A rare bipartisan supermajority, an uncertain landing
On June 29, 2026, the House passed the Kids Internet and Digital Safety (KIDS) Act, H.R. 7757, by a 267-117 vote — well past the two-thirds threshold required under the suspension-of-the-rules process it was fast-tracked through (The Record). The bill is really twelve to fourteen bills wearing a trench coat: a revised Kids Online Safety Act (KOSA), a modernized COPPA 2.0, the SAFE BOTs Act on AI chatbot disclosure, the Safer GAMING Act on default communication settings, and a cluster of study and reporting mandates, stitched together after Energy and Commerce Chairman Brett Guthrie and Ranking Member Frank Pallone reached a late-June compromise (Tech Policy Press). It now goes to a Senate where a large majority prefers a tougher, Blumenthal-Blackburn-backed version of KOSA that keeps the one thing the House stripped out: a statutory "duty of care."
Steelmanning the duty-of-care camp
The case for duty of care is not frivolous. Its proponents argue that a reasonable-policies standard — "establish, implement, maintain, and enforce reasonable policies" — lets platforms write their own compliance narrative, while an affirmative duty to mitigate design features that foreseeably harm minors (infinite scroll, autoplay, engagement-optimized notifications) forces companies to internalize costs they currently externalize onto teenagers' attention spans and mental health. Years of internal-documents litigation and whistleblower testimony have made a plausible case that some design choices are not neutral. Senators Blumenthal and Blackburn call the House bill "a pale imitation of Big Tech accountability" for exactly this reason, and they are not wrong that the House version is deliberately narrower.
But narrower is not the same as toothless, and the House was right to prize precision over a vague standard that regulators and plaintiffs' lawyers would have had to define retroactively, case by case, at the expense of speech platforms have no reliable way to anticipate. EFF's core objection to KOSA-style duty-of-care language has always been that it "pressures companies to police lawful speech online" — a platform facing liability for insufficiently mitigating vaguely defined harms will over-remove content on gambling, substance use, or LGBTQ topics rather than risk a lawsuit, catching exactly the teens searching for a parent's addiction resources or their own identity in the process (EFF). The House bill's narrower "reasonable policies" language is a real, if partial, answer to that risk.
Age verification now sits on firmer constitutional ground
The SCREEN Act's age-verification mandate for pornography sites is the least controversial piece of the package, and for good reason: the Supreme Court settled the constitutional question a year ago. In Free Speech Coalition v. Paxton, decided June 27, 2025, the Court upheld Texas's HB 1181 by a 6-3 vote, with Justice Thomas writing that the law "triggers, and survives, review under intermediate scrutiny because it only incidentally burdens the protected speech of adults" (Cornell Law School / Supreme Court text). That ruling opened the floodgates: roughly half of US states now mandate age verification for adult content or social media, per EFF's own year-end count, with adoption accelerating sharply since the decision (EFF). A federal floor that limits data retention and rules out government-ID requirements — as the House bill does — is a more privacy-protective outcome than the current patchwork of 26-plus divergent state laws that platforms otherwise have to comply with individually.
That said, EFF's underlying technical objection deserves a fair hearing rather than dismissal: "there is no way to determine a user's age online that is both privacy protective and accurate," and every verification method requires linking sensitive personal data to browsing activity, with real breach history among verification vendors to prove the risk isn't hypothetical. Congress should treat that as an argument for tight federal data-minimization rules, which the bill gestures at, not as an argument against age verification altogether now that courts have blessed the underlying mandate.
The preemption gap is the real innovation cost
The more consequential fight, from a growth and compliance-cost standpoint, is preemption — and it's the one place the House bill actually regressed from the Republican working group's original draft. The June 22 compromise dropped preemption of stricter state laws entirely, meaning platforms will layer federal age-verification, chatbot-disclosure, and default-settings rules on top of, not instead of, state-by-state variations. Democrats wanted that flexibility to preserve tougher state statutes; Republicans wanted one national standard. The result splits the difference by giving up the standard. For a sector where a single product change has to be re-litigated fifty times, that's a genuine cost the Senate should fix rather than replicate.
What the Senate should actually do
Given the current math — a Senate majority nominally backing full KOSA, an August recess, and midterm-year gridlock — reconciliation before 2027 looks unlikely (Tech Policy Press). The productive path is not choosing between the House's narrower bill and the Senate's duty-of-care version wholesale, but taking the House's more precisely scoped provisions — chatbot disclosure, default-off communication tools for minors, age verification with real data-minimization limits — and adding the one thing the House left out: a single federal preemption standard that actually reduces compliance fragmentation instead of adding another layer to it.
Key facts
House vote: 267-117, passed under suspension of the rules, June 29, 2026. Free Speech Coalition v. Paxton: 6-3, June 27, 2025, upheld state age-verification mandates under intermediate scrutiny. The House package folds together roughly 14 separate bills, anchored by revised KOSA and COPPA 2.0.