Evaluating the Effectiveness of OpenAI's Parental Control System
Kerem Ersoz, Saleh Afroogh, David Atkinson, Junfeng Jiao
TL;DR
This paper evaluates the effectiveness of platform-level parental controls for a mainstream child-facing conversational AI using a two-phase protocol that combines API-based PAIR-style prompt refinement with consumer UI replay under a monitored parent inbox. It defines seven harm categories and four safety-outcome metrics (NR, LR, OBR, UIR) and compares current backend performance against legacy GPT-4.1 and GPT-4o models. The findings show that parental notifications are selective, with zero alerts for several high-risk categories, and reveal a policy–product gap where on-screen safeguards do not consistently translate into parent-facing telemetry, alongside substantial overblocking of benign educational content. The authors propose actionable fixes, including expanding the notification taxonomy, coupling visible safeguards with privacy-preserving parent summaries, and prioritizing calibrated safe rewrites over blanket refusals, with future work extending multilingual coverage and longer-context evaluations to better support families.'
Abstract
We evaluate how effectively platform-level parental controls moderate a mainstream conversational assistant used by minors. Our two-phase protocol first builds a category-balanced conversation corpus via PAIR-style iterative prompt refinement over API, then has trained human agents replay/refine those prompts in the consumer UI using a designated child account while monitoring the linked parent inbox for alerts. We focus on seven risk areas -- physical harm, pornography, privacy violence, health consultation, fraud, hate speech, and malware and quantify four outcomes: Notification Rate (NR), Leak-Through (LR), Overblocking (OBR), and UI Intervention Rate (UIR). Using an automated judge (with targeted human audit) and comparing the current backend to legacy variants (GPT-4.1/4o), we find that notifications are selective rather than comprehensive: privacy violence, fraud, hate speech, and malware triggered no parental alerts in our runs, whereas physical harm (highest), pornography, and some health queries produced intermittent alerts. The current backend shows lower leak-through than legacy models, yet overblocking of benign, educational queries near sensitive topics remains common and is not surfaced to parents, revealing a policy-product gap between on-screen safeguards and parent-facing telemetry. We propose actionable fixes: broaden/configure the notification taxonomy, couple visible safeguards to privacy-preserving parent summaries, and prefer calibrated, age-appropriate safe rewrites over blanket refusals.
