· Rostered Team

KOSA and Youth Sports: What the Kids Online Safety Act Means for Your Club

The Kids Online Safety Act is moving through Congress. Here's what it could mean for youth sports clubs and the software they use.

There’s a wave of federal legislation aimed at protecting children online, and the Kids Online Safety Act (KOSA) is at the center of it. If you’re running a youth sports club and using any kind of online platform, it’s worth understanding what’s coming and how it might affect you.

What Is KOSA?

The Kids Online Safety Act is a bipartisan bill that’s been introduced multiple times since 2022. It passed the Senate in 2024 and is now moving through the House as part of a broader package of children’s online safety legislation. The 2025 version was introduced as both H.R. and S. 1748.

KOSA’s core requirements apply to “covered platforms” — online services that connect users and allow them to create profiles, upload content, or interact with each other. Think social media, but the definition is broader than you might expect.

Key Requirements

Duty of care

Covered platforms must exercise “reasonable care” in their design features to prevent and mitigate harms to minors, including:

  • Mental health harms — anxiety, depression, eating disorders, substance abuse
  • Bullying and harassment
  • Sexual exploitation
  • Promotion of self-harm or suicide

Safety tools for minors

Platforms must provide minors with options to:

  • Protect their information and limit who can contact them
  • Disable addictive design features like autoplay, push notifications, and infinite scroll
  • Opt out of personalized algorithmic recommendations

Parental controls

Parents must have tools to supervise their minor children’s use of the platform, including the ability to control privacy and safety settings.

Transparency

Platforms must publish annual reports describing the risks their service poses to minors and the steps taken to mitigate those risks.

Does KOSA Apply to Youth Sports Apps?

This is the important question, and the answer is nuanced.

KOSA targets platforms with design features that encourage minors to spend more time on the platform — algorithmic feeds, autoplay, notifications designed to increase engagement, and similar patterns. The bill is primarily aimed at social media and content platforms.

A purpose-built sports management tool — scheduling, RSVP, roster management — is fundamentally different from a social media feed. You’re not trying to maximize screen time; you’re trying to help coaches run practice.

That said, features like team messaging (huddles), notification systems, and content feeds could bring some platforms closer to KOSA’s scope depending on how they’re implemented.

Where youth sports apps should pay attention

  1. Messaging features — If your platform has group chat or messaging for teams, consider whether it includes any engagement-maximizing design patterns. Read receipts, typing indicators, and notification urgency settings are all design choices that affect how minors interact with the app.

  2. Push notifications — KOSA specifically calls out notifications as a design feature that can increase time spent on a platform. Youth sports apps send legitimate notifications (schedule changes, RSVP reminders), but the design should be purposeful, not engagement-farming.

  3. Algorithmic recommendations — If your app recommends content, clubs, or activities to users, that could fall under KOSA’s algorithmic transparency requirements. Most sports management tools don’t do this, but it’s worth considering as platforms add features.

  4. Age verification — While KOSA itself doesn’t explicitly require age verification, the broader legislative package (including the App Store Accountability Act) is pushing toward account-level age verification for minors. Four states have already signed versions of this into law.

COPPA 2.0 Is Coming Too

Alongside KOSA, Congress is considering COPPA 2.0 (HR 6291), which would:

  • Raise the age of coverage from under 13 to under 17
  • Prohibit targeted advertising directed at children and teens
  • Require explicit consent from users aged 13-16 before collecting personal information
  • Mandate an “eraser button” for parents and teens to delete personal data
  • Establish a Youth Marketing and Privacy Division within the FTC

If COPPA 2.0 passes, the privacy landscape for youth sports apps changes significantly. Instead of only worrying about athletes under 13, you’d need to consider privacy protections for every minor on your platform.

What This Means for Club Administrators

Even if these laws primarily target social media companies, they signal a broader shift in how society thinks about children’s online experiences. Club administrators should:

1. Choose software that takes privacy seriously

Look for platforms with clear privacy policies, data retention limits, and parental controls. The regulatory environment is only getting stricter.

2. Be intentional about what data you collect

Do you actually need every athlete’s date of birth, school name, and photo? Collect what you need to run the club, not everything you can.

3. Review your messaging policies

If your club uses in-app messaging, establish guidelines for appropriate use. Consider whether minor athletes need direct messaging capabilities, or whether guardian-mediated communication is sufficient.

4. Have a data deletion process

When families leave the club, their data should leave too. Make sure your platform supports this and that you actually use it.

Rostered’s Position

We built Rostered as a tool for club operations, not engagement maximization. Our design philosophy is straightforward: help clubs manage their programs, communicate with families, and get out of the way.

We don’t use algorithmic recommendations to keep users scrolling. We don’t design notifications to create urgency where none exists. We don’t monetize user data or serve targeted ads. These aren’t just nice principles — they’re the kind of design choices that keep a platform on the right side of legislation like KOSA.

As the regulatory landscape evolves, we’re committed to staying ahead of it — not scrambling to catch up. We already comply with existing COPPA requirements through our guardian-mediated model, and we’re tracking KOSA, COPPA 2.0, and related state laws closely.

Your club should be focused on developing athletes, not worrying about data privacy compliance. That’s our job.

Want to learn more about how Rostered handles privacy and safety? Check out our COPPA compliance guide or contact us.

Ready to simplify how your team stays organized?

Get Rostered →