Balance, Not Mandates, Required for Ensuring Children’s Online Safety: Report

Ensuring children’s safety online requires a nuanced approach that balances privacy, free speech, and the distribution of responsibilities among governments, online platforms, and parents, according to a recent report by a D.C. technology think tank.

While no regulation can completely eliminate all harm facing children in both digital and physical realms, the report by the Information Technology & Innovation Foundation (ITIF) emphasizes that necessary regulations should address specific harms without overstepping fundamental civil liberties like privacy and free speech.

The report, authored by ITIF Policy Manager Ashley Johnson, mentions that sometimes regulations infringe on adults’ and children’s rights to privacy and free speech, which are counterproductive to their protective intentions.

Moreover, if not crafted thoughtfully, these regulations can impede children’s ability to interact with peers and gain access to suitable information online.

This 32-page document covers existing laws on online child protection and crucial issues such as child privacy, age verification, shielding children from harmful content, and preventing child labor exploitation. The report provides ten key recommendations for a robust approach to child online safety.

Challenges in Public Policy

“The ITIF report underscores the challenges in safeguarding children online while upholding user rights, promoting innovation, and respecting family autonomy,” noted Michael Davis, CEO and founder of Merek Security Solutions.

“Many suggested measures, such as overly expansive age verification mandates or broad COPPA expansions, might backfire – unnecessarily limiting positive online experiences for kids, stifling digital innovation, and infringing on civil liberties,” he commented.

“Most would agree with the report’s view that numerous current proposals fail to achieve the right balance and unnecessarily burden parents and businesses or infringe user rights,” he added.

David Redekop, CEO and founder of ADAMnetworks, concurred that public policy efforts thus far have proved to be imperfect solutions. “This is largely because addressing the predatory behavior targeting the most vulnerable—children—requires more than regulatory efforts alone,” he observed.

“Combining this with today’s culture, where less time is spent between parents and children compared to past generations, makes the solution complex and not achievable solely through public policy,” Redekop continued. “Parenting must be prioritized, but unfortunately, not all children have the protective measures, particularly those in single-parent households.”

Dangers of Expanding COPPA

The report recommends that the FTC update the Children Online Privacy Protection Act (COPPA) rules to account for technological advancements since 2013. This includes allowing operators to analyze their audience composition to avoid being classified as child-directed while retaining COPPA’s actual knowledge standard.

Recent calls in Congress to modify that standard to “knowledge fairly implied on the basis of objective circumstances” and to extend the act’s protections to children up to 16 years old have sparked debate.

“Extending COPPA protections to teens aged 13 to 16 could lead many services to cease offerings for this age group to dodge compliance costs and liability risks,” Davis explained.

“Switching from an ‘actual knowledge’ standard to an ‘implied knowledge’ standard could create a compliance quagmire for services striving to operate in good faith,” he added.

The report cautions that expanding COPPA to include 16-year-olds would likely stifle innovation in online services aimed at children and teens, resulting in fewer educational and wholesome entertainment options, which many families depend on. It would also reduce online social spaces crucial to teen socialization and development.

Alternatively, the report recommends that Congress amend COPPA’s actual knowledge standard to exempt general audience websites with common features, like user feedback forms or customer service chatbots, from needing parental consent to collect data from users identified as children.

Implementing a ‘Trustworthy Child Flag’

The report urges Congress to mandate the addition of an opt-in “trustworthy child flag” within device operating systems. This feature, available during device setup or in settings, would signal apps and websites that the user is a minor, requiring those serving age-restricted content to verify this flag and block underage users accordingly.

Johnson emphasized that social media platforms should provide parents with more control features, such as the trustworthy child flag. “Granting parents comprehensive controls is a crucial step,” she remarked.

She also stressed the importance of interoperability, allowing parents to seamlessly transfer control settings across various platforms.

The report recommends that Congress legislate to establish a government-led forum to evolve a voluntary industry standard for interoperability on cross-platform parental controls, enabling parents to set consistent limits on their children’s online activities across multiple platforms.

“Parental controls form a part of the solution,” agreed David Inserra, a fellow at the Cato Institute.

“Despite the numerous parental control tools available, their usage is not widespread among parents,” Inserra pointed out.

“To enhance safety and provide more control options, tools will likely emerge from the private sector,” he suggested, adding that government mandates may not deliver the anticipated outcomes and could stifle innovation. “The current success of U.S. companies is largely due to the favorable conditions provided for innovation and product development.”

Additional Recommendations for Enhancing Child Online Safety

The report offers several other key recommendations:

• Congress should pass comprehensive federal privacy legislation addressing genuine privacy harms and preempting state laws, creating a unified set of protections for all Americans. This act should incorporate extra protections for children aged 13-17, such as opt-in consent for data collection and sharing, while providing adults the choice to opt out.
• Legislation creating a national, interoperable framework for securely issuing and validating digital IDs at all government levels should be passed. Additionally, the Department of Homeland Security should begin offering digital IDs upon request, with grants to states for system upgrades to issue privacy-protective digital IDs usable for online age verification.
• Increased funding for research and testing of photo-based AI age estimation should be provided, directing the National Institute of Standards and Technology (NIST) to conduct empirical evaluations of age estimation algorithms.
• Congress should boost funding for law enforcement to investigate child sexual abuse material and prosecute offenders, including increased support for ICAC task forces, police technology, and training for evolving perpetrator methods.
• Federal legislation parallel to the Coogan Act and Indiana’s child influencer laws should be enacted to protect child performers in media by requiring parents to set aside a part of their child’s earnings in a trust, accessible upon reaching adulthood.
• Funding for digital literacy campaigns teaching children online safety and educating parents on safeguarding their children online should be increased.

The ITIF report, “How to Address Children’s Online Safety in the United States,” is available without the need for form completion.