California Gov. Gavin Newsom has signed the California Age Appropriate Design Code Act into law, enacting broad online safeguards for children under the age of 18.
Companies are prohibited from leading children to provide personal information online, using children’s personal information, collecting, selling, or retaining children’s geolocation details, or profiling children under the bipartisan legislation. Businesses will also be required to complete a data protection impact assessment and provide it to the attorney general before offering new online services that are likely to be accessed by children.
Newsom described it as “aggressive action… to protect our children’s health and well-being.”
A Children’s Data Protection Working Group will also be formed, with the goal of reporting to the legislature in January 2024 on how to best implement the new law, which takes effect that year.
The California Senate passed the bill unanimously at the end of August. Companies that violate the new rules face fines of up to $7,500 per child affected.
Buffy Wicks, a Democrat who co-sponsored the bill, stated that it is about ensuring that “Silicon Valley’s most powerful companies redesign their products in the best interests of children.”
“We know that certain big tech social media companies design their products to addict kids, and a significant number of those kids suffer serious harm as a result,” assembly member and Republican co-sponsor Jordan Cunningham said Thursday in a statement. “Protecting children online is not only prudent; it will save lives.”
The proposed rules, according to critics of the legislation, are too broad and vague. “The requirement that companies consider the ‘best interests’ of children is incredibly difficult to interpret,” according to The New York Times, the California Chamber of Commerce and industry association TechNet said in a letter to legislators in April.