Child online privacy and safety laws, on both the federal and state level, have become increasingly complex and almost impossible to comply with as there is no sure way to tell in real time the age of those accessing websites or online platforms.
Gary Kibel, Davis+Gilbert Privacy, Technology + Data Security partner was quoted in Privacy Daily speaking on the complexities of child online privacy and safety laws and why businesses are struggling to comply. This critical issue was front and center during the dynamic panel, “Minors and Privacy – Managing Compliance Around Rapidly Changing Requirements,” at the 2025 IAB Public Policy and Legal Summit with fellow panelists and chief privacy officers Rachel Glasser (Magnite) Peter Lerner (Advance) and Julia Shullman (Telly).
Beyond knowing when to implement child online privacy and safety legislation, there are conflicting interpretations of the language in the laws themselves. “We can’t agree on what the age of a child is,” said Gary, further explaining that “Some states say it’s a person younger than 13, while others say it’s up to 17, and some have specific rules for ages 13 to 15.”
One of the big questions when it comes to compliance is, “How do we define consent?” Gary said. “But even harder, how do we define knowledge? How do we define knowledge about who was a child?”
For more insight on the complex landscape surrounding child online privacy and safety laws, read the full article below.