BILL ANALYSIS Senate Research Center C.S.S.B. 2420 89R21669 MLH-F By: Paxton State Affairs 3/31/2025 Committee Report (Substituted) AUTHOR'S / SPONSOR'S STATEMENT OF INTENT Growing concerns regarding the rise of social media and its pervasiveness in the lives of children and teens leave parents in the position of grasping for the best ways to protect their children. Unlike brick and mortar stores which must verify a consumer's age before the purchase of age restricted products such as alcohol and cigarettes, minors are currently able to navigate through the digital world without such parameters. The App Store Accountability Act remedies this by requiring app stores to gain consent from parents to consent to the use of mobile applications by their minor children and, additionally, to provide information from the app developers regarding the app's rating and the reasoning for the rating. App stores have touted that they already employ age verification, so this simply provides additional framework, transparency, and enforcement to protect the children of Texas. (Original Author's/Sponsor's Statement of Intent) C.S.S.B. 2420 amends current law relating to the regulation of platforms for the sale and distribution of software applications for mobile devices. RULEMAKING AUTHORITY This bill does not expressly grant any additional rulemaking authority to a state officer, institution, or agency. SECTION BY SECTION ANALYSIS SECTION 1. Amends Subtitle C, Title 5, Business & Commerce Code, by adding Chapter 121, as follows: CHAPTER 121. SOFTWARE APPLICATIONS SUBCHAPTER A. GENERAL PROVISIONS Sec. 121.001. SHORT TITLE. Authorizes this chapter to be cited as the App Store Accountability Act. Sec. 121.002. DEFINITIONS. Defines "age category," "app store," "minor," "mobile device," and "personal data." SUBCHAPTER B. DUTIES OF APP STORES Sec. 121.021. DUTY TO VERIFY AGE OF USER; AGE CATEGORIES. (a) Requires the owner of an app store, when an individual in this state creates an account with the app store, to use a commercially reasonable method of verification to verify the individual's age category under Subsection (b). (b) Requires the owner of an app store to use certain age categories for assigning a designation. Sec. 121.022. PARENTAL CONSENT REQUIRED. (a) Requires the owner of the app store, if the owner determines under Section 121.021 that an individual is a minor who belongs to an age category that is not "adult," to require that the minor's account be affiliated with a parent account belonging to the minor's parent or guardian. (b) Requires the owner of an app store, for an account to be affiliated with a minor's account as a parent account, to use a commercially reasonable method to verify that the account belongs to an individual who the owner of the app store has verified belongs to the age category of "adult" under Section 121.021 and has legal authority to make a decision on behalf of the minor with whose account the individual is seeking affiliation. (c) Authorizes a parent account to be affiliated with multiple minors' accounts. (d) Requires the owner of an app store to obtain consent from the minor's parent or guardian through the parent account affiliated with the minor's account before allowing the minor to download a software application, purchase a software application, or make a purchase in or using a software application. (e) Requires the owner of an app store to obtain consent for each individual download or purchase sought by the minor and notify the developer of each applicable software application if a minor's parent or guardian revokes consent through a parent account. (f) Authorizes the owner of an app store, to obtain consent from a minor's parent or guardian under Subsection (d), to use any reasonable means to disclose to the parent or guardian certain information, give the parent or guardian a clear choice to give or withhold consent for the download or purchase, and ensure that the consent is given by the parent or guardian and through the account affiliated with a minor's account under Subsection (a). (g) Requires the owner of an app store, if a software developer provides the owner of the app store with notice of a change under Section 121.053, to notify any individual who has given consent under this section for a minor's use or purchase relating to a previous version of the changed software application and obtain consent from the individual for the minor's continued use or purchase of the software application. Sec. 121.023. DISPLAY OF AGE RATING FOR SOFTWARE APPLICATION. (a) Requires the owner of an app store that operates in this state, if the owner has a mechanism for displaying a rating or other content notice, to display for each software application available for download and purchase on the app store the rating under Section 121.052 assigned to the software application and the specific content or other elements that led to the rating assigned under Section 121.052. (b) Requires that the information displayed under this section be clear, accurate, and conspicuous. Sec. 121.024. INFORMATION FOR SOFTWARE APPLICATION DEVELOPERS. Requires the owner of an app store that operates in this state, using a commercially available method, to allow the developer of a software application to access current information related to the age category assigned to each user under Section 121.021(b) and whether consent has been obtained for each minor user under Section 121.022. Sec. 121.025. PROTECTION OF PERSONAL DATA. Requires the owner of an app store that operates in this state to protect the personal data of users by: (1) limiting the collection and processing of personal data to the minimum amount necessary for verifying the age of an individual, obtaining consent under Section 121.022, and maintaining compliance records; and (2) transmitting personal data using industry-standard encryption protocols that ensure data integrity and confidentiality. Sec. 121.026. VIOLATION. Provides that the owner of an app store that operates in this state violates this subchapter if the owner enforces a contract or a provision of a terms of service agreement against a minor that the minor entered into or agreed to without consent under Section 121.022, knowingly misrepresents information disclosed under Section 121.022(d)(1) (relating to certain disclosures to a parent or guardian), obtains a blanket consent to authorize multiple downloads or purchases, or shares or discloses personal data obtained for purposes of Section 121.021, except as required by Section 121.024 or other law. Sec. 121.027. CONSTRUCTION OF SUBCHAPTER. Provides that nothing in this subchapter is authorized to be construed to: (1) prevent the owner of an app store that operates in this state from taking reasonable measures to block, detect, or prevent the distribution of obscene material, as that term is defined by Section 43.21 (Definitions), Penal Code, or other material that may be harmful to minors; (2) require the owner of an app store that operates in this state to disclose a user's personal data to the developer of a software application except as provided by this subchapter; (3) allow the owner of an app store that operates in this state to use a measure required by this chapter in a manner that is arbitrary, capricious, anticompetitive, or unlawful; (4) block or filter spam; (5) prevent criminal activity; or (6) protect the security of an app store or software application. SUBCHAPTER C. DUTIES OF SOFTWARE APPLICATION DEVELOPERS Sec. 121.051. APPLICABILITY OF SUBCHAPTER. Provides that this subchapter applies only to the developer of a software application that the developer makes available to users in this state through an app store. Sec. 121.052. DESIGNATION OF AGE RATING. (a) Requires the developer of a software application to assign to each software application and to each purchase that can be made through the software application an age rating based on the age categories described by Section 121.021(b). (b) Requires the developer of a software application to provide to each app store through which the developer makes the software application available: (1) each rating assigned under Subsection (a); and (2) the specific content or other elements that led to each rating provided under Subdivision (1). Sec. 121.053. CHANGES TO SOFTWARE APPLICATIONS. (a) Requires the developer of a software application to provide notice to each app store through which the developer makes the software application available before making any significant change to the terms of service or privacy policy of the software application. (b) Provides that, for purpose of this section, a change is significant if it: (1) changes the type or category of personal data collected, stored, or shared by the developer; (2) affects or changes the rating assigned to the software application under Section 121.052 or the content or elements that led to that rating; (3) adds new monetization features to the software application, including new opportunities to make a purchase in or using the software application or new advertisements in the software application; or (4) materially changes the functionality or user experience of the software application. Sec. 121.054. AGE VERIFICATION. (a) Requires the developer of a software application to create and implement a system to use information received under Section 121.024 to verify for each user of the software application, the age category assigned to that user under Section 121.021(b) and for each minor user of the software application, whether consent has been obtained under Section 121.022. (b) Requires the developer of a software application to use information received from the owner of an app store under Section 121.024 to perform the verification required by this section. Sec. 121.055. USE OF PERSONAL DATA. (a) Authorizes the developer of a software application to use personal data provided to the developer under Section 121.024 only to enforce restrictions and protections on the software application related to age, ensure compliance with applicable laws and regulations, and implement safety-related features and default settings. (b) Requires the developer of a software application to delete personal data provided by the owner of an app store under Section 121.024 on completion of the verification required by Section 121.054. Sec. 121.056. VIOLATION. (a) Provides that the developer of a software application, except as provided by this section, violates this subchapter if the developer enforces a contract or a provision of a terms of service agreement against a minor that the minor entered into or agreed to without consent under Section 121.054, knowingly misrepresents an age rating or reason for that rating under Section 121.052, or shares or discloses the personal data of a user that was acquired under this subchapter. (b) Provides that the developer of a software application is not liable for a violation of Section 121.052 if the software developer uses widely adopted industry standards to determine the rating and specific content required by this section and applies those standards consistently and in good faith. (c) Provides that the developer of a software application is not liable for a violation of Section 121.054 if the software developer relied in good faith on age category and consent information received from the owner of an app store and otherwise complied with the requirements of this section. SUBCHAPTER D. ENFORCEMENT Sec. 121.101. CIVIL ACTION; LIABILITY. (a) Authorizes the parent or guardian of a minor to bring an action against the owner of an app store or the developer of a software application for a violation of this chapter. (b) Entitles a parent or guardian who prevails in an action under this section, notwithstanding Sections 41.003 (Standards for Recovery of Exemplary Damages) and 41.004 (Factors Precluding Recovery), Civil Practice and Remedies Code, to receive certain relief, damages, fees, and costs. (c) Provides that a violation of this chapter constitutes an injury in fact to a minor. Sec. 121.102. DECEPTIVE TRADE PRACTICE. Provides that a violation of this chapter is a false, misleading, or deceptive act or practice as defined by Section 17.46(b) (relating to defining "false, misleading, or deceptive acts or practices"). Provides that, in addition to any remedy under this chapter, a remedy under Subchapter E (Deceptive Trade Practices and Consumer Protection), Chapter 17 (Deceptive Trade Practices), is also available for a violation of this chapter. Sec. 121.103. CUMULATIVE REMEDIES. Provides that the actions and remedies provided by this chapter are not exclusive and are in addition to any other action or remedy provided by law. SECTION 2. Effective date: January 1, 2026.
BILL ANALYSIS
Senate Research Center C.S.S.B. 2420
89R21669 MLH-F By: Paxton
State Affairs
3/31/2025
Committee Report (Substituted)
Senate Research Center
C.S.S.B. 2420
89R21669 MLH-F
By: Paxton
State Affairs
3/31/2025
Committee Report (Substituted)
AUTHOR'S / SPONSOR'S STATEMENT OF INTENT
Growing concerns regarding the rise of social media and its pervasiveness in the lives of children and teens leave parents in the position of grasping for the best ways to protect their children. Unlike brick and mortar stores which must verify a consumer's age before the purchase of age restricted products such as alcohol and cigarettes, minors are currently able to navigate through the digital world without such parameters.
The App Store Accountability Act remedies this by requiring app stores to gain consent from parents to consent to the use of mobile applications by their minor children and, additionally, to provide information from the app developers regarding the app's rating and the reasoning for the rating. App stores have touted that they already employ age verification, so this simply provides additional framework, transparency, and enforcement to protect the children of Texas.
(Original Author's/Sponsor's Statement of Intent)
C.S.S.B. 2420 amends current law relating to the regulation of platforms for the sale and distribution of software applications for mobile devices.
RULEMAKING AUTHORITY
This bill does not expressly grant any additional rulemaking authority to a state officer, institution, or agency.
SECTION BY SECTION ANALYSIS
SECTION 1. Amends Subtitle C, Title 5, Business & Commerce Code, by adding Chapter 121, as follows:
CHAPTER 121. SOFTWARE APPLICATIONS
SUBCHAPTER A. GENERAL PROVISIONS
Sec. 121.001. SHORT TITLE. Authorizes this chapter to be cited as the App Store Accountability Act.
Sec. 121.002. DEFINITIONS. Defines "age category," "app store," "minor," "mobile device," and "personal data."
SUBCHAPTER B. DUTIES OF APP STORES
Sec. 121.021. DUTY TO VERIFY AGE OF USER; AGE CATEGORIES. (a) Requires the owner of an app store, when an individual in this state creates an account with the app store, to use a commercially reasonable method of verification to verify the individual's age category under Subsection (b).
(b) Requires the owner of an app store to use certain age categories for assigning a designation.
Sec. 121.022. PARENTAL CONSENT REQUIRED. (a) Requires the owner of the app store, if the owner determines under Section 121.021 that an individual is a minor who belongs to an age category that is not "adult," to require that the minor's account be affiliated with a parent account belonging to the minor's parent or guardian.
(b) Requires the owner of an app store, for an account to be affiliated with a minor's account as a parent account, to use a commercially reasonable method to verify that the account belongs to an individual who the owner of the app store has verified belongs to the age category of "adult" under Section 121.021 and has legal authority to make a decision on behalf of the minor with whose account the individual is seeking affiliation.
(c) Authorizes a parent account to be affiliated with multiple minors' accounts.
(d) Requires the owner of an app store to obtain consent from the minor's parent or guardian through the parent account affiliated with the minor's account before allowing the minor to download a software application, purchase a software application, or make a purchase in or using a software application.
(e) Requires the owner of an app store to obtain consent for each individual download or purchase sought by the minor and notify the developer of each applicable software application if a minor's parent or guardian revokes consent through a parent account.
(f) Authorizes the owner of an app store, to obtain consent from a minor's parent or guardian under Subsection (d), to use any reasonable means to disclose to the parent or guardian certain information, give the parent or guardian a clear choice to give or withhold consent for the download or purchase, and ensure that the consent is given by the parent or guardian and through the account affiliated with a minor's account under Subsection (a).
(g) Requires the owner of an app store, if a software developer provides the owner of the app store with notice of a change under Section 121.053, to notify any individual who has given consent under this section for a minor's use or purchase relating to a previous version of the changed software application and obtain consent from the individual for the minor's continued use or purchase of the software application.
Sec. 121.023. DISPLAY OF AGE RATING FOR SOFTWARE APPLICATION. (a) Requires the owner of an app store that operates in this state, if the owner has a mechanism for displaying a rating or other content notice, to display for each software application available for download and purchase on the app store the rating under Section 121.052 assigned to the software application and the specific content or other elements that led to the rating assigned under Section 121.052.
(b) Requires that the information displayed under this section be clear, accurate, and conspicuous.
Sec. 121.024. INFORMATION FOR SOFTWARE APPLICATION DEVELOPERS. Requires the owner of an app store that operates in this state, using a commercially available method, to allow the developer of a software application to access current information related to the age category assigned to each user under Section 121.021(b) and whether consent has been obtained for each minor user under Section 121.022.
Sec. 121.025. PROTECTION OF PERSONAL DATA. Requires the owner of an app store that operates in this state to protect the personal data of users by:
(1) limiting the collection and processing of personal data to the minimum amount necessary for verifying the age of an individual, obtaining consent under Section 121.022, and maintaining compliance records; and
(2) transmitting personal data using industry-standard encryption protocols that ensure data integrity and confidentiality.
Sec. 121.026. VIOLATION. Provides that the owner of an app store that operates in this state violates this subchapter if the owner enforces a contract or a provision of a terms of service agreement against a minor that the minor entered into or agreed to without consent under Section 121.022, knowingly misrepresents information disclosed under Section 121.022(d)(1) (relating to certain disclosures to a parent or guardian), obtains a blanket consent to authorize multiple downloads or purchases, or shares or discloses personal data obtained for purposes of Section 121.021, except as required by Section 121.024 or other law.
Sec. 121.027. CONSTRUCTION OF SUBCHAPTER. Provides that nothing in this subchapter is authorized to be construed to:
(1) prevent the owner of an app store that operates in this state from taking reasonable measures to block, detect, or prevent the distribution of obscene material, as that term is defined by Section 43.21 (Definitions), Penal Code, or other material that may be harmful to minors;
(2) require the owner of an app store that operates in this state to disclose a user's personal data to the developer of a software application except as provided by this subchapter;
(3) allow the owner of an app store that operates in this state to use a measure required by this chapter in a manner that is arbitrary, capricious, anticompetitive, or unlawful;
(4) block or filter spam;
(5) prevent criminal activity; or
(6) protect the security of an app store or software application.
SUBCHAPTER C. DUTIES OF SOFTWARE APPLICATION DEVELOPERS
Sec. 121.051. APPLICABILITY OF SUBCHAPTER. Provides that this subchapter applies only to the developer of a software application that the developer makes available to users in this state through an app store.
Sec. 121.052. DESIGNATION OF AGE RATING. (a) Requires the developer of a software application to assign to each software application and to each purchase that can be made through the software application an age rating based on the age categories described by Section 121.021(b).
(b) Requires the developer of a software application to provide to each app store through which the developer makes the software application available:
(1) each rating assigned under Subsection (a); and
(2) the specific content or other elements that led to each rating provided under Subdivision (1).
Sec. 121.053. CHANGES TO SOFTWARE APPLICATIONS. (a) Requires the developer of a software application to provide notice to each app store through which the developer makes the software application available before making any significant change to the terms of service or privacy policy of the software application.
(b) Provides that, for purpose of this section, a change is significant if it:
(1) changes the type or category of personal data collected, stored, or shared by the developer;
(2) affects or changes the rating assigned to the software application under Section 121.052 or the content or elements that led to that rating;
(3) adds new monetization features to the software application, including new opportunities to make a purchase in or using the software application or new advertisements in the software application; or
(4) materially changes the functionality or user experience of the software application.
Sec. 121.054. AGE VERIFICATION. (a) Requires the developer of a software application to create and implement a system to use information received under Section 121.024 to verify for each user of the software application, the age category assigned to that user under Section 121.021(b) and for each minor user of the software application, whether consent has been obtained under Section 121.022.
(b) Requires the developer of a software application to use information received from the owner of an app store under Section 121.024 to perform the verification required by this section.
Sec. 121.055. USE OF PERSONAL DATA. (a) Authorizes the developer of a software application to use personal data provided to the developer under Section 121.024 only to enforce restrictions and protections on the software application related to age, ensure compliance with applicable laws and regulations, and implement safety-related features and default settings.
(b) Requires the developer of a software application to delete personal data provided by the owner of an app store under Section 121.024 on completion of the verification required by Section 121.054.
Sec. 121.056. VIOLATION. (a) Provides that the developer of a software application, except as provided by this section, violates this subchapter if the developer enforces a contract or a provision of a terms of service agreement against a minor that the minor entered into or agreed to without consent under Section 121.054, knowingly misrepresents an age rating or reason for that rating under Section 121.052, or shares or discloses the personal data of a user that was acquired under this subchapter.
(b) Provides that the developer of a software application is not liable for a violation of Section 121.052 if the software developer uses widely adopted industry standards to determine the rating and specific content required by this section and applies those standards consistently and in good faith.
(c) Provides that the developer of a software application is not liable for a violation of Section 121.054 if the software developer relied in good faith on age category and consent information received from the owner of an app store and otherwise complied with the requirements of this section.
SUBCHAPTER D. ENFORCEMENT
Sec. 121.101. CIVIL ACTION; LIABILITY. (a) Authorizes the parent or guardian of a minor to bring an action against the owner of an app store or the developer of a software application for a violation of this chapter.
(b) Entitles a parent or guardian who prevails in an action under this section, notwithstanding Sections 41.003 (Standards for Recovery of Exemplary Damages) and 41.004 (Factors Precluding Recovery), Civil Practice and Remedies Code, to receive certain relief, damages, fees, and costs.
(c) Provides that a violation of this chapter constitutes an injury in fact to a minor.
Sec. 121.102. DECEPTIVE TRADE PRACTICE. Provides that a violation of this chapter is a false, misleading, or deceptive act or practice as defined by Section 17.46(b) (relating to defining "false, misleading, or deceptive acts or practices"). Provides that, in addition to any remedy under this chapter, a remedy under Subchapter E (Deceptive Trade Practices and Consumer Protection), Chapter 17 (Deceptive Trade Practices), is also available for a violation of this chapter.
Sec. 121.103. CUMULATIVE REMEDIES. Provides that the actions and remedies provided by this chapter are not exclusive and are in addition to any other action or remedy provided by law.
SECTION 2. Effective date: January 1, 2026.