An open-source intelligence investigation into Meta age verification lobbying deserves far wider attention than it has received. The BOTE Project, an independent research effort, spent months tracing IRS filings, lobbying disclosures, campaign finance records, and corporate registries across 45 states to map how Meta is shaping age verification legislation in the United States. The findings document a coordinated operation that spent tens of millions of dollars, deployed dozens of lobbyists, funded front groups with no legal registration, and produced model legislationPre-drafted bills written by industry groups or affiliated organizations and introduced by sympathetic lawmakers as if they originated through the normal legislative process. now moving through more than a dozen state legislatures.
The investigation is not ours. The credit belongs entirely to The BOTE Project. What follows is our summary of its key findings on Meta age verification lobbying, verified against public records and reporting where possible, with context on why the mechanism matters.
Meta Age Verification Lobbying: The Louisiana Template
Louisiana House Bill 570, the App Store Accountability Act, offers the clearest window into Meta’s age verification lobbying strategy. According to reporting by Pluribus News and records documented by The BOTE Project, a Meta lobbyist brought the bill text directly to the sponsor, Rep. Kim Carver (R-Mandeville). Carver confirmed this publicly.
The original bill required app stores like Google Play and Apple’s App Store to verify user ages before downloads and link minor accounts to parental accounts. It imposed no requirements on social media platforms. Meta deployed 12 lobbyists across nine firms for this single bill, paying at least $324,992 in disclosed lobbying fees, according to Louisiana ethics filings reviewed by The BOTE Project.
The bill passed 99-0 and was signed by Governor Jeff Landry on June 30, 2025. The pattern is notable: a social media company wrote legislation that regulates app stores but exempts social media platforms.
The Digital Childhood Alliance: A Front Group With No Legal Existence
The Digital Childhood Alliance (DCA) testifies in favor of these bills in state legislatures across the country. It presents itself as a coalition of more than 50 child advocacy organizations demanding app store accountability.
The BOTE Project found that the DCA has no Employer Identification Number, no state incorporation record, and no IRS registration. Its domain was registered on December 18, 2024, and a professional website went live the following day. Bloomberg reported in July 2025 that Meta funds the organization.
Under oath at a a Louisiana Senate committee hearing, DCA Executive Director Casey Stefanski confirmed that tech companies provide funding but refused to name donors, citing the organization’s 501(c)(4) status, a nonprofit category that permits political advocacy without disclosing funders.
The leadership traces to the National Center on Sexual Exploitation (NCOSE). Stefanski spent a decade at NCOSE before leading DCA. Dawn Hawkins, the DCA’s chair, simultaneously serves as NCOSE’s CEO. Three of four senior DCA staff have NCOSE connections, according to The BOTE Project’s findings.
The Model Legislation: ICMEC’s Digital Age Assurance Act
California Assembly Bill 1043, signed by Governor Gavin Newsom in October 2025, is the first state to enact the Digital Age Assurance Act (DAAA), a model bill authored by the International Centre for Missing and Exploited Children (ICMEC). It takes effect January 1, 2027.
The law requires every operating system provider to collect user age information at account setup and expose a real-time API that broadcasts age brackets (under 13, 13 to 15, 16 to 17, 18 and older) to every installed application that requests it, according to Tom’s Hardware reporting and the bill text itself. The definition of “operating system provider” covers anyone who “develops, licenses, or controls the operating system software on a computer, mobile device, or any other general purpose computing device.” That includes Linux distributions and Valve’s SteamOS. There is no exemption for free and open-source software.
Colorado SB26-051 copies the same template. According to ICMEC’s own model legislation document, DAAA-based bills are pending or enacted in Illinois, New York, Kansas, South Carolina, Ohio, Georgia, Florida, Utah, Louisiana, Texas, and at the federal level.
ICMEC’s Finances: A Struggling Organization Writing National Policy
The BOTE Project’s review of ICMEC’s IRS 990 filings, available through ProPublica’s Nonprofit Explorer, revealed an organization in severe financial distress. ICMEC reported negative $2.28 million in net assets, kept solvent by $1.1 million in personal loans from board members. Revenue had declined 24 percent, and staff had shrunk from 21 to 13.
Meta is listed as a confirmed donor of $25,000 or more. The organization’s largest single expense line was $952,000 in “other professional fees,” which The BOTE Project identifies as the DAAA policy work, the model legislation now moving through state legislatures nationwide.
Hilltop Public Solutions: The Bridge Between Tracks
Meta age verification lobbying operates on two parallel tracks: direct lobbying of legislators and electoral spending through super PACsA political committee that can raise and spend unlimited amounts of money for electoral campaigns while remaining nominally independent from candidate campaigns.. According to Axios, Meta contributed $45 million to the American Technology Excellence Project (ATEP), a nonfederal super PAC, and an additional $20 million to a California-specific committee, bringing total super PAC spending to $65 million. TechCrunch described the spending as tens of millions of dollars.
ATEP is co-led by Hilltop Public Solutions, a Democratic consulting firm. The BOTE Project’s finding: Hilltop also coordinates DCA messaging. This makes it the first confirmed entity bridging Meta’s electoral spending and its child-safety advocacy operation, two tracks that otherwise appear independent.
Colorado’s Lobbying Records Reveal the Strategy
Colorado’s Secretary of State requires lobbyists to declare a position on each bill: “Amending” (seeking changes, effectively opposing), “Monitoring” (watching), or “Supporting.” The BOTE Project analyzed Meta’s 117 lobbying records across 22 bills in Colorado’s SODA database.
The pattern embedded in Meta age verification lobbying is clear: Meta takes an “Amending” position on every bill that regulates social media platforms. On SB26-051, the DAAA-template bill that regulates operating system providers, Meta’s four registered lobbyists take a “Monitoring” position. Meta fights bills that regulate Meta. Meta watches bills that regulate everyone else.
The International Dimension
The BOTE Project documented international parallels to Meta age verification lobbying in the United States. In Brazil, Meta representative Tais Niffinegger appeared at two congressional hearings on the Digital ECA bill, personally invited by the bill rapporteur. Industry lobbying stripped a loot box ban from the legislation; the Senate later restored it, according to records from Brazil’s open congressional data portal.
Separately, the investigation found that ConnectSafely, a California-based nonprofit on Meta’s Safety Advisory Board since its 2009 formation, wires approximately $100,000 per year to an unnamed UK organization. The BOTE Project identifies the most likely recipient as Childnet International, which also sits on Meta’s Safety Advisory Board. Childnet faces calls for a UK Charity Commission investigation over allegations of censoring young ambassadors who criticized funder Snapchat.
The investigation notes a structural pattern in Meta age verification lobbying: general international lobbying goes through global firms with multinational footprints, while child safety and age verification advocacy goes through state-level specialists with zero international presence. Complete compartmentalization.
The EU Contrast
The European approach to age verification provides a useful comparison. The EU’s eIDAS 2.0 regulation, set for implementation in 2026, uses the European Digital Identity Wallet with zero-knowledge proofsA cryptographic method where a user can prove they meet an age threshold or other requirement without revealing their exact age, identity, or any other personal data., a cryptographic method where a user can prove they meet an age threshold without revealing their exact age or any other personal data. Google has open-sourced its ZKP libraries under the Apache 2.0 license for this purpose. Six member states are currently piloting the system, according to the European Age Verification Solution documentation.
The EU framework exempts free and open-source software. It costs nothing to implement. It places the compliance burden on platforms with 45 million or more users.
The US bills shaped by Meta age verification lobbying, by contrast, mandate commercial verification vendors (Yoti, Veriff, Jumio) with proprietary SDKs and cloud-only infrastructure. They place the burden on operating system providers, not on the social media platforms whose content prompted the legislation. As we have previously covered, this pattern, where industry shapes the legislation meant to regulate it, is a well-documented feature of the regulatory captureThe process where a regulated industry shapes the legislation meant to regulate it, often resulting in rules that benefit the industry more than the public interest. cycle.
The Electoral Spending
Beyond direct lobbying, The BOTE Project documented more than $70 million in state-level super PAC spending structured across multiple entities to avoid the FEC’s centralized federal database. Nineteen of 20 Meta-backed candidates won their races, according to campaign finance records compiled by the investigation. OpenSecrets data shows Meta spent a record $26.3 million on federal lobbying alone in 2025, deploying more than 86 lobbyists across 45 states.
What This Means
The BOTE Project’s investigation documents a pattern in which Meta age verification lobbying simultaneously funds the advocacy groups pushing for legislation, writes the bill text that legislators introduce, spends tens of millions on elections, and benefits from laws that regulate competitors while exempting Meta’s own platforms.
None of this is necessarily illegal. Age verification legislation raises genuine questions about child safety, and the policy debate over who bears compliance costs is legitimate. But the investigation raises a basic transparency question: when the company funding the advocacy, writing the legislation, and spending on the elections is also the company exempted from the resulting law, voters and legislators deserve to know.
The full investigation, including 245 documented findings with source citations, is freely available at tboteproject.com. The underlying data is published in an open repository at tboteproject.com/git/hekate/attestation-findings.
