Technology

The Revised Kids Online Safety Act is Intended to Address Unforeseen Consequences

The Revised Kids Online Safety Act is Intended to Address Unforeseen Consequences

On Tuesday (May 2, 2023), a bipartisan pair of senators reintroduced the Kids Online Safety Act, making changes to address concerns that the law could unwittingly cause more harm to the young internet users it intends to safeguard. But some activists who raised those issues say the changes are still insufficient.

The measure intends to make the internet a safer environment for children to use by putting the onus on social media businesses to prevent and mitigate harms caused by their services.

The new version of the bill defines a set list of harms that platforms need to take reasonable steps to mitigate, including by preventing the spread of posts promoting suicide, eating disorders, substance abuse and more. It would force such firms to do annual independent evaluations of their risks to minors and to enable the most restrictive privacy settings for children by default.

Congress and President Joe Biden have made clear online protections for children are a key priority, and KOSA has become one of the leading bills on the subject. KOSA has over 25 co-sponsors, and an earlier version of the bill passed unanimously out of the Senate Commerce Committee last year. The new version of the bill has gained support from groups such as Common Sense Media, the American Psychological Association, the American Academy of Pediatrics and the Eating Disorders Coalition.

At a virtual press conference on Tuesday, Sen. Richard Blumenthal, D-Conn., who introduced the bill alongside Sen. Marsha Blackburn, R-Tenn., said that Senate Majority Leader Chuck Schumer, D-N.Y., is “a hundred percent behind this bill and efforts to protect kids online.”

While Blumenthal acknowledged it’s ultimately up to Senate leadership to figure out timing, he said, “I fully hope and expect we’ll have a vote this session.”

Protecting young people online is a broadly shared goal. But it would contradict the goals of bills such as this to impose compliance obligations that undermine the privacy and safety of teens.

Matt Schruers

A Schumer spokesperson did not immediately respond to a request for comment.

Late last year, dozens of civil society groups warned Congress against passing the bill, claiming it could further endanger young internet users in different ways. For example, the groups worried the bill would add pressure for online platforms to “over-moderate, including from state attorneys general seeking to make political points about what kind of information is appropriate for young people.”

Blumenthal and Blackburn made several changes to the text in response to critiques from outside groups. They attempted to more precisely design the legislation in order to confine the duty of care duties for social media platforms to a specified set of potential mental health risks based on evidence-backed medical information.

They also added protections for support services such as the National Suicide Hotline, substance abuse groups and LGBTQ+ youth centers to ensure they aren’t unintentionally hampered by the bill’s requirements. Blumenthal’s office said it did not believe the duty of care would have applied to those sorts of groups, but opted to clarify it regardless.

But the changes have not been enough to placate some civil society and industry groups.

Evan Greer, director of digital rights nonprofit Fight for the Future, said Blumenthal’s office never met with the group or shared the updated text in advance of the introduction despite multiple requests. Greer acknowledged the co-sponsors’ offices met with other groups, but said in an emailed statement that “it seems they intentionally excluded groups that have specific issue-area expertise in content moderation, algorithmic recommendation, etc.”

“I’ve read through it and can say unequivocally that the changes that have been made DO NOT address the concerns that we raised in our letter,” Greer wrote. “The bill still contains a duty of care that covers content recommendation, and it still allows state Attorneys General to effectively dictate what content platforms can recommend to minors,” she added.

“The ACLU remains strongly opposed to KOSA because it would ironically expose the very children it seeks to protect to increased harm and increased surveillance,” ACLU Senior Policy Counsel Cody Venzke said in a statement. The group joined the letter warning against its passage last year.

“KOSA’s core approach still threatens the privacy, security and free expression of both minors and adults by deputizing platforms of all stripes to police their users and censor their content under the guise of a ‘duty of care,‘” Venzke added.

“To accomplish this, the bill would legitimize platforms’ already pervasive data collection to identify which users are minors when it should be seeking to curb those data abuses. Moreover, parental guidance in minors’ online lives is critical, but KOSA would mandate surveillance tools without regard to minors’ home situations or safety. KOSA would be a step backward in making the internet a safer place for children and minors.”

At the press conference, in response to a question about Fight for the Future’s critiques, Blumenthal said the duty of care had been “very purposefully narrowed” to target certain harms.

“I think we’ve met that kind of suggestion very directly and effectively,” he said. “Obviously, our door remains open. We’re willing to hear and talk to other kinds of suggestions that are made. And we have talked to many of the groups that had great criticism and a number have actually dropped their opposition, as I think you’ll hear in response to today’s session. So I think our bill is clarified and improved in a way that meets some of the criticism. We’re not going to solve all of the problems of the world with a single bill. But we are making a measurable, very significant start.”

The bill also faced criticism from several groups that receive funding from the tech industry.

NetChoice, which has sued California over its Age-Appropriate Design Code Act and whose members include Google, Meta and TikTok, said in a press release that despite lawmakers’ attempts to respond to concerns, “unfortunately, how this bill would work in practice still requires an age verification mechanism and data collection on Americans of all ages.”

“Working out how young people should use technology is a difficult question and has always been best answered by parents,” NetChoice Vice President and General Counsel Carl Szabo said in a statement. “KOSA instead creates an oversight board of DC insiders who will replace parents in deciding what’s best for children,” Szabo added.

“KOSA 2.0 raises more questions than it answers,” Ari Cohn, free speech counsel for TechFreedom, a think tank that’s received funding from Google, said in a statement. “What constitutes reason to know that a user is under 17 is entirely unclear and undefined by the bill. In the face of that uncertainty, platforms will clearly have to age-verify all users to avoid liability or worse, avoid obtaining any knowledge whatsoever and leave minors without any protections at all.”

“Protecting young people online is a broadly shared goal. But it would contradict the goals of bills such as this to impose compliance obligations that undermine the privacy and safety of teens,” said Matt Schruers, president of the Computer & Communications Industry Association, whose members include Amazon, Google, Meta and Twitter.

“Governments should avoid compliance requirements that would compel digital services to collect more personal information about their users such as geolocation information and a government-issued identification particularly when responsible companies are instituting measures to collect and store less data on customers.”