After Liability: Why the Landmark Social Media Verdicts Aren’t a Regulatory Fix

Megan Shahi a visiting fellow at the Tech & Public Policy Program at Georgetown University’s McCourt School of Public Policy. Gregory Shelby is a Master of Public Policy student at Georgetown. Helena Monsivais is a is a Master of Data Science for Public Policy student at Georgetown.

In March, a California jury found Meta and YouTube liable for harm caused by the design of their platforms, pointing to features like infinite scroll and algorithmic recommendations as contributing to a young user’s mental health struggles. The verdict has been framed as a long-awaited moment of accountability for companies that have largely avoided legal consequences in the US for harms linked to their products. Some have even drawn comparisons to the early cases against Big Tobacco, suggesting this could mark the beginning of a broader reckoning over how addictive digital products are designed and deployed.

But the most important question is not what the jury decided: it is what happens next.

K.G.M. (the plaintiff in the case) began using YouTube and Instagram as a minor and later described her relationship with social media as compulsive, linking it to anxiety, depression, and body dysmorphia. In 2023, she sued Meta and Google, alleging that their platforms were engineered to maximize engagement through features such as infinite scroll, algorithmic recommendations, and autoplay. Critically, the suit targeted platform architecture rather than user content, a strategic move that allowed plaintiffs to circumvent Section 230, the federal provision that shields platforms from liability for what users post.

K.G.M.'s case is one of two bellwether cases where tech platforms have been found liable for harming children. According to the American Association of Justice, there are “more than 10,000 individual cases and nearly 800 school district claims,” alleging social platforms were “engineered to addict children and teenagers,” that are currently pending nationwide.

While the verdict from the case assigns responsibility, it does not define what compliance looks like, which design choices must change, what level of risk is acceptable, or how platforms should operate differently going forward. In the absence of those answers, one thing becomes clear: Liability alone is not enough.

That limitation should not obscure the significance of the moment. K.G.M. v. Meta could represent a meaningful shift in how platform harms are understood and addressed. By recognizing that product design can give rise to liability, the case breaks through a legal barrier that has long constrained accountability in the US. It validates years of research and advocacy pointing to the role of platform architecture in shaping user behavior and well-being. In that sense, the verdict is not an endpoint, but a foundation, establishing a shared understanding that should form the base of future legislation.

But that foundation is incomplete. While the case marks a new level of accountability, it leaves several critical questions unanswered, starting with how to meaningfully hold companies of this size accountable. Meta’s revenue exceeded $200 billion in 2025; the $4.2 million in damages represents a negligible fraction of that total, roughly equivalent to a $2 purchase for someone earning $100,000 annually. Penalties of this scale are unlikely to drive meaningful behavioral change.

Yet even significantly larger fines would not resolve the underlying issue: the absence of clear guidance on what platforms are required to do differently. The verdict identified certain design features as harmful, but did not specify how they should be modified, whether they should be removed, or what adequate protections and acceptable risk would entail. Given that all platforms involve some level of risk, these gaps underscore a central limitation of relying on litigation. It can identify harm, but not define safe design.

Litigation alone produces a fragmented and reactive system of accountability. Different juries may reach different conclusions, forcing platform accountability to develop through a motley quilt of inconsistent legal standards. Courts are also inherently backward-looking, addressing harms after they occur rather than setting expectations for future design. And because cases are narrowly scoped, their findings rarely translate into comprehensive guidance for platform governance. In effect, courts are beginning to define the boundaries of acceptable platform design, but doing so one case at a time.

In the absence of policy intervention, this fragmentation leaves companies facing legal exposure and a lack of clear standards. That uncertainty risks uneven protections across jurisdictions and allows harms to persist as cases move slowly through the courts. At the same time, platform accountability currently has rare bipartisan momentum, and prolonged ambiguity risks eroding that consensus and making reform harder to achieve.

The shift represented by K.G.M. v. Meta creates a timely opportunity for proactive legislation. If courts cannot define safe design at scale, that responsibility must fall on policymakers. The lessons from K.G.M. v. Meta point to the need for a shift away from reactive liability toward ex ante governance, guided by two priorities: establishing a resilient oversight structure and creating enforceable design-based accountability standards.

Currently, no single agency has the authority or technical expertise to govern platform design. The Federal Trade Commission, whose mandate centers on unfair and deceptive practices, was not designed with complex algorithmic systems in mind. A more durable solution would involve either the creation of a new dedicated regulatory body or the expansion of an existing agency’s authority and capacity to set and enforce design standards.

Some critics argue that stricter regulation would stifle innovation and risk infringing civil liberties. But a design-focused regulatory approach does not regulate free speech; it governs the architecture through which that speech is delivered. Further, clarity benefits companies as much as users. Clear regulatory standards provide predictability, reduce legal risk, and create a level playing field across the industry. In that sense, a defined set of rules is less burdensome than an open-ended exposure. The question then shifts from whether to regulate to how to do so with sufficient specificity.

Legislative proposals, including the Kids Online Safety Act (KOSA) and the recently introduced Kids Internet and Digital Safety (KIDS) Act, offer competing models for how policymakers are engaging with these questions. Both bills attempt to address risks to minors by introducing obligations on platforms to mitigate harm, while reflecting ongoing debates about how to translate broad duties into actionable standards. KOSA establishes a general duty of care to prevent specific harms such as suicide, eating disorders, and compulsive usage. However, critics argue that the bill would threaten young people’s privacy and deprive vulnerable groups of access to vital resources.

The KIDS Act, meanwhile, eschews a general duty of care, requiring platforms to observe "reasonable policies, practices, and procedures." This could allow companies to satisfy the law through procedural compliance, leaving the KIDS Act without sufficient teeth to force significant design changes. These approaches illustrate both the promise and the challenge of design-focused regulation. Effective frameworks need to balance flexibility with clarity, ensuring that obligations are adaptable to evolving technologies while still providing platforms with sufficiently concrete guidance to shape product design.

The EU’s Digital Services Act (DSA) offers a useful point of comparison. Rather than relying on after-the-fact liability, it imposes prospective obligations on many prominent social media platforms, requiring them to assess and mitigate systemic risks, including those to minors, before harm occurs. It mandates regular risk assessments, independent audits, and greater transparency around how recommendation systems operate.

Crucially, the DSA focuses on platform design and process, not solely on content. However, regulations akin to the DSA would be challenging to implement in the US in the near-term for political–if not practical–reasons. The House Judiciary Committee, under the leadership of Rep. Jim Jordan (R-Ohio), produced a February 2026 report describing the DSA as having been “weaponized” for global censorship. The US need not replicate the DSA wholesale to recognize aspects that highlight what is missing from the current domestic framework.

Litigation can surface harm, but regulation can require platforms to assess and reduce risk systematically. As the case makes clear, identifying harmful features is only the first step. The next step is building a regulatory structure that requires platforms to evaluate risk proactively, implement safeguards, and demonstrate compliance on an ongoing basis. Without that shift, accountability will remain episodic and incomplete.

Artificial Intelligence represents a technological revolution likely even more significant than social media — and it is already repeating many of the same harms. Take the case of Sewell Setzer, a 14-year-old who died by suicide after developing a dependency on an AI companion chatbot designed to maximize engagement. The system lacked adequate safeguards for minors, the company was aware of risks, and meaningful safety measures were implemented only after a child's death. There is a growing recognition that social media governance was largely reactive, forcing society to correct failures after harm occurred. AI presents an opportunity to apply those lessons earlier, by building proactive, design-focused regulatory frameworks and shortening the timeline to safety.

At its core, this is not just a technical or legal challenge: it is a values question. The debate over platform design is often framed in terms of feasibility or innovation, but the more fundamental issue is how we define acceptable risk. Every design decision reflects a set of trade-offs: between innovation and safety, engagement and well-being, corporate incentives and the public interest. The verdict in K.G.M. v. Meta provides something policymakers have long lacked: a clear determination that these systems can produce real-world harm.

But assigning responsibility is not enough. The next step is to decide which harms are unacceptable, and to translate those judgments into enforceable rules. Without that step, the boundaries of acceptable technology will continue to be shaped not by deliberate policy choices, but by the uneven outcomes of litigation.