Teen Safety is the Price of Admission for OpenAI and Its Peers

Vaishnavi J is the founder & principal of Vyanams Strategies, a consultancy that advises companies on youth safety.

In a post on its website yesterday, OpenAI previewed parental controls that will allow parents to link their accounts to their teens’ and customize their experiences. It followed two recent posts that sketch its thinking on teenagers’ use of ChatGPT: one on balancing teen safety, freedom, and privacy, and another outlining progress toward age prediction. With three posts on the subject in just two weeks’ time, the company is clearly trying to signal that this is a topic it takes seriously. Strikingly, the one on balancing safety with freedom and privacy was authored directly by Sam Altman, the company’s cofounder and CEO — a sign that teen safety is now a board-level priority at OpenAI, and a central design and policy challenge.

The posts arrive in a particularly fraught environment for the debate over AI and youth wellbeing, against a backdrop of mounting legal challenges and demonstrable harms. AI companies including OpenAI, Replika, and Character.ai all face lawsuits in the US alleging that their “AI companions” can promote self-harm or expose teens to sexualized interactions. Regulators in Europe, meanwhile, have opened inquiries under the Digital Services Act into whether AI systems adequately protect children.

Despite the circumstances in which they were authored, there is much to commend in these posts. OpenAI is unusually candid about the tradeoffs it faces, explicitly calling out the tension it sees between teen safety, freedom, and privacy. It commits to erring on the side of safety when values collide, to defaulting to under-18 safeguards when uncertain, and to rolling out parental controls like linked accounts, blackout hours, and distress alerts. It also makes clear that flirtatious or sexualized talk will be off-limits for minors. These are welcome signals of intent.

So what do OpenAI’s commitments signal for the broader debate about teen safety? From embracing age prediction to explicitly framing safety as sometimes in tension with privacy, how can these principles be implemented in ways that feel supportive rather than alienating for teens? There is plenty to unpack in how we can build AI systems that genuinely serve young users.

Are teen safety and privacy truly zero-sum when it comes to age assurance and parental controls?

OpenAI’s framing of safety and privacy being in tension follows long-held beliefs across industry, sectors of civil society, and government, that this tension is inevitable. And there is good precedent for child safety being used as the cudgel to weaken privacy protections. But this framing, while not entirely wrong, can minimize the many privacy-preserving product and policy options that can also improve safety.

At Vys, we predicted that 2025 would be the year AI companies would need to “implement age-gated features for AI companions to ensure their functionality is appropriately focused on education or entertainment—which may require further internal exploration of age verification.” By committing publicly to age prediction, OpenAI is following a path already taken by platforms like Meta, Tinder, YouTube, Roblox, Discord, and TikTok.

But ChatGPT introduces a twist. Unlike most other platforms, it has no natural friction points: no app store gates, credit card checks, or device-level parental controls. Here, probabilistic prediction isn’t the backstop; it’s the first line of defense, which raises thorny questions. For example: What level of accuracy is “good enough” when a 13-year-old is misclassified as an adult? How should safeguards operate in the gray zones where the system is uncertain? And how can parents, regulators, or teens themselves contest those classifications when the model gets them wrong?

OpenAI won’t be alone in navigating these challenges. Earlier this year, Google announced that it is testing machine-learning models in the US to estimate whether a user is under 18 based on behavioral signals like search history, YouTube viewing patterns, and account age. If the estimate suggests a user is likely a minor, Google applies stricter protections. Together, these moves signal an industry shift: using statistical inference to decide, in real time, whether a user receives adult or teen protections.

That approach may prove workable, but it sharpens the tension between safety and privacy that OpenAI is frank to acknowledge. Safety demands stronger safeguards for teens, but prediction relies on analyzing behavioral signals that edge closer to surveillance. Privacy demands minimizing data collection, but doing so can reduce accuracy, leaving younger teens at risk of slipping through.

The real challenge for the industry will be to innovate and refuse this zero-sum framing. In our age assurance implementation handbook, we unpack not only existing privacy-preserving approaches—like cryptographic proofs, on-device estimation, and federated signals—but also the tradeoffs in accuracy, usability, and regulatory compliance that companies need to weigh. The goal is not to prescribe a single solution, but to help product, policy, and engineering teams see where the field is moving and make informed choices about their age assurance strategy.

How will under-18 safeguards actually feel to teens?

If the debate over age assurance is about who gets access, the next challenge is about what happens inside the interaction itself. AI systems that are increasingly designed to feel like assistants or companions need to consider intimacy as a safety surface in their product design.

Take OpenAI’s promise that ChatGPT will not engage in flirtatious talk with minors. On paper, this looks like an unambiguous safety win. But in practice, the outcome hinges on how the refusal is delivered. A flat, judgmental “no” can leave a teen feeling shut down. A supportive redirect or gentle deflection, by contrast, can preserve trust while steering the conversation away from risk. In our work red teaming AI models for youth harms, we have seen that teens interpret the tone and helpfulness of refusals as signals of whether a system is safe, judgmental, or worth confiding in.

This is why we argue that intimacy itself must be treated as testable. The qualities that make chatbots feel companion-like - 24/7 availability, persistent memory, and unflagging agreeableness - are all product choices. Each can support resilience or entrench harm, depending on how boundaries are designed. And here, human friendship offers a guide: healthy relationships include pauses, moments of gentle challenge, and redirection toward other people or activities. The healthiest AI companions will borrow these same patterns—introducing friction where intensity builds, nudging toward offline supports, and signaling boundaries in ways that feel natural rather than punitive. In red-team engagements, we’ve worked with companies to simulate intimacy scenarios: disclosures of self-harm, grooming scripts disguised as trust-building, or requests to keep secrets from adults. These scenarios don’t just reveal failure points; they show where system defaults can quietly magnify vulnerability.

If intimacy is testable, then outcomes must also be measurable. Counting sessions or message volume tells us little about safety. Yet these remain the dominant reported metrics, where “success” is still defined by time spent, daily active users, or message counts. They rely heavily on after-the-fact signals like moderation flags, user reports, or takedowns—tools designed for peer-to-peer exchanges.

In a social media feed, those numbers may at least serve as a proxy for relevance or popularity. But they are relics of a world built on user–to–user interactions. When applied to user–to– AI system relationships, they obscure more than they reveal. An “AI companion” or virtual chat agent may never generate a piece of reportable “harmful content,” yet still encourage unhealthy dependency, mirror despair, or mishandle a vulnerable disclosure in ways that deepen risk. These harms arise from how the system responds, not whether it produces a specific prohibited artifact.

Consider a simple example. A teen confides to a chatbot that they feel lonely. If the bot responds with empathy and gently nudges toward offline connection, that may reduce repeated risky prompts and support resilience. If, instead, the bot delivers a flat refusal or changes the subject abruptly, the teen may feel dismissed and seek comfort elsewhere—potentially in riskier corners of the internet. Neither one of these scenarios can be captured by current moderation dashboards, but they result in a profound difference in lived experience.

That is why new indicators are needed, ones that reflect the realities of user–system interactions. It is an area we continue to explore at Vys, with some interesting preliminary findings, but much more work is needed in this space, including independent studies conducted by academic researchers with access to platform data.

Conclusion

OpenAI was forced to put teen safety squarely on the agenda following a series of negative headlines and lawsuits, but it deserves some credit for its candor about the tradeoffs it faces, especially at a moment of heightened scrutiny when legal challenges and regulatory inquiries are testing the credibility of every major AI company. The real test now is whether the field can move from principles to practice: building age assurance that protects without surveilling, refusals that feel respectful rather than judgmental, and metrics that capture lived experience rather than just engagement. These will be foundational features for ensuring trust amongst young people, regulators, and parents alike. The scrutiny facing OpenAI today signals that innovation on teen safety is fast becoming the price of admission for operating AI tools.