California lawmakers plan to introduce a new bill to protect children’s data online this Thursday, mirroring the UK’s recently introduced children’s code, as part of growing momentum globally for stricter regulation on Big Tech.
The California age-appropriate design-code bill will require many of the world’s biggest tech platforms headquartered in the state—such as social media group Meta and Google’s YouTube—to limit the amount of data they collect from young users and the location tracking of children in the state.
If passed into law, it will also place restrictions on profiling younger users for targeted advertising, mandate the introduction of “age-appropriate” content policies, and ban serving up behavioral nudges that might trick them into weakening their privacy protections.
The move signals how global policymakers are increasingly working in concert and influencing one another, while Big Tech firms have launched frantic lobbying efforts against other upcoming laws that target their operations in the US, Europe, and beyond.
The Californian bill, which has bipartisan support, comes as US lawmakers are increasingly voicing concerns about child safeguarding online and urging rules to better protect the privacy, safety, and mental health of children.
It was modeled on the UK’s age-appropriate design code, now a blueprint for regulations also being drawn up in countries including Ireland, Australia, and Canada. Last June, members of the US Senate and Congress called on big US tech and gaming companies to voluntarily adopt the UK’s code for American children, saying companies had an obligation to ensure that their online services put the welfare of young users first, “no matter where they live.”
“It’ll be a first-in-the-nation bill,” said Buffy Wicks, California assemblywoman and coauthor of the bill. “Given the size and scope of California and you have a lot of these companies based in California… we have the ability to have a ripple effect,” she said.
Wicks described the UK code as a “proven concept.” It has prompted some of the largest social-media platforms, including YouTube, Instagram, and TikTok, to introduce new safety measures for young people. Last summer, in the months before the UK’s code came into effect, YouTube said it would turn off default autoplay on videos, and activate “take a break” and “bedtime” reminders for under-18s.
Meanwhile, Instagram introduced a new feature preventing adults from messaging people under 18 who do not follow them, among other changes. TikTok said it would no longer send push notifications to younger users later in the evenings.
Beeban Kidron, a member of the House of Lords who originally proposed the amendment to the UK’s data law, said she had received pushback, both “directly and indirectly,” from lobbyists for several large tech companies in the lead-up to the drafting of the UK code over the past few years.
“Directly, a number of tech representatives told me what a bad idea [the code] was, that it was an act of hubris to try and control Silicon Valley from Winslow,” she said, referencing where the UK’s privacy watchdog, the Information Commissioner’s Office, is based. But she added: “Often where California goes, so does the nation. I think it’s really significant.”
Where breaches of the UK code can result in fines, the California attorney general would be responsible for enforcement of the state’s rules, with potential action including litigation or fines.