KOSPA (Kids Online Safety and Protection Act)

After the Online Safety Act of the United Kingdom and the Digital Services Act of Europe, countries around the world are stepping up efforts to make the internet safer for children. In the United States, the Kids Online Safety and Protection Act (KOSPA) is one such regulation intended to make the internet safe for minors. These steps indicate the importance of regulations to protect minors from potential harm that they may face in the digital world.

What is KOSPA?

The Kids Online Safety and Protection Act (KOSPA) is a piece of proposed legislation in the United States for protecting children and teenagers online.

KOSPA consists of two bills, KOSA and COPPA 2.0, collectively referred to as KOSPA:

1. The Kids Online Safety Act (KOSA) focuses on addressing online safety and modifying platform design that compels kids to stay glued to the screen.
2. Children’s and Teens Online Privacy Protection Act (COPPA 2.0) aims to strengthen privacy protections for minors.

The act points out the guidelines on how digital platforms should operate to minimize risks to minors and how they can ensure online environments are safer by default.

1.  What is the Purpose of KOSPA?

KOSPA is the first major amendment after 27 years to US legislation aimed at protecting children online. Its main objectives are:

• The Act heightened protections for teenagers (up to age 17)
• It introduced new design requirements for online platforms focused on the safety of minor users
• KOSPA updated privacy rules for children and teens in a digital age

Former US President Joe Biden repeatedly advocated for stronger online safety legislation. He called for bipartisan privacy laws to protect children online in his State of the Union addresses in 2022 and 2024.

2. What is KOSA?

The Kids Online Safety Act (KOSA) was first introduced in February 2022 by Richard Blumenthal, a democrat senator, and Marsha Blackburn, a republican senator. Its purpose is to protect children from online harm. Key features include:

• The act demands that online platforms limit the addictive feature that leads to consistent scrolling, as well as rewards for staying online.
• Online platforms must let children opt out of algorithmic content recommendations to avoid long-term continuous scrolling.
• Platforms must be held responsible for protecting the personal data of minors.
• The Act requires online services to implement parental controls to prevent and mitigate risks to children.

KOSA focuses on making platforms safer for children, not by censoring content, which may go against the First Amendment of the US Constitution (Right to exercise free speech), but by making platforms safer by design, requiring online platforms to target features that may lead children to spend excessive time online.

3. What is COPPA 2.0?

COPPA 2.0 updates the already existing Children’s Online Privacy Protection Act of 1998. Its goal is to protect children’s and teens’ personal data in light of modern technologies. The Key points of this regulation are as follows:

• The act raises the age coverage from 12 to 17, to include teenagers as well.
• Biometric data such as fingerprints, facial scans, voiceprints, and gait will also fall under the definition of personal information.
• The act closes the loophole that had previously considered platforms unanswerable if they didn’t have “actual knowledge” of a minor user; now, even if platforms don’t have exact proof, they must take safety and privacy measures whenever they have a reasonable suspicion that a user may be a minor.
• It allows autonomous consent for teens rather than relying solely on verified parental consent, allowing older teens to make their own decisions about sharing information online.

These features reflect how children’s and teens’ engagement on online platforms should be regulated to ensure privacy protections.

4. Who is covered under KOSPA?

KOSPA focuses on minors under the age of 17 and applies to various online platforms, including:

• Social media
• Online video games
• Virtual reality platforms
• Messaging apps
• Video streaming sites

Some platforms were exempted from these regulations, such as email services, internet providers, and educational institutions.

Platforms covered by KOSPA are required to take “reasonable measures” to:

• Limit harmful or addictive features of a platform
• Activate the highest privacy settings by default for minors
• Implement robust parental controls
• Monitor and prevent potential online harms

5. Who will enforce that act?

The Federal Trade Commission (FTC) would enforce these guidelines, and state attorneys general could enforce parts associated with transparency and safeguards. Non-compliance could result in various lawsuits and penalties.

6. Current Requirements of KOSPA

Some of the key safety and privacy measures that platforms must implement include:

• Minimizing harmful content that includes material related to self-harm, anxiety, and depression.
• Built-in privacy protections for minors.
• Limitations on design features that compel user extended engagement, such as infinite scrolling and reward notifications.
• Parental oversight, allowing guardians to manage privacy and account settings.
• Restrictions on sharing the personal data and geolocation of minors.
• Limiting targeted advertising, especially for age-restricted products like tobacco and gambling.
  
• Reporting obligations for online services with over 10 million monthly users on foreseeable risks of harm

These regulations aim to make online environments safer without limiting the access to necessary information.

7.  What is the current Legal Status of KOSPA?

KOSPA was passed in the Senate on July 30, 2024, with overwhelming support (91-3). However, as of January 6, 2025, when republicans took control of both legislative bodies as well as the white house, it has not been enacted into law.

For KOSPA to become law, it must:

• Be reintroduced to the new Congress
• Go through the legislative process again

Some objections have been raised to not restricting  LGBTQ+ content for minors, as updates to the bill mention design features rather than content censorship. However, the supporters of the bill counter this argument by referring to the First Amendment of the United States Constitution, which guarantees freedom of speech for US citizens.

8. What are the Key Takeaways of this act?

• KOSPA is a major proposed US law combining KOSA and COPPA 2.0.
• It protects children and teens under 17 from interacting with harmful content, privacy violations, and addictive platform features.
• Platforms must impose a duty of care, parental controls, and privacy safeguards
• The law is not yet active, but remains a key focus of online safety policy
• Parents and guardians remain the most important partners in educating and safeguarding children online

There are diverse public opinions around KOSPA.  For some, it is the need of the time. While others argue that the act may not provide enough protection for minors, pointing out concerns that it should go beyond limiting addictive design features and also limit kids’ access to certain types of content, such as LGBTQ+.