Are We Creating Liars? CIPA & COPPA

The debate around CIPA and COPPA is complicated, and it makes sense to feel “on the fence” as I often find myself. Both policies were created with good intentions, yet their real-world effects reveal tradeoffs between protection and access.

The Children’s Internet Protection Act (CIPA) and the Children’s Online Privacy Protection Act (COPPA) aim to safeguard minors online, but they do so in very different ways. CIPA focuses on requiring schools and libraries that receive federal funding to filter harmful content, while COPPA regulates how companies collect data from children under 13 years of ago. In theory, these laws create a safer digital environment, however, in practice they can sometimes overcorrect.

Source: freepngimg.com

Why 13?

From a protection standpoint, these policies do provide a baseline for parents like myself with children 13 and under. Of course, I had to ask the question, "Why 13?" as my community is searching for a missing thirteen year old who is not the type to run away, always has their phone, and just didn't went missing walking home. The answer I found in Family Online Safety Institute's article "Why 13?" suggest I'm not the only individual to ask this question. The answer really didn't help me because I thought I would find some profound answer that would be scientific and evident based. Thirteen was selected in 1998 as a compromise to the pressure of holding the age at 16 or 18 years of age due to the complications of verifying a guardian's consent. I can understand the debate on age readiness as every child is different. As any guardian can tell you, the article really highlights this issue of determine a child's readiness because evaluating a child's "maturity and capacity they have to make good decisions online" is different for every child even at the same age. I have three children, two are the same age for two weeks per year, and they each are very different and specialize in different things. 

Source: Freepik

As my children make different choice when given a subjective question, the age determination can not be determined fully by the government which allows the rule of 13 ages limit stand and these laws form our protection laws. CIPA helps prevent exposure to explicit or dangerous content in school and library settings, which is especially important for younger children who do not yet have the critical thinking skills to navigate situation that require comprehension skills, much less the importance of internet safely. COPPA, similarly, forces companies to be more transparent and cautious about collecting children’s data though this has pushed government policy suggestions because our current laws do not align fully with the progression of technology. The extent of data stored and used by social media companies is still not fully known. Nonetheless, the data collected is increasing in value and vulnerable in today’s digital economy. Without these laws, children would likely face even greater risks related to privacy and harmful content because they often fail to grasp the serious nature.

Source: Freepik

Blind Spot

However, the effectiveness of these protections is limited. CIPA’s filtering systems are often blunt tools. Filters can block not only harmful content, but also legitimate educational resources. Yet, I have seen block content sneak through the same filters. This also challenges libraries’ long-standing commitment to intellectual freedom, where access to information should not be overly restricted. Libraries, in particular, tend to emphasize parental responsibility and individual choice over imposed limitations by organizations and law.

COPPA raises even more complex concerns as the age threshold of 13 is somewhat arbitrary. While it aligns with developmental stages in some ways, it does not reflect the wide variation in maturity among children. Some children under 13 are capable of responsibly engaging with online spaces, while others older than 13 may still struggle with responsible and safe choices. Raising the age could increase protections, but it might also increase unintended consequences in particularly exclusion from digital participation. In Louisiana, we are already seeing this issue since the laws enacted in 2024 required in-person parent's permission for library access.

This is where I think of Danah Boyd’s argument and it becomes relevant. She suggests that COPPA can inadvertently teach children to lie about their age in order to access platforms. In our library, minors are not eligible for virtual cards because of the in-person parental permission requirement and new virtual accounts have been revoked because it was evident that a child lied on the age section. Danah Boyd's powerful critique highlights the key flaw of policies being too restrictive. They don’t eliminate behavior rather they place a moral question before a minor and to often minors chose to find the blind spot to achieve access. Children quickly learn to bypass age gates, often with parental awareness or even encouragement. As a result, they may end up using platforms without the protections or guidance those policies intended to provide.

Source: Freepik

Additionally, these restrictions can widen inequities. Children with more digitally literate parents may navigate these systems more safely, while others may be left without guidance. Or in my case, one of my children tests every limit out of curiosity because they have the technological advanced ability to do it. In this sense, government regulation alone cannot fully protect children; education and digital literacy are equally, if not more, important. Personally, I have had to take extra steps to educate my children because of my one child's advanced abilities.

Ultimately, CIPA and COPPA do provide important protections that help set a foundation, but they are not enough on their own. They should be seen as starting points rather than complete solutions. The age of 13 is not inherently right or wrong, but it is imperfect and require proactive parenting. A more flexible, education-centered approach that combines parental involvement and institutional support would likely be more effective. And yes, this brings up a whole separate issues of parenting styles and involvement that will have to be evaluated at another time.

In the end, protecting children online requires a balance of not just restricting access, but empowering young users to navigate digital spaces safely and responsibly.