“In general, platforms have a responsibility to keep children safe,” said Irene Lee, policy adviser for the nonprofit Common Sense Media, which provides media guidance to families and supported the California law.
But tech industry groups strongly opposed the California law and could still sue to block it. Even its supporters have acknowledged that some parts of the act are too vague, leaving major questions about how companies will comply with it when it takes effect. A group of experts mandated by law is developing implementation guidelines.
One requirement — that sites and apps estimate the age of child users with a “reasonable level of confidence” — has alarmed some consumer and Internet freedom groups, who say it could force companies to collect more personal data. Eric Goldman, a professor at Santa Clara University’s law school and a prominent tech policy commentator, called the act a “Trojan horse” and “poison.”
“We understand that many parents and politicians are trying to protect young people,” said Jennifer Huddleston, a policy adviser at NetChoice, which represents tech companies including Amazon, Google and Meta, which owns Facebook and Instagram. “(But) we believe that these kinds of top-down regulations often create barriers not only to future innovation, but also to parents … who are trying to find the best solution to preserve their family’s values.”
Federal law already protects children’s privacy, but with some significant limitations.
The Children’s Online Privacy Protection Act, known as COPPA, passed in 1998 with a few amendments, requires sites or services aimed at children under 12 to seek parental consent before collecting a child’s personal information.