Meta / Facebook / Instagram: Child-Safety & Online-Harms — Litigation and Policy Record
Analyst note. Investigative legal/policy brief. Date of compilation: 2026-06-07. Every factual claim carries a URL. Speculative or weakly-sourced claims are flagged inline and graded. The framing hypothesis is tested adversarially (attempted falsification) at the end.
Framing hypothesis under test
Incumbents (chiefly Meta) amplify and then steer the "protect the children" agenda to convert open-ended liability into manageable, compliance-based moats — and to push liability onto OTHER parties (app stores, age-verification vendors).
I assess three readings: (a) documented coordinated strategy; (b) convergent self-interest; (c) unsupported. My conclusion (graded at the bottom): the liability-shift component is strongly documented as deliberate Meta strategy on the narrow app-store-age-verification front; the broader "amplify the whole agenda as a moat" framing is moderate at best and partly contradicted by Meta's own conduct (it fought the broadest federal bill, KOSA). Net grade: moderate, with one strong sub-claim.
1. Origins: Frances Haugen and the "Facebook Files" (2021)
- Frances Haugen, a former Facebook product manager, leaked tens of thousands of internal documents in 2021; The Wall Street Journal published "The Facebook Files," and she revealed herself on 60 Minutes (Oct 3, 2021), then testified to the Senate Commerce Subcommittee on Consumer Protection on Oct 5, 2021. (NPR; Wikipedia, 2021 Facebook leak)
- The internal slides most cited: ~13.5% of teen girls said Instagram made suicidal thoughts worse; ~17% said it worsened eating disorders. (NPR)
- Skeptic's caveat (graded: well-documented that the research is methodologically limited). The leaked research was largely opinion surveys/interviews, not causal studies; multiple outlets (incl. NPR) flagged that the data are not as conclusive as headlines implied. This nuance matters because plaintiffs later leaned heavily on "Meta knew" — and Meta's defense leans on the softness of its own internal data. (NPR)
Significance: The Haugen documents became the evidentiary spine for nearly every subsequent suit and bill (the "Meta knew" theory).
2. The state AG offensive (2023→2026)
2.1 The 42-AG multistate action (Oct 24, 2023)
- A bipartisan coalition: 33 AGs filed jointly in the N.D. Cal. federal court; 9 more filed in their own state courts/DC — 42 total. Theory: Meta knowingly built addictive features for minors, misrepresented their safety, and violated state consumer-protection law + federal COPPA. (Colorado AG; NY AG James; TechCrunch)
2.2 New Mexico v. Meta and Mark Zuckerberg (filed Dec 2023) — the standout litigation outcome
- AG Raúl Torrez sued Meta and Zuckerberg personally after an undercover op: a decoy "13-year-old girl" profile was inundated with solicitations/CSAM-adjacent content. Theory centered on design-enabled child sexual exploitation, not just addiction. (NM DOJ filing PR; TechPolicy.Press tracker)
- VERDICT — Mar 24, 2026 (Santa Fe): Jury found Meta liable under the New Mexico Unfair Practices Act and assessed the statutory maximum $5,000/violation, totaling $375 million in civil penalties. Described as the first time a state prevailed at trial against a major tech company for harming young people on a stand-alone AG child-safety case. (CNBC; Source New Mexico; NPR)
- Phase 2 (bench, began May 4, 2026): judge to decide public-nuisance liability and whether Meta must fund remediation programs. Injunctive relief sought: mandatory age verification, private-by-default minor accounts, bans on addictive features, a 90-hour/month minor usage cap, accurate CSAM detection, and a court-supervised child-safety monitor. (NM DOJ landmark-verdict PR; TechPolicy.Press interview)
3. The federal MDL — In re: Social Media Adolescent Addiction/Personal Injury Products Liability Litigation, MDL No. 3047, N.D. Cal. (Judge Yvonne Gonzalez Rogers)
Consolidated personal-injury, school-district, AG, and tribal claims against Meta, Snap, TikTok/ByteDance, YouTube/Google. Plaintiffs reframed the case away from content (Section 230 territory) toward defective product design and failure to warn.
| Milestone | Date | Ruling/Outcome |
|---|---|---|
| First MTD order | Nov 14, 2023 | Negligence and design-defect claims survive; Section 230 + First Amendment do not bar claims that "do not implicate publishing or monitoring of third-party content." (DLA Piper; TechPolicy.Press tracker) |
| AG / state-claims MTD | Oct 2024 | Largely denied; some claims limited by §230. (Verus timeline) |
| School-district MTD | Oct 2024 | Key district claims upheld; "derivative injury" rule rejected; failure-to-warn liability preserved. (Levin Law; DiCello Levitt) |
| Scale | Oct 2025 | 2,000+ cases consolidated; growing to 2,600+. (AEI; MDL Update) |
| School-district bellwether settles | May 21, 2026 | Meta settled the Breathitt County (KY) bellwether (selected from 1,200+ district suits) — last defendant to settle after Snap, TikTok, YouTube. Terms sealed. (Law.com; Top Class Actions; Seeger Weiss) |
State-court parallel (not part of the federal MDL but part of the coordinated wave):
- K.G.M. v. Meta & Alphabet/YouTube (L.A. County Superior Court): Mar 25, 2026 jury found both companies negligent in product design; $6M total — $3M compensatory (Meta 70% / Google 30%) + $3M punitive (malice/reckless disregard). Billed as the first civil verdict finding social-media companies negligent for the addictive design of their products. (NPR; ABC7; CalMatters; Wikipedia)
4. Section 230, KOSA, COPPA 2.0, and the Jan 2024 Senate hearing
4.1 The Section 230 pivot
The decisive litigation development is doctrinal: courts (MDL Nov 2023; K.G.M.) accepted the design-defect / failure-to-warn framing as outside §230's content-publisher immunity. This is what converted §230 from a near-total shield into a partial one — and is precisely the legal opening tobacco/opioid-style plaintiffs exploited. (DLA Piper; U. Cincinnati Law Review)
4.2 Jan 31, 2024 Senate Judiciary hearing — "Big Tech and the Online Child Sexual Exploitation Crisis"
- CEOs of Meta, X, TikTok, Snap, Discord testified. Pressed by Sen. Hawley, Zuckerberg stood and apologized to families: "I'm sorry for everything you've all gone through." (Senate Judiciary recap; NBC News; CNBC)
- Key tell for the hypothesis: Snap and X endorsed KOSA; Zuckerberg, TikTok's Chew, and Discord's Citron declined to endorse KOSA in its then-current form — Zuckerberg praised only its "basic spirit." (CNN live)
4.3 KOSA — passed Senate, died in House (twice in the cycle), reintroduced 2025
- Senate passed the KOSPA package (KOSA + COPPA 2.0) 91–3 in July 2024; House Energy & Commerce marked it up but GOP leadership declined to floor it; it failed at end of the 118th Congress. (Wikipedia, KOSA; Issue One; EFF 2024-in-review)
- Reintroduced May 14, 2025 (Blackburn-Blumenthal, w/ Thune & Schumer). (Blackburn PR; EDUCAUSE)
- Lobbying against KOSA (documented): Big Tech led by Meta spent ~$51M across the first three quarters of 2024 to oppose bills like KOSA; ByteDance + Meta together spent >$200k/day in H1 2024; op-ed/letter campaigns with undisclosed tech funding. (Issue One — $51M / campaign; Issue One — $200k/day; Tech Oversight / WSJ)
4.4 COPPA 2.0 and the FTC COPPA Rule
- Legislation: COPPA 2.0 (extends protection to teens <17, restricts targeted ads) rode with KOSA in the Senate-passed package but died in the House. (Wikipedia, KOSA/KOSPA)
- Regulation (this is what actually took effect): FTC finalized amended COPPA Rule 5–0 on Jan 16, 2025 (published Apr 22, 2025; effective Jun 23, 2025; full compliance by Apr 22, 2026) — separate parental consent for third-party/targeted-ad disclosure, data-retention limits, biometric identifiers added. (FTC PR; Federal Register)
5. Meta's own policy positioning — the liability-shift core of the hypothesis
This is where the hypothesis is strongest and best-documented.
5.1 Instagram Teen Accounts (Sep 17, 2024) — the "compliance moat" move
- Default-private accounts for all under-16s (and under-18s at signup); strictest messaging/sensitive-content settings; under-16s need parental permission to loosen settings. Rolled out amid the 42-AG suit and pending KOSA. (Meta newsroom; NPR)
- Analyst read: a self-imposed, controllable compliance baseline — exactly the "manageable moat" the hypothesis predicts an incumbent would build to pre-empt harsher external mandates.
5.2 Backing app-store-level age verification — pushing liability to Apple & Google
This is the clearest documented liability shift.
- Meta (with Snap and X) publicly lobbied for state "App Store Accountability Acts" that put age verification + parental consent on Apple and Google's app stores, not on the individual apps. Joint Meta/Snap/X statement praised Utah for "centralizing it within a device's app store." (Biometric Update; Stoel Rives on Utah SB142)
- Utah SB 142 signed (effective May 7, 2025; compliance by May 6, 2026) — first such law; Meta-supported. Texas SB 2420 (2025) similar. Meta-backed proposals introduced in ~20 states. (Utah enrolled SB0142 PDF; Inside Privacy; Business Standard)
- Apple & Google fought back, explicitly framing it as liability-dumping. Google: "We see the legislation being pushed by Meta as an effort to offload their own responsibilities to keep kids safe." (Business Standard; Insurance Journal/Bloomberg)
- 2026 litigation epilogue (note the role-reversal): Apple, Google, Meta and Amazon — via the CCIA — sued to block the Texas and Utah laws. A federal judge (Pitman) enjoined the Texas law Dec 2025 on First Amendment grounds; the 5th Circuit lifted the injunction May 28, 2026, letting Texas enforce it. CCIA dropped the Utah suit Apr 21, 2026 after Utah amended SB 142 to remove government enforcement (private-suit enforcement only). (Deseret News; MediaPost/5th Cir.; KXAN)
- Caveat for the hypothesis: Meta being a CCIA co-plaintiff against the very laws it lobbied for complicates a clean "Meta wants these laws" story. Best reconciliation: Meta wants app-store-level verification but objects to specific enforcement/liability provisions that also touch developers — i.e., it wants the liability on Apple/Google, not a clean win for the statute as drafted. This is convergent-interest maneuvering, and it slightly weakens a pure "coordinated strategy" reading.
5.3 Lobbying spend (documented, hard numbers)
- Meta federal lobbying: $24.43M (2024), $26.29M (2025) — among the top corporate spenders nationally. (OpenSecrets Meta profile; OpenSecrets 2024 record)
5.4 The "$2 billion / Digital Childhood Alliance dark-money" claim — GRADED: SPECULATIVE
- A viral claim alleges Meta "routed more than $2 billion through nonprofits" (incl. the Digital Childhood Alliance) to push age-verification laws across 45 states. Source is a Reddit/OSINT post citing a self-hosted GitHub "attestation-findings"; no financial documentation, public records, or mainstream corroboration; Meta did not comment. I treat the $2B figure as unsubstantiated. (Winbuzzer; Yahoo aggregation)
- What IS sourced: Meta backed the Digital Childhood Alliance as part of a ~$70M fragmented super-PAC strategy distributing spend across entities — reported via Bloomberg-sourced coverage. The $70M / DCA claim is materially better supported than the $2B claim. (Business Standard/Bloomberg)
6. International record
| Jurisdiction | Action | Status / Outcome |
|---|---|---|
| EU (DSA) | Commission opened formal proceedings vs Meta (FB+IG) on May 16, 2024 re: protection of minors (age verification, addictive design, "rabbit-hole" effects). | Preliminary finding (2026) that Meta breached the DSA for failing to prevent under-13 access and inadequate age verification/risk assessment. Exposure: fines up to 6% of global annual revenue. (Commission, proceedings opened; Commission, preliminary breach finding) |
| UK (OSA / Ofcom) | Protection of Children Codes in force Jul 25, 2025; children's risk assessments due Jul 24, 2025. | Enforcement phase live; Ofcom "actively checking compliance," opening investigations/fines. Meta made grooming-protection changes ahead of the codes. (White & Case; Ofcom) |
| Australia | World-first under-16 ban on major platforms, effective Dec 10, 2025. | Meta began blocking under-16s Dec 4; removed ~550k accounts within a day; publicly argued app stores should bear age-verification responsibility (consistent with §5.2). Industry-wide ~4.7M accounts removed; eSafety later found ~7 in 10 surveyed parents said their child still had an account (enforcement gap). (Al Jazeera; PBS; The Register) |
Pattern worth noting: In both the US (app-store laws) and Australia (the ban), Meta's consistent posture is "hold the app stores accountable for age verification." That cross-jurisdictional consistency is the strongest evidence that the liability-shift is a deliberate, durable strategy rather than a one-off.
7. Historical analogues — tobacco / opioids
- Plaintiffs are explicitly running the tobacco/opioid playbook: reframe addiction as a public-health harm and product-design defect (dodging §230) rather than individual choice or protected content. Jayne Conroy, on the plaintiffs' MDL trial team, was also opioid-MDL counsel and says the "cornerstone of both cases is the same: addiction." (NPR; MultiState; U. Cincinnati L. Rev.)
- Skeptic's counter (graded: contested, credible): AEI argues the tobacco analogy is "deceptively flawed" — no chemical dependency, contested causation, and First Amendment overlay. The analogy is a litigation frame, not an established equivalence. (AEI)
8. Wins / Losses scorecard
For Meta (wins)
| Item | Date | Why it's a Meta win |
|---|---|---|
| KOSA killed in House (118th Cong.) | Dec 2024 | Broadest federal duty-of-care bill stalled; Meta led opposition spend. (Issue One) |
| COPPA 2.0 died in House | Dec 2024 | Teen-privacy / ad-restriction statute failed. (Wikipedia) |
| App-store-accountability laws enacted (UT, TX) | 2025 | Liability for age verification shifted toward Apple/Google. (Inside Privacy) |
| Teen Accounts deployed pre-emptively | Sep 2024 | Self-set compliance baseline. (Meta) |
| §230 still bars content-moderation claims | Nov 2023→ | Partial shield retained for publisher-function claims. (DLA Piper) |
Against Meta (losses)
| Item | Date | Why it's a Meta loss |
|---|---|---|
| §230/1A do not bar design-defect/failure-to-warn | Nov 14, 2023 | Opened the liability door industry-wide. (TechPolicy.Press) |
| MDL MTDs largely denied (states, schools) | Oct–Nov 2024 | Thousands of claims proceed. (Levin Law) |
| NM v. Meta verdict — $375M | Mar 24, 2026 | First state trial win vs Big Tech on child safety. (CNBC) |
| K.G.M. negligence verdict — $6M | Mar 25, 2026 | First negligence finding on addictive design. (NPR) |
| Breathitt County bellwether settled (sealed) | May 21, 2026 | Meta paid to avoid the schools' bellwether trial. (Law.com) |
| EU DSA preliminary breach finding | 2026 | Up to 6%-of-revenue exposure. (EC) |
| Australia under-16 ban | Dec 10, 2025 | Lost the under-16 market segment. (Al Jazeera) |
9. Hypothesis grade: MODERATE (with one STRONG sub-claim)
Strong, documented (sub-claim — liability shift to app stores): Meta's public, multi-state, cross-border advocacy to place age-verification duty on Apple/Google is on the record, named, and dated (Utah SB142, Texas SB2420, ~20-state push, Australia stance). Competitors (Google) explicitly call it "offloading." This is deliberate, coordinated, self-interested liability-shifting — the cleanest confirmation of the hypothesis. (Business Standard; Biometric Update)
Moderate / convergent-interest (the broader "amplify the whole agenda as a moat" claim): Teen Accounts as a self-set compliance baseline fits the "manageable moat" theory. BUT the strong version is partly falsified by Meta's own conduct: Meta fought the broadest federal duty-of-care (KOSA) rather than embracing regulation as a moat, and Meta is a co-plaintiff (via CCIA) against the very app-store laws it lobbied for. That looks less like one master plan and more like opportunistic, issue-by-issue self-interest — supporting rules that shift cost to rivals, fighting rules that expand its own liability.
Speculative / rejected: The "$2B dark-money to Digital Childhood Alliance" claim is not supported (Reddit/OSINT origin, no records, Meta no-comment). The defensible figure is the Bloomberg-sourced ~$70M fragmented super-PAC strategy including DCA. Do not rely on $2B.
Bottom line: (a) "Documented coordinated strategy" is true specifically for app-store age-verification liability-shifting; (b) "convergent self-interest" best describes Meta's overall behavior across KOSA/COPPA/Teen Accounts; (c) "unsupported" applies only to the most maximalist dark-money figure. Hence: moderate overall, strong on the narrow liability-shift thesis.
← Research index · structured data: influence-meta-childsafety.json · influence-meta-childsafety.md