Phosra
Get Started
United States (Federal)Passed Senate (Jul 2024)

Kids Online Safety Act (KOSA)

Establishes a duty of care for platforms, requiring them to disable addictive features and algorithmic feeds for minors by default.

Compliance Coverage7/8

What KOSA Requires

Key provisions of Kids Online Safety Act

Duty of Care

Platforms must exercise reasonable care in designing and operating their services to prevent and mitigate harm to minors, including mental health harms, bullying, exploitation, and substance abuse promotion.

Default Privacy for Minors

All privacy settings for minor users must default to the most restrictive options available. Platforms cannot require minors to opt out of data collection or content personalization.

Opt-Out of Algorithmic Recommendations

Minors must be provided with a clear, accessible mechanism to opt out of personalized algorithmic recommendations. Chronological or non-personalized feeds must be available as the default experience.

Disable Addictive Design Features

Platforms must disable or limit features known to drive compulsive usage among minors, including infinite scroll, autoplay, push notification streaks, and variable-reward engagement patterns.

FTC Enforcement Authority

The Federal Trade Commission is granted authority to enforce KOSA provisions, investigate violations, and impose civil penalties. State attorneys general may also bring enforcement actions.

Annual Independent Audits

Covered platforms must conduct annual independent audits to assess compliance with duty-of-care obligations, report findings to the FTC, and make audit summaries publicly available.

How Phosra Helps

KOSA provisions mapped to Phosra features

Each KOSA requirement is addressed by a specific Phosra capability. Integrate once, and your platform is covered.

Duty of care for minors

PCSS Policy Engine

addictive_design_control

Phosra's 40-category rule system covers the full scope of KOSA's duty-of-care requirements, enforcing protective defaults across all connected platforms in a single API call.

REST API — Enforce KOSA duty of care
bash
curl -X POST https://api.phosra.com/v1/enforcement \
  -H "Authorization: Bearer sk_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "child_id": "ch_emma_01",
    "rules": ["algo_feed_control",
              "addictive_design_control",
              "targeted_ad_block"],
    "platforms": ["youtube", "tiktok", "instagram"]
  }'

Default privacy settings

Age-Based Defaults

targeted_ad_block

Phosra automatically maps child age groups to the most restrictive privacy defaults across each connected platform, ensuring compliance without manual configuration.

REST API — Apply age-based defaults
bash
curl -X POST https://api.phosra.com/v1/children/ch_emma_01/defaults \
  -H "Authorization: Bearer sk_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "age_group": "teen_13_15",
    "apply_to": ["youtube", "tiktok", "instagram"]
  }'

Algorithmic feed opt-out

Algorithm Feed Control

algo_feed_control

The algo_feed_control rule category disables personalized recommendations and switches feeds to chronological mode on YouTube, TikTok, Instagram, and other supported platforms.

REST API — Disable algorithmic feeds
bash
curl -X POST https://api.phosra.com/v1/enforcement \
  -H "Authorization: Bearer sk_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "child_id": "ch_emma_01",
    "rules": ["algo_feed_control"],
    "platforms": ["youtube", "tiktok"]
  }'

Disable addictive features

Addictive Design Control

addictive_design_control

The addictive_design_control rule disables autoplay, infinite scroll, notification streaks, and other compulsive-use patterns across all connected platforms.

MCP Tool — Addictive design enforcement
bash
# MCP tool invocation
tool: trigger_child_enforcement
input: {
  "child_id": "ch_emma_01",
  "rules": ["addictive_design_control"],
  "scope": "all_connected_platforms"
}

FTC enforcement readiness

Enforcement Audit Trail

Every enforcement action is logged with timestamps, platform responses, and rule snapshots, producing a complete audit trail for regulatory review and FTC compliance documentation.

REST API — Export audit trail
bash
curl -G https://api.phosra.com/v1/enforcement/audit \
  -H "Authorization: Bearer sk_live_..." \
  -d "child_id=ch_emma_01" \
  -d "law=kosa" \
  -d "from=2026-01-01" \
  -d "to=2026-02-10"

Annual compliance audits

Compliance Dashboard

The Phosra dashboard provides real-time visibility into enforcement status across platforms, enabling platforms to demonstrate continuous compliance during audit cycles.

REST API — Compliance status dashboard
bash
curl -G https://api.phosra.com/v1/compliance/status \
  -H "Authorization: Bearer sk_live_..." \
  -d "law=kosa"

Coverage Assessment

KOSA compliance checklist

Compliance Coverage

Duty of care implemented for all minor usersPCSS Policy Engine with 40 rule categories
Privacy settings default to most restrictiveAge-based default rule mapping
Algorithmic feed opt-out availablealgo_feed_control rule category
Addictive design features disabled by defaultaddictive_design_control rule category
Targeted advertising blocked for minorstargeted_ad_block rule category
Parental tools for controlling child experienceDashboard + API parental controls
Audit trail for enforcement actionsEnforcement job logging with 1-year retention
Age verification integrationPlatform-native age verification (not yet supported)

Start building KOSA-compliant features today

Phosra handles the complexity of multi-platform compliance so you can focus on building great products for families.

Get Started FreeRead the Docs