WeVote

Bill

Bill

A 5438

Establishes New Jersey Kids Online Privacy and Safety Act.

2026-2027 Regular Session Introduced by Andrea Katz

The act protects children's online privacy by restricting data collection and use, requiring parental consent, clear notices, and robust safeguards for kids’ information in New Jer

0
WeVote Research Nonpartisan
Bill Summary · A 5438

Overview

A 5438, from the 222nd New Jersey Legislature, titled the New Jersey Kids Online Privacy and Safety Act, aims to establish protections for children concerning online privacy and safety. The bill is sponsored by Assembly member Andrea Katz (co-sponsor). The text provided here summarizes the likely core objectives, provisions, and potential effect based on the bill’s title and typical content of similarly named measures.

Purpose and intent

  • To safeguard the online privacy and safety of minors in New Jersey.
  • To set clear standards for how online services, apps, websites, and platforms collect, use, and disclose information from or about children.
  • To provide enforcement mechanisms and ensure compliance through specified agencies or processes.
  • To empower parents or guardians with rights and oversight relevant to their children’s online activities.

Key provisions (anticipated substantive elements)

Note: The exact text may vary, but typical provisions in a “Kids Online Privacy and Safety Act” often include:

  • Definitions

    • Define “child” or “minor” (commonly under 18).
    • Define “personal information” in the context of children (e.g., name, postal address, phone number, email, geolocation, online identifiers, biological data).
    • Define “online service,” “operator,” and “data collection.”
  • Restrictions on collection and use

    • Prohibit or restrict targeted advertising to children.
    • Restrict the collection of personal information from children without verifiable parental consent.
    • Require express, understandable disclosures about data collection practices tailored to a child’s comprehension.
  • Parental consent and rights

    • Require parental consent for collecting personal information from children.
    • Provide mechanisms for parental access, review, and deletion of a child’s data.
    • Allow parents to opt out of certain data practices or profiles created about their child.
  • Age-appropriate privacy notices

    • Mandate conspicuous, easy-to-understand privacy notices in child-facing interfaces.
    • Require clear information about data usage, sharing, retention, and security measures.
  • Data security and retention

    • Establish minimum security standards for protecting children’s data.
    • Set retention limits or require data minimization for children’s information.
    • Procedures for data breach notification specific to incidents involving children’s data.
  • Safety features and protections

    • Prohibit the collection of sensitive information from children without justification.
    • Create or reference child safety features (e.g., parental controls, reporting mechanisms for exploitation or abuse).
    • Prohibit or limit risky online practices (e.g., location sharing) unless explicitly consented to.
  • Enforcement and penalties

    • Designate the enforcement authority (e.g., state attorney general or a dedicated privacy office).
    • Establish civil penalties for non-compliance, possibly including fines, injunctive relief, and consumer restitution.
    • Provide a private right of action or administrative remedy, if applicable by the bill’s structure.
  • Preemption and cooperation

    • Specify relationship to federal protections (e.g., COPPA-like standards) and any state preemption or augmentation.
    • Require cooperation with other state and federal agencies for enforcement.

Affected parties

  • Children and their families in New Jersey (as data subjects).
  • Online services, apps, websites, and platforms operating in New Jersey that collect data from children or have users in the state.
  • Parents or guardians who seek access, control, or deletion of their child’s data.
  • Businesses and organizations that process children's data, including edtech providers, social platforms, and advertisers.

Procedural and timeline aspects

  • Effective date: The bill will specify when its provisions take effect (often a fixed number of months after enactment; commonly 6–18 months).
  • Compliance deadlines: Entities subject to the act typically receive a grace period to implement required protections, notices, and consent mechanisms.
  • Renforcement mechanisms: Establishes the agency or office responsible for enforcement, potential reporting requirements, and investigation processes.
  • Penalties timeline: Procedures for notices of violation, cure periods (if applicable), and penalties due after final enforcement actions.

Potential impact

  • Increased privacy protections for minors using online services in New Jersey.
  • Greater accountability for operators handling children’s data, potentially affecting app design, data practices, and monetization.
  • Enhanced parental control options and transparency for families.
  • Possible compliance costs for small and medium-sized entities that collect data from children.

If you’d like, I can tailor this summary further by referencing the official bill text for exact definitions, specific prohibitions, enforcement provisions, and any dates or dollar amounts contained in A 5438.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.