The Texas Attorney General’s office has launched an investigation into several social media and AI companies, including some unexpected targets like Rumble, Quora, and WeChat, for potential violations of state laws protecting children online. This investigation represents a broader trend of state-level action in the absence of comprehensive federal privacy legislation. While Congress has failed to update child online safety rules for decades, states like Texas are taking the initiative to regulate how online platforms handle children’s data and ensure parental control over their digital experiences. The focus of these inquiries isn’t always predictable, as demonstrated by the past lack of concern surrounding Pinterest until a tragic incident involving a teenager’s self-harm highlighted potential risks associated with the platform. This underscores the evolving nature of online safety concerns and the need for ongoing vigilance.
Texas Attorney General Ken Paxton initiated the investigation, emphasizing its importance in holding social media and AI companies accountable for complying with state laws aimed at protecting children from online exploitation and harm. Paxton’s efforts center around two key pieces of legislation: the Securing Children Online through Parental Empowerment Act (SCOPE) and the Texas Data Privacy and Security Act (TDPSA). SCOPE, effective since September, has a broader scope than the existing federal law, applying to any website or app with social media or chat functionalities that register users under 18, whereas federal law covers only services catering to users under 13. This expanded reach allows Texas to regulate a wider array of online platforms and address the unique challenges posed by teen usage of social media and online communication tools.
The SCOPE Act mandates that online services verify user age and provide parents or guardians with control over their children’s account settings and user data. It also prohibits companies from selling information collected about minors without parental consent. These provisions aim to empower parents and give them greater oversight of their children’s online activities and the data shared with these platforms. Paxton previously sued TikTok, alleging violations of SCOPE due to inadequate parental controls and unauthorized data disclosure, highlighting his commitment to enforcing these new regulations. The TDPSA, which took effect in July, further strengthens protections for younger users by requiring parental consent before processing data about children under 13, reinforcing the focus on parental control over data collection and usage practices.
The Attorney General’s office has issued legal demands to the companies under investigation, requiring them to provide detailed information regarding their compliance with both SCOPE and TDPSA. The companies must answer eight specific questions by a set deadline, including disclosing the number of Texas minors registered on their platforms, any instances of barring users for inaccurate birthdates, and lists of entities with whom minors’ data is shared or sold. This comprehensive data request aims to provide a clear picture of the companies’ data practices and identify any potential violations of the state’s child privacy laws. The investigation’s outcome and any potential legal repercussions remain to be seen, as it is currently unknown whether any companies have responded to the demands.
This investigation unfolds against the backdrop of legal challenges to the SCOPE Act. Tech industry lobbying groups are contesting the constitutionality of the law, arguing that certain provisions, such as the requirement to prevent minors from accessing harmful content, are too vague. While a federal judge in Austin partially ruled in their favor regarding the content moderation provision, the broader legal battle continues. However, even if the tech companies were to achieve a complete legal victory in Texas, they might still face similar challenges in other states. Several states, including Maryland and New York, are expected to implement comparable laws later this year, signaling a growing nationwide trend towards stricter regulation of online platforms’ handling of children’s data.
This emerging patchwork of state laws could create a complex regulatory landscape for tech companies. They may need to adapt their practices to comply with varying state-specific requirements. Furthermore, even if the SCOPE Act or similar laws are successfully challenged in court, state attorneys general have other legal avenues to pursue action against companies deemed to be violating children’s online privacy. They can utilize existing consumer protection laws, particularly those prohibiting deceptive business practices, to address instances where data is shared or disclosed in ways that families did not expect or understand. This multifaceted approach, combining new legislation with existing legal tools, reflects a growing determination among state regulators to hold tech companies accountable and ensure the online safety and privacy of children.
