That issue exists with the current proposal as well or any proposal that leaves the enforcement on the website.

I think in addition to what OP said, the browser/device should let you set hard domain-level filters which are enforced by the browser/device.

This will not be ideal for applications / sites with mixed content, but gives the parent / guardian more control.