Kids Over Clicks: Michigan Senate Passes New Online Privacy Package

The digital frontier has long been described as a “Wild West” for the youngest generation, but the Michigan Senate has just deployed a legislative sheriff to the territory. On April 29, 2026, state lawmakers passed the Kids Over Clicks privacy protection package, a suite of bills that fundamentally reorders the power dynamics between Silicon Valley giants and Michigan families. This legislative move, reported in detail on April 30, signifies one of the most aggressive state-level interventions into the “attention economy” to date, aiming to dismantle the addictive architectures that define modern social media.

The Anatomy of Kids Over Clicks: A Multi-Pronged Offensive

The Kids Over Clicks package is not a single law but a comprehensive regulatory framework comprised of several interconnected Senate Bills (SB 757–760). By targeting different facets of the digital experience—from algorithmic feeds to AI chatbots—the legislation seeks to create a “safety-by-design” environment for minors. The core pillars of the package include:

• The Stop Addictive Feeds Exploitation (SAFE) for Kids Act (SB 757): This bill takes direct aim at the “addictive” nature of social media. It prohibits platforms from serving personal data-driven, algorithmic feeds to minors unless explicit parental consent is obtained.
• The Michigan Kids Code (SB 758 and 759): Based on the principles of the UK’s Age Appropriate Design Code, these bills mandate “privacy-by-default.” Platforms must automatically configure minor accounts to the highest possible privacy settings upon creation.
• The Leading Ethical AI Development (LEAD) for Kids Act (SB 760): Addressing the newest frontier of tech, this act restricts minors’ access to “predatory” AI chatbots that could encourage self-harm, illegal activities, or sexually explicit interactions.

The passage of Kids Over Clicks represents a major victory for advocates who argue that Big Tech has prioritized engagement metrics over the neurological and psychological well-being of children. State Senator Kevin Hertel, a primary co-sponsor, summarized the sentiment during the floor debate, stating that parents should not be forced to fight “billion-dollar algorithms” alone.

Technical Deep Dive: Privacy-by-Default and Data Minimization

At the heart of the Kids Over Clicks legislation is a shift toward technical “privacy-by-default” configurations. For too long, platforms have used “dark patterns”—manipulative user interface designs—to nudge younger users into sharing more data than necessary. The Michigan Senate’s package effectively outlaws these practices for users under 18.

Under the new rules, a platform must ensure that a minor’s account profile is, by default, not discoverable via search engine indexing. Furthermore, the legislation restricts the collection of precise geolocation data. Platforms are prohibited from processing a minor’s location unless it is “strictly necessary” for the core functionality of the service—and even then, it cannot be active by default. This technical mandate directly impacts the metadata trail generated by browsing habits, ensuring that a child’s physical movements and digital footprints are not commodified for advertisers.

The “Absolute Minimum” Rule for Age Verification

One of the most contentious aspects of online safety legislation is the paradox of age verification: to protect a child’s privacy, companies often demand more data (such as government IDs or biometric scans) to prove they are a child. Kids Over Clicks addresses this through a strict data minimization and deletion protocol.

1. Platforms are restricted to storing only the “absolute minimum” amount of personal data required for the sole purpose of age verification.
2. Mandatory Deletion: Any data collected specifically for age verification or parental consent must be deleted within 60 days of the verification process. In some instances, for non-recurring consent, the data must be purged immediately after use.
3. Zero Re-Purposing: Companies are legally barred from using age-verification data for marketing, profiling, or any secondary commercial purpose.

This technical safeguard is intended to prevent the creation of “honeypots” of sensitive minor data that could be targeted by hackers or sold to third-party data brokers. By forcing a “verify-and-delete” model, Michigan is setting a technical standard that many privacy experts hope will become a blueprint for federal legislation.

Dismantling the Addictive Feed: Algorithmic Regulation

Perhaps the most revolutionary component of Kids Over Clicks is its regulation of the “addictive feed.” In technical terms, social media platforms use “reinforcement learning” algorithms that analyze millions of data points—hover time, scroll speed, and interaction history—to predict what will keep a user on the app longer. For developing adolescent brains, these dopamine-loop architectures can be particularly damaging.

The SAFE for Kids Act requires that for any user under 18, the default feed must be chronological rather than algorithmic. This means the platform cannot use the minor’s personal data to curate a “suggested” list of content designed to maximize screen time. If a platform wishes to use an addictive, data-driven feed, they must first obtain verifiable parental consent. This shifts the burden of proof and the “opt-in” requirement onto the tech companies, essentially breaking the automated loop that characterizes apps like TikTok and Instagram.

Empowering Parents: Audit Tools and Notification Blockers

Beyond data privacy, Kids Over Clicks provides parents with a granular toolkit to manage their children’s digital health. The legislation mandates that platforms provide an “obvious and accessible” dashboard for parents to audit their child’s privacy settings and account activity.

The Notification Curfew: A standout feature of the package is the ability for parents to block all platform notifications during specific windows. By default, the legislation suggests blocking notifications during school hours (typically 8:00 AM to 3:00 PM) and overnight (10:00 PM to 6:00 AM). This is a direct response to educators’ concerns that constant “pings” from social apps are disrupting the learning environment and contributing to sleep deprivation among teens.

Furthermore, platforms must provide an annual independent audit report to the Michigan Attorney General. This report must detail how the platform’s design choices impact the safety and privacy of minors, providing a level of transparency that has historically been shielded behind “proprietary algorithm” claims.

Enforcement, Fines, and the “Cost of Doing Business”

Legislation is only as strong as its enforcement mechanism. The Kids Over Clicks package empowers the Michigan Attorney General to bring civil actions against non-compliant platforms. The financial stakes are designed to be more than just a “cost of doing business” for Big Tech.

• Maximum Fines: Penalties range from $5,000 to $50,000 per violation. In the context of millions of users, these fines can quickly scale into the hundreds of millions for systemic failures.
• Effective Date: While the bills passed in April 2026, the primary provisions of the Kids Code Act are set to take effect on July 1, 2026.
• Grace Period for Compliance: Civil fines for specific violations will officially commence on January 1, 2027, giving platforms an eight-month window to re-engineer their systems for the Michigan market.

The revenue generated from these civil fines is earmarked for the “Age-Appropriate Design Code Enforcement Fund,” ensuring that the state has a self-sustaining budget to continue monitoring tech compliance and investigating consumer complaints.

Constitutional Hurdles and Industry Pushback

Despite the momentum behind Kids Over Clicks, the path to implementation is fraught with legal challenges. Industry trade groups, most notably NetChoice—which represents giants like Google, Meta, and TikTok—have already signaled that they may challenge the law on First Amendment grounds.

The core of the legal argument against such “Kids Codes” usually centers on the idea that age verification requirements infringe upon the anonymous free speech rights of both adults and minors. Opponents also argue that the definitions of “addictive” or “harmful” content are overly broad, potentially leading to the censorship of legitimate information. During the Senate hearings in March 2026, NetChoice counsel argued that the package would expose taxpayers to significant litigation costs while failing to actually improve safety.

However, proponents of the Michigan bill point to the 2024 and 2025 legal evolutions in California and the UK, where “design-based” regulations (as opposed to content-based ones) have seen more success in surviving judicial scrutiny. By focusing on data practices and privacy settings rather than specific speech, Michigan lawmakers believe they have crafted a “constitutionally resilient” framework.

A National Tipping Point?

The passage of the Kids Over Clicks package in Michigan comes at a time when the federal “Kids Online Safety Act” (KOSA) continues to face gridlock in Washington. Michigan now joins a growing coalition of states—including California, Florida, and Ohio—that are tired of waiting for federal action.

What makes the Michigan legislation particularly formidable is its technical specificity. By mandating privacy-by-default and the immediate deletion of verification metadata, Michigan is forcing Big Tech to make a choice: either create a “Michigan-specific” version of their apps or—more likely—change their global architecture to meet the highest common denominator of state regulation.

As the “Ninja Editor,” it is clear that the Kids Over Clicks package is a decisive strike against the unfettered data harvesting of the past decade. It recognizes that in the digital age, privacy is not just a personal choice, but a design requirement. For Michigan’s children, the “Wild West” is finally getting some long-overdue boundaries.