House Kids Privacy Hearing Evokes Preemption, Enforcement Fears

For instance, Kate Ruane, director of the Free Expression Project at the Center for Democracy & Technology (CDT), said her biggest concern was with preemption language in the bills (see 2512010036). If it remains, children will likely have fewer protections at the state level than they do today, and "we will have failed to do our jobs,” she said.

Rep. Jay Obernolte, R-Calif., took issue with altering the preemption language. “Once we've … struck a balance, why would we allow different states to enact different balances that create a barrier to entry, [and] that favors large businesses over small businesses?”

Paul Lekas, executive vice president of global public policy for the Software & Information Industry Association, said his organization supports preemption, calling it an “important” concept. “We believe there needs to be a strong national standard for everybody.”

Ruane and Joel Thayer, president of the Digital Progress Institute, said they preferred conflict preemption -- meaning the federal government only preempts conflicting aspects state law -- over broad preemption of all state or local laws on the subject.

Rep. Erin Houchin, R-Ind., said a federal standard is needed so states "cannot go below” it. States should be "nimble, but we also don't want them to go below a standard set federally that we have determined will protect kids. Otherwise, we might as well not do this work and just leave it up to the states.”

FTC Bandwidth

Rep. Kevin Mullin, D-Calif., asked if the FTC has the resources to properly enforce possible laws that protect kids' privacy and online safety.

Not only has President Donald Trump “attempted to unlawfully fire" two FTC commissioners, "eliminating bipartisan input,” but “the chair of the FTC has attempted to dramatically reduce the commission staff through buyouts and other drastic measures,” Mullin said. Additionally, “the remaining employees at the FTC … are already stretched too thin.”

Mullin said the FTC must be "fully funded" and its "bipartisan commission structure" must be protected, ensuring that it can carry out "the mission Congress gives it.”

Rep. Frank Pallone, D-N.J., agreed with Mullin, calling the FTC “Americans' strongest champion against the abuses of all who seek to exploit our nation's children and adults for profit, both on and offline.”

“When President Trump attempted to illegally fire the FTC Democratic commissioners, he made our children less safe online,” he added.

Rep. Darren Soto, D-Fla., said that “the courts have been taking their sweet time" addressing the firings. He added: “It's critical that we as a committee make sure we get the FTC up to strength and hold the president accountable for this unlawful action.”

Ruane added, “If we do not have an Independent FTC that is enforcing the law fairly as it applies to all children and protects all children, we have significant concerns about how these bills would operate in practice."

Similarly, Rep. Yvette Clarke, D-N.Y., said, “Since March, the FTC has been unable to do its job in good faith and maintain its historic role as a bipartisan, independent cop on the beat.”

Other Concerns

Beyond issues about preemption and FTC enforcement, legislators and panelists mentioned other concerns they had with the 20 bills. Much of the conversation and questions during the hearing were about the bills and kids' privacy and safety generally, rather than nitpicking issues with specific proposed legislation -- aside from preemption language.

Subcommittee Chairman Gus Bilirakis, R-Fla., talked about the balance needed between kids’ safety and the constitutionality of the proposed legislation. “We've seen it in the states: laws with good intentions have been struck down for violating the First Amendment,” he said. “We are learning from those experiences, because a law that gets struck down in court does not protect a child, and the status quo is unacceptable.”

Pallone mentioned the balance between privacy and safety, particularly between teens and their parents. Ruane noted that while CDT supports giving tools to families, it's "concerned about any provisions that give parents access to [or] control over the content of kids' communications.”

She applauded the Kids Online Safety Act (KOSA) for containing a provision that platforms would not disclose the content of kids’ communications, but warned that COPPA 2.0 “contains language that might allow parents … to delete their kids’ data” or other “content that they may have created.”

Rep. Kathy Castor, D-Fla., however, critiqued the fact that there were no parents, young people, or pediatricians on the panel to testify.

Other lawmakers voiced disappointment in the current versions of some of the bills. KOSA and COPPA 2.0, as they stand today, “have been gutted and co-opted by big tech,” and “committee leadership has shunned parents, advocates and bipartisanship” in the legislative process, said Rep. Lori Trahan, D-Mass.

Rep. Kim Schrier, D-Wash., agreed, calling KOSA “toothless.”

Obernolte noted that many of the bills carried implementation issues. Age verification, for example, “is key to the protections we're trying to provide here,” but “when you force every single app developer to do that,” and the average user has 100 apps, “you're collecting private information used to verify that age 100 times … [and] storing it 100 times.”

This “creates these repositories of private information that are really attractive targets for cyber criminals,” he added, suggesting age verification at the operating system level as an alternative.

Thayer also supported this, specifically the App Store Accountability Act. App stores “have the data already,” he said. “They already have all of the access to this information.”

“Not only that, they already are developing the tools,” Thayer added, adding Apple said it can "do all of this in a privacy-conscious way.”

Rep. John James, R-Mich., also supported the Act. “The App Store Accountability Act holds Big Tech companies to the same standard as local corner stores,” and “protects the next generation by empowering parents now and making clear that when it comes to safeguarding our children, no one gets a free pass.”

Missing Bills

Pallone said that Congress “should play an active role in keeping minors safe, and that role must include prioritizing strong comprehensive data privacy legislation, which, unfortunately, is not included in the 19 bills we're considering today.”

Without it, "companies will continue to collect, process and sell as much of our data and the data of our kids as possible,” he said. “This data allows companies to exploit human psychology and individual preferences to fuel invasive ads and design features without regard to the harm suffered by those still developing critical thinking and judgment.”

Rep. Robin Kelly, D-Ill., agreed. “Without thorough, comprehensive privacy laws for all Americans, I worry you aren't meeting the moment to ensure the health and safety of our children, particularly concerning the mental health of children and teens.”

Rep. Kat Cammack, R-Fla., said another bill missing from the hearing’s agenda was the App Store Freedom Act. Under it, parents "could vet the apps and [know] for sure that their kids were safe.”

Trahan also supports the App Store Freedom Act. “What we need is competition in parents’ and kids’ interest,” she said.

Thayer said that the two issues are connected. “It's always the case where [Big Tech] play[s] this game of if you want to regulate competition, it's a privacy issue,” but “if you want to regulate privacy, it's a competition issue.”