California recently passed the California Age-Appropriate Design Code Act, a new law aimed at making the internet safer for children. The sweeping legislation, which goes into effect July 1, 2024, will apply to companies governed by the California Privacy Rights Act and regulate online services, products or features “likely to be accessed by children.” Unlike most other legislation governing children’s privacy, the Act defines children as “consumers under the age of 18.” This change significantly increases the number of companies that will need to consider children’s privacy issues.  

Notably, the Act explicitly includes activities already governed by the Children’s Online Privacy Protection Act (COPPA). While federal statutes often preempt state laws that regulate the same activities, COPPA only preempts state laws to the extent that such laws are “inconsistent.” Thus, it appears likely that the Act will co-exist with COPPA, although the extent of this co-existence is likely to be litigated.