Privacy & Information Security Law Blog

On July 5, 2023, Ohio Governor, Mike DeWine, signed into law House Bill 33, which includes the Social Media Parental Notification Act (“Act”).

The Act will apply to “operators”, meaning any entity that operates an online website, service, or product that has users in Ohio and that allows those users to:

• interact socially with other users within the confines of the online website, service, or product;
• construct a public or semi-public profile for the purpose of signing into and using the online website, service, or product;
• populate a list of other users with whom an individual shares or has the ability to share a social connection within the online website, service, or product; and
• create or post content viewable by others, including on message boards, chat rooms, video channels, direct, or private messages or chats, and a landing page or main feed that presents the user with content generated by other users.

See Section 1349.09 of House Bill 33.

The Act contains obligations, among others, for covered operators of an online website, service or product that targets children under age 16, or is reasonably anticipated to be accessed by children, to:

(1) Obtain verifiable consent for any contract with a child, including terms of service, to register, sign up, or otherwise create a unique username to access or utilize the online web site, service, or product, from the child's parent or legal guardian using certain prescribed methods;

(2) Present to the child's parent or legal guardian a list of the features offered by an operator's online web site, service, or product related to censoring or moderating content, including any features that can be disabled for a particular profile; and

(3) Provide to the child's parent or guardian a web site link at which the parent or legal guardian may access and review the list of features related to censoring or moderating content at another time.

The Act also provides that, if a child's parent or legal guardian does not affirmatively consent to the terms of service or other contract, the operator shall deny the child access to or use of the online web site, service, or product, and requires sending written confirmation of consent to the parent or legal guardian.

The Act is enforceable exclusively by the Ohio attorney general, contains a limited cure provision, and provides for, among other relief, the recovery of civil penalties of up to $10,000 per day of noncompliance. The Act will take effect on January 15, 2024.