A federal appeals court has upheld data privacy-related provisions of California’s online child safety law while striking down those that required tech companies to assess and mitigate risks of harmful content to children, finding that these provisions likely violate the First Amendment.
The appeals court struck down provisions that required companies to assess and mitigate risks related to harmful content, as well as those that required companies to prioritize content deemed to be in the “best interests” of children, holding that these would likely violate free speech rights.
The district court found that provisions requiring companies to conduct risk assessments and create policies to mitigate harmful content amounted to compelling companies to express certain viewpoints or take actions that align with the state’s definition of what is deemed harmful, in violation of the First Amendment.
The lower court also found that the law’s standards for what constitutes harmful content or content that promotes the “best interests” of children were too subjective and vague, running the risk of arbitrary enforcement and excessive self-censorship.
While the district court acknowledged that parts of the law might be severable, meaning that they could be separated from the rest of the law and blocked while allowing others to remain in force, it chose to enjoin the entire act. Its decision was based on the idea that the law was so interdependent that removing certain parts would disrupt the overall regulatory scheme.
The appeals court disagreed with the district court’s decision to block the entire law, finding that the lower court had overstated the likelihood that all the provisions were inseparable from those that were deemed unconstitutional. The Ninth Circuit vacated the broader injunction, allowing other parts of the law to go into effect, while remanding the case to the lower court to consider which provisions could be enforced separately from the invalid ones.
Both sides saw the appeals court’s ruling as a partial win.
California Gov. Gavin Newsom, who signed the act into law in September 2022, responded to the ruling by emphasizing the parts that were upheld.
California Attorney General Rob Bonta echoed those sentiments.
“The California Department of Justice remains committed to protecting our kids’ privacy and safety from companies that seek to exploit their online experiences for profit,” he said.
Both sides will now prepare for the next round in the lower court, which will likely focus on assessing whether the upheld provisions, such as data privacy requirements, can be enforced without being affected by the invalidated content moderation requirements.