App and website developers shouldn't be burdened with extra costly liability to make sure someone's kids don't read a curse word, parents can use the plethora of parental controls on the market if they're that worried.

App and website operators should add one static header. [1] That's it, nothing more. Site operators could do this in their sleep.

User-agents must look for said header [1] and activate parental controls if they were enabled on the device by a parent. That's it, nothing more. No signalling to a website, no leaking data, no tracking, no identifying. A junior developer could do this in their sleep.

None of this will happen of course as bribery (lobbying) is involved.

[1] - https://news.ycombinator.com/item?id=46152074