The California Age-Appropriate Design Code Act

In California a new Data Privacy Impact Assessment identify how children’s personal information is used by online services, products, and features, as well as the potential harm to children resulting from data management practices. California is safeguarding children’s online information from exploitation by corporations.

The California Age-Appropriate Design Code Act, requires online services to default to settings that safeguard children’s mental and physical health and wellbeing.

It is unlawful for online service providers to collect, sell, or retain geolocation data from children; profile children without their express consent; or lead or encourage children to divulge personal information.

The measure requires that privacy information, terms of service, policies, and community standards be easily accessible and adhered to, as well as providing children with responsive tools to help them protect their privacy. This bipartisan bill strikes a balance that protects children while ensuring that technology companies have clear rules of the road so they can continue to innovate.

In order to deliver a report to the Legislature by January 2024 on best practices for child data protection, the California Children’s Data Protection Working Group will be established as part of the California Age-Appropriate Design Code Act.

Before offering new online services, products, or features that children may access, businesses with an online presence must complete a Data Protection Impact Assessment (DPIA).

The Data Protection Impact Assessments must identify how children’s personal information is used by online services, products, and features, as well as the potential harm to children resulting from data management practices. The California Attorney General must receive a copy of the assessments.