State Senator Sue Rezin | Illinois General Assembly
State Senator Sue Rezin | Illinois General Assembly
According to the Illinois General Assembly site, the legislature summarized the bill's official text as follows: "Creates the Illinois Age-Appropriate Design Code Act. Provides that a business that provides an online service, product, or feature likely to be accessed by children shall take specified actions, including completing a data protection impact assessment for any online service, product, or feature likely to be accessed by children. Provides that a business shall complete a data protection impact assessment on or before July 1, 2026, for any online service, product, or feature likely to be accessed by children offered to the public before July 1, 2026. Provides that any business that violates the Act shall be subject to an injunction and liable for a civil penalty of not more than $2,500 per affected child for each negligent violation or not more than $7,500 per affected child for each intentional violation. Creates the Children's Data Protection Working Group to deliver a report to the General Assembly regarding best practices for the implementation of the Act."
The following is our breakdown, based on the actual bill text, and may include interpretation to clarify its provisions.
In essence, this bill, known as the Illinois Age-Appropriate Design Code Act, mandates that businesses providing online services accessible to children must conduct comprehensive data protection impact assessments by July 1, 2026, for relevant offerings available to the public before that date. These assessments should identify risks and mitigate potential harm to children's data, personal information, and overall well-being. It restricts the collection, sale, or use of children's data without a compelling reason that is in their best interests and prohibits actions that can harm children's mental or physical health. The bill establishes the Children's Data Protection Working Group to recommend best practices for its implementation, with reports due biennially starting Jan. 1, 2026. Businesses violating the legislation may face civil penalties up to $7,500 per child, and all recovered funds will be directed to the General Revenue Fund. Private lawsuits under this Act are not permitted, and the Attorney General has enforcement authority.
Sue Rezin has proposed another four bills since the beginning of the 104th session.
Rezin graduated from Augustana College with a BA.
Sue Rezin is currently serving in the Illinois State Senate, representing the state's 38th Senate District. She replaced previous state senator Gary G. Dahl in 2010.
Bills in Illinois follow a multi-step legislative process, beginning with introduction in either the House or Senate, followed by committee review, floor debates, and votes in both chambers before reaching the governor for approval or veto. The General Assembly operates on a biennial schedule, and while typically thousands of bills are introduced each session, only a fraction successfully pass through the process to become law.
You can read more about bills and other measures here.
| Bill Number | Date Introduced | Short Description |
|---|---|---|
| SB0051 | 01/13/2025 | Creates the Illinois Age-Appropriate Design Code Act. Provides that a business that provides an online service, product, or feature likely to be accessed by children shall take specified actions, including completing a data protection impact assessment for any online service, product, or feature likely to be accessed by children. Provides that a business shall complete a data protection impact assessment on or before July 1, 2026, for any online service, product, or feature likely to be accessed by children offered to the public before July 1, 2026. Provides that any business that violates the Act shall be subject to an injunction and liable for a civil penalty of not more than $2,500 per affected child for each negligent violation or not more than $7,500 per affected child for each intentional violation. Creates the Children's Data Protection Working Group to deliver a report to the General Assembly regarding best practices for the implementation of the Act. |
| SB0047 | 01/13/2025 | Amends the Personal Information Protection Act. Provides that, annually, on or before January 31, a data broker operating in the State shall register with the Attorney General. Provides that, in registering with the Attorney General, a data broker shall pay a registration fee in an amount determined by the Attorney General and shall also provide specified information. Provides that the Attorney General shall create a page on its Internet website where the registration information shall be made accessible to the public. Provides for civil penalties. Provides that all moneys received by the Attorney General under the provisions shall be deposited into the Data Broker Registry Fund to offset all reasonable costs of enforcing the registration requirements and establishing and maintaining the Internet website. Amends the State Finance Act to create the Data Broker Registry Fund. |
| SB0048 | 01/13/2025 | Creates the Foreign Countries of Concern Act. Prohibits governmental entities from entering into contracts with certain prohibited entities that would give those prohibited entities access to an individual's personal identifying information. Prohibits certain entities from receiving economic incentives. Provides that certain prohibited entities may not own interests in agricultural land or land on or around military installations or critical infrastructure facilities. Prohibits the purchase or acquisition of real property by certain entities associated with the People's Republic of China. Amends the Property Owned By Noncitizens Act to make conforming changes. |
| SB0049 | 01/13/2025 | Amends the Consumer Fraud and Deceptive Business Practices Act. Provides that it is an unlawful practice for a high-impact social media company in the State to fail to make available to its customers, at no cost, a customer support service for customers to notify the company of any harmful content that the customer believes is illegal or violates the high-impact social media company's terms of service. Provides that the customer support service must timely respond to customers within one business day after a customer initially contacts the company. Provides that the customer support service must take active steps to resolve the customer's issue or complaint and communicate the steps taken to resolve the issue or complaint with the customer by mail, telephone, or email, as requested by the customer, within 3 business days after a customer initially contacts the company. Provides that the customer support service shall communicate with the customer at least once every 3 business days until the issue has been resolved or until the issue has been determined to be unsolvable. Provides that the Attorney General may bring an action against a high-impact social media company that does not comply with these provisions. Provides that any company that violates these provisions shall be fined $1,000 per day per violation. Provides that fines collected under these provisions shall be deposited into a fund to support mental health awareness in Illinois. Effective January 1, 2026. |
| SB0050 | 01/13/2025 | Creates the Illinois Age-Appropriate Design Code Act. Provides that all covered entities that operate in the State and process children's data in any capacity shall do so in a manner consistent with the best interests of children. Provides that a covered entity subject to the Act shall take specified actions to protect children's privacy in connection with online services, products, or features, including completing a data protection impact assessment for an online service, product, or feature that is reasonably likely to be accessed by children; and maintain documentation of the data protection impact assessment. Contains provisions concerning additional requirements for covered entities; prohibited acts by covered entities; data practices; enforcement by the Attorney General; limitations of the Act; data protection impact assessment dates; and severability. Amends the State Finance Act to create the Age-Appropriate Design Code Enforcement Fund. Effective immediately. |
| SB0052 | 01/13/2025 | Creates the Privacy Rights Act. Sets forth duties and obligations of businesses that collected consumers' personal information and sensitive personal information to keep such information private. Sets forth consumer rights in relation to the collected personal information and sensitive personal information, including the right to: delete personal information; correct inaccurate personal information; know what personal information is sold or shared and to whom; opt out of the sale or sharing of personal information; limit use and disclosure of sensitive personal information; and no retaliation for exercising any rights. Sets forth enforcement provisions. Creates the Consumer Privacy Fund. Allows the Attorney General to create rules to implement the Act. Establishes the Privacy Protection Agency. Includes provisions regarding remedies and fines for violations of the Act. Makes a conforming change in the State Finance Act. |
Alerts Sign-up