Two things happened in November that forged a path to passing federal legislation on youth safety. First, U.S. Sen. Maria Cantwell, D-Wash., a supporter of the Kids Online Safety Act, was said to be pursuing a "hotline" process to get the bill passed. That is, the chair of the Senate Committee on Commerce, Science and Transportation was reportedly in favor of bringing KOSA to the floor through a mechanism of unanimous consent, which allows for quick passage of a bill without a vote so long as no senator objects.

Shortly thereafter, in prerecorded remarks at a D.C. event, Cantwell's cross-cameral counterpart, the chair of the House Energy and Commerce Committee, said for the first time that she believed KOSA was compatible with efforts to pass a comprehensive privacy bill. Specifically, Chair Cathy McMorris Rodgers, R-Wash., said, "As you know, KOSA is still being worked on in the Senate. I see it as complementary to the comprehensive data privacy and security standard which is necessary to building foundational privacy protections for Americans."

This may seem like an inconsequential statement, but it signals for the first time a willingness in the House to consider the youth safety bill, which has yet to be introduced there, potentially before reintroducing bipartisan privacy legislation. In the past, Rodgers and other leaders in the House Commerce Committee have been clear in their prioritization of consumer privacy legislation, repeatedly indicating that they believe protections for everyone — including enhanced privacy protections for kids and teens — are a better path than pursuing youth protections alone.

But as ever, Newton's third law seems to maintain a vice grip on D.C. politics. For every new political action, there is an equal and opposite reaction.

Within days of the rumors of the potential KOSA hotline, it became abundantly clear there was at least one senator who would directly oppose KOSA if it came to the floor. Sen. Ron Wyden, D-Ore., issued a preemptive objection in the Congressional Record 15 Nov. It reads in full:

"I agree with the sponsors of this bill that social media and online games can have a negative impact on the mental health of minors. However, this bill makes the mistake of empowering State attorneys general already enforcing bans on LGBTQ information and prosecuting individuals for helping others receive abortion healthcare. Armed with this bill, all a State attorney general would need to do is link the content they want to scrub from the internet with causing ‘‘anxiety’’ or ‘‘depression’’ and demonstrate that the platform allowed minors to access such content. For everyone except the largest platforms, the act of being served with the complaint, no matter how specious, would be enough incentive to take down the content in question. Sadly, some deep-pocketed groups that promote anti-choice and anti-LGBTQ policies are cheerleading the bill for this reason.

"Until the bill is amended to foreclose the ability of state attorneys general to wage war on important reproductive and LGBTQ content, I will object to any unanimous consent request in relation to this legislation."

Wyden is explicitly echoing the concerns raised by groups like Fight for the Future and the American Civil Liberties Union about the potential for the duty of care within KOSA to be used as a political weapon to censor content deemed harmful to some, but affirming or legitimizing to LGBTQ+ youth. Other civil society organizations, like Fairplay, continue to support the passage of KOSA.

Prioritization of youth safety issues will not go away any time soon. So, what solutions do advocates support, if not those included in bills like KOSA? Matt Lane, reflected on this question in a piece for TechDirt before joining Fight for the Future as a senior counsel. He calls for stronger privacy rules, government studies and investigations into current business practices and harms, more power for the U.S. Federal Trade Commission.

Further, in a letter signed by over 70 other organizations, LGBT Tech details the community's specific concerns with KOSA as drafted, which are primarily focused on the potential for it to have a chilling effect on access to certain types of speech.

"While we appreciate the effort to narrow KOSA's duty of care provision when it was reintroduced in the 118th Congress and during the Senate Commerce Committee’s Executive Session in July 2023, the changes do not address our organizations' concerns. Specifically, the text now explicitly states that KOSA shall not be construed to 'prevent or preclude … any minor from deliberately and independently searching for, or specifically requesting content.' This language is a welcomed statutory clarification, but it only addresses the 'demand side,' not the 'supply side' of the online ecosystem."

Even if we push the concerns of marginalized communities to the margins, First Amendment issues linger within any legislative proposal that restricts online content. There are no doubt similarities between KOSA and laws like the California Age-Appropriate Design Code Act, which was blocked on free speech grounds — at least temporarily, but likely permanently — by a federal judge. Avoiding the same fate for federal youth safety legislation will require careful drafting, as I explained with Anastasia Couch in our analysis of the conflict between First Amendment protections and youth safety rules.

For a clear-headed review of where KOSA is now and where policymakers might go from here, read this in-depth analysis in Tech Policy Press by John Perino and Jennifer King.

KOSA was approved out of the Senate Commerce Committee in July, meaning that technically it could be brought to the Senate floor at any time. But Senate Majority Leader Chuck Schumer, D-N.Y., has many competing priorities for the dwindling floor time before the holiday recess, and his most recent letter to colleagues made clear that tech policy will not be top-of-mind at least until the new year. Instead, the Senate will focus on confirming nominees, funding the military and supporting allies in Ukraine, Israel and the Indo-Pacific region.

So, the debate will pick up apace in the new year. And as the Biden administration continues its Task Force on Kids Online Health and Safety, the debate will be fueled by new ideas and even, possibly, new voluntary guidance. For starters, the NTIA received more than 500 comments from across the policy landscape in response to its request for comment on kids online health and safety.

With administrative reports, possible new proposed rules from the FTC, ongoing state legislative activity, and a renewed federal push to protect kids in an election year, 2024 is fixing to be a busy year indeed for youth safety and privacy measures.

Here’s what else I’m thinking about:

  • The need to renew Section 702 of the Foreign Intelligence Surveillance Act is causing major political issues. The Hill reported that the hotly contested issue could even derail attempts to pass the National Defense Authorization Act, a piece of "must-pass" legislation completed every December for the past 62 years. A short-term extension of the authority is being considered, along with other proposals.
  • A first peek at California's approach to privacy rules for AI. The California Privacy Protection Agency released draft rules in advance of its December meeting. I broke down some top takeaways as we wait for the agency to initiate its formal rulemaking process.
  • A cross-industry approach to data provenance was released. The Data and Trust Alliance published the result of a convening of 19 enterprises that created standards "to help organizations determine if data is suitable and trusted for use," in both the AI and traditional dataset context.
  • Unpacking the executive order on AI. In close coordination with IAPP's Managing Director of the AI Governance Center, Ashley Casovan, we published a resource to help businesses understand the takeaways of the recent U.S. executive order on AI. Also, your friendly reminder: get those comments in on the OMB.
  • And the feedback on U.S. digital trade policy continues. In a helpful roundup post, BSA's Joseph Whitlock collected the opposition letters from civil society, industry, and over 80 policymakers who have objected to the U.S. Trade Representative’s recent change in policy on digital trade.

Upcoming happenings:

  • 5 Dec. at 14:00 EST: BBB National Programs hosts a webinar on Getting Age Assurance Right.
  • 6 Dec. at 11:00 EST: Future of Privacy Forum hosts the next installment of its Immersive Tech Panel Series, focused on kids and teens (virtual).
  • 6 Dec. at 17:30 EST: A special joint edition of the Tech Policy Happy Hour and the AI Policy Happy Hour (Harvest Tide).
  • 13 Dec. at 11:30 EST: IAPP's mid-Atlantic region KnowledgeNets jointly present a panel on Global CBPR and PRP: A multilateral approach to cross-border data transfers (CIPL).

Please send feedback, updates and your youthful search history to cobun@iapp.org. Note: A View from DC will be taking a break for the rest of the year. Happy holidays and see you in 2024!