Skip to content

State Children's Privacy Law Tracker / Iowa

Iowa Children's Privacy Laws (2026)

1 law tracked · overall: In force · current as of June 28, 2026

Iowa has one tracked children's privacy law — each listed below with its status, the ages it covers, litigation posture, and a link to the official primary source. For the interactive view, open Iowa in the tracker map.

Iowa Consumer Data Protection Act (ICDPA) — minors' provisions · SF 262

In force Effective and enforceable today. · Privacy law (minors) · effective 2025-01-01 · binds operators

Ages: Known children under 13 (no separate teen 13-17 band)

Requires: The personal data collected from a known child is treated as 'sensitive data,' and a controller must not process a known child's sensitive data except in accordance with the federal Children's Online Privacy Protection Act (COPPA), 15 U.S.C. 6501 et seq. — i.e., per COPPA's verifiable-parental-consent regime. A known child's parent or legal guardian may exercise the child's consumer rights on the child's behalf. Iowa does not impose a separate heightened opt-in/targeted-advertising regime for teens 13-17; its child-specific duty is the COPPA tie-in for under-13s only.

Primary source
Federal · COPPAapplies here too

Regardless of state law, COPPA governs personal information collected from children under 13: notice, verifiable parental consent, data minimization, and — under the 2025 amended Rule — limits on retention and third-party sharing.

Source

How Iowa compares

Not legal advice. I build products for a living; I'm not a lawyer. Compiled from primary sources and reviewed monthly as part of the State Children's Privacy Law Tracker; AI-assisted research, verified against each law's official source — but laws and injunctions change fast, so confirm the latest before relying on it. Related: COPPA's Gray Areas.