Lawmakers update Kids Online Safety Act to address potential harms, but fail to appease some activists, industry groups

Sens. Marsha Blackburn, R-Tenn., and Richard Blumenthal, D-Conn., conduct a news conference in Capitol.
Tom Williams | CQ-Roll Call, Inc. | Getty Images

A bipartisan pair of senators reintroduced the Kids Online Safety Act on Tuesday with updates that aimed to address concerns that the bill could inadvertently cause more harm to the young internet users it seeks to protect. But some activists who raised those issues say the changes are still insufficient.

The bill aims to make the internet a safer place for kids to access by putting the onus on social media companies to prevent and mitigate harms that might come from their services. The new version of the bill defines a set list of harms that platforms need to take reasonable steps to mitigate, including by preventing the spread of posts promoting suicide, eating disorders, substance abuse and more. It would require those companies to undergo annual independent audits of their risks to minors and require them to enable the strongest privacy settings by default for kids.

Congress and President Joe Biden have made clear online protections for children are a key priority, and KOSA has become one of the leading bills on the subject. KOSA has racked up a long list of more than 25 co-sponsors and the earlier version of the bill passed unanimously out of the Senate Commerce Committee last year. The new version of the bill has gained support from groups including Common Sense Media, the American Psychological Association, the American Academy of Pediatrics and the Eating Disorders Coalition.

At a virtual press conference on Tuesday, Sen. Richard Blumenthal, D-Conn., who introduced the bill alongside Sen. Marsha Blackburn, R-Tenn., said that Senate Majority Leader Chuck Schumer, D-N.Y., is “a hundred percent behind this bill and efforts to protect kids online.”

While Blumenthal acknowledged it’s ultimately up to Senate leadership to figure out timing, he said, “I fully hope and expect we’ll have a vote this session.”

A Schumer spokesperson did not immediately respond to a request for comment.

Late last year, dozens of civil society groups warned Congress against passing the bill, warning it could further endanger young internet users in different ways. For example, the groups worried the bill would add pressure for online platforms to “over-moderate, including from state Attorneys General seeking to make political points about what kind of information is appropriate for young people.”

Blumenthal and Blackburn made several changes to the text in response to critiques from outside groups. They sought to more carefully tailor the legislation to limit the duty of care requirements for social media platforms to a specific set of potential harms to mental health based on evidence-backed medical information.

They also added protections for support services like the National Suicide Hotline, substance abuse groups and LGBTQ youth centers to ensure they aren’t unintentionally hampered by the bill’s requirements. Blumenthal’s office said it did not believe the duty of care would have applied to those sorts of groups, but opted to clarify it regardless.

But the changes have not been enough to placate some civil society and industry groups.

Evan Greer, director of digital rights nonprofit Fight for the Future, said Blumenthal’s office never met with the group or shared the updated text in advance of the introduction despite multiple requests. Greer acknowledged the co-sponsors’ offices met with other groups, but said in an emailed statement that “it seems they intentionally excluded groups that have specific issue-area expertise in content moderation, algorithmic recommendation, etc.”

“I’ve read through it and can say unequivocally that the changes that have been made DO NOT address the concerns that we raised in our letter,” Greer wrote. “The bill still contains a duty of care that covers content recommendation, and it still allows state Attorneys General to effectively dictate what content platforms can recommend to minors.”

At the press conference, in response to a question about Fight for the Future’s critiques, Blumenthal said the duty of care had been “very purposefully narrowed” to target certain harms.

“I think we’ve met that kind of suggestion very directly and effectively,” he said. “Obviously, our door remains open. We’re willing to hear and talk to other kinds of suggestions that are made. And we have talked to many of the groups that had great criticism and a number have actually dropped their opposition, as I think you’ll hear in response to today’s session. So I think our bill is clarified and improved in a way that meets some of the criticism. We’re not going to solve all of the problems of the world with a single bill. But we are making a measurable, very significant start.”

The bill also faced criticism from several groups that receive funding from the tech industry.

NetChoice, which has sued California over its Age-Appropriate Design Code Act and whose members include Google, Meta and TikTok, said in a press release that despite lawmakers’ attempts to respond to concerns, “unfortunately, how this bill would work in practice still requires an age verification mechanism and data collection on Americans of all ages.”

“Working out how young people should use technology is a difficult question and has always been best answered by parents,” NetChoice Vice President and General Counsel Carl Szabo said in a statement. “KOSA instead creates an oversight board of DC insiders who will replace parents in deciding what’s best for children.”

“KOSA 2.0 raises more questions than it answers,” Ari Cohn, free speech counsel TechFreedom, a think tank that’s received funding from Google, said in a statement. “What constitutes reason to know that a user is under 17 is entirely unclear, and undefined by the bill. In the face of that uncertainty, platforms will clearly have to age-verify all users to avoid liability—or worse, avoid obtaining any knowledge whatsoever and leave minors without any protections at all.”

“Protecting young people online is a broadly shared goal. But it would contradict the goals of bills such as this to impose compliance obligations that undermine the privacy and safety of teens,” said Matt Schruers, president of the Computer & Communications Industry Association, whose members include Amazon, Google, Meta and Twitter. “Governments should avoid compliance requirements that would compel digital services to collect more personal information about their users — such as geolocation information and a government-issued identification — particularly when responsible companies are instituting measures to collect and store less data on customers.”

Subscribe to CNBC on YouTube.

WATCH: Sen. Blumenthal accuses Facebook of adopting Big Tobacco’s playbook