Apple has announced that it will comply with Texas Senate Bill 2420 (the App Store Accountability Act), which goes into effect January 1, 2026, by implementing new age assurance measures in its App Store operations in the state. Under the law, all new Apple accounts in Texas must verify whether the user is 18 or older, and minors must be linked to a parent or guardian’s account to gain permission for app downloads, purchases, or in-app transactions. Apple pushed back, arguing that the law could force the collection of sensitive personal data—even for innocuous apps like weather or sports—and said it would provide “privacy-preserving” tools and updated APIs to developers to help them comply. Apple also warned that similar laws are expected soon in Utah and Louisiana.
Sources: The Verge, Business Insider
Key Takeaways
– Texas’s SB 2420 forces app stores to verify users’ ages and require parental consent for minors before app downloads or purchases.
– Apple objects that the law may undermine user privacy by collecting personally identifiable information for even basic app use.
– Apple plans to introduce updated APIs (like Declared Age Range API) and tools to help developers meet compliance in a “privacy-preserving” fashion.
In-Depth
In May 2025, Texas Governor Greg Abbott signed Senate Bill 2420—known as the App Store Accountability Act—into law, with enforcement set to begin January 1, 2026. The law mandates that when an individual in Texas creates an app store account, the app store operator must request the user’s age, use a “commercially reasonable” method to verify it, and categorize the user into one of four statutorily defined age buckets: child (under 13), younger teenager (13–15), older teenager (16–17), or adult (18+) (per the bill text). If the user is found to be a minor, their account must be linked to a parent or guardian’s account, and parental consent must be obtained for each app download, purchase, or in-app transaction. The app store must also notify developers if consent is revoked or if a major app change occurs. The law instructs app stores to limit data collection to what is minimally necessary, encrypt the data, and restrict misuse or sharing.
Apple, anticipating such regulatory changes, had already rolled out its own age assurance framework earlier in 2025. In addressing the law, Apple publicly pushed back, noting that SB 2420 may force users to provide sensitive personal data to download even trivial apps, potentially putting privacy at risk. Apple claims these requirements go too far—collecting data even when a user merely wants to check sports or weather—and that smaller app developers (beyond Apple’s ecosystem) may struggle to comply without support. Apple plans to update its Declared Age Range API, provide new APIs later this year for parental consent handling and revocation, and assist developers in integrating compliance features.
But the law’s scope is broader than just Apple: Google’s Play Store and other app marketplaces will also need to comply. Apple and Google have both raised objections about sweeping data collection obligations. Meanwhile, proponents argue the law shifts responsibility away from individual apps and onto the gatekeepers, ensuring consistent protections for minors regardless of app content. States like Utah and Louisiana are following Texas’s lead with their own versions of app store mandates.
The tension here is real: policymakers want stronger protections for children in an era of proliferating apps and online risks, while tech platforms warn that blunt age gating could erode privacy or impose burdensome infrastructure demands. As Apple rolls out its compliance plan, it is attempting to thread the needle—meeting the law’s requirements while minimizing exposure of personal data. Whether the solution truly balances child safety and individual privacy remains to be seen as implementation approaches in early 2026.