Governor Gavin Newsom announced that he has signed bipartisan landmark legislation aimed at protecting the wellbeing, data, and privacy of children using online platforms. AB 2273 by Assemblymember Buffy Wicks (D-Oakland) and Assemblymember Jordan Cunningham (R-San Luis Obispo), establishes the California Age-Appropriate Design Code Act, which requires online platforms to consider the best interest of child users and to default to privacy and safety settings that protect children’s mental and physical health and wellbeing.
“We’re taking aggressive action in California to protect the health and wellbeing of our kids,” said Governor Newsom. “As a father of four, I’m familiar with the real issues our children are experiencing online, and I’m thankful to Assemblymembers Wicks and Cunningham and the tech industry for pushing these protections and putting the wellbeing of our kids first.”
AB 2273 prohibits companies that provide online services, products or features likely to be accessed by children from using a child’s personal information; collecting, selling, or retaining a child’s geolocation; profiling a child by default; and leading or encouraging children to provide personal information.
The bill also requires that privacy information, terms of service, policies, and community standards be easily accessible and upheld – and requires responsive tools to help children exercise their privacy rights. The bipartisan legislation strikes a balance that protects kids, and ensures that technology companies will have clear rules of the road that will allow them to continue to innovate.
“As a parent, I am terrified of the effects technology addiction and saturation are having on our children and their mental health. While social media and the internet are integral to the way we as a global community connect and communicate, our children still deserve real safeguards like AB 2273 to protect their wellbeing as they grow and develop,” said First Partner Jennifer Siebel Newsom. “I am so appreciative of the Governor, Assemblymember Cunningham, and Assemblymember Wicks’ leadership and partnership to ensure tech companies are held accountable for the online spaces they design and the way those spaces affect California’s children.”
The Children’s Data Protection Working Group will be established as part of the California Age-Appropriate Design Code Act to deliver a report to the Legislature, by January 2024, on the best practices for implementation.
AB 2273 requires businesses with an online presence to complete a Data Protection Impact Assessment before offering new online services, products, or features likely to be accessed by children.
“As the mom of two young girls, I am personally motivated to ensure that Silicon Valley’s most powerful companies redesign their products in children’s best interest,” said Assemblymember Buffy Wicks (D-Oakland). “Today, California is leading the way in making the digital world safe for American children, becoming the first state in the nation to require tech companies to install guardrails on their apps and websites for users under 18. The Design Code is a game changer, and a major step forward in creating a global standard for the protection of youth online.”
“I am very glad for our kids that the Governor signed AB 2273, requiring that online platforms accessible by children be designed as age appropriate,” said Assemblymember Jordan Cunningham (R-San Luis Obispo County). “With this law, California is leading the nation in creating a new online experience that is safe for kids. We still have more work to do to address the youth mental health crisis. In particular, we know that certain Big Tech social media companies design their products to addict kids, and a significant number of those kids suffer serious harm as a result… such as depression, suicidal thoughts, anxiety, eating disorders. Protecting kids online is not only common sense, it will save lives.”
Provided to the Attorney General, the Data Protection Impact Assessments must identify the purpose of the online service, product, or feature, how it uses children’s personal information, and the risks of material detriment to children that arise from the data management practices.