Utah’s Bold Move on Child Safety Sparks Debate Over Digital Privacy
Meta CEO Mark Zuckerberg made waves last year when he told Congress that it didn’t make sense for his platforms to verify users’ ages. Instead, he argued, app stores should take on that responsibility. Now, just over a year later, Utah is taking his advice—becoming the first state to pass a law requiring app stores to verify user ages and obtain parental consent before minors can download apps.
The App Store Accountability Act, which now awaits Governor Spencer Cox’s signature, could mark a major shift in how digital platforms operate, potentially reshaping the way all users—not just minors—interact with app stores. Similar bills have already been introduced in at least eight other states.
While this move is a win for Zuckerberg and other platform operators facing increasing pressure to protect young users, it has also ignited fierce opposition. Tech giants Apple and Google have pushed back, citing privacy concerns and potential First Amendment violations.
Apple, Google Sound the Alarm
Apple, which has long positioned itself as a champion of user privacy, warned that the bill would force app stores to collect and store vast amounts of personally identifiable information.
“While only a fraction of apps may require age verification, all users would have to hand over sensitive data—whether or not they actually use these apps,” Apple stated in a report last week. “That’s not in the interest of user safety or privacy.”
Google also criticized the bill, with its director of government affairs, Kareem Ghanem, calling it part of a “fast-moving legislative effort by Meta and others to offload their own responsibilities onto app stores.” Google argues that the bill doesn’t actually address the real harms affecting children online, instead introducing “new risks to the privacy of minors.”
In response, Google has urged Governor Cox to veto the bill and has even drafted alternative legislation for Utah lawmakers to consider—one that proposes a shared responsibility model between app stores and app developers, rather than putting the burden solely on platforms like Google Play and the App Store.
A One-Stop Shop for Age Verification?
Supporters of the Utah bill argue that a centralized age verification system makes sense, simplifying the process for parents while offering more robust protections for minors.
“I don’t think parents should have to prove they’re the legal guardian every time their child downloads an app,” Zuckerberg told lawmakers last year. “The app store is the most logical place for this to happen.”
If signed into law, the Utah bill would require app stores to categorize users into four age groups—under 13 (“child”), 13-16 (“young teenager”), 16-18 (“older teenager”), and 18+ (“adult”)—and share that information with developers while keeping verification data private.
A minor’s account would also need to be linked to a parent’s account, ensuring that parents have control over app downloads and in-app purchases. This means a parent could easily deny their teen access to apps like Instagram or TikTok if they feel existing safety measures aren’t enough.
Meta, Snap, and X released a joint statement praising the bill, calling it “a more streamlined and privacy-conscious solution for families.” Governor Cox also expressed tentative support, stating that his office is reviewing the legislation, which he believes offers a “balanced approach to digital safety.”
Privacy, Legal, and Practical Concerns Loom Large
Despite the bill’s intent, critics argue it raises a slew of legal and logistical questions:
- Device sharing: If a family shares a device, whose age should the app store verify?
- Complex family dynamics: Some teens may not have easy access to parental consent, even for harmless apps like educational tools.
- Workarounds: Users could easily bypass state restrictions by using VPNs or traveling out of state.
- Privacy risks: While the law aims to limit excessive data collection, it still requires users—regardless of age—to submit sensitive personal information, such as a government ID or facial scan, to verify their identity.
“This level of data sharing isn’t necessary,” Ghanem wrote in a blog post. “A weather app doesn’t need to know if a user is a kid.”
Others argue the law could violate the First Amendment, by effectively requiring adults to hand over personal information before accessing legally protected content.
Aaron Mackey, a director at the Electronic Frontier Foundation, voiced concerns about expanding government-mandated data collection:
“Right now, there’s legitimate concern about how much personal information tech companies already collect. Why would we pass a law requiring them to collect even more?”
A Precedent with Unintended Consequences?
Even if the law is passed, it won’t necessarily let companies like Meta off the hook. Former Apple Chief Privacy Officer Jane Horvath warns that once app stores start sending age data to developers, companies could suddenly realize they have been unknowingly allowing children under 13 on their platforms, putting them in violation of COPPA (Children’s Online Privacy Protection Act)—a federal law that prohibits collecting data from young users without parental consent.
“They will have to either delete those accounts, block them, or figure out a way to comply,” Horvath explained.
The Urgency of Online Safety vs. The Risk of Overreach
Despite the backlash, many parents and child safety advocates believe action is overdue. Kris Perry, executive director of Children and Screens: Institute of Digital Media and Child Development, argues that policymakers are simply working with “the best tools they have.”
“It’s universally accepted that kids are struggling with this much exposure to social media and digital content,” Perry said. “Something needs to be done.”
With legal challenges likely and other states watching closely, Utah’s bold move could set the stage for a nationwide battle over online privacy, parental control, and the role of tech giants in policing the internet.
