Over 90 Organizations Tell Congress Not To Support Dangerous ‘Kids Online Safety’ Bill

We've written a number of posts about the problems of KOSA, the Kids Online Safety Act from Senators Richard Blumenthal and Marsha Blackburn (both of whom have fairly long and detailed histories for pushing anti-internet legislation). As with many protect the children" or but think of the children!" kinds of legislation, KOSA is built around moral panics and nonsense, blaming the internet any time anything bad happens, and insisting that if only this bill were in place, somehow, magically, internet companies would stop bad stuff from happening. It's fantasyland thinking, and we need to stop electing politicians who live in fantasyland.

KOSA itself has not had any serious debate in Congress, nor been voted out of committee. And yet, there Blumenthal admitted he was was actively seeking to get it included in one of the must pass" year end omnibus bills. When pressed about this, we heard from Senate staffers that they hadn't heard much opposition" to the bill, so they figured there was no reason to stop it from moving forward. Of course, that leaves out the reality: the opposition wasn't that loud because there hadn't been any real public opportunity to debate the bill, and since until a few weeks ago it didn't appear to be moving forward, everyone was spending their time trying to fend off other awful bills.

But, if supporters insist there's no opposition, well, now they need to contend with this. A coalition of over 90 organizations has sent a letter to Congress this morning explaining why KOSA is not just half-baked and not ready for prime time, but that it's so poorly thought out and drafted that it will be actively harmful to many children.

Notably, signatories on the letter - which include our own Copia Institute - also include the ACLU, EFF, the American Library Association and many more. It also includes many organizations who do tremendous work actually fighting to protect children, rather than pushing for showboating legislation that pretends to help children while actually doing tremendous harm.

I actually think the letter pulls some punches and doesn't go far enough in explaining just how dangerous KOSA can be for kids, but it does include some hints of how bad it can be. For example, it mandates parental controls, which may be reasonable in some circumstances for younger kids, but KOSA covers teenagers as well, where this becomes a lot more problematic:

While parental control tools can be important safeguards for helpingyoung children learn to navigate the Internet, KOSA would cover older minors as well, andwould have the practical effect of enabling parental surveillance of 15- and 16-year-olds. Olderminors have their own independent rights to privacy and access to information, and not everyparent-child dynamic is healthy or constructive. KOSA risks subjecting teens who areexperiencing domestic violence and parental abuse to additional forms of digital surveillanceand control that could prevent these vulnerable youth from reaching out for help or support. Andby creating strong incentives to filter and enable parental control over the content minors canaccess, KOSA could also jeopardize young people's access to end-to-end encryptedtechnologies, which they depend on to access resources related to mental health and to keeptheir data safe from bad actors.

The letter further highlights how the vague duty of care" standard in the bill will be read to require filters for most online services, but we all know how filters work out in practice. And it's not good:

KOSA establishes a burdensome, vague duty of care" to prevent harms to minors for a broadrange of online services that are reasonably likely to be used by a person under the age of 17.While KOSA's aims of preventing harassment, exploitation, and mental health trauma for minorsare laudable, the legislation is unfortunately likely to have damaging unintended consequencesfor young people. KOSA would require online services to prevent" a set of harms to minors,which is effectively an instruction to employ broad content filtering to limit minors' access tocertain online content. Content filtering is notoriously imprecise; filtering used by schools andlibraries in response to the Children's Internet Protection Act has curtailed access to criticalinformation such as sex education or resources for LGBTQ+ youth. Online services would facesubstantial pressure to over-moderate, including from state Attorneys General seeking to makepolitical points about what kind of information is appropriate for young people. At a time whenbooks with LGBTQ+ themes are being banned from school libraries and people providinghealthcare to trans children are being falsely accused of grooming," KOSA would cut offanother vital avenue of access to information for vulnerable youth.

And we haven't even gotten to the normalizing-surveillance and diminishing-privacy aspects of KOSA:

Moreover, KOSA would counter-intuitively encourage platforms to collect more personalinformation about all users. KOSA would require platforms reasonably likely to be used" byanyone under the age of 17-in practice, virtually all online services-to place some stringentlimits on minors' use of their service, including restricting the ability of other users to find aminor's account and limiting features such as notifications that could increase the minor's use ofthe service. However sensible these features might be for young children, they would alsofundamentally undermine the utility of messaging apps, social media, dating apps, and othercommunications services used by adults. Service providers will thus face strong incentives toemploy age verification techniques to distinguish adult from minor users, in order to apply thesestrict limits only to young people's accounts. Age verification may require users to provideplatforms with personally identifiable information such as date of birth and government-issuedidentification documents, which can threaten users' privacy, including through the risk of databreaches, and chill their willingness to access sensitive information online because they cannotdo so anonymously. Rather than age-gating privacy settings and safety tools to apply only tominors, Congress should focus on ensuring that all users, regardless of age, benefit from strongprivacy protections by passing comprehensive privacy legislation.

There's even more in the letter, and Congress can no longer say there's no opposition to the bill. At the very least, sponsors of the bill (hey, Senator Blumenthal!) should be forced to respond to these many issues, rather than just spouting silly platitudes about how we must protect the children" when his bill will do the exact opposite.