KLS Keeping Law Simple Legislation in plain English

Straight-ahead summaries built from the official bill text. We keep the source links front and center and leave the decision up to you.

Back to Arizona

HB2920 • 2026

software applications; minors; requirements

HB2920 - software applications; minors; requirements

Children Privacy
Passed Legislature

This bill passed both chambers and reached final enrollment, even if later executive action is not shown here.

Sponsor
Michael Way, Leo Biasiucci, Selina Bliss, Michael Carbone, Neal Carter, Lupe Diaz, Lisa Fink, Matt Gress, Chris Lopez, David Marshall, Sr., Quang H Nguyen, James Taylor
Last action
2026-01-28
Official status
House second read
Effective date
Not listed

Plain English Breakdown

The official source material does not provide specific requirements for developers regarding the use of age information to enforce compliance with laws and regulations.

Software Apps and Minors; Age Verification Requirements

This bill requires app store providers to verify users' ages, especially minors, by linking their accounts with parent accounts and obtaining parental consent before allowing downloads or purchases.

What This Bill Does

  • Requires app stores to ask for age information when a user creates an account.
  • If the user is under 18, the app store must link their account to a parent's account.
  • Before a minor can download or buy apps, the app store needs parental consent.
  • App stores must notify parents about any significant changes in apps and get new consent if needed.

Who It Names or Affects

  • Minors who create accounts on app stores.
  • Parents of minors using app store services.
  • App store providers managing user accounts.

Terms To Know

Age category
A group based on a person's age, like under 13 or between 13 and 16 years old.
Parental consent disclosure
Information about an app’s content rating, data collected, and privacy policies that parents must agree to before their child can use the app.

Limits and Unknowns

  • The bill does not specify what happens if a parent refuses consent.
  • It is unclear how often age verification will be required for existing accounts.
  • There are no details on penalties or enforcement mechanisms.

Bill History

  1. 2026-01-28 House

    House second read

  2. 2026-01-27 House

    House Rules: None

  3. 2026-01-27 House

    House Science & Technology: None

  4. 2026-01-27 House

    House first read

Official Summary Text

HB2920 - 572R - House Bill Summary

ARIZONA HOUSE OF REPRESENTATIVES

57th
Legislature, 2nd Regular Session

Majority Research Staff

HB
2920
: software applications; minors; requirements

Sponsor:
Representative Way, LD 15

Committee
on Science & Technology

Overview

Outlines
app store provider (Provider) and developer verification requirements for minor
users.

History

In existing statute commercial entities that knowingly or
intentionally publish or distribute more than one-third sexual content material
on the internet, including social media platforms, are required to obtain
reasonable age verification methods to determine if a user attempting to access
the website is at least 18 years old. These commercial entities are required to
obtain a form of digital identification or comply with a commercial age
verification system, neither of these methods will allow the information to be
transmitted to any federal, state or local government entity (
A.R.S. � 18-701
).�

Several states have enacted legislation that require an app
store to verify the individuals age or obtain age verification to ensure the
user is of proper age to be accessing the material, including:

1)

Texas
passed
SB2420
,
effective January 1, 2026, that requires the app store to use commercially
reasonable method of verification to verify the users age to put the user into
predetermined age categories;

2)

Louisiana
passed
HB570
,
effective July 1, 2026, that requires an app store to request age information
from the user and that the app store verify the individuals age category using
commercially available methods, also this act requires the account be
affiliated with a parent account; and

3)

Utah
passed the
Utah's App
Store Accountability Act
that requires an app store provider to request
age information and verify the persons age category using commercially
available methods. This is also required if the app is significantly changed,
for notification to be sent to the account holder and if the account holder is
a minor for attached parent account to be notified.

Provisions

Provider
Requirements

1.

Requires a Provider
to request and verify the age category information of an individual who creates
an account with the Provider. (Sec. 1)

2.

Instructs a
Provider, if the Provider
determines
the
individual is a minor, to:

a.

require the
minors account to be affiliated with a parent account;

b.

obtain
verifiable parental consent from the holder of the affiliated parent account each
time before allowing the minor to
�
download
or purchase an application or make an in-application purchase;

c.

provide a mechanism
for the parent account holder to withdraw consent and notify the developer when
a parent withdraws consent; and

d.

protect
age category and associated verification data as specified
.
(Sec. 1)

3.

Requires a Provider,
after receiving notice of a significant change from a developer to:

a.

notify the
parent account holder of the significant change; and

b.

for a minor
account, notify the parent account of the significant change and obtain renewed
parental consent before providing access to the changed version of the
application.

4.

Instructs a Provider,
in response to a request from a developer, to provide the age category data for
an account holder and the status of verifiable parental consent for a minor.
(Sec. 1)

5.

Requires a
Provider, for preinstalled applications, to:

a.

provide
available age category information in case of a request from a developer; and

b.

take
reasonable measures to facilitate verifiable parental consent for use of the
application in response to a request from a developer. (Sec. 1)

6.

Restricts a
Provider from any of the following:

a.

enforcing a
contract or terms of service against a minor unless a Provider has obtained
verifiable parental consent;

b.

knowingly misrepresents
the information in the parental consent disclosure; or

c.

share age
category data and any associated data except as required. (Sec. 1)

Developer
Requirements

7.

Requires a developer
to do the following;

a.

verify
through the app stores data sharing methods the age category data of the
account holder and, for a minor, whether verifiable parental consent was
obtained;

b.

notify each Provider
about a significant change to an application;

c.

use age
category data received through the app store's data sharing methods to:

i.

enforce any
developer-created, age-related restrictions or safety-related feature; and

ii.

ensure
compliance with applicable laws and regulations. (Sec. 1)

8.

Instructs a developer
to request age category data or verifiable parental consent at the time an
account holder does any of the following:

a.

downloads or
purchases an application;

b.

launches a
preinstalled application for the first time;

c.

implements a
significant change to the application; or

d.

complies
with an applicable law. (Sec. 1)

9.

Allows a developer
to request age category data not more than once during a 12-month period to
verify:

a.

the accuracy
of the data;

b.

whether
continued account use is within the proper age category;

c.

when there
is reasonable suspicion of an account transfer or misuse outside of the age
category; or

d.

at the time
an account holder creates a new account. (Sec. 1)

10.

Instructs a developer
to use the lowest age category indicated by the data received through the app
store's data sharing method or the age data collected by the developer to
implement any developer-created age-related restrictions or safety-related
features. (Sec. 1)

11.

Prohibits a developer
from doing any of the following:

a.

enforcing a
contract or terms of service against a minor unless the developer has verified
through the app store that verifiable parental consent has been obtained;

b.

knowingly
misrepresented any information in the parental consent disclosure; or

c.

sharing age
category data with any person. (Sec. 1)

12.

Instructs
the Attorney General to adopt rules to establish processes and means by which a
Provider may verify an account holder's age category. (Sec. 1)

13.

Allows a minor
or a parent of a minor who has been harmed by a violation to bring a �against a
Provider or a developer. (Sec. 1)

14.

Grants a
court of competent jurisdiction to award a prevailing plaintiff:

a.

the greater
of either the actual damages amount or $1,000 per violation;

b.

punitive
damages if the violation was egregious;

c.

reasonable
attorney fees; and

d.

litigation
costs. (Sec. 1)

15.

Asserts a
violation is a consumer fraud violation. (Sec. 1)

16.

Allows the
Attorney General to bring an action against a Provider or developer to:

a.

recover a
civil penalty of not more than $75,000 for each violation;

b.

restrain or
enjoin the app store provider or developer from violations;

c.

seek
injunctive relief;

d.

recover
reasonable attorney fees; and

e.

recover
litigation costs and reasonable costs for investigating the violations. (Sec.
1)

17.

Exempts the
developer from liability for a violation if the developer demonstrates they
relied in good faith in the age category data that was collected and complied
with specified requirements. (Sec.1)

18.

Stipulates
if the developer determined the age category and content description in good
faith, the developer is not liable for a violation. (Sec. 1)

19.

Prescribes
immunity that applies only to actions brought under by this act and does not
limit a developer or a Provider's liability under any applicable existing law.
(Sec.1)

20.

Asserts this
act does not replace any other available remedy or right in state or federal
law. (Sec. 1)

21.

Specifies that
this legislation does not prevent a Provider or developer from taking �reasonable
measures to:

a.

block,
detect or prevent distribution to minors of;

i.

unlawful
material;

ii.

obscene
material;

iii.

other
harmful material

b.

block of
filter spam;

c.

prevent
criminal activity; and

d.

protect an
app store or app security. (Sec. 1)

22.

Specifies that
a Provider does not have disclose user information to a developer beyond age
category data or status of parental consent. (Sec. 1)

23.

Prohibits a
Provider or developer from implementing measures in a manner that are
arbitrary, capricious, anticompetitive or unlawful. (Sec. 1)

24.

Prohibits a
developer to collect, retain, reidentify or link any information that is not
necessary to verify age category data or in the developer ordinary course of
business. (Sec. 1)

25.

Prohibits a
Provider or developer from blocking access to an application that an account
holder has downloaded or installed before the effective date except if there
has been a significant change to the application or a parent account revokes
verifiable consent for the minor account. (Sec. 1)

26.

Defines key
terms. (Sec. 1)

27.

Makes the
legislation effective on November 30, 2026. (Sec. 2)

28.

Contains a
severability clause. (Sec. 3)

29.

30.

31.

---------- DOCUMENT
FOOTER ---------

32.

Initials TM���������������������� HB
2920

33.

2/4/2026��� Page 0 Science
& Technology

34.

35.

---------- DOCUMENT
FOOTER ---------

Current Bill Text

Read the full stored bill text 
HB2920 - 572R - I Ver

REFERENCE TITLE:
software applications; minors; requirements

State of Arizona

House of Representatives

Fifty-seventh Legislature

Second Regular Session

2026

HB 2920

Introduced by

Representatives
Way: Biasiucci, Bliss, Carbone, Carter N, Diaz, Fink, Gress, Lopez, Marshall,
Nguyen, Taylor

AN
ACT

amending title 44, chapter 9, arizona
revised statutes, by adding article 27; relating to trade practices.

(TEXT OF BILL BEGINS ON NEXT PAGE)

Be it enacted by the Legislature of the State of Arizona:

Section 1. Title
44, chapter 9, Arizona Revised Statutes, is amended by adding article 27, to
read:

ARTICLE 27. SOFTWARE
APPLICATIONS

START_STATUTE
44-1383.

Definitions

In this article, unless the context otherwise
requires:

1. "Account holder" means
the individual who is associated with a mobile device.

2. "Age category":

(
a
) Means a
category that is based on an individual's age.

(
b
) Includes
the following:

(
i
) An
individual who is less than thirteen years of age.

(
ii
) An
individual who is at least thirteen years of age and not more than sixteen
years of age.

(
iii
) An
individual who is at least sixteen years of age and less than eighteen years of
age.

(
iv
) An
individual who is eighteen or more years of age.

3. "Age category data"
means information about an account holder's age category that is collected by
an app store provider and that is shared with a developer.

4. "Age rating" means one
or more classifications that assess the suitability of an app's content and
function for different age groups.

5. "Application" or
"App" means a software application or electronic service that a user
may run or direct on a mobile device, including preinstalled applications.

6. "App store" means a
publicly available website, software application or electronic service that
allows account holders to download applications from third-party
developers onto a mobile device.

7. "App store provider"
means a person that owns, operates or controls an app store that allows account
holders in this state to download apps to a mobile device.

8. "Content description"
means a description of the specific content elements or functions that informed
an app's age rating.

9. "Developer" means a
person that owns or controls an application that was either made available
through an app store or preinstalled onto a mobile device.

10. "Knowingly" means to
act with actual knowledge or to act with knowledge fairly inferred based on
objective circumstances.

11. "Minor":

(
a
) has the
same meaning prescribed in section 1-215.

(
b
) Does not
include an individual who is either:

(
i
) Married.

(
ii
) Legally
emancipated.

12. "Minor account" means
an account with an app store provider that is established by a minor and that
is affiliated with a parent account.

13. "Mobile device" means a
phone or general purpose tablet that:

(
a
) Provides
cellular or wireless connectivity.

(
b
) Runs a
mobile operating system.

(
c
) Is capable
of connecting to the internet.

(
d
) Is capable
of running applications through the mobile operating system.

14. "Mobile operating
system" means software that does all of the following:

(
a
) Manages
mobile device hardware resources.

(
b
) Provides
common services for mobile device programs.

(
c
) Controls
memory allocation.

(
d
) Provides
interfaces for apps to access device functionality.

15. "Parent" means, with
respect to a minor, an individual who is reasonably believed to be any of the
following:

(
a
) A parent.

(
b
) A legal
guardian.

(
c
) An
individual with legal custody.

(
d
) An
individual who has the legal authority to make decisions on behalf of the minor
under this state's laws.

16. "Parent account" means
an account with an app store provider that:

(
a
) Is verified
to be established by an individual who is at least eighteen years of age or is
married or legally emancipated.� The app store provider shall use its age
verification methods to make this determination.

(
b
) May be
affiliated with one or more minor accounts.

17. "Parental consent
disclosure" means the following information:

(
a
) The app's
or in-app purchase's age rating if the app store provider has an age
rating for the app or in-app purchase.

(
b
) The app's
or in-app purchase's content description if the app store provider has a
content description for the app or in-app purchase.

(
c
) A
description of all of the following:

(
i
) The
personal data collected by the application from the account holder.

(
ii
) The
personal data shared by the app with a third party.

(
iii
) The
methods implemented by the developer to protect personal data if the personal
data is collected by the app.

18. "Preinstalled
application":

(
a
) Means any
application, or portion of an application, that is present on a mobile device
at the time of purchase, initial activation or first use by the consumer,
including:

(
i
) Browsers.

(
ii
) Search
engines and messaging.

(
iii
) An
application or a portion of an application installed or partially installed by
the device manufacturer, wireless service provider or retailer or any other
party before purchase, initial activation or first use by the consumer and that
may be updated after the purchase, initial activation or first use.

(
b
) Does not
include:

(
i
) Core
operating system functions.

(
ii
) Essential
device drivers.

(
iii
) Applications
necessary for basic device operation, such as phones, settings and emergency
services applications.

19. "Significant change":

(
a
) Means a
material modification to an application's terms of service or privacy policy
that Materially:

(
i
) Changes the
categories of data collected, stored or shared.

(
ii
) Alters the
application's age rating or content description.

(
b
) Includes:

(
i
) In-app
purchases if there were no in-app purchases previously present.

(
ii
) Advertisements
if there were no advertisements previously present in the app.

20. "Verifiable parental
consent":

(
a
) Means
authorization that is provided by a parent account after the app store provider
has clearly and conspicuously provided a parental consent disclosure as part of
the application download or purchase or during the in-app purchasing
process.

(
b
) Includes
consent by a parent who provides an affirmative choice to either:

(
i
) Grant
consent.

(
ii
) Decline
consent.
END_STATUTE

START_STATUTE
44-1383.01.

App store providers; duties; requirements

A. If an individual who is located in
this state creates an account with an app store provider or for existing
accounts within twelve months before the effective date of this section, the
app store provider shall both:

1. Request the age category
information from the individual.

2. Verify the individual's age
category by using either:

(
a
) A
commercially available method that is reasonably designed to ensure accuracy.

(
b
) An age
verification method or process that complies with rules adopted by the attorney
general pursuant to section 44-1383.03.

B. If the app store provider
determines that the individual is a minor, the app store provider shall:

1. Require the minor's account to be
affiliated with a parent account.

2. Obtain verifiable parental consent
from the holder of the affiliated parent account each time before allowing the
minor to do any of the following:

(
a
) Download an
application.

(
b
) Purchase an
application.

(
c
) Make an in-app
purchase.

3. After receiving notice of a
significant change from a developer, do both of the following:

(
a
) Notify the
parent account holder of the significant change.

(
b
) For a minor
account, notify the parent account of the significant change and obtain renewed
verifiable parental consent before providing access to the significantly
changed version of the application even if parental consent was granted before
the significant change.

4. In response to a request from a
developer pursuant to section 44-1383.02, provide to the developer the
age category data for an account holder that is located in this state and the
status of verifiable parental consent for a minor who is located in this state.

5. Provide a mechanism for a parent
account holder to withdraw consent and notify the developer when a parent
withdraws verifiable parental consent.

6. Protect age category data and
associated verification data by limiting the collection and processing of the
necessary data to do all of the following:

(
a
) Verify an
account holder's age category.

(
b
) Obtain
verifiable parental consent.

(
c
) Maintain
compliance records.

(
d
) Transmit
age category data using industry standard encryption protocols to ensure data
integrity and confidentiality.

7. For preinstalled apps, do both of
the following:

(
a
) Provide
available age category information in response to a request from a developer.

(
b
) Take
reasonable measures to facilitate verifiable parental consent for use of the
application in response to a request from a developer.

C. An app store provider may not do
any of the following:

1. Enforce a contract or terms of
service against a minor unless the app store provider has obtained verifiable
parental consent.

2. Knowingly misrepresent the
information in the parental consent disclosure.

3. Share age category data and any
associated data except as required by this article or as otherwise required by
law.
END_STATUTE

START_STATUTE
44-1383.02.

Developer requirements; app store purchases; age category
verification

A. A developer shall:

1. Verify through the app store's
data sharing methods the age category data of the account holder who is located
in this state and, for a minor, whether verifiable parental consent has been
obtained.

2. Notify each app store provider
about a significant change to an application.

3. Use age category data received
through the app store's data sharing methods to both:

(
a
) Enforce any
developer-created, age-related restriction or safety-related
feature or default.

(
b
) Ensure
compliance with applicable laws and regulations.

4. Request age category data or
verifiable parental consent at the time an account holder does any of the
following:

(
a
) Downloads
an application.

(
b
) Purchases
an application.

(
c
) Launches a
preinstalled application for the first time.

(
d
) Implements
a significant change to the application.

(
e
) Complies
with applicable law.

B. A developer may request age
category data:

1. Not more than one time during a
twelve-month period to verify either of the following:

(
a
) The
accuracy of the age category data that is associated with the account holder.

(
b
) Whether
continued account use is within the proper age category.

2. When there is reasonable suspicion
of either:

(
a
) An account
transfer.

(
b
) Any misuse
outside of the age category.

3. At the time an account holder
creates a new account with the developer.

C. When implementing any developer-created,
age-related restrictions or safety-related features or defaults, a
developer shall use the lowest age category indicated by either:

1. The age category data received
through the app store's data sharing methods.

2. The age data independently
collected by the developer.

D. A developer may not do any of the
following:

1. Enforce a contract or terms of
service against a minor unless the developer has verified through the app
store's data sharing methods that verifiable parental consent has been
obtained.

2. Knowingly misrepresent any
information in the parental consent disclosure.

3. Share age category data with any
person.
END_STATUTE

START_STATUTE
44-1383.03.

Attorney general; rulemaking

The attorney
general shall adopt rules to establish processes and means by which an app
store provider may verify an account holder's age category in accordance with
this article.
END_STATUTE

START_STATUTE
44-1383.04.

Civil action; attorney general; enforcement; violation; penalties

A. A minor or the parent of a minor
who has been harmed by a violation of this article may bring a civil action
against the app store provider or the developer.

B. A court of competent jurisdiction
may award a prevailing plaintiff any or all of the following:

1. The greater of either the actual
damages amount or $1,000 for each violation.

2. Punitive damages if the violation
was egregious.

3. Reasonable attorney fees.

4. Litigation costs.

C. A violation of this article is a
consumer fraud violation pursuant to chapter 10, article 7 of this title.

D. In addition to any other remedy
available under state law, the attorney general may bring an action against an
app store provider or a developer to:

1. Recover a civil penalty of not
more than $75,000 for each violation.

2. Restrain or enjoin the app store
provider or developer from violating this article.

3. Seek injunctive relief.

4. Recover reasonable attorney fees.

5. Recover litigation costs and
reasonable costs for investigating the violation.
END_STATUTE

START_STATUTE
44-1383.05.

Developer immunity; applicability

A. A developer is immune from
liability for a violation of this article if the developer demonstrates that
the developer both:

1. Relied in good faith on both:

(
a
) The
applicable age category data that was received through the app store's data
sharing methods.

(
b
) The
notification provided by the app store provider that verifiable parental
consent was obtained if the account holder is a minor.

2. Complied with the requirements
described in section 44-1383.02.

B. In determining an application's
age rating and content description, a developer is not liable for a violation
of this article if the developer uses widely adopted industry standards to
determine the application's age category and content description and applies
those standards consistently and in good faith.

C. The immunity described in this
section both:

1. Applies only to actions brought
under this article.

2. Does not limit a developer or an
app store provider's liability under any other applicable law.

D. This article does not replace any
other available remedy or right in state or federal law.
END_STATUTE

START_STATUTE
44-1383.06.

Application

This chapter does not:

1. Prevent an app store provider or
developer from taking reasonable measures to:

(
a
)
Block, detect or prevent distribution to minors of:

(
i
)
Unlawful material
.

(
ii
)
Obscene material
.

(
iii
) Other
harmful material
.

(
b
)
Block or filter spam
.

(
c
)
Prevent criminal activity
.

(
d
)
Protect an app store or app security
.

2.
Require
an app store provider to disclose user information to a developer beyond age
category data or status of parental consent.

3.
Allow
an app store provider or developer to implement measures required by this
chapter in a manner that is arbitrary, capricious, anticompetitive or unlawful.

4. Require a developer to collect,
retain, reidentify or link any information beyond what is either:

(
a
)
Necessary to verify age category data as required by this chapter.

(
b
)
Collected, retained, reidentified or linked in the developer's
ordinary course of business.

5.
Require
an app store provider or developer to block access to an application that an
account holder has downloaded or installed onto a mobile device before the
effective date of this section, except to the extent that:

(
a
)
A parent account revokes a verifiable consent for an affiliated minor
account.

(
b
)
There has been a significant change to the application
.

END_STATUTE

Sec. 2.
Effective date

This act is effective from and after
November 30, 2026.

Sec. 3.
Severability

If a provision of this act or its
application to any person or circumstance is held invalid, the invalidity does
not affect other provisions or applications of the act that can be given effect
without the invalid provision or application, and to this end the provisions of
this act are severable.