Phosra Spec / Capability

OCSS v1.0 — Draft

Tier

Tier gating across content, AI, and privacy.

Read the rule listBack to all capabilities

What Tier does

One evaluator for every tier-based safety law.

Every modern child-safety law turns on a tier. Civil-society raters band content by age. New York's S9051 sorts AI products into four risk levels. The EU's AADC scores privacy posture. California's SB 243 categorizes companion-AI exposure. Each platform implements them ad-hoc, and parents end up with seven different toggles for the same intuition.

Tier ingests tier signals from upstream raters — civil-society privacy programs, AI risk-tier rubrics, OS-level age bands, the content rating boards — evaluates every request through the configured tier policy, and emits a clean Allow / Warn / Block decision plus the cited rule and source signal.

The same parental policy now works across DNS, MDM, app stores, browsers, and AI products. No bespoke logic per statute, no per-platform interpretation drift — one evaluator, audited once, deployed everywhere.

How partners plug in

Tier is a socket. Tier signals flow in. Decisions flow out.

These are the upstream signals Tier evaluates — either shipping today, in conversation with a partner, or pending an upstream API.

Powered byTier
Civil-society 4-tier AI risk scaleDesign partner candidate
Powered byTier
OS age-band signal — Apple / GooglePending API
Powered byTier
Content rating boards — ESRB, MPAA, PEGIMappings shipped

Standards & laws

What Tier does for each statute.

  • KOSA — gates algorithmic feeds and content categories by the user's known age band, satisfying the duty-of-care content tier requirements.
  • EU AADC — enforces the privacy posture tier on every connected service, defaulting minor accounts to the strictest configuration.
  • NY S9051 — maps AI products to the four risk tiers and blocks tier-3/4 access for minors at the network and app-store layers.
  • CA SB 243 — gates companion-AI exposure for minors and surfaces the “not for kids” signal at the moment of enforcement.
  • COPPA 2.0 — applies tier-based content and AI restrictions for users under 13 and 17, in line with the FTC's expanded scope.
  • Civil-society privacy programs — consumes Pass / Warning / Fail seals and treats them as first-class enforcement tiers across every connected platform.

Conformance

Adopter Tier 1 certification.

To ship Tier-conformance for an Adopter Tier 1 certification, your implementation must pass [draft] coming Q3 tests in the Tier conformance suite. The suite covers tier-signal ingestion, tiering-policy correctness, decision tracing, and cited-rule emission.

We are co-authoring the suite with our design partners. If you want a seat at the table while the bar is being set, reach out.

Rule list

The 21 rules Tier ships

Every rule below is implemented by this capability. Pulled directly from the rule registry.

  • Content RatingApplies content maturity ratings (MPAA, TV Parental, ESRB, PEGI, civil-society) to filter age-inappropriate media.
  • Violence ThresholdFilters violent content above the configured threshold from feeds, comments, and AI outputs visible to minors.
  • Sexual Content ThresholdFilters sexual content above the configured threshold from feeds, comments, and AI outputs visible to minors.
  • Profanity ThresholdFilters profanity above the configured threshold from feeds, comments, and AI outputs visible to minors.
  • Commercial Pressure ThresholdCaps commercial-pressure content (microtransactions, loot boxes, ad density) at the threshold appropriate for the user's age band.
  • Substance Content ThresholdFilters drug, alcohol, and tobacco content above the configured threshold from minor-facing surfaces.
  • Social Chat ControlRestricts in-app chat to approved contacts only for minor accounts; rejects unsolicited DMs at the network edge.
  • Web Filter LevelSets the overall web filtering strictness level from permissive to highly restrictive.
  • AI Chatbot Tier GateGates AI chatbot access by a 4-tier risk scale, blocking tiers above the configured threshold.
  • AI Product Classification GateGates AI products by an independent product-classification tier (LLM, agent, companion) before allowing minor access.
  • AI Keep Kids Safe ThresholdEnforces a minimum independent privacy-program dimension score for AI products' kid-safety category.
  • AI Data Responsibility ThresholdEnforces a minimum independent privacy-program dimension score for AI products' data responsibility category.
  • AI Transparency ThresholdEnforces a minimum independent privacy-program dimension score for AI products' transparency category.
  • AI Minor InteractionControls AI chatbot and generative AI interactions with minor users, enforcing safety guardrails.
  • Streaming Age RatingMaps and enforces age ratings across MPAA, TV Parental, ESRB, and PEGI on streaming surfaces.
  • Csm Privacy Tier Gate
  • Csm Privacy Score Threshold
  • Csm Privacy Dimension Gate
  • Csm Privacy Seal Required
  • Csm Privacy Unrated Default
  • Csm Seal Allowlist
Read § →

Implementing Tier? Talk to us.

Talk to a Partner EngineerRead the CharterTalk to us