South Carolina’s Audit Obligations Under The Age-Appropriate Design Code Act

South Carolina is one of many states that have passed laws similar to the UK’s age-appropriate design code. Like others, the law is intended to regulate design features viewed as harmful to children. While NetChoice has filed a complaint challenging the law, it took effect upon signing. With this in mind, an upcoming deadline of July 1, 2026 for conducting independent audits is bringing this law back to the forefront for companies.

Like others, the law applies to online services likely to be accessed by users under 18. It is tailored to large platforms, namely those with either (1) annual gross revenues over $25 million or that handle personal data of 50,000 or more consumers (or households, or devices), or (2) that derive at least 50% of their annual revenue from selling or sharing of consumer personal data. The law creates a long list of design and operational rules. Businesses must exercise reasonable care in the design and operation of features. This includes giving people tools to disable features like infinite scrolling, auto-playing videos, and push notifications. They will also need to offer easy-to-use tools for parents and users. They must minimize data collection and ban targeted advertising to minors.

Each year, by July 1, covered businesses must have an independent third-party auditor conduct a review, and send the resulting report to the SC AG. The first reports are due July 1, 2026. The attorney general is required to post the reports on the state's website. The report must cover nine specific areas, including how the service collects and uses minors' data, which design features are used and why, the algorithms driving content recommendations, age verification methods, and how harm reports from parents, minors, and schools were handled.

While the law does not provide for a private right of action, it does allow enforcement under the state’s unfair trade practice law for dark pattern violations. And that law does have a private right of action. The law also permits treble damages for violations, and officers and employees can be held personally liable for willful and wanton violations. Given these stakes, we anticipate that before the July 1 audit deadline there may be more movement in the NetChoice lawsuit.

Putting it into Practice: While this law has narrow applicability to a subset of online platforms, it is a reminder that legislators are continuing to try to pass laws that govern how minors’ interact in the digital world. If you have not done so already, even if the law does not apply to you, it may be time to assess the extent to which your platform interacts with.