Maryland 2023 Regular Session

Maryland Senate Bill SB844 Compare Versions

Only one version of the bill is available at this time.

Old	New	Differences
1	1
2	2
3	3	EXPLANATION: CAPITALS INDICATE MAT TER ADDED TO EXISTIN G LAW.
4	4	[Brackets] indicate matter deleted from existing law.
5	5	sb0844
6	6
7	7	SENATE BILL 844
8	8	I3, S1 3lr1979
9	9	CF HB 901
10	10	By: Senators Kramer and West
11	11	Introduced and read first time: February 6, 2023
12	12	Assigned to: Finance
13	13
14	14	A BILL ENTITLED
15	15
16	16	AN ACT concerning 1
17	17
18	18	Consumer Protection – Online Products and Services – Children’s Data 2
19	19
20	20	FOR the purpose of requiring a business that offers an online product likely to be accessed 3
21	21	by children to complete a certain data protection impact assessment under certain 4
22	22	circumstances; prohibiting a business from offering a certain online product before 5
23	23	completing a data protection impact assessment; requiring businesses to document 6
24	24	certain risks associated with certain online products; requiring certain privacy 7
25	25	protections for certain online products; prohibiting certain data collection and 8
26	26	sharing practices; providing certain exemptions; and generally relating to the 9
27	27	protection of online privacy of children. 10
28	28
29	29	BY adding to 11
30	30	Article – Commercial Law 12
31	31	Section 14–4501 through 14–4513 to be under the new subtitle “Subtitle 45. 13
32	32	Maryland Age–Appropriate Design Code Act” 14
33	33	Annotated Code of Maryland 15
34	34	(2013 Replacement Volume and 2022 Supplement) 16
35	35
36	36	Preamble 17
37	37
38	38	WHEREAS, The United Nations Convention on the Rights of the Child recognizes 18
39	39	that children need special safeguards and care in all aspects of their lives, specifying how 19
40	40	children’s rights apply in the digital environment in General Comment No. 25; and 20
41	41
42	42	WHEREAS, As children spend more of their time interacting with the online world, 21
43	43	the impact of the design of online products on their well–being has become a focus of 22
44	44	significant concern; and 23
45	45
46	46	WHEREAS, There is widespread agreement at the international level, and 24
47	47	bipartisan agreement in the United States, that more needs to be done to create a safer 25
48	48	online space for children to learn, explore, and play; and 26 2 SENATE BILL 844
49	49
50	50
51	51
52	52	WHEREAS, Lawmakers around the globe have taken steps to enhance privacy 1
53	53	protections for children based on the understanding that, in relation to data protection, 2
54	54	greater privacy necessarily means greater security and well–being; and 3
55	55
56	56	WHEREAS, Children should be afforded protections not only by online products and 4
57	57	services specifically directed at them, but by all online products they are likely to access, 5
58	58	and thus businesses should take into account the unique needs of different age ranges, 6
59	59	including the following developmental stages: 0 to 5 years of age, or “preliterate and early 7
60	60	literacy”; 6 to 9 years of age, or “core primary school years”; 10 to 12 years of age, or 8
61	61	“transition years”; 13 to 15 years of age, or “early teens”; and 16 to 17 years of age, or 9
62	62	“approaching adulthood”; and 10
63	63
64	64	WHEREAS, While it is clear that the same data protection regime may not be 11
65	65	appropriate for children of all ages, children of all ages should nonetheless be afforded 12
66	66	privacy and protection, and online products should adopt data protection regimes 13
67	67	appropriate for children of the ages likely to access those products; and 14
68	68
69	69	WHEREAS, According to the Pew Research Center, in 20 22, 97% of American 15
70	70	teenagers aged 13–17 used the Internet every day, with 46% responding they used the 16
71	71	Internet almost constantly; and, additionally, 36% of teens reported being concerned about 17
72	72	their social media use, while an earlier Pew Research Center study found that 59% of teens 18
73	73	have been bullied or harassed online; and 19
74	74
75	75	WHEREAS, The findings of the Pew Research Center are not surprising, given what 20
76	76	is known about controllers’ use of personal data and how it is utilized to inform 21
77	77	manipulative practices, to which children are particularly vulnerable; and 22
78	78
79	79	WHEREAS, Online products that are likely to be accessed by children should offer 23
80	80	strong privacy protections by design and by default, including by disabling features that 24
81	81	profile children using their previous behavior, browsing history, or assumptions of their 25
82	82	similarity to other children in order to offer them detrimental material; and 26
83	83
84	84	WHEREAS, Ensuring robust privacy, and thus safety, protections for children by 27
85	85	design is consistent with federal safety laws and policies applied to children’s products, 28
86	86	regulating everything from toys to clothing to furniture and games; and 29
87	87
88	88	WHEREAS, The consumer protections that federal safety laws apply to children’s 30
89	89	products require these products to comply with certain safety standards by their very 31
90	90	design, so that harms to children, and in some cases other consumers, are prevented; and 32
91	91
92	92	WHEREAS, It is the intent of the Maryland General Assembly that the Maryland 33
93	93	Age–Appropriate Design Code Act promote innovation by businesses whose online products 34
94	94	are likely to be accessed by children by ensuring that those online products are designed in 35
95	95	a manner that recognizes the distinct needs of children within different age ranges; and 36
96	96	SENATE BILL 844 3
97	97
98	98
99	99	WHEREAS, It is the intent of the Maryland General Assembly that businesses 1
100	100	covered by the Maryland Age–Appropriate Design Code Act may look to guidance and 2
101	101	innovation in response to the Age–Appropriate Design Code established in the United 3
102	102	Kingdom and California when developing online products that are likely to be accessed by 4
103	103	children; now, therefore, 5
104	104
105	105	SECTION 1. BE IT ENACTED BY THE GENERAL ASSEMBLY OF MARYLAND, 6
106	106	That the Laws of Maryland read as follows: 7
107	107
108	108	Article – Commercial Law 8
109	109
110	110	SUBTITLE 45. MARYLAND AGE–APPROPRIATE DESIGN CODE ACT. 9
111	111
112	112	14–4501. 10
113	113
114	114	(A) IN THIS SUBTITLE THE FOLLOWING WORDS HAVE THE MEANINGS 11
115	115	INDICATED. 12
116	116
117	117	(B) (1) “AGGREGATE CONSUMER IN FORMATION” MEANS INFORMATION : 13
118	118
119	119	(I) THAT RELATES TO A GRO UP OR CATEGORY OF CO NSUMERS; 14
120	120
121	121	(II) FROM WHICH INDIVIDUAL CONSUMER IDENTITIES HAVE 15
122	122	BEEN REMOVED ; AND 16
123	123
124	124	(III) THAT IS NOT LINKED OR REASONABLY LINKABLE TO ANY 17
125	125	CONSUMER OR HOUSEHOL D, INCLUDING BY A DEVIC E. 18
126	126
127	127	(2) “AGGREGATE CONSUMER IN FORMATION” DOES NOT INCLUDE 19
128	128	INDIVIDUAL CONSUMER RECORDS THAT HAVE BE EN DEIDENTIFIED . 20
129	129
130	130	(C) (1) “BUSINESS” MEANS A SOLE PROPRIE TORSHIP, LIMITED LIABILITY 21
131	131	COMPANY, CORPORATION , ASSOCIATION, OR OTHER LEGAL ENTIT Y THAT: 22
132	132
133	133	(I) IS ORGANIZED OR OPERA TED FOR THE PROFIT O R 23
134	134	FINANCIAL BENEFIT OF ITS SHAREHOLDERS OR OTHER OWNERS ; 24
135	135
136	136	(II) COLLECTS CONSUMERS ’ PERSONAL INFORMATION , OR ON 25
137	137	THE BEHALF OF WHICH ANOTHER COLLECTS CON SUMERS’ PERSONAL 26
138	138	INFORMATION ; 27
139	139
140	140	(III) ALONE, OR JOINTLY WITH ITS AFFILIATES OR 28
141	141	SUBSIDIARIES, DETERMINES THE PURPO SES AND MEANS OF THE PROCESSING OF 29
142	142	CONSUMERS ’ PERSONAL INFORMATION ; 30 4 SENATE BILL 844
143	143
144	144
145	145
146	146	(IV) DOES BUSINESS IN THE STATE; AND 1
147	147
148	148	(V) SATISFIES AT LEAST ON E OF THE FOLLOWING C RITERIA: 2
149	149
150	150	1. THE BUSINESS HAS ANNU AL GROSS REVENUES IN 3
151	151	EXCESS OF $25,000,000, ADJUSTED EVERY ODD –NUMBERED YEAR TO REF LECT 4
152	152	ADJUSTMENTS IN THE CONSUMER PRICE INDEX; 5
153	153
154	154	2. THE BUSINESS ANNUALLY BUYS, RECEIVES, SELLS, 6
155	155	OR SHARES THE PERSON AL INFORMATION OF 50,000 OR MORE CONSUMERS , 7
156	156	HOUSEHOLDS , OR DEVICES, ALONE OR IN COMBINAT ION WITH ITS AFFILIA TES OR 8
157	157	SUBSIDIARIES, AND FOR THE BUSINESS ’S COMMERCIAL PURPOSE S; OR 9
158	158
159	159	3. THE BUSINESS DERIVES AT LEAST 50% OF ITS 10
160	160	ANNUAL REVENUES FROM THE SALE OF CONSUMER S’ PERSONAL INFORMATION . 11
161	161
162	162	(2) “BUSINESS” INCLUDES: 12
163	163
164	164	(I) AN ENTITY THAT CONTRO LS OR IS CONTROLLED BY A 13
165	165	BUSINESS AND THAT SH ARES COMMON BRANDING WITH THAT BUSINESS ; AND 14
166	166
167	167	(II) A JOINT VENTURE OR PAR TNERSHIP COMPOSED OF 15
168	168	BUSINESSES IN WHICH EACH HAS AT LEAST A 40% INTEREST IN THE JOIN T VENTURE 16
169	169	OR PARTNERSHIP . 17
170	170
171	171	(D) “CHILD” MEANS A CONSUMER THA T IS UNDER THE AGE O F 18 YEARS. 18
172	172
173	173	(E) “COLLECT” MEANS TO ACTIVELY OR PASSIVELY BUY , RENT, GATHER, 19
174	174	OBTAIN, RECEIVE, OR ACCESS ANY PERSON AL INFORMATION PERTA INING TO A 20
175	175	CONSUMER OR OBSERVE A CONSUMER ’S BEHAVIOR, BY ANY MEANS. 21
176	176
177	177	(F) “COMMON BRANDING ” MEANS A SHARED NAME , SERVICE MARK , OR 22
178	178	TRADEMARK THAT WOULD CAUSE A REASONABLE C ONSUMER TO UND ERSTAND 23
179	179	THAT TWO OR MORE ENT ITIES ARE COMMONLY O WNED. 24
180	180
181	181	(G) “CONSUMER” MEANS AN INDIVIDUAL WHO IS A RESIDENT OF THE 25
182	182	STATE, HOWEVER IDENTIFIED , INCLUDING BY ANY UNI QUE IDENTIFIER. 26
183	183
184	184	(H) “CONTROL” MEANS: 27
185	185
186	186	(1) OWNERSHIP OF OR THE P OWER TO VOTE MORE TH AN 50% OF THE 28
187	187	OUTSTANDING SHARES O F ANY CLASS OF VOTIN G SECURITY OF A BUSI NESS; 29 SENATE BILL 844 5
188	188
189	189
190	190
191	191	(2) ANY MANNER OF CONTROL OVER THE ELECTION OF A MAJORITY 1
192	192	OF THE DIRECTORS OF A BUSINESS, OR INDIVIDUALS EXERC ISING SIMILAR 2
193	193	FUNCTIONS; OR 3
194	194
195	195	(3) THE POWER TO EXERCISE A CONTROLLIN G INFLUENCE OVER THE 4
196	196	MANAGEMENT OF A BUSI NESS. 5
197	197
198	198	(I) “DARK PATTERN ” MEANS A USER INTERFA CE DESIGNED OR 6
199	199	MANIPULATED WITH THE SUBSTANTIAL EFFECT O F SUBVERTING OR IMPA IRING 7
200	200	USER AUTONOMY , DECISION MAKING , OR CHOICE. 8
201	201
202	202	(J) “DATA PROTECTION IMPAC T ASSESSMENT” OR “ASSESSMENT” MEANS A 9
203	203	SYSTEMATIC SURVEY TO ASSESS AND MITIGATE RISKS TO CHILDREN WH O ARE 10
204	204	REASONABLY LIKELY TO ACCESS THE ONLINE PR ODUCT AT ISSUE THAT ARISE FROM 11
205	205	THE DATA MANAGEMENT PRACTICES OF THE BUS INESS AND THE PROVIS ION OF THE 12
206	206	ONLINE PRODUCT . 13
207	207
208	208	(K) “DEFAULT” MEANS A PRESELECTED OPTION ADOPTED BY TH E 14
209	209	BUSINESS FOR AN ONLI NE PRODUCT. 15
210	210
211	211	(L) “DEIDENTIFIED INFORMAT ION” MEANS INFORMATION TH AT CANNOT 16
212	212	BE USED TO REASONABL Y INFER INFORMATION ABOUT, OR OTHERWISE BE LINK ED 17
213	213	TO, A PARTICULAR CONSUME R, IF THE BUSINE SS THAT POSSESSES TH E 18
214	214	INFORMATION : 19
215	215
216	216	(1) TAKES REASONABLE MEAS URES TO ENSURE THAT THE 20
217	217	INFORMATION CANNOT B E ASSOCIATED WITH A CONSUMER OR HOUSEHOL D; 21
218	218
219	219	(2) COMMITS IN PUBLICLY A VAILABLE TERMS AND C ONDITIONS OR IN 22
220	220	A PUBLICLY AVAILABLE PRIVACY POLICY TO : 23
221	221
222	222	(I) MAINTAIN AND USE THE INFORMATION IN DEIDE NTIFIED 24
223	223	FORM; AND 25
224	224
225	225	(II) NOT ATTEMPT TO REIDEN TIFY THE INFORMATION , EXCEPT 26
226	226	FOR THE SOLE PURPOSE OF DETERMINING WHETH ER THE BUSINESS ’S 27
227	227	DEIDENTIFICATION PRO CESS SATISFIES THE R EQUIREMENTS OF THIS SUBSECTION; 28
228	228	AND 29
229	229
230	230	(3) CONTRACTUALLY OBLIGAT ES ANY RECIPIENTS OF THE 30
231	231	INFORMATION TO COMPL Y WITH ALL PROVISION S OF THIS SUBSECTION . 31
232	232	6 SENATE BILL 844
233	233
234	234
235	235	(M) “LIKELY TO BE ACCESSED BY CHILDREN ” MEANS REASONABLY 1
236	236	EXPECTED THAT THE ON LINE SERVICE , PRODUCT, OR FEATURE WOULD BE 2
237	237	ACCESSED BY CHIL DREN, BASED ON SATISFYING ANY OF THE FOLLOWING CRITERIA: 3
238	238
239	239	(1) THE ONLINE PRODUCT IS DIRECTED TO CHILDREN AS DEFINED IN 4
240	240	THE FEDERAL CHILDREN’S ONLINE PRIVACY PROTECTION ACT; 5
241	241
242	242	(2) THE ONLINE PRODUCT IS DETERMINED , BASED ON COMPETENT 6
243	243	AND RELIABLE EVIDENC E REGARDING AUDIENCE C OMPOSITION, TO BE ROUTINELY 7
244	244	ACCESSED BY A SIGNIF ICANT NUMBER OF CHIL DREN; 8
245	245
246	246	(3) THE ONLINE PRODUCT IS SUBSTANTIALLY SIMILA R OR THE SAME 9
247	247	AS AN ONLINE PRODUCT THAT SATISFIES ITEM (2) OF THIS SUBSECTION ; 10
248	248
249	249	(4) THE ONLINE PRODUCT FE ATURES ADVERTISEMENTS MAR KETED 11
250	250	TO CHILDREN; 12
251	251
252	252	(5) THE ONLINE PRODUCT HA S DESIGN ELEMENTS TH AT ARE KNOWN 13
253	253	TO BE OF INTEREST TO CHILDREN, SUCH AS GAMES , CARTOONS, MUSIC, AND 14
254	254	CELEBRITIES WHO APPE AL TO CHILDREN ; OR 15
255	255
256	256	(6) THE BUSINESS KNOWS , BASED ON INTERNAL RE SEARCH, THAT A 16
257	257	SIGNIFICANT AMOUNT O F THE ONLINE PRODUCT ’S AUDIENCE IS CHILDR EN. 17
258	258
259	259	(N) (1) “ONLINE PRODUCT ” MEANS AN ONLINE SERV ICE, PRODUCT, OR 18
260	260	FEATURE. 19
261	261
262	262	(2) “ONLINE PRODUCT ” DOES NOT INCLUDE : 20
263	263
264	264	(I) A TELECOMMUNICATIONS S ERVICE, AS DEFINED IN 47 21
265	265	U.S.C. § 153; OR 22
266	266
267	267	(II) THE DELIVERY OR USE O F A PHYSICAL PRODUCT SOLD BY 23
268	268	AN ONLINE RETAILER . 24
269	269
270	270	(O) (1) “PERSONAL INFORMATION ” MEANS INFORMATION TH AT 25
271	271	IDENTIFIES, RELATES TO , DESCRIBES, IS REASONABLY CAPABL E OF BEING 26
272	272	ASSOCIATED WITH , OR COULD REASONABLY BE LINKED, DIRECTLY OR INDIRECT LY, 27
273	273	WITH A PARTICULAR CO NSUMER OR HOUSEHOLD . 28
274	274
275	275	(2) “PERSONAL INFORMATION ” DOES NOT INCLUDE : 29
276	276	SENATE BILL 844 7
277	277
278	278
279	279	(I) PUBLICLY AVAILABLE IN FORMATION OR LAWFULL Y 1
280	280	OBTAINED, TRUTHFUL INFORMATION THAT IS OF PUBLIC CO NCERN; OR 2
281	281
282	282	(II) CONSUMER INFORMATION THAT IS DEIDENTIFIED OR 3
283	283	AGGREGATE CONSUMER I NFORMATION . 4
284	284
285	285	(P) “PRECISE GEOLOCATION ” MEANS ANY DATA THAT IS: 5
286	286
287	287	(1) DERIVED FROM A DEVICE ; AND 6
288	288
289	289	(2) USED OR INTENDED TO B E USED TO LOCATE A C ONSUMER WITHIN 7
290	290	A GEOGRAPHIC AREA TH AT IS LESS THAN OR E QUAL TO THE AREA OF A CIRCLE WIT H 8
291	291	A RADIUS OF 1,850 FEET. 9
292	292
293	293	(Q) (1) “PROFILING” MEANS ANY FORM OF AU TOMATED PROCESSING O F 10
294	294	PERSONAL INFORMATION THAT USES PERSONAL I NFORMATION TO EVALUA TE 11
295	295	CERTAIN ASPECTS RELA TING TO AN INDIVIDUA L. 12
296	296
297	297	(2) “PROFILING” INCLUDES ANALYZING OR PREDICTING ASPECT S 13
298	298	CONCERNING AN INDIVI DUAL’S PERFORMANCE AT WOR K, ECONOMIC SITUATION , 14
299	299	HEALTH, PERSONAL PREFERENCES , INTERESTS, RELIABILITY, BEHAVIOR, 15
300	300	LOCATION, OR MOVEMENTS . 16
301	301
302	302	(R) (1) “PUBLICLY AVAILABLE IN FORMATION” MEANS INFORMATION 17
303	303	THAT: 18
304	304
305	305	(I) IS LAWFULLY MADE AVAILA BLE FROM FEDERAL , STATE, OR 19
306	306	LOCAL GOVERNMENT REC ORDS; OR 20
307	307
308	308	(II) A BUSINESS HAS A REASO NABLE BASIS TO BELIE VE IS 21
309	309	LAWFULLY MADE AVAILA BLE TO THE GENERAL P UBLIC BY THE CONSUME R OR BY 22
310	310	WIDELY DISTRIBUTED M EDIA. 23
311	311
312	312	(2) “PUBLICLY AVAILABLE I NFORMATION ” DOES NOT INCLUDE 24
313	313	BIOMETRIC INFORMATIO N COLLECTED BY A BUS INESS ABOUT A CONSUM ER 25
314	314	WITHOUT THE CONSUMER ’S KNOWLEDGE . 26
315	315
316	316	(S) “SELL” MEANS TO TRANSFER , RENT, RELEASE, DISCLOSE, 27
317	317	DISSEMINATE, MAKE AVAILABLE , OR OTHERWISE COMMUNI CATE, WHETHER 28
318	318	ORALLY, IN WRITING, OR BY ELECTRONIC OR OTHER MEANS , A CONSUMER ’S 29
319	319	PERSONAL INFORMATION BY THE BUSINESS TO A THIRD PARTY FOR MONE TARY OR 30
320	320	OTHER VALUABLE CONSI DERATION. 31
321	321	8 SENATE BILL 844
322	322
323	323
324	324	(T) (1) “SENSITIVE PERSONAL IN FORMATION” MEANS: 1
325	325
326	326	(I) PERSONAL INFORMATION THAT REVEALS A CONSU MER’S: 2
327	327
328	328	1. SOCIAL SECURITY NUMBER , DRIVER’S LICENSE 3
329	329	NUMBER, STATE IDENTIFICATION CARD NUMBER , OR PASSPORT NUMBER ; 4
330	330
331	331	2. ACCOUNT LOGIN INFORMA TION, FINANCIAL 5
332	332	ACCOUNT NUMBER , DEBIT CARD NUMBER , OR CREDIT CARD NUMBE R, IN 6
333	333	COMBINATION WITH ANY REQUIRED SEC URITY OR ACCESS CODE , PASSWORD, OR 7
334	334	CREDENTIALS THAT ALL OW ACCESS TO AN ACCO UNT; 8
335	335
336	336	3. PRECISE GEOLOCATION ; 9
337	337
338	338	4. RACIAL OR ETHNIC ORIG IN OR RELIGIOUS OR 10
339	339	PHILOSOPHICAL BELIEF S; 11
340	340
341	341	5. UNION MEMBERSHIP STAT US; 12
342	342
343	343	6. MAIL, E–MAIL, TEXT, OR MESSAGE CONTENTS, 13
344	344	UNLESS THE BUSINESS IS THE INTENDED RECI PIENT; OR 14
345	345
346	346	7. GENETIC DATA; 15
347	347
348	348	(II) BIOMETRIC INFORMATION THAT IS OR MAY BE PR OCESSED 16
349	349	FOR THE PURPOSE OF U NIQUELY IDENTIFYING A CONSUMER ; 17
350	350
351	351	(III) PERSONAL INFORMATION COLLECTED AND ANALYZ ED 18
352	352	CONCERNIN G A CONSUMER ’S HEALTH; OR 19
353	353
354	354	(IV) PERSONAL INFORMATION COLLECTED AND ANALYZ ED 20
355	355	CONCERNING A CONSUME R’S SEX LIFE OR SEXUAL ORIENTATION . 21
356	356
357	357	(2) “SENSITIVE PERSONAL IN FORMATION” DOES NOT INCLUDE 22
358	358	PUBLICLY AVAILABLE I NFORMATION . 23
359	359
360	360	(U) “SHARE” MEANS TO RENT , RELEASE, DISCLOSE, DISSEMINATE, MAKE 24
361	361	AVAILABLE, TRANSFER, OR OTHERWISE COMMUNI CATE, WHETHER ORALLY , IN 25
362	362	WRITING, OR BY ELECTRONIC OR OTHER MEANS , A CONSUMER ’S PERSONAL 26
363	363	INFORMATION TO A THI RD PARTY FOR CROSS –CONTEXT BEHAVIORAL A DVERTISING 27
364	364	WHETHER OR NOT FOR M ONETARY OR OTHER VAL UABLE CONSIDERATION , 28
365	365	INCLUDING IN A TRANS ACTION BETWEEN A BUS INESS AND A THIRD PA RTY FOR 29 SENATE BILL 844 9
366	366
367	367
368	368	CROSS–CONTEXT BEHAVIORAL A DVERTISING FOR THE B ENEFIT OF A BUSINESS IN 1
369	369	WHICH NO MONEY IS EX CHANGED. 2
370	370
371	371	(V) “THIRD PARTY” MEANS A PERSON WHO IS NO T: 3
372	372
373	373	(1) THE BUSINESS WITH WHI CH THE CONSUMER INTE NTIONALLY 4
374	374	INTERACTS AND THAT C OLLECTS PERSONAL INF ORMATION FROM THE CO NSUMER 5
375	375	AS PART OF THE CONSU MER’S INTERACTION WITH T HE BUSINESS; OR 6
376	376
377	377	(2) A SERVICE PROVIDER FOR THE BUSINESS. 7
378	378
379	379	14–4502. 8
380	380
381	381	THIS SUBTITLE DOES NO T APPLY TO: 9
382	382
383	383	(1) PROTECTED HEALTH INFO RMATION THAT IS COLL ECTED BY A 10
384	384	COVERED ENTITY OR BU SINESS ASSOCIATION G OVERNED BY THE PRIVA CY 11
385	385	SECURITY AND BREACH NOTIFICATION RULES I N 45 C.F.R. PARTS 160 AND 164, 12
386	386	ESTABLISHED UNDER TH E FEDERAL HEALTH INSURANCE PORTABILITY AND 13
387	387	ACCOUNTABILITY ACT OF 1996 AND THE FEDERAL HEALTH INFORMATION 14
388	388	TECHNOLOGY FOR ECONOMIC AND CLINICAL HEALTH ACT; 15
389	389
390	390	(2) A HEALTH PROVIDER OR C OVERED ENTITY GOVERN ED BY THE 16
391	391	PRIVACY SECURITY AND BREACH NOTIFICATION RULES IN 45 C.F.R. PARTS 160 AND 17
392	392	164, ESTABLISHED UNDER TH E FEDERAL HEALTH INSURANCE PORTABILITY AND 18
393	393	ACCOUNTABILITY ACT OF 1996 AND THE FEDERAL HEALTH INFORMATION 19
394	394	TECHNOLOGY FOR ECONOMIC AND CLINICAL HEALTH ACT, TO THE EXTENT THAT 20
395	395	THE PROVIDER OR COVE RED ENTITY MAINTAINS PATIENT INFORMATION IN THE 21
396	396	SAME MANNER AS MEDIC AL INFORMATION OR PR OTECTED HEALTH INFOR MATION 22
397	397	AS DESCRIBED IN ITEM (1) OF THIS SECTION; OR 23
398	398
399	399	(3) INFORMATION COLLECTED AS PART OF A CLINICA L TRIAL 24
400	400	SUBJECT TO THE FEDERAL POLICY FOR THE PROTECTION OF HUMAN SUBJECTS, 25
401	401	IN ACCORDANCE WITH : 26
402	402
403	403	(I) GOOD CLINICAL PRACTIC E GUIDELINES ISSUED BY THE 27
404	404	INTERNATIONAL COUNCIL FOR HARMONISATION OF TECHNICAL REQUIREMENTS 28
405	405	FOR PHARMACEUTICALS FOR HUMAN USE; OR 29
406	406
407	407	(II) HUMAN SUBJECT PROTECT ION REQUIREMENTS OF THE 30
408	408	U.S. FOOD AND DRUG ADMINISTRATION . 31
409	409
410	410	14–4503. 32 10 SENATE BILL 844
411	411
412	412
413	413
414	414	IT IS THE INTENT OF T HE GENERAL ASSEMBLY THAT : 1
415	415
416	416	(1) CHILDREN SHOULD BE AF FORDED PROTECTIONS N OT ONLY BY 2
417	417	ONLINE PRODUCTS SPEC IFICALLY DIRECTED AT THEM, BUT BY ALL ONLINE 3
418	418	PRODUCTS THEY ARE LI KELY TO ACCESS ; 4
419	419
420	420	(2) BUSINESSES THAT DEVEL OP AND PROVIDE ONLIN E SERVICES 5
421	421	THAT CHILDREN ARE LI KELY TO ACCESS SHOUL D CONSIDER THE BEST INTERESTS 6
422	422	OF CHILDREN WHEN DES IGNING, DEVELOPING , AND PROVIDING THOSE ONLINE 7
423	423	PRODUCTS; AND 8
424	424
425	425	(3) IF A CONFLICT ARISES BETWEEN COMMERCIAL I NTERESTS AND 9
426	426	THE BEST INTERESTS O F CHILDREN, COMPANIES THAT DEVEL OP ONLINE PRODUCTS 10
427	427	LIKELY TO BE ACCESSE D BY CHILDREN SHALL GIVE PRIORITY TO THE PRIVACY, 11
428	428	SAFETY, AND WELL–BEING OF CHILDREN OV ER THOSE COMMERCIAL INTERESTS. 12
429	429
430	430	14–4504. 13
431	431
432	432	(A) THIS SECTION APPLIE S ONLY TO AN ONLINE PRODUCT THAT IS 14
433	433	OFFERED TO THE PUBLI C ON OR AFTER JULY 1, 2024. 15
434	434
435	435	(B) A BUSINESS THAT PROVID ES AN ONLINE PRODUCT LIKELY TO BE 16
436	436	ACCESSED BY CHILDREN SHALL PREPARE A DATA PROTECTION IMPACT 17
437	437	ASSESSMENT FOR THE O NLINE PRODUCT . 18
438	438
439	439	(C) THE DATA PROTECTION IMPACT AS SESSMENT SHALL : 19
440	440
441	441	(1) IDENTIFY THE PURPOSE OF THE ONLINE PRODUC T; 20
442	442
443	443	(2) IDENTIFY HOW THE ONLI NE PRODUCT USES CHIL DREN’S 21
444	444	PERSONAL INFORMATION ; 22
445	445
446	446	(3) IDENTIFY THE RISKS OF MATERIAL DETRIMENT T O CHILDREN 23
447	447	THAT ARISE FROM THE DATA MANAGEM ENT PRACTICES OF THE BUSINESS; AND 24
448	448
449	449	(4) ADDRESS, TO THE EXTENT APPLIC ABLE: 25
450	450
451	451	(I) WHETHER THE DESIGN OF THE ONLINE PRODUCT C OULD 26
452	452	HARM CHILDREN , INCLUDING BY EXPOSIN G THEM TO HARMFUL OR POTENTIALLY 27
453	453	HARMFUL CONTENT ON T HE ONLINE PRODUCT ; 28
454	454	SENATE BILL 844 11
455	455
456	456
457	457	(II) WHETHER THE DESIGN OF THE ON LINE PRODUCT COULD 1
458	458	LEAD TO CHILDREN EXP ERIENCING OR BEING T ARGETED BY HARMFUL , OR 2
459	459	POTENTIALLY HARMFUL , CONTACTS ON THE ONLI NE PRODUCT; 3
460	460
461	461	(III) WHETHER THE DESIGN OF THE ONLINE PRODUCT C OULD 4
462	462	ALLOW CHILDREN TO WI TNESS, PARTICIPATE IN, OR BE SUBJECT TO HARM FUL OR 5
463	463	POTENTIALLY HARMFUL CONDUCT ON THE ONLIN E PRODUCT; 6
464	464
465	465	(IV) WHETHER THE DESIGN OF THE ONLINE PRODUCT C OULD 7
466	466	ALLOW CHILDREN TO BE PARTY TO OR BE EXPLO ITED BY A HARMFUL , OR 8
467	467	POTENTIALLY HARMFUL , CONTACT ON THE ONLIN E PRODUCT; 9
468	468
469	469	(V) WHETHER ALGORITHMS US ED BY THE ONLINE PRO DUCT 10
470	470	COULD HARM CHILDREN ; 11
471	471
472	472	(VI) WHETHER TARGETED ADVE RTISING SYSTEMS USED BY THE 12
473	473	ONLINE PRODUCT COULD HARM CHILDREN ; 13
474	474
475	475	(VII) WHETHER AND HOW THE O NLINE PRODUCT USES S YSTEM 14
476	476	DESIGN FEATURES TO I NCREASE, SUSTAIN, OR EXTEND USE BY CHI LDREN, 15
477	477	INCLUDING: 16
478	478
479	479	1. THE AUTOMATIC PLAYING OF MEDIA; 17
480	480
481	481	2. REWARDS FOR TIME SPEN T; AND 18
482	482
483	483	3. NOTIFICATIONS; AND 19
484	484
485	485	(VIII) WHETHER, HOW, AND FOR WHAT PURPOSE THE ONLINE 20
486	486	PRODUCT COLLECTS OR PROCESSES SENSITIVE PERSONAL INFORMAT ION OF 21
487	487	CHILDREN. 22
488	488
489	489	(D) (1) A DATA PROTECTION IMPA CT ASSESSMENT PREPAR ED BY A 23
490	490	BUSINESS FOR THE PUR POSE OF COMPLIANCE W ITH ANY OTHER LAW CO MPLIES 24
491	491	WITH THIS SECTION IF THE ASSESSMENT MEETS THE REQUIREMENTS OF THIS 25
492	492	SECTION. 26
493	493
494	494	(2) A SINGLE DATA PROTECTI ON IMPACT ASSESSMENT MA Y CONTAIN 27
495	495	MULTIPLE SIMILAR PRO CESSING OPERATIONS T HAT PRESENT SIMILAR RISKS, ONLY 28
496	496	IF EACH RELEVANT ONL INE PRODUCT IS ADDRE SSED. 29
497	497	12 SENATE BILL 844
498	498
499	499
500	500	(E) A BUSINESS SHALL COMPL ETE A DATA PROTECTIO N IMPACT 1
501	501	ASSESSMENT ON OR BEF ORE JUNE 30, 2024, FOR ANY ONLI NE PRODUCT OFFERED 2
502	502	TO THE PUBLIC THAT I S LIKELY TO BE ACCES SED BY CHILDREN BEFO RE THAT DATE. 3
503	503
504	504	14–4505. 4
505	505
506	506	(A) A BUSINESS THAT PROVID ES AN ONLINE PRODUCT LIKELY TO BE 5
507	507	ACCESSED BY CHILDREN MAY NOT OFFER THE PR ODUCT TO THE PUBLIC BEFORE 6
508	508	COMPLETING A DATA PR OTECTION IMPACT ASSESSM ENT. 7
509	509
510	510	(B) A BUSINESS THAT COMPLE TES A DATA PROTECTIO N IMPACT 8
511	511	ASSESSMENT REQUIRED BY THIS SECTION SHAL L: 9
512	512
513	513	(1) MAINTAIN DOCUMENTATIO N OF THE ASSESSMENT FOR AS LONG 10
514	514	AS THE ONLINE PRODUC T IS LIKELY TO BE AC CESSED BY CHILDREN ; 11
515	515
516	516	(2) REVIEW EACH DATA PROT ECTION IMPACT ASSESS MENT EVERY 2 12
517	517	YEARS; 13
518	518
519	519	(3) DOCUMENT ANY RISK OF MATERIAL DETRIMENT T O CHILDREN 14
520	520	THAT ARISES FROM THE DATA MANAGEMENT PRAC TICE OF THE BUSINESS 15
521	521	IDENTIFIED IN THE AS SESSMENT; 16
522	522
523	523	(4) CREATE A PLAN TO MITI GATE OR ELIMINAT E THE RISK BEFORE 17
524	524	THE ONLINE PRODUCT I S MADE AVAILABLE TO CHILDREN; 18
525	525
526	526	(5) (I) ESTIMATE THE AGE OF C HILD USERS WITH A RE ASONABLE 19
527	527	LEVEL OF CERTAINTY A PPROPRIATE TO THE RI SKS THAT ARISE FROM THE DATA 20
528	528	MANAGEMENT PRACTICES OF THE BUSINESS ; OR 21
529	529
530	530	(II) APPLY TO ALL CONSUMERS THE PR IVACY AND DATA 22
531	531	PROTECTIONS AFFORDED TO CHILDREN; 23
532	532
533	533	(6) CONFIGURE ALL DEFAULT PRIVACY SETTINGS PRO VIDED TO 24
534	534	CHILDREN BY THE ONLI NE PRODUCT TO OFFER A HIGH LEVEL OF PRIV ACY, UNLESS 25
535	535	THE BUSINESS CAN DEM ONSTRATE A COMPELLIN G REASON THAT A DIFFERENT 26
536	536	SETTING IS IN THE BE ST INTEREST OF CHILD REN; 27
537	537
538	538	(7) PROVIDE ANY PRIVACY I NFORMATION , TERMS OF SERVICE , 28
539	539	POLICIES, AND COMMUNITY STANDA RDS CONCISELY , PROMINENTLY , AND USING 29
540	540	CLEAR LANGUAGE SUITE D TO THE AGE OF CHIL DREN LIKELY TO ACCES S THE 30
541	541	ONLINE PRODUCT; 31
542	542	SENATE BILL 844 13
543	543
544	544
545	545	(8) PROVIDE AN OBVIOUS SI GNAL TO THE CHILD WH EN THE CHILD’S 1
546	546	LOCATION IS BEING MO NITORED OR TRACKED , IF THE ONLINE PRODUC T ALLOWS 2
547	547	THE CHILD’S PARENT, GUARDIAN, OR ANY OTHER CONSUME R TO TRACK THE CHILD ’S 3
548	548	LOCATION; 4
549	549
550	550	(9) ENFORCE PUBLISHED TER MS, POLICIES, AND COMMUNITY 5
551	551	STANDARDS ESTABLISHE D BY THE BUSINESS , INCLUDING PRIVACY PO LICIES, AND 6
552	552	THOSE REGARDING CHIL DREN; AND 7
553	553
554	554	(10) PROVIDE PROMINENT , ACCESSIBLE, AND RESPONSIVE TOOLS TO 8
555	555	HELP CHILDREN OR THE IR PARENTS OR GUARDI ANS, IF APPLICABLE, EXERCISE 9
556	556	THEIR PRIVACY RIGHTS AND REPORT CONCERNS . 10
557	557
558	558	14–4506. 11
559	559
560	560	A BUSINESS THAT PROVID ES AN ONLINE PRODUCT LIKELY TO BE ACCESSE D 12
561	561	BY CHILDREN MAY NOT : 13
562	562
563	563	(1) USE THE PERSONAL INFO RMATION OF A CHILD I N A WAY THAT 14
564	564	THE BUSINESS KNOWS , OR HAS REASON TO KNO W, IS MATERIALLY DETRIMENTAL TO 15
565	565	THE PHYSICAL HEALTH , MENTAL HEALTH , OR WELL–BEING OF A CHILD; 16
566	566
567	567	(2) PROFILE A CHILD BY DE FAULT, UNLESS: 17
568	568
569	569	(I) THE BUSINESS CAN DEMO NSTRATE, TO THE ATTORNEY 18
570	570	GENERAL’S SATISFACTION, THAT THE BUSINESS HA S APPROPRIATE SAFEGU ARDS IN 19
571	571	PLACE TO PROTECT CHILDREN ; AND 20
572	572
573	573	(II) 1. PROFILING IS NECESSAR Y TO PROVIDE THE ONL INE 21
574	574	PRODUCT REQUEST , AND IS DONE ONLY WIT H RESPECT TO THE ASP ECTS OF THE 22
575	575	ONLINE PRODUCT WITH WHICH THE CHILD IS A CTIVELY AND KNOWINGL Y ENGAGED; 23
576	576	OR 24
577	577
578	578	2. THE BUSINESS CAN DEMO NSTRATE A COMPELLING 25
579	579	REASON THAT PROFILIN G IS IN THE BEST INTERESTS OF CHILDREN ; 26
580	580
581	581	(3) COLLECT, SELL, SHARE, OR RETAIN ANY PERSON AL 27
582	582	INFORMATION THAT IS UNNECESSARY TO PROVI DE AN ONLINE PRODUCT THAT A 28
583	583	CHILD IS ACTIVELY AN D KNOWINGLY ENGAGED WITH, UNLESS THE BUS INESS CAN 29
584	584	DEMONSTRATE A COMPEL LING REASON THAT THE COLLECTION, SALE, SHARING, OR 30
585	585	RETENTION OF THE PER SONAL INFORMATION IS IN THE BEST INTEREST S OF 31
586	586	CHILDREN LIKELY TO A CCESS THE ONLINE PRO DUCT; 32
587	587	14 SENATE BILL 844
588	588
589	589
590	590	(4) USE THE PERSONAL INFO RMATION OF A CHILD E ND–USER FOR 1
591	591	ANY REASON OTHER THAN TH AT FOR WHICH THE PER SONAL INFORMATION WA S 2
592	592	COLLECTED, UNLESS THE BUSINESS CAN DEMONSTRATE A CO MPELLING REASON 3
593	593	THAT THE USE OF THE PERSONAL INFORMATION IS IN THE BEST INTER ESTS OF 4
594	594	CHILDREN LIKELY TO A CCESS THE ONLINE PRO DUCT; 5
595	595
596	596	(5) COLLECT, SELL, OR SHARE ANY PRECISE GEOLOCATION 6
597	597	INFORMATION OF CHILD REN BY DEFAULT , UNLESS THE COLLECTIO N OF THAT 7
598	598	INFORMATION IS STRIC TLY NECESSARY IN ORD ER FOR THE BUSINESS TO PROVIDE 8
599	599	THE ONLINE PRODUCT R EQUESTED, AND THEN MAY ONLY DO SO FOR THE LIMITED 9
600	600	TIME THAT THE COLLECTION OF PRECISE GEOLOCATI ON INFORMATION IS 10
601	601	NECESSARY TO PROVIDE THE ONLINE PRODUCT ; 11
602	602
603	603	(6) COLLECT ANY PRECISE G EOLOCATION INFORMATI ON OF A CHILD 12
604	604	WITHOUT PROVIDING AN OBVIOUS SIGN TO THE CHILD FOR THE DURATI ON THAT 13
605	605	THE PRECISE GEOLOCAT ION INFORMATION IS BEING C OLLECTED; 14
606	606
607	607	(7) USE DARK PATTERNS TO : 15
608	608
609	609	(I) LEAD OR ENCOURAGE CHI LDREN TO PROVIDE PER SONAL 16
610	610	INFORMATION BEYOND W HAT IS REASONABLY EX PECTED TO PROVIDE TH E ONLINE 17
611	611	PRODUCT; 18
612	612
613	613	(II) CIRCUMVENT PRIVACY PR OTECTIONS; OR 19
614	614
615	615	(III) TAKE ANY A CTION THAT THE BUSIN ESS KNOWS, OR HAS 20
616	616	REASON TO KNOW , IS MATERIALLY DETRIM ENTAL TO THE CHILD ’S PHYSICAL 21
617	617	HEALTH, MENTAL HEALTH , OR WELL–BEING; OR 22
618	618
619	619	(8) USE ANY PERSONAL INFO RMATION COLLECTED TO ESTIMATE AGE 23
620	620	OR AGE RANGE FOR ANY OTHER PURPOSE , RETAIN THE PERSONAL INFORMATION 24
621	621	LONGER THAN NECESSAR Y TO ESTIMATE AGE , OR ATTEMPT AGE ASSUR ANCE IN A 25
622	622	WAY THAT IS DISPROPO RTIONATE TO THE RISK S AND DATA PRACTICE OF AN ONLINE 26
623	623	PRODUCT. 27
624	624
625	625	14–4507. 28
626	626
627	627	(A) WITHIN 3 BUSINESS DAYS AFTER RECEIVING A WRITTEN REQUEST FROM 29
628	628	THE ATTORNEY GENERAL, A BUSINESS THAT PROV IDES AN ONLINE PRODU CT 30
629	629	LIKELY TO BE ACCESSE D BY CHILDREN SHALL PROVIDE TO THE ATTORNEY 31
630	630	GENERAL A LIST OF ALL DATA PROTECTION IMPA CT ASSESSMENTS THE B USINESS 32
631	631	HAS COMPLETED UNDER § 14–4504 OF THIS SUBTITLE. 33
632	632	SENATE BILL 844 15
633	633
634	634
635	635	(B) WITHIN 5 BUSINESS DAYS AFTER RECEIVING A WRITTEN REQUEST FROM 1
636	636	THE ATTORNEY GENERAL, THE BUSINESS SHALL P ROVIDE TO THE ATTORNEY 2
637	637	GENERAL ANY DATA PROT ECTION IMPACT ASSESS MENT COMPLETED UNDER § 3
638	638	14–4504 OF THIS SUBTITLE. 4
639	639
640	640	(C) TO THE EXTENT THAT AN Y DISCLOSURE REQUIRE D UNDER SUBSECTION 5
641	641	(B) OF THIS SECTION INCL UDES INFORMATION SUB JECT TO ATTORNEY –CLIENT 6
642	642	PRIVILEGE OR WORK PR ODUCT PROTECTION , THE DISCLOSURE MAY N OT 7
643	643	CONSTITUTE A WAIVER OF THAT PRIVILEGE OR PROTECTION. 8
644	644
645	645	14–4508. 9
646	646
647	647	(A) THE ATTORNEY GENERAL MAY FILE A CI VIL ACTION IN A COURT OF 10
648	648	COMPETENT JURISDICTI ON AGAINST A BUSINES S THAT VIOLATES THIS SUBTITLE 11
649	649	FOR RECOVERY OF A CI VIL PENALTY OR INJUN CTION OR BOTH . 12
650	650
651	651	(B) A BUSINESS THAT VIOLAT ES THIS SUBTITLE SHA LL BE LIABLE FOR A 13
652	652	CIVIL PENALTY OF NOT MORE THAN: 14
653	653
654	654	(1) $2,500 PER AFFECTED CHILD F OR EACH NEGLIGENT VI OLATION; 15
655	655	OR 16
656	656
657	657	(2) $7,500 PER AFFECTED CHILD F OR EACH INTENTIONAL 17
658	658	VIOLATION. 18
659	659
660	660	(C) IN ADDITION TO A CIVI L PENALTY UNDER SUBS ECTION (B) OF THIS 19
661	661	SECTION, A BUSINESS THAT VIOL ATES THIS SUBTITLE I S SUBJECT TO INJUNCT ION 20
662	662	AND OTHER APPROPRIAT E RELIEF. 21
663	663
664	664	(D) CIVIL PENALTIES , FEES, AND EXPENSES RECOVER ED UNDER THIS 22
665	665	SECTION SHALL BE DEP OSITED IN THE GENERAL FUND WITH THE INTENT THAT 23
666	666	THEY BE USED TO FULL Y OFFSET COSTS INCUR RED BY THE ATTORNEY GENERAL IN 24
667	667	CONNECTION WITH THIS SUBTITLE. 25
668	668
669	669	14–4509. 26
670	670
671	671	(A) IF A BUSINESS IS IN S UBSTANTIAL COMPLIANC E WITH THE 27
672	672	REQUIREMENTS OF §§ 14–4504 THROUGH 14–4506 OF THIS SUBTITLE , THE 28
673	673	ATTORNEY GENERAL SHALL PROVIDE WRITTEN NOTICE TO TH E BUSINESS BEFORE 29
674	674	FILING AN ACTION UND ER § 14–4508 OF THIS SUBTITLE. 30
675	675	16 SENATE BILL 844
676	676
677	677
678	678	(B) NOTICE GIVEN UNDER SU BSECTION (A) OF THIS SECTION SHAL L 1
679	679	IDENTIFY THE SPECIFI C PROVISIONS OF THIS SUBTITLE THAT THE ATTORNEY 2
680	680	GENERAL ALLEGES HAVE BEEN OR ARE BEING VI OLATED. 3
681	681
682	682	(C) A BUSINESS MAY NOT BE LIABLE FOR A CIVIL P ENALTY FOR ANY 4
683	683	VIOLATION FOR WHICH NOTICE IS GIVEN UNDE R SUBSECTION (A) OF THIS SECTION 5
684	684	IF THE BUSINESS: 6
685	685
686	686	(1) CURES ANY VIOLATION S PECIFIED IN THE ATTORNEY GENERAL’S 7
687	687	NOTICE WITHIN 90 DAYS AFTER RECEIVING NOTICE UNDER SUBSECT ION (A) OF THIS 8
688	688	SECTION; 9
689	689
690	690	(2) PROVIDES THE ATTORNEY GENERAL WITH A WRITTE N 10
691	691	STATEMENT THAT THE A LLEGED VIOLATIONS HA VE BEEN CURED ; AND 11
692	692
693	693	(3) TAKES MEASURES TO PRE VENT FUTURE VIOLATIO NS THAT THE 12
694	694	ATTORNEY GENERAL AGREES TO BE SUFFICIENT. 13
695	695
696	696	14–4510. 14
697	697
698	698	NOTHING IN THIS SUBTI TLE MAY BE INTERPRET ED TO PROV IDE A PRIVATE 15
699	699	RIGHT OF ACTION UNDE R THIS SUBTITLE OR A NY OTHER LAW . 16
700	700
701	701	14–4511. 17
702	702
703	703	THE SHARING OF PERSON AL INFORMATION WITHI N A JOINT VENTURE OR 18
704	704	PARTNERSHIP IS SUBJE CT TO THE REQUIREMEN TS OF THIS SUBTITLE AS THOUGH 19
705	705	THE JOINT VENTURE OR PARTNERSHIP DOES NOT EXIST. 20
706	706
707	707	14–4512. 21
708	708
709	709	NOTWITHSTANDING ANY O THER LAW , A DATA PROTECTION IM PACT 22
710	710	ASSESSMENT IS PROTEC TED AS CONFIDENTIAL AND SHALL BE EXEMPT FROM 23
711	711	PUBLIC DISCLOSURE , INCLUDING UNDER THE MARYLAND PUBLIC INFORMATION 24
712	712	ACT. 25
713	713
714	714	14–4513. 26
715	715
716	716	THIS SUBTITLE MAY BE CITED AS THE MARYLAND AGE–APPROPRIATE 27
717	717	DESIGN CODE ACT. 28
718	718
719	719	SECTION 2. AND BE IT FURTHER ENACTED, That this Act shall take effect 29
720	720	October 1, 2023. 30
721	721