For more than three decades, I have worked in environments where failure carries real consequences — national security missions, global operations, regulated enterprises, and systems that must work under pressure. One lesson has been consistent across every domain: you cannot regulate safety into a system that was never designed to support it.

The recent advancement of a slate of children’s online safety bills by the House Energy and Commerce Subcommittee highlights both progress and a fundamental problem. Lawmakers on both sides of the aisle clearly recognize that children are being harmed online. Yet the sharp partisan divide surrounding cornerstone legislation like the Kids Online Safety Act (KOSA) and updates to COPPA reveals a deeper issue: we are asking policy to solve what is, at its core, an infrastructure failure.

The Real Problem: Safety Is External to the System

Today’s digital platforms were engineered to maximize engagement, scale rapidly, and monetize attention — not to protect minors. As a result:

1. Safety obligations are debated in legislation instead of enforced by design
2. Parents are expected to monitor systems they do not control
3. Regulators are left arguing over “duty of care” language without technical mechanisms to verify compliance
4. Platforms self-attest to “reasonable policies” without real-time enforcement or auditability

This is why debates over duty-of-care provisions, preemption of state laws, and weakened enforcement mechanisms feel so consequential — and so frustrating. Without technical enforcement, safety requirements become aspirational statements rather than operational realities.

In national security and regulated industries, this approach would be unacceptable. We do not “encourage” safety; we engineer it into the system.

Why Legislation Alone Will Always Fall Short

I respect the seriousness with which lawmakers and parent advocates approach this issue. The pain behind these debates is real. But as someone who has built compliance and governance frameworks across high-risk environments, I can say plainly:

If safety is optional, it will be bypassed.

If safety is external, it will be inconsistent.

If safety is reactive, it will arrive too late.

This is why we see repeated cycles of tragedy, public outrage, hearings, and revised bills — while the underlying platforms remain structurally unchanged.

Australia’s recent decision to bar children under 16 from major platforms is not an overreaction; it is a signal of desperation. When societies cannot trust systems to protect children, exclusion becomes the only remaining lever. We should aim higher than exclusion.