Insights

  • Home
  • Insights
  • California Attorney General Publishes Proposed Regulations Implementing Social Media Addiction Law

Share

California Attorney General Publishes Proposed Regulations Implementing Social Media Addiction Law

On May 15, 2026, the California Department of Justice ("Cal. DOJ") published proposed regulations to implement the state's social media addiction law.

May 2026 Alert

Beginning January 1, 2027, operators of certain internet-based services will be prohibited from offering websites with "addictive feeds" or sending notifications during prohibited hours (collectively, "covered features"), unless operators: (i) have actual knowledge that the user is not a minor; (ii) have reasonably determined that the user is not a minor; or (iii) have obtained "verifiable parental consent" to do so.

 

On May 15, 2026, the Cal. DOJ issued proposed implementing regulations that focus on the standard for making a "reasonable determination" that a user is not a minor. The proposed regulations would require that the "reasonable determination must be made by using one or more commercially reasonable and technically feasible" age assurance methods, including:

 

  • Biological or behavioral signals;
  • Verified information other than age;
  • Cryptographic techniques;
  • Government-issued identification; or
  • An age assurance method that satisfies ISO/IEC 27566.

The proposed regulations require the selected age assurance method to be "reasonably effective," "to perform with measurable consistency," and "be testable" with quantifiable results.

 

The proposed regulations also outline a few ways in which an operator's determination that a user is not a minor would be considered "not reasonable," including: (i) where the operator relies on a self-declaration that the user is not a minor; (ii) general contractual restrictions on the use of the website; (iii) use of online payment methods that are available to minors; or (iv) an age assurance method that has known or documented risks.

 

If the regulations are adopted, operators will also need to take reasonable actions to prevent circumvention, fraud, or misuse of their age assurance measures, and document those efforts. This would extend to considering "emerging forms of circumvention" that arise from new advances in technology, such as AI.

 

The proposed regulations would also establish requirements for obtaining "verifiable parental consent." Prior to seeking parental consent, an operator will need to first notify the user that they cannot provide the covered features without parental consent. Also, the operator may not seek parental consent without the user's permission (which can be revoked at any time). If the user consents, the operator must offer the parent access to "any method" that is reasonably calculated to ensure that the individual providing consent is a parent of the minor, including through the methods set forth by the federal Children's Online Privacy Protection Rule. Operators may not require the parent to create their own account, make a purchase from the operator, or submit government identification absent offering at least one other method to provide consent. Once their consent is granted, parents can revoke it at any time.

 

The comment period will be open through June 30, 2026.

Insights by Jones Day should not be construed as legal advice on any specific facts or circumstances. The contents are intended for general information purposes only and may not be quoted or referred to in any other publication or proceeding without the prior written consent of the Firm, to be given or withheld at our discretion. To request permission to reprint or reuse any of our Insights, please use our “Contact Us” form, which can be found on our website at www.jonesday.com. This Insight is not intended to create, and neither publication nor receipt of it constitutes, an attorney-client relationship. The views set forth herein are the personal views of the authors and do not necessarily reflect those of the Firm.
Contributors
You May Also Be Interested In

California Attorney General Seeks Public Comment on New Legislation to Protect Minors From Addictive Algorithms in Social Media Websites

Authorized by the User, Blocked by the Platform: Testing the Legal Limits of AI Agents

White House Unveils National AI Legislative Framework

Before sending, please note:

Information on www.jonesday.com is for general use and is not legal advice. The mailing of this email is not intended to create, and receipt of it does not constitute, an attorney-client relationship. Anything that you send to anyone at our Firm will not be confidential or privileged unless we have agreed to represent you. If you send this email, you confirm that you have read and understand this notice.