House Leaders Reach Deal on Kids Online Safety Package

Revised ‘KIDS Act’ establishes new federal oversight of data brokers handling minors’ personal data.

House Leaders Reach Deal on Kids Online Safety Package
Photo of House Energy and Commerce Chairman Brett Guthrie, R-Ky., left, and ranking member Frank Pallone Jr., D-N.J., at a markup in May by Tom Williams/CQ Roll Call.

WASHINGTON, June 23, 2026 – House Energy and Commerce leaders reached a bipartisan compromise Monday on a sweeping children's online safety package, settling negotiations over a bill that cleared committee in March.

House Energy and Commerce Committee Chairman Brett Guthrie, R-Ky., and Ranking Member Rep. Frank Pallone Jr., D-N.J., announced they had reached an agreement on the Kids Internet and Digital Safety Act, a 115-page package that combines portions of more than 10 online child safety bills.

The final “KIDS Act” was roughly twice the length as the initial version, which passed the committee with only Republican support. The revised bill adds data privacy protections for children and teens, and scales back earlier preemption language that had raised concerns.

“We worked across the aisle for many months and have now found common ground on policies to significantly improve the digital environment for kids,” Guthrie and Pallone said in a joint statement.

The KIDS Act creates a federal framework requiring online platforms, gaming services, and artificial intelligence chatbots to implement default child safety protections, stricter parental controls, and limits on algorithmic targeting and engagement practices.

Major platform requirements

The bill would require social media platforms to implement default safety settings for minors.

Platforms must enable protective default settings including: limits on messaging and contacts; restrictions on data sharing and geolocation; controls over recommendation systems; and, ability to reduce compulsive-use design features.

Under the legislation, parents must be able to: manage child account settings; limit screen time and purchases; control messaging access, including disabling messaging for children; receive notifications about contact requests; and view usage metrics.

Platforms must provide controls over or transparency around: algorithmic recommendation systems; compulsive engagement features, such as infinite scroll, autoplay, streaks, notifications, or rewards; and personalized content targeting based on minors’ data.

AI chatbot and online gaming provisions

The bill also imposes new requirements on artificial intelligence chatbot providers, requiring chatbots to clearly disclose that they are AI systems rather than human users.

The legislations includes provisions mandating AI chatbots provide crisis hotline information when users discuss self-harm or suicidal ideation.

Chatbots would also be required to prompt users to take a break after three hours of continuous interaction and to implement policies to prevent the promotion of illicit drugs, gambling, sexual exploitation, and other harmful content to minors. 

Separately, the legislation sets new safety standards for online gaming platforms, requiring default restrictions on communication between minors and other users. Gaming services would also be required to limit minors’ ability to make purchases, receive algorithmic recommendations, and control the visibility of personal information and contacts.

Data broker regulation

The legislation would create a new federal regulatory framework for data brokers that handle minors’ personal data.

It defines a “covered data broker” as any entity that, for compensation, sells or otherwise transfers personal data of a minor that it did not collect directly. The bill carves out exemptions for service providers, entities acting at a user’s direction, and publishers of news or other matters of public interest. 

The framework requires covered data brokers to register annually with the Federal Trade Commission and to disclose key information, including the categories of personal data they sell, their contact information, whether they use purchaser credentialing, and any known data security incidents affecting consumers. 

It also directs the FTC to maintain a publicly accessible, searchable registry of registered data brokers, to increase transparency into the sector. It authorizes the FTC to impose an annual registration fee of at least $22,500 on brokers, subject to inflation adjustments.

Enforcement, audits, and FTC role

The FTC would serve as the primary enforcement agency for the legislation, with authority to oversee compliance by covered platforms and ensure implementation of the bill’s requirements. 

The measure would require major platforms to undergo annual independent third-party audits assessing their protections for minors, including the availability and use of safety tools, the effectiveness of parental controls, the volume of reports of harm, and platform-level data such as the number of minor users and time spent on services. 

Findings from these audits would be submitted to the FTC and, in part, made public.

Beyond enforcement, the bill directs the FTC and other federal agencies to carry out a series of studies and reporting requirements on youth online safety risks and platform practices. 

These include evaluations of what personal data is collected, how algorithms and targeted advertising use that data, and patterns of minors’ daily use, as well as separate reports on the accessibility of fentanyl through social media platforms.

The FTC would also be required to examine the effectiveness of parental controls, safety tools, and platform mitigation efforts, as well as the mental health impacts of AI chatbots on minors through a long-term study conducted with the National Institutes of Health.

Preemption

The legislation includes a federal preemption provision that would generally override conflicting state and local laws. Under the revised framework, states would retain the ability to enact stronger safeguards so long as they do not directly conflict with federal requirements established in the bill. 

The bill preserves room for states to maintain and, in some cases, expand their own privacy and data security protections. 

The updated language appears to address concerns raised by some committee Democrats during earlier negotiations, when they warned that the initial proposal could have displaced too many existing state laws without establishing a sufficient federal baseline for online child safety.

The final package omits several measures that were considered by the committee in March.

Those bills omitted include the Algorithmic Choice and Transparency Act, introduced by Rep. Kat Cammack, R-Fla., the App Store Accountability Act, introduced by Rep. John James, R-Mich., and Sammy’s Law, introduced by Rep. Debbie Wasserman Schultz, D-Fla., and Rep. Buddy Carter, R-Ga., which was considered separately.

Popular Tags