DIGITAL AGE ASSURANCE
Illinois bill requires OS providers to verify age and share only minimal signals with apps, enforce parental controls, and limit minors’ addictive features and risky access.
Illinois bill requires OS providers to verify age and share only minimal signals with apps, enforce parental controls, and limit minors’ addictive features and risky access.
Proposed bill introduced February 13, 2026 by Rep. Jennifer Gong-Gershowitz
Purpose (main intent)
- Establish a framework to protect minors on social media by ensuring age verification, age signaling, and default privacy/usage settings on platforms accessed in Illinois.
- Create enforceable obligations for operating system providers, app stores, and platform operators to reduce minor exposure to unsafe features (notably addictive feeds and certain interactions) and to increase parental oversight and consent mechanisms.
Key provisions and changes
1) Digital age assurance requirements (Section 10)
- By January 1, 2028, operating system providers must:
- Provide an accessible account-setup interface requiring birth date or age (to generate an age-bracket signal for apps in covered stores).
- Offer app operators a real-time digital signal indicating the user’s age bracket, categorized as:
- Under 13
- 13–<16
- 16–<18
- 18 or older
- Send only the minimum information necessary to comply with the section and not share signals with third parties for unrelated purposes.
- For devices with account setup completed before Jan 1, 2028, providers must enable an interface by July 1, 2028 to collect birth date/age data.
2) Age signaling and use by operators (Section 10)
- Operators may request the signal from the OS provider or covered application store when the app is downloaded and launched.
- If a signal is received, it is the primary indicator of the user’s age range across platforms and access points, superseding internal data unless there is clear and convincing information indicating a different age.
- If an application was updated after Jan 1, 2027 and downloaded before Jan 1, 2028, and no signal was requested, operators must request a signal by July 1, 2028.
3) Protections for covered minors (Section 15)
- Operators must conduct age verification to determine if a user is a covered minor (under 18) before offering the platform in Illinois.
- Default privacy settings for minors determined by operators must restrict:
- Sharing of minor’s location (where location sharing exists).
- Financial transactions initiated by the minor.
- Parents may override default settings for minors over 16 (and for those under 16 in specific cases).
- For minors under 13, operators must require parental approval for all new connections and allow parents to view all current connections.
- Parental oversight required for all financial transactions involving minors; parents must be able to view transaction history.
- Prohibitions on providing an addictive feed to covered users unless the operator knows they are not a minor or obtains verifiable parental consent for minors.
- Nighttime (12 a.m.–6 a.m.) notifications about addictive feeds are unlawful absent verified parental consent or non-minor status.
- Data collected for verifiable parental consent must be deleted after consent verification unless legally necessary.
- Operators may implement more protective privacy settings; parental access to data is not automatically granted, and additional access rights are not mandated beyond consent.
- Operators may restrict access to or availability of objectionable media in good-faith compliance.
4) Enforcement and penalties
- Violations are deemed unlawful practices under the Illinois Consumer Fraud and Deceptive Business Practices Act.
- The Illinois Attorney General has full authority to enforce, with existing remedies and penalties under the act.
5) Statutory framework and effective date
- Amends the Illinois Consumer Fraud and Deceptive Practices Act to add violations under this Act.
- Effective date: January 1, 2027 (with certain age-assurance provisions rolling out through 2028 for devices and app updates).
Who is affected
Political/legislative context
Notes for readers
- The bill emphasizes privacy-preserving age signaling (minimum data shared) and robust default protections for minors, with a strong emphasis on parental involvement and consent for sensitive actions (location sharing, financial transactions, addictive feeds).
- If enacted, the law would require significant interoperability between operating system providers, app stores, and platform operators to manage minor safety features across devices and apps.
Compiled from official sources — confirm details with the bill’s official record.
Sign in to ask a question.