Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Privacy experts who spoke to WIRED described Rumble, Quora and WeChat as unusual suspects, but declined to speculate on the rationale for their inclusion in the investigation. Josh Golin, executive director of the nonprofit Fairplay, which advocates for digital safety for children, says the concerns aren’t always obvious. Few support groups concerned about Pinterest, for example, until the case of a British teenager who died of self-harm after exposure to sensitive content on the platform, it says.
Paxton’s press release last month called his new investigation “a critical step in ensuring that social media and AI companies comply with our laws designed to protect children from exploitation and harm.”
The US Congress never passed it a comprehensive privacy lawand this has not significantly updated online safety rules for children in a quarter of a century. That left lawmakers and state regulators to play a big role.
Paxton’s investigation centers on compliance with Texas’ Securing Children Online through Parental Empowerment Act, or SCOPE, which went into effect in September. It applies to any website or app with social media or chat functions and that registers users under the age of 18, making it more expansive than the federal law, which only covers services for users under at 13 years old.
SCOPE requires services to request the user’s age and provide parents or guardians with power over children’s account settings and user data. Companies are also prohibited from selling information collected about minors without parental permission. In October, Paxton sued TikTok for allegedly violating the law by providing inadequate parental controls and disclosing data without consent. TikTok has denied the allegations.
The investigation announced last month also referred to the Texas Data Privacy and Security Act, or TDPSAwhich became effective in July and requires parental consent before processing data on users younger than 13. Paxton’s office asked the investigated companies to detail their compliance with both the SCOPE Act and the TDPSA, according to legal requests obtained through the public records request. .
In total, the companies must answer eight questions by next week, including the number of Texas minors who count as users and who were prevented from registering an inaccurate date of birth. Lists of which minors’ data is sold or shared must be returned. It could not be known if there is a company that has already responded to the request.
Tech lobbying groups are challenging SCOPE Act’s constitutionality in court. In August, they secured an initial and partial victory when a federal judge in Austin, Texas, ruled that a provision requiring companies to take measures to prevent minors from viewing self-harming and abusive content was too vague.
But even a complete victory might not be a salve for tech companies. States including Maryland and New York are expected to enact similar laws starting this year, says Ariel Fox Johnson, attorney and principal at Digital Smarts Law & Policy consultancy. And state attorneys general may resort to pursuing more stringent cases under their tried-and-true laws that prevent deceptive business practices. “What we see is often information is shared or sold or disclosed in ways that families don’t expect or understand,” Johnson says. “As more laws are enacted that create firm requirements, it seems to be becoming clearer that not everyone is in compliance.”
