On June 23, 2026, House Energy and Commerce Committee Chair Brett Guthrie (R-KY) and Ranking Member Frank Pallone (D-NJ) announced a bipartisan agreement on a revised Kids Internet and Digital Safety Act (H.R. 7757), clearing the way for a full House floor vote under suspension — a procedure requiring two-thirds majority support that bypasses extended debate. After the bill cleared committee on a 28-24 party-line vote in March 2026, the June deal marks the first time Democratic leadership has backed the package, substantially raising its odds of passage.
The revised KIDS Act is one of the most expansive pieces of internet legislation ever to reach the House floor. It consolidates more than a dozen bills: a reworked Kids Online Safety Act (KOSA) integrated as Title 2; a mandate for default high-privacy settings on any platform likely used by minors; age-verification requirements for sexually explicit websites drawn from the SCREEN Act; app store gating via the App Store Accountability Act (parental consent required for anyone under 18 to download age-restricted apps); parental notification rules under Sammy's Law; bans on disappearing messages and AI chatbot disclosure requirements for anyone under 17; and a new Federal Trade Commission data broker registry with annual registration fees set at a minimum of $22,500. The June revisions extended child data privacy protections from age 13 to age 17 and narrowed federal preemption to KOSA-specific policies, allowing states to maintain or enact stricter requirements.
The Child Safety Case Is Real
Before examining the bill's costs, it is worth taking seriously what its sponsors are trying to solve. Platforms have for years deployed systems that maximize engagement above all else — recommendation algorithms tuned to emotional arousal, disappearing messages that defeat parental oversight, interfaces that obscure safety controls behind multiple settings menus. Parents cannot meaningfully consent to conditions they cannot read, in systems they cannot audit. KOSA's original Senate sponsors spent years documenting a connection between algorithmic amplification and adolescent mental health crises — clusters of self-harm content served to vulnerable teenagers through automated recommendation loops. Whether one accepts the causal story in its strongest form or not, the concern that children are systematically subjected to default conditions designed by profit-maximizing engineers deserves a legislative response. The revised KIDS Act's mandate that platforms set safety as the default rather than something users must opt into directly addresses that design failure.
The Age-Verification Trap
The bill's deepest tension is embedded in its liability standard. Under the reworked KOSA, large platforms face legal exposure whenever they "willfully disregarded information that would lead a reasonable and prudent person to determine that a user is a child or teen." The SAFE BOTS Act applies a parallel "knows or should have known" standard to AI chatbot features. The practical implication, as the Electronic Frontier Foundation identified in its June 2026 analysis of the package, is that any platform wishing to avoid liability will need to verify all users' ages proactively — not merely accounts displaying obvious minor signals. There is no technically reliable way to verify a teenager without simultaneously verifying every adult. The bill's age-gating provisions, combined with this negligence-based standard, function as a mandate for universal identity checks even though the text never uses those words.
The EFF has further noted that KOSA's requirement that platforms "address" harms to minors — including drug use, self-harm, and gambling discussions — creates pressure to weaken encrypted private messaging. The bill's encryption carve-out does not extend to these design requirements. Platforms cannot "address" harms in communications they cannot read without either restricting encryption for minor accounts or reading those messages — an outcome neither Congress intended nor the bill resolves.
This is not a hypothetical concern. Nine states enacted age verification laws for adult content in 2025 alone. An EFF review of those implementations found that Florida's age verification mandate triggered a 1,150% increase in VPN demand — users chose to route around compliance rather than submit government identification to access lawful content. Adults' anonymous access to constitutionally protected speech is not a technicality; it is the right the Supreme Court has repeatedly held to be at stake in cases like these.
What SCOTUS Actually Blessed
Legislative supporters cite Free Speech Coalition v. Paxton (June 27, 2025) as proof that age-gating survives First Amendment review. In that 6-3 decision, Justice Clarence Thomas upheld Texas's HB 1181 under intermediate scrutiny, holding that the law's age-verification mandate for adult content websites "only incidentally burdens the protected speech of adults." That ruling is real constitutional authority — but it was expressly limited to websites where at least one-third of content is sexual material harmful to minors. Extending that precedent to general-purpose social media platforms, app stores, and gaming networks covers speech the Court has never classified as obscene to minors. The Center for Democracy and Technology has cautioned that Paxton is not carte blanche for blanket age-check regimes across the internet.
What Was Traded Away
The June bipartisan deal secured Democratic support by abandoning KOSA's most consequential enforcement mechanism: the duty-of-care requirement. The Senate version required platforms to "exercise reasonable care" to protect minor users — a legal obligation enforceable when platform design choices caused documented harm to specific children. The House version explicitly disclaims that obligation, inserting language stating nothing in the bill "imposes a duty of care on a provider of a covered platform." In exchange, the deal adds default safety settings, the data broker registry, and narrowed preemption. That is genuine progress in some dimensions. It is also a strategic win for the platforms most invested in defeating accountability: they kept the liability shield while agreeing to UI defaults that future management can reverse.
Senator Richard Blumenthal called the House compromise "dead in the Senate & a betrayal of families suffering from Big Tech's greed." The path to reconciliation with the Senate's KOSA version, which has retained the duty-of-care language, remains genuinely unclear.
What Proportionate Regulation Looks Like
A federal baseline replacing the growing patchwork of 19 divergent state laws is worth having — compliance fragmentation hurts smaller platforms far more than the incumbents this legislation targets. But the KIDS Act, as revised, creates a legal architecture that incentivizes universal identity surveillance while shielding platforms from the accountability that would actually protect children. Congress should restore the duty-of-care standard; narrow age-verification requirements to the content categories Free Speech Coalition v. Paxton actually blessed; and mandate genuine privacy-by-design for minor users, including default algorithm opt-outs and transparent parental controls. Surveilling all users to protect some children is not proportionate regulation — it is permission-structure for identity infrastructure dressed in the language of child safety.