Security

Balance, Not Mandates, Needed To Keep Kids Safe Online: Report

student and parent using computer

An effective approach to children’s online safety needs to strike a balance between protecting kids’ user privacy and free speech, as well as distributing responsibility to the government, online services, and parents, according to a report released Monday by a Washington, D.C. technology think tank.

No amount of regulation will completely eradicate all potential harms that children face in the digital and physical worlds, acknowledged the report by the Information Technology & Innovation Foundation (ITIF). However, for the regulation that is needed, a balance should be struck to address concrete harms without overly infringing on everyday Americans’ civil liberties, including their rights to privacy and free speech.

The report, written by ITIF Policy Manager Ashley Johnson, continued that regulations sometimes infringe on adults’ rights to privacy and free speech and on the rights of the very children they aim to protect.

Indeed, it added, if not designed appropriately, these kinds of rules can trample on children’s right to engage with their friends and access appropriate information online.

The 32-page report discusses existing legislation in the online child-protection domain, in addition to key issues such as child privacy, age verification, protection from harmful content, and child labor exploitation. It also includes 10 recommendations for an effective approach to child online safety.

Imperfect Public Policy

“The ITIF report highlights the complexities involved in protecting children’s safety online while upholding user rights, enabling innovation, and respecting family autonomy,” observed Michael Davis, CEO and founder of Merek Security Solutions, a data protection and risk management company, in Santa Fe, N.M.

“Many proposed measures, like overly broad age verification mandates or blunt COPPA expansions, risk being counterproductive — unduly restricting positive online experiences for kids, stifling digital ecosystems, and infringing on civil liberties,” he told TechNewsWorld.

“Most would agree with the report’s contention that many current proposals to protect children online do not strike the right balance and risk overburdening parents and businesses or infringing user rights,” he added.

David Redekop, CEO and founder of ADAMnetworks, a network security company in London, Ontario, Canada, agreed that any public policy attempted to date has been an imperfect solution. “Mostly because the problem that needs to be solved deals with predatory behavior of the worst kind, with no borders, and against the most vulnerable of people: children,” he told TechNewsWorld.

“When we combine that with a culture that spends less parent-child time than in previous generations, the problem is multi-faceted and cannot conceivably be solved with public policy alone,” he continued. “It necessarily needs to become the priority of parents first.”

“Unfortunately,” said Redekop, “that leaves many children vulnerable, especially ones in single-parent homes.”

Perils of Expanding COPPA

The report recommends that the FTC update its Children Online Privacy Protection Act (COPPA) rules to reflect technological changes since 2013, including allowing operators to conduct an analysis of their audience composition to avoid classification as a child-directed service while maintaining COPPA’s actual knowledge standard.

There have been calls in Congress to change that standard to “knowledge fairly implied on the basis of objective circumstances,” in addition to expanding the act to 16-year-olds.

“Extending COPPA protections to teenagers ages 13 to 16 could lead many services to stop providing offerings for that age group to avoid compliance costs and liability risks,” Merek’s Davis said.

“Switching from an ‘actual knowledge’ to an ‘implied knowledge’ standard would create a compliance minefield for services operating in good faith,” he added.

The report noted that expanding COPPA to 16-year-olds will likely lead to less innovation in online services designed for children and teens. This means less educational content and wholesome entertainment, which many families rely on to keep children engaged and learning.

It also means fewer online social spaces for teens, which have become an integral part of the average American teenager’s social life and development, it added.

However, the report recommended that Congress amend COPPA’s actual knowledge standard so that websites directed at a general audience with common features, such as user feedback forms or customer service chatbots, are not required to obtain parental consent to collect information from users indicated as children.

‘Trustworthy Child Flag’

The report calls on Congress to mandate device operating systems to create an opt-in “trustworthy child flag” for user accounts, available when first setting up a device and later in a device’s settings, that signals to apps and websites that a user is underage, requiring apps and websites that serve age-restricted content to check for this signal for their users and block underage users from this content.

ITIF’s Johnson maintained that social media platforms need to give parents more controls, like the trustworthy child flag. “Social media platforms giving parents more control would be a really important step,” she said.

Interoperability is also important, she added, so parents can easily move controls from one platform to another.

The report recommends that Congress pass legislation establishing a government-led forum to construct a voluntary industry standard for interoperability on cross-platform parental controls, which would enable parents to create universal limits on their children’s online behavior across multiple devices.

“Parental controls are part of the solution,” agreed David Inserra, a fellow for free expression and technology at the Cato Institute, a Washington, D.C., think tank.

“There are a lot of parental controls out there, but parents don’t know how many of them they can use. They’re underused,” he told TechNewsWorld.

“If you want more safety, if you want more options for parental control or age verification or whatever, the tools are going to come from the private sector,” he said.

He argued that government mandates won’t solve the online child safety problem. “I don’t think the mandates will result in what the government thinks they will result in,” he declared. “Instead, I think they will cripple innovation. The reason these companies are in the U.S. is because we’ve had great success allowing companies to innovate and create new products.”

More Recommendations for Improving Online Child Safety

Other recommendations offered in the report included:

  • Congress should pass comprehensive federal privacy legislation that addresses actual privacy harms and preempts state laws, creating a single set of protections for all Americans. The act should include additional protections for children between ages 13 and 17, such as opt-in consent to collect and share teenagers’ data, while adults would be able to opt out of data collection and sharing.
  • Congress should pass legislation creating a national, interoperable framework for securely issuing and validating digital IDs across all levels of government and directing the Department of Homeland Security to begin issuing those digital IDs upon request, with grants for states to upgrade their systems for issuing driver’s licenses and other identity credentials to support digital IDs that can serve as privacy-protective forms of online age verification for adults.
  • Congress should provide more funding for research and testing of photo-based AI age estimation and direct the National Institute of Standards and Technology (NIST) to conduct an up-to-date empirical evaluation of age estimation algorithms and their accuracy.
  • Congress should increase funding for law enforcement to investigate child sexual abuse material reports and prosecute perpetrators, including by increasing funding for ICAC task forces, police technology, and police training to keep up with perpetrators’ continuously evolving methodology.
  • Congress should pass federal legislation similar to the Coogan Act and Indiana’s child influencer legislation that protects child performers in traditional and digital media by requiring parents to set aside a portion of a child’s earnings in a trust that the child can access upon reaching adulthood.
  • Congress should provide funding for digital literacy campaigns that teach children how to stay safe online and parents how to keep their children safe online.

The ITIF report, “How to Address Children’s Online Safety in the United States,” is available without completing a form.

John P. Mello Jr.

John P. Mello Jr. has been an ECT News Network reporter since 2003. His areas of focus include cybersecurity, IT issues, privacy, e-commerce, social media, artificial intelligence, big data and consumer electronics. He has written and edited for numerous publications, including the Boston Business Journal, the Boston Phoenix, Megapixel.Net and Government Security News. Email John.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by John P. Mello Jr.
More in Security

Technewsworld Channels