical safety measures that OpenAI may provide that are designed to tailor product experiences for specific user groups, including minors.
- Use OpenAI’s most current flagship models, which incorporate the latest safety protections, particularly when building experiences for minors.
OpenAI reserves the right to audit organizations for compliance with this policy. Customers who fail to demonstrate compliance may receive warnings and, in cases of repeated or serious noncompliance, may be subject to suspension or termination of API access.