Sponsors (3)
The bill strengthens protections and oversight for children on the largest social platforms and enables vetted third‑party safety tools under parental control, but narrows who is covered, increases technical and compliance complexity, and creates trade‑offs between enabling delegated safety access and raising data‑exposure and market‑competition risks.
Large platforms must treat children under 17 on covered services as a defined protected group, bringing targeted privacy and safety rules to the biggest social platforms.
Parents (and parents acting for children under 13) can delegate account management to vetted third‑party safety apps and receive frequent secure data exports for monitoring and safety review, giving families more practical control over privacy and safety settings.
Third‑party safety providers face registration, security, and annual audit requirements and are barred from selling children’s data in many situations, which reduces misuse risk and commercial exploitation of child data.
Children who use interactive services that fall below the bill’s user or revenue thresholds will be left without these new protections, leaving many children on mid‑sized or niche platforms unprotected.
Giving third‑party apps account control and frequent (even hourly) data exports increases the risk that bugs, misconfigurations, or a compromised third‑party account could expose sensitive child data despite the security rules.
Large platforms face tight deadlines to build real‑time APIs and security controls, and expanded FTC oversight; these compliance and legal costs may be passed to users, deter smaller entrants, or reduce available services.
Based on analysis of 5 sections of legislative text.
Introduced March 20, 2026 by Jon Husted · Last progress March 20, 2026
Requires very large social media platforms to provide secure, real‑time APIs so a child (or a parent for children under 13) can delegate account management and hourly transfers of a child’s user data to registered third‑party safety software. Establishes registration, data‑use limits, security and audit requirements for those third‑party safety providers, gives the Federal Trade Commission enforcement and oversight authority, and preempts state laws that would impose similar API requirements on platforms. The law defines which platforms are covered, limits how transferred child data may be used or disclosed, requires platforms to safeguard data and notify delegating parents/children about transfers or disclosures, and creates registration, audit, and remediation processes for third‑party safety software providers with FTC oversight and enforcement powers.