California lawmakers have passed a bill that seeks to make apps and other online spaces safer for children in the absence of robust federal standards. The bill, if signed, would impose a set of new protections on people under the age of 18 in California, potentially punishing tech companies with thousands in fines for each child affected by a violation.
the bill, California Age-Friendly Design Act, still needs to be signed by California Gov. Gavin Newsom before it becomes law. If signed, its provisions would enter into force on July 1, 2024, giving platforms a window of time to come into compliance.
The new privacy rules will apply to social apps like Instagram, TikTok and YouTube — often targets of criticism for their poor treatment of the safety and mental health of young users – but also of other businesses that offer “an online service, product or feature that is likely to be accessed by children”. This broader definition would extend the bill’s requirements to gaming and educational platforms that children can use, along with any other websites or services that do not expressly limit their use to adults.
The bill defines a child as anyone under the age of 18, urging apps and other online products that may attract minors to introduce more privacy protections for all users under 18, not just the youngest. The federal law that protects children’s online privacy, Children’s Online Privacy Protection Act (COPPA)extends its protection only to children under 13 years of age.
Age-appropriate California… from TechCrunch
Among its requirements, California’s children’s privacy law would prohibit companies from collecting minors’ user data beyond what is absolutely necessary, or from using children’s personal information in any way “substantially harmful to the physical health, the mental health or welfare of a child. ” It will also require affected companies to default users under 18 to the strictest privacy settings, “including by disabling features that profile children using their past behavior, browsing history, or assumptions about their similarity to other children to offer harmful material.”
The bill would also create a new task force dedicated to implementing its requirements, made up of members appointed by the governor and state agencies. California’s attorney general will be empowered to fine companies that violate its rules $2,500 per affected child for any violations deemed “negligent” and $7,500 for willful violations.
“We are very encouraged by today’s bipartisan passage of AB 2273, a monumental step toward protecting California’s children online,” the children’s advocacy organization Common Sense said in a statement Tuesday. “Today’s action by Assemblymembers Weeks, Cunningham and Petrie-Norris sends an important signal about the need to make children’s online health and safety a higher priority for lawmakers and our technology companies, especially when it comes to websites, accessed by young users.”
While there are still many details to be ironed out, the California bill could force the hand of tech companies that have historically prioritized explosive user growth and monetization above all else — and are slow when it comes to -the less lucrative job of verifying the age of their users and protecting young people from online safety and mental health threats. Inspired by UK children’s privacy legislation known as “Age-Friendly Design Code”, current legislation could similarly force tech companies to improve their privacy standards for minors across the board, instead of creating personalized experiences for regionally specific user segments that fall under new legal protections.