Skip to content

State Children's Privacy Law Tracker / New York

New York Children's Privacy Laws (2026)

3 laws & bills tracked · overall: In force · current as of June 28, 2026

New York has 3 tracked children's privacy laws and bills — each listed below with its status, the ages it covers, litigation posture, and a link to the official primary source. For the interactive view, open New York in the tracker map.

App Store / Device Age-Assurance Act (operating system / app store age verification) · S8102-B (2025-2026 session, Sen. Gounardes); A8893

Pending A bill was introduced this cycle but is not yet law. · App store · binds app stores, operators, developers, platforms

Ages: under 18

Requires: Would require operating system providers / app stores / device manufacturers of internet-enabled devices to conduct commercially reasonable and technically feasible age assurance for users under 18 at the point of device activation/account creation, and to communicate a user's age category to applications. Not yet law.

Litigation: None — the bill has not been enacted, so there is no enforcement to challenge.

Primary source

Stop Addictive Feeds Exploitation (SAFE) For Kids Act · S7694A / A8148A (Chapter 120 of 2024); GBL Article 45

Enacted — not yet effective Signed into law; its effective date is still in the future. · Social media · effective 180 days a · binds operators, platforms

Ages: under 18

Requires: Bars covered social media operators from providing an 'addictive feed' (algorithmically personalized feed) to a minor (under 18) without verifiable parental consent, and restricts overnight (12am-6am) notifications to minors without consent. Requires commercially reasonable age determination/assurance. Enforced by the NY Attorney General.

Litigation: No suit filed against the NY SAFE for Kids Act as of 2026-06-27. NetChoice and EFF have publicly criticized the law on First Amendment/privacy grounds but have not sued. Not enjoined.

Primary source

New York Child Data Protection Act · S7695B (Ch. 121 of 2024)

In force Effective and enforceable today. · Design code · effective 2025-06-20 · binds operators

Ages: Minors under 18 (under 13 governed by COPPA; teens 13-17 protected directly)

Requires: Operators of online services, apps, and connected devices may not process the personal data of a user they know or should know is a minor under 18 unless processing is strictly necessary for an enumerated purpose or the minor (or, for under-13s, the parent per COPPA) gives informed, separately-presented, freely-revocable opt-in consent. Targeted advertising and behavioral profiling of minors require consent and the sale/purchase of minors' personal data is prohibited; for users under 13 data may only be processed consistent with COPPA.

Primary source
Federal · COPPAapplies here too

Regardless of state law, COPPA governs personal information collected from children under 13: notice, verifiable parental consent, data minimization, and — under the 2025 amended Rule — limits on retention and third-party sharing.

Source

How New York compares

Not legal advice. I build products for a living; I'm not a lawyer. Compiled from primary sources and reviewed monthly as part of the State Children's Privacy Law Tracker; AI-assisted research, verified against each law's official source — but laws and injunctions change fast, so confirm the latest before relying on it. Related: COPPA's Gray Areas.