The legislation mandates that covered businesses configure the highest level of default privacy settings for minors and ensure that requests for account deletion are processed within 15 days. It also obliges businesses to delete any data related to age determination as soon as a user is identified as a minor. Furthermore, the bill outlines specific prohibited practices, including the collection of unnecessary personal data and using previously collected data for purposes outside of the original intent. This shift is poised to strengthen data privacy and protection for minors in the digital landscape.
Summary
House Bill 1148 aims to enhance protections for minors accessing online gaming services and social media platforms. It defines 'covered businesses' as entities that conduct business generating a majority of their revenue from online services and are likely accessed by minors. The bill places a significant emphasis on the responsibilities of these entities regarding the processing of minors' personal data, detailing a minimum duty of care owed to covered minors when it comes to managing their data privacy and online interactions.
Contention
While the bill presents robust measures for protecting minors online, it also faces potential challenges in its implementation. Opponents may argue that the requirements could unduly burden businesses, particularly smaller ones, with compliance costs. They may express concerns about the practicality of enforcing privacy settings and the potential for unintended consequences in restricting minors' access to online environments that they may engage with positively. Balancing the protection of minors with the flexibility for businesses will be crucial in the bill's reception and effectiveness.