Kids Online Safety Package Must Be Strengthened

In the world of public policy, those trying to pass legislation are often cautioned not to make the perfect the enemy of the good. It seems like good advice in the abstract, but there are also times when an imperfect solution is worse than doing nothing at all.

Congress wanted to pass an online safety bill before members go back to their districts to campaign for reelection. So, the House passed the KIDS Act, a repackaged bundle of online safety bills that includes the Kids Online Safety Act (KOSA).

KOSA is one of the most clearly bipartisan bills in a political age marked by hyper-partisanship. Concerned Women for America (CWA) supported it, and the Senate version passed nearly unanimously (91-3) in July 2024 (but because the House failed to act, it died when the 118th Congress ended in January 2025).

The Senate version of the Kids Online Safety Act includes a “duty of care” provision. Duty of care is a familiar and foundational principle in business and law: when a company’s conduct or design choices create foreseeable risks of harm, the company should be expected to take reasonable steps to prevent or mitigate those harms. It is such a fundamental concept that its inclusion in the bill should have been completely uncontroversial.

But last fall, news reports signaled some House members viewed the provision as a “poison pill” and wanted that language removed from its version of the bill. Unfortunately, the version that passed last Monday not only did not include a duty of care, it specifically stated that “nothing in [the bill] may be construed to … impose a duty of care on a provider of a covered platform.”

The House version went further. It reduces the list of harms to minors to threats of physical violence, sexual exploitation and abuse, distribution, sale and/or use of narcotics drugs, tobacco, cannabis, gambling or alcohol, and financial harm caused by deceptive practices. Obviously, these are significant harms, but the list is by no means exhaustive. It doesn’t even cover the extent of harms Meta and others’ own internal research has documented.

Eating disorders, anxiety, depression, suicidal behaviors, and compulsive patterns of use surfaced repeatedly in Meta’s internal research, employee discussions, whistleblower disclosures, and documents later exposed through litigation.

Those records describe concerns about social media addiction, links between platform use and declining well-being, and employee debates over whether Meta was “creating addicts or facilitating them.” Other internal materials mapped pathways by which compulsive social media use could contribute to self-harm and suicide through mechanisms such as sleep deprivation and habitual use. In other words, Congress is not legislating in the dark. Lawmakers have a documentary record showing that these dangers were foreseeable, studied, and discussed inside the companies themselves. They must do better, given the threat Americans face.

The most important point is also the one tech lobbyists work hardest to obscure: this debate is not about holding platforms liable for every post a user uploads. It is about the companies’ own design decisions. Meta employees questioned whether the company should be “optimizing teen feeds for engagement” and acknowledged that teens were especially responsive to the engagement-maximization systems embedded throughout the platform. Employees raised concerns that recommendation systems, feed-ranking systems, and surfaces such as Instagram’s Explore grid could amplify mental-health harms. In one discussion, employees noted that individual images might not be triggering on their own but could become overwhelming when stacked together by the platform. The danger was not simply what users posted. It was how Meta chose to package, rank, recommend, and push that material to young people.

Internal materials also show that Meta spent years studying adolescent psychology to make its products more compelling to young users. Company presentations analyzed teen developmental vulnerabilities, identity formation, social pressures, and emotional needs to inform product strategy. Other documents explored how to make Instagram an “urgent” app for teen girls by creating fear of missing out and increasing how often teens checked the platform. Employees discussed making users feel that if they had not opened Instagram that day, they would have missed something important. As one Meta executive candidly acknowledged in an internal email, “No one wakes up thinking they want to maximize the number of times they open Instagram that day. But that’s exactly what our product teams are trying to do.” That is not a neutral service passively reflecting user choices. It is a business model built to cultivate habit, dependence, and constant engagement.

Former Meta whistleblower Frances Haugen described a company structure in which growth and engagement teams operated separately from safety and integrity teams, with hard-fought safety improvements often undermined by new growth initiatives. That description aligns with internal employee discussions later made public, including exchanges in which employees questioned how Meta could claim to prioritize youth safety while continuing to optimize teen experiences for engagement and growth. Internal chats reveal employees recognizing that regulators were effectively saying “stop optimizing for teen engagement,” while the company’s response focused on tools and public-relations measures that left the underlying business model intact.

Against that backdrop, the House decision is indefensible. The issue is not whether these harms are known; the public record shows they are. The issue is whether platforms should be required to exercise reasonable care when designing systems they know can contribute to those harms. Recent litigation has increasingly focused not on user speech, but on product design: addictive features, recommendation systems, ranking choices, notifications, and engagement loops. If a company studies children’s vulnerabilities, designs products to exploit those vulnerabilities, and receives repeated warnings about resulting harms, the question is no longer whether the risks were foreseeable. The question is why Congress would write a bill that shields platforms from any duty to account for them.

This is what makes the House version such a profound failure of political will. It acknowledges that children need stronger protections online yet refuses to require the most powerful actors in the system to exercise reasonable care. Worse, by stating that the bill should not be construed to impose a duty of care on covered platforms, it does not merely leave a gap; it builds a guardrail around that gap for the benefit of the companies most responsible for closing it. That’s a major concession to tech lobbyists at the expense of children. The House bill should be strengthened in conference to restore a meaningful duty of care, as the Senate version already does, remove any language blocking such accountability, and make clear that children’s safety matters more than preserving Silicon Valley’s engagement-driven business model.

Related