My next guest is Andrew Zach, Senior Policy Counsel at the Family Online Safety Institute (FOSI), where he works at the intersection of technology, privacy law, and child online safety policy in Washington, DC. In this Tech‑Savvy Lawyer.Page episode, we unpack what family‑centered online safety really means for practicing attorneys, from intake forms and client portals to law practice management systems, social media, and rapidly evolving AI chatbots. Andrew explains COPPA and the proposed COPPA 2.0, explores how states and countries are experimenting with age assurance, and offers practical guidance for lawyers who handle sensitive images, minors’ data, and AI‑driven tools while staying compliant and supporting parents. If you are an attorney, legal professional, or a tech‑curious parent, this conversation will help you make smarter, safer choices about how you use technology in and around your law practice.

Join Andrew and me as we discuss the following three questions and more! ⚖️💻

What are the top three practical steps every lawyer should take to bake in family‑centered online safety when designing client‑facing tech, websites, portals, intake forms, messaging, and social media?
What are the top three technology tools or configurations law firms should implement to better protect children and teens who may be affected by legal technology, whether they are direct clients in a family matter or simply sharing devices with adult clients?
If you were advising bar associations and practice‑area leaders, what would be the top three CLE or policy priorities to ensure lawyers responsibly use AI, client portals, and other digital tools while supporting parents and caregivers in keeping families safe online?

In our conversation, we cover the following ⏱️

00:00 – Welcoming Andrew and his current tech setup: MacBook Pro, external monitor, iPhones, and wired Bose headphones 🎧
01:00 – What is FOSI and how it works across policy, digital parenting, and industry best practices to keep families safer online 🌐
02:00 – COPPA basics: verifiable parental consent for under‑13 data, why COPPA is dated, and the patchwork of state privacy laws filling the federal gap 📜
03:00 – California privacy leadership, international regimes (like Europe), and why the US needs a comprehensive data privacy law with limits on collection, use, storage, and sale of personal data 🧩
04:00 – HIPAA, SOC 2, agentic AI chatbots on legal websites, and why notice, consent, and data minimization matter for law firms adopting AI‑driven intake and support tools 🤖
05:00 – Data minimization as a safeguard when storage or breaches go wrong; retention and disclosure issues in worst‑case scenarios 📂
05:30 – Handling sensitive images in legal practice (family photos, abuse evidence) and why state‑by‑state rules make it hard to manage online safety and data privacy consistently 🧾
06:00 – Why a stronger federal law is needed, and what COPPA 2.0 (Children and Teens Online Privacy Protection Act) could change, including raising the age of digital consent and protecting teens from targeted advertising 🎯
07:00 – Everyday scenarios: sharing kids’ photos with family, private messaging vs social media, and why limiting audience and avoiding “questionable” content is critical 👨‍👩‍👧‍👦
08:00 – Why “private” Facebook accounts with many friends still are not private enough for potentially risky images and what safer sharing looks like 🔒
09:00 – Keeping audiences limited in litigation and family law contexts while complying with legal guidelines for highly sensitive evidence 📁
10:00 – Defining age assurance vs age verification, and how tools like facial age estimation, IDs, and self‑declaration fit into online safety compliance 🧑‍💻
11:00 – International and US examples: UK social media age checks, Australia’s age assurance trials, and Texas cases on adult sites and app‑store‑level verification ⚖️
12:00 – Free Speech Coalition v. Paxton upholding age verification for adult sites versus the App Store Accountability Act’s broader mandate and why it was enjoined 🏛️
13:00 – Financial harm to parents from kids’ unsupervised app purchases and concerns about access to “harmful content” through apps and social media 💳
14:00 – Is there such a thing as “age insurance”? Exploring liability, coverage, and why Andrew is not aware of a product like that 🧾
15:00 – Apple vs Facebook on data tracking: long terms of service, Apple’s “Ask App Not to Track” pop‑up, and “arms race” messaging around personalization and privacy 📲
16:00 – Communicating data practices clearly to users and kids; age‑appropriate disclosures and the role of legislation in requiring plain‑language privacy notices 🧠
17:00 – “Kids’ accounts” on platforms like Instagram, retrofitting protections vs safety by design, and what private‑by‑default, constrained communication can look like for teens 🧒
18:00 – Culture of responsibility: six entities in online safety (industry, policymakers, law enforcement, educators, kids, and families) and FOSI’s free digital parenting resources 📚
19:00 – Why expecting parents to customize every app setting is unrealistic and how safety‑by‑design and data‑minimization can reduce that burden 🛠️
20:00 – Parental responsibility vs platform responsibility, and how making parental controls easier (e.g., YouTube teen account setup time) can encourage meaningful engagement 👪
21:00 – Recent cases in New Mexico and California: addiction, mental health, platform design, and new legal strategies targeting harms beyond specific content 🧑‍⚖️
22:00 – The Joe Camel analogy, marketing to kids, and why FOSI avoids equating social media directly with tobacco while still pushing for better design safeguards 🚭
23:00 – Features like “take a break” and limits on infinite scroll; designing for vulnerable users and younger audiences from the outset 🧱
24:00 – AI chatbots in legal practice: risks of emotional dependence, mental health harms, and why unregulated bots should not replace trained professionals in sensitive contexts 🧩
26:00 – How often teens and families are using generative AI, and the emerging theme of stricter rules or disclosures for legal, medical, and financial advice from chatbots 🧮
27:00 – Disclaimers and transparency for client‑facing chatbots on law firm sites; state‑by‑state experimentation and potential new duties for lawyers using AI in practice 💬
28:00 – The White House’s national AI policy framework, its child‑safety focus, and the need for congressional action, preemption questions, and national standards 🇺🇸
29:00 – Why bar associations and lawyers should track AI policy developments closely as they intersect with ethics, confidentiality, and family online safety 🔍
30:00 – FOSI’s “good digital parenting” resources, device agreements, and practical scripts for setting expectations with kids about devices and online behavior 📄
31:00 – Where to find Andrew online, including FOSI’s website and his “Andrew the Policy Guy” content on LinkedIn and TikTok 📲