Newsom of California signs legislation aimed at increasing children’s online safety

“In California we are taking aggressive steps to protect the health and well-being of our children,” Newsom said in a statement.

The law marks a setback for tech giants who spent hundreds of thousands of dollars lobbying for the bill, which imposes new restrictions on companies’ collection and use of personal data and new requirements for their approach to children.

For example, the law prohibits the tracking of children’s geolocation unless such data is essential to the provision of a website’s service, and websites are required to prioritize child-friendly privacy protection settings. It bans so-called “dark patterns,” which use design techniques that can trick children into giving up personal information. And it requires companies to define the rough ages of young users.

Companies subject to the law, known as California’s Design for Ages Act, cannot sell children’s personal data and must conduct a so-called “data protection impact assessment” before offering a new service that children can access.

According to a fact sheet about the law shared by its supporters, the legislation covers the same range of businesses that must comply with California’s flagship privacy law, which is considered the toughest in the nation.

For-profit companies with annual revenue of $25 million or more, or those that buy or sell the personal information of at least 100,000 users, or that derive at least half of their annual revenue from sharing or selling personal information, must comply. the new law if young people make up an important part of their users, according to the technical sheet.

Accountable Tech, an advocacy group that has criticized big tech platforms, called the bill’s signing a “tremendous win.”

“This new law will turn the tide and take real action to stop child surveillance, profiling and online manipulation,” said Nicole Gill, the group’s executive director. “It will also serve as a transformative model for other states and countries to ensure that every child is protected from abuse and exploitation by Big Tech, not just in California.”

Other civil society groups supporting the law include the privacy advocacy organization EPIC, the Center Against Digital Hate, the Center for Digital Democracy and the National Hispanic Media Coalition.

But while the law is poised to take effect in 2024, opponents, including some who have criticized the big tech platforms themselves, have warned it could be unworkable or dangerous in practice.

According to the critic, in order to comply with various requirements of the law, websites will have to screen users based on age. This could mean asking users to hand over more personal information, including biometric data they don’t currently have to provide, such as face scans.

“It’s radical to motivate businesses to make scanning children’s faces routine, especially in the privacy bill,” Eric Goldman, a law professor at Santa Clara University, wrote in a blog post Thursday.

Fight for the Future, a consumer advocacy group that has in the past accused Amazon, Google and other tech giants of their business practices, warned Thursday that the law risks making it harder for young LGBTQ+ people, human rights activists, whistleblowers and journalists to stay. anonymous online

“It is immoral and dangerous for lawmakers to continue to use children as pawns to advance poorly written legislation that does more good than harm,” the group said.

Others said the law’s expectation that companies announce whether children are “likely” to access their services departs from federal protections for children’s privacy, which largely only kick in when a service has “actual knowledge” that it collects children’s data. .
“Few websites and apps can expect people under 18 to NEVER use their services,” longtime tech journalist Mike Masnick wrote in a June blog post.