The digital world is evolving, and with it, the regulations designed to protect users—especially young ones—are becoming more robust. From the UK’s Online Safety Act to Europe’s Digital Services Act, we are witnessing a wave of new legislation aimed at increasing online safety. In the United States, a landmark development has emerged: the Kids Online Safety and Privacy Act (KOSPA), which was passed in the Senate on July 30, 2024.
What is KOSPA?
KOSPA represents a significant legislative package, merging two critical bills—the Kids Online Safety Act (KOSA) and the Children’s and Teens Online Privacy Protection Act (COPPA 2.0). This legislation marks the first major update in nearly 30 years aimed at safeguarding children and teens in the digital space. If enacted, KOSPA will introduce stringent new requirements for online platforms, focusing on the design, safety, and privacy of these digital environments.
The Purpose Behind KOSPA
For years, President Joe Biden has advocated for stronger online protections for young people. He first addressed the issue in his 2022 State of the Union speech, calling for enhanced privacy measures to safeguard children online. His continued support culminated in the push for KOSPA, underscoring the necessity of creating a safer digital environment for the next generation.
KOSPA’s introduction signals a potential shift in how the U.S. government regulates technology platforms, particularly concerning child safety. It seeks to impose new standards that could dramatically alter the digital landscape, emphasizing the protection of minors from harmful online content and invasive data practices.
Breaking Down KOSPA: KOSA and COPPA 2.0
The Kids Online Safety Act (KOSA)
Originally introduced in February 2022 by Senators Richard Blumenthal and Marsha Blackburn, KOSA is designed to shield children from online harm. The act would require digital platforms to curb addictive features, enable young users to opt out of algorithmic recommendations, and restrict the collection of personal data. A cornerstone of KOSA is its duty-of-care mandate, compelling platforms to proactively address and mitigate risks faced by minors.
COPPA 2.0
COPPA 2.0 seeks to update the original Children’s Online Privacy Protection Act of 1998, expanding its scope to better protect the personal data of children and teenagers. Key changes include:
- Raising the Age Threshold: Extending coverage to minors up to 17 years old, up from the previous age limit of 12.
- Enhanced Definitions: Updating the definition of personal information to include biometric data such as fingerprints, voiceprints, facial imagery, and even gait analysis.
- Closing Loopholes: Ensuring protections apply if platforms “reasonably know” young users are on their sites, even if they claim no direct knowledge of their age.
- Autonomous Consent: Allowing teenagers to consent to data practices independently, without needing verified parental consent.
Who is Affected by KOSPA?
KOSPA primarily targets online platforms frequented by minors, such as social media, online gaming, virtual reality worlds, and streaming services. However, certain entities like email providers, ISPs, and educational institutions are exempt. Covered platforms must implement “reasonable” measures to limit potential harm, such as reducing addictive features, activating the highest privacy settings by default, and enhancing parental controls.
The Federal Trade Commission (FTC) is tasked with enforcing KOSPA, with significant penalties looming for non-compliant companies. State attorneys general will also have the authority to enforce specific provisions, particularly those safeguarding minors.
The Role of Netsweeper in Enhancing Online Safety
As the digital landscape becomes increasingly regulated, Netsweeper is at the forefront of helping platforms comply with these new standards. Netsweeper’s technology is designed to filter harmful content and manage digital risks, aligning closely with the requirements set out in KOSPA. By providing comprehensive content filtering and safeguarding solutions, Netsweeper enables platforms to create safer online environments for minors. Whether it’s implementing robust privacy settings, monitoring harmful content, or managing access to age-restricted material, Netsweeper’s tools are integral in ensuring that platforms not only meet but exceed the regulatory expectations outlined in KOSPA.
The Road Ahead for KOSPA
With a resounding 91-3 vote in the Senate, KOSPA now moves to the House for further consideration. While the bill has garnered support for its focus on online safety, it has also faced criticism from civil liberties advocates concerned about privacy, free speech, and access to information. To address these concerns, a February 2024 update to KOSA clarified that the legislation targets design features—such as infinite scrolling and notification rewards—rather than specific content types.
What KOSPA Requires of Platforms
The current requirements of KOSPA focus on several critical areas:
- Duty of Care: Platforms must proactively mitigate risks to users under 17, particularly concerning harmful content like self-harm, anxiety, and eating disorders.
- Privacy and Safety Settings: The highest levels of privacy and safety must be enabled by default for minors, limiting design features that encourage prolonged online activity.
- Data Collection Restrictions: Platforms must limit the collection and sharing of minors’ personal data, including geolocation information.
- Transparency and Reporting: For platforms with over 10 million monthly active users in the U.S., annual reports on potential risks and mitigation strategies are required.
What’s Next?
As KOSPA progresses through the legislative process, it’s clear that the era of minimal online regulation is coming to an end. Companies operating in the digital space must prepare to navigate this new regulatory environment, ensuring that their platforms are not only compliant but also designed with the safety and privacy of young users in mind. With similar regulations emerging globally, the focus on online safety is becoming a universal priority.
Stay tuned as we monitor the developments of KOSPA and its implications for the future of online safety in the United States.