State Children's Privacy Law Tracker / Illinois
Illinois Children's Privacy Laws (2026)
3 laws & bills tracked · overall: Pending · current as of June 28, 2026
Illinois has 3 tracked children's privacy laws and bills — each listed below with its status, the ages it covers, litigation posture, and a link to the official primary source. For the interactive view, open Illinois in the tracker map.
Children's Online Social Media Safety Act (HB 5511) · HB 5511
Pending — A bill was introduced this cycle but is not yet law. · Social media · effective 2028-01-01 · binds operators, platforms
Ages: under 13; 13-15; 16-17; 18+
Requires: OS providers (Apple/Google) must offer an age-indication interface at device/account setup and supply age-category signals (under 13, 13-15, 16-17, 18+) to apps that request them by no later than 1/1/2028; social-media platform operators must conduct age verification and apply default minor protections (limit algorithmic feeds, restrict profile visibility, location sharing, nighttime notifications). Enforced by the Illinois Attorney General; civil penalties up to $2,500/child (negligent) and $7,500/child (intentional).
Litigation: No injunction (bill unsigned, cannot be enjoined). NetChoice submitted a veto-request letter to Gov. Pritzker and signaled likely First Amendment litigation if the bill becomes law.
Primary sourceParental Consent for Social Media Act (SB 2316) · SB 2316
Pending — A bill was introduced this cycle but is not yet law. · Social media · binds operators, platforms
Ages: under 18
Requires: Would bar social-media platforms from allowing Illinois minors (<18) to hold accounts without express parental/guardian consent; require third-party 'reasonable age verification' before access; prohibit minor access 10pm-6am; bar retention of identifying info after access is granted. Civil penalties up to $2,500/violation.
Litigation: None — not enacted.
Primary sourceIllinois Age-Appropriate Design Code Act · SB51
Pending — A bill was introduced this cycle but is not yet law. · Design code · binds operators
Ages: Children under 18
Requires: Businesses offering an online service, product, or feature likely to be accessed by children would have to complete and maintain a data protection impact assessment, configure default privacy settings to a high level of privacy for children, and turn off precise geolocation collection by default. It bans profiling children by default and using dark patterns to lead children to provide unnecessary personal data, unless a compelling, child-best-interest justification exists.
Primary sourceRegardless of state law, COPPA governs personal information collected from children under 13: notice, verifiable parental consent, data minimization, and — under the 2025 amended Rule — limits on retention and third-party sharing.
SourceHow Illinois compares
- Social media: Illinois is one of 33 states tracking social media legislation — California, Florida, Louisiana, Mississippi, Ohio, South Carolina and 26 more
- Design code: Illinois is one of 17 states tracking design code legislation — Colorado, Maryland, Nebraska, New York, South Carolina, California and 10 more
Not legal advice. I build products for a living; I'm not a lawyer. Compiled from primary sources and reviewed monthly as part of the State Children's Privacy Law Tracker; AI-assisted research, verified against each law's official source — but laws and injunctions change fast, so confirm the latest before relying on it. Related: COPPA's Gray Areas.