This article, originally published on January 8, 2024, has been updated to include summaries of additional briefs filed this spring.

In 2022, California passed the Age Appropriate Design Code Act (CAADCA), a law that seeks to “create a safer online space for [minors] to learn, explore, and play.” Last October, Judge Beth L. Freeman of the US District Court for the Northern District of California preliminarily enjoined the California law in response to a challenge brought by NetChoice, a tech lobbying group whose members include Google, Meta, TikTok, and other major social media companies (NetChoice v. Bonta).

Judge Freeman concluded that NetChoice demonstrated a likelihood of success in proving the Act is “facially unconstitutional” and would violate the First Amendment, and such “speech restrictions” would fail strict or even lesser scrutiny. An appeal by California Attorney General Robert Bonta was filed in the United States Court of Appeals for the Ninth Circuit shortly after.

On Dec. 13, 2023, Attorney General Bonta filed an opening brief in the appeal, arguing that the lower court “mischaracterized as regulations of speech provisions that, in fact, neutrally regulate economic activity, leading the court to apply the wrong standard of review.” On Dec. 20, the first round of amicus briefs submitted either in support of the Attorney General Bonta or neither party were submitted. The authors of the briefs range from design scholars and privacy and First Amendment law professors to organizations like the American Academy of Pediatrics and the American Psychological Association.

Additional amicus briefs in support of NetChoice were filed by the Feb. 14 deadline, from parties including the Chamber of Commerce and the Computer & Communications Industry Association. Links to all amicus briefs with a short summary of their arguments can be found below.

Amicus Briefs in support of NetChoice

American Civil Liberties Union Foundation (ACLU) & ACLU of Northern California

• The ACLU says the court strike should down the CAADCA in its entirety, arguing that although the California legislature largely framed it as a consumer privacy law, “the actual text of the law reveals a different regulation: one that expressly and impermissibly engages in content-based discrimination in the name of protecting consumer privacy and children.”
• ACLU states that CAADCA regulates core First Amendment activities, i.e the publication and dissemination of the printed word and that will impact not only publishers but the whole public. According to the ACLU, CAADCA’s prohibition on “materially detrimental” speech and its targeting of “harmful” or “potentially harmful” content—left undefined, constitutes content discrimination, triggering strict scrutiny.
• ACLU also argues that the CAADCA’s provision encouraging age estimation will exacerbate privacy and security concerns as it requires the collection and analysis of user data. The brief contends that there are far less restrictive means to address the concerns about online content including encouraging the voluntary installation of filters or application blockers, encouraging libraries, schools, and other community organizations to provide educational resources, and relying on existing criminal laws that prohibit relevant unlawful conduct, such as sexual exploitation or harassment.
• Amici further urges the court to decide the case narrowly, based on the text of the CAADCA, and ensure that the door remains open to protecting other consumer privacy laws in the future.

Computer & Communications Industry Association (“CCIA”)

• CCIA is an international, not-for-profit trade association representing a broad cross-section of communications and technology firms. Its brief argues that the CAADCA likely violates the First Amendment by attempting to control the information that can be provided to persons under 18 years of age and by restricting online service providers’ rights to display and recommend content, especially when it comes to minors. It further states that since the CAADCA bans any form of automated processing or profiling of a minor’s data, it is deemed to be unlawfully restricting the publication and editorial choices of online services.
• The brief also challenges CAADCA’s requirement for online services to conduct Data Protection Impact Assessments (DPIAs), which it views as a form of compelled speech that infringes on companies’ First Amendment rights.
• Finally, the CCIA contends that the law is unconstitutionally vague and overbroad, potentially leading to self-censorship and the stifling of free expression.

The Chamber Of Commerce Of The United States Of America

• The Chamber of Commerce of the United States of America is the world’s largest business federation. The Chamber states its substantial interest in the resolution of this case because it implicates the stability of the Internet economy and core constitutional rights of participants in that economy.
• In this brief, the Chamber of Commerce agrees with the District Court's conclusion that CAADCA violates the First Amendment but criticizes its analysis. It argues that the court incorrectly applied intermediate scrutiny, and should have applied strict scrutiny for two reasons: (i) the Act is content-based, and (ii) it regulates both commercial and non-commercial speech.
• The Chamber of Commerce argues that CAADCA would have detrimental effects on the internet if upheld. While presented as a children's privacy law, the Act would grant the California Attorney General unprecedented power to regulate online content deemed “potentially harmful.” On this note, the brief further asserts that CAADCA is unconstitutionally vague and will impose significant compliance burdens and chilling effects, raising concerns that businesses will struggle to anticipate whether their decisions satisfy California's standards regarding “harmful” content or what is in a child's "best interest."
• The Chamber of Commerce contends that enacting content-based speech regulation is part of a troubling trend in which states seek to censor speech that they dislike under the guise of protecting children. It also asserts that in addition to violating the First Amendment, the Act also flatly conflicts with the federal Children’s Online Privacy Protection Act (“COPPA”).
• The brief concludes that CAADCA should be enjoined in its entirety because the majority of the Act is deemed unlawful and not severable from any remaining provisions.

Chamber Of Progress, Consumer Technology Association, First Amendment Coalition, Information Technology and Innovation Foundation, IP Justice, LGBT Tech, The Trevor Project, And Woodhull Freedom Foundation.

• The authors of this brief represent a group of tech industry associations, as well as free speech and civil liberties advocates.
• The brief contends that CAADCA would significantly disrupt the thriving marketplace of ideas. It would establish a subjective system of prior restraints, limiting speech based on its content, viewpoint, and speaker, compelling websites to censor content deemed inappropriate for children. Furthermore, websites would be obliged to employ privacy-invasive age-verification methods, posing a significant privacy risk that contradicts California's purported aims.
• The brief also raises concerns that upholding the law (1) could encourage other states to enact speech-based restrictions on websites, leading to a fractured internet landscape as each state pursues its own agenda regarding what is considered “safe” for children; (2) a single state could end up dictating national internet policy to resolve conflicting state laws; (3) might cause more harm than it prevents, disproportionately affecting marginalized groups such as women, communities of color, LGBTQ+ individuals, and religious minorities.
• The brief supports the latter claim by giving an example of how discussion of or access to reproductive and sexual health information may be blocked as being potentially harmful. The Act will compel Californians—and potentially other Americans— to wait until their 18th birthday to access vast amounts of information available to other American minors, and even then, their access will be conditioned on compliance with invasive age-verification measures.
• The brief concludes that while protecting children’s online privacy is a crucial policy goal, it shouldn't justify adopting sweeping measures that run roughshod over the First Amendment. It recommends that the court affirm its decision to preserve the vibrancy and diversity of the internet.

The Copia Institute

• The Copia Institute is the think tank arm of Floor64, Inc., the privately-held California small business that operates Techdirt, an online publication that has chronicled technology law and policy for more than 25 years. Its founder and owner Michael Masnick was a declarant in the underlying proceedings, articulating how CAADCA would directly affect his rights to self-expression and that of his business.
• The brief claims that this law unconstitutionally impinges on the Copia Institute’s free expression rights. The law would force Michael Masnick, Techdirt’s editor, to limit his engagement with his readers, alienate parts of his audience, and aggravate the remaining readership with invasive data collection, which would also necessitate costly technology investments. Additionally, it would require him to allocate resources towards compliance reports instead of focusing on creating new content. These requirements obstruct his ability to “simply put[ting] his digital pen to digital paper to tell the world what he thinks”, constituting impermissible barriers to his freedom of speech.
• The brief also contends that the constitutional issues are not diminished by the commercial nature of the impacted speech. It claims that penalizing the company for its profit-driven activities, which support expressive endeavors, essentially penalizes Masnick himself, as he runs the company to uphold his personal expressive interests.
• Furthermore, the brief contends that the district court’s analysis leading to the application of a lower scrutiny standard raises concerns about the potential emergence of similarly unconstitutional laws from legislatures. It suggests that the decision left lawmakers a roadmap to use to try to remediate its law, but in reality, no rehabilitation of the law is feasible. “When a law interferes with the ability to engage in expression by adding extra requirements one must meet before one can speak, then scrutiny must be heightened and the law found unconstitutional.”
• The brief emphasizes that although the laws may target actions that are not overtly expressive, they are still culpable for the constitutional injury they inflict on speech. It suggests that the constitutional analysis be rooted in measuring the resulting injury to expression.
• Additionally, it mentions that while the district court didn't need to address the matter, an alternative reason for enjoining the statute is that it violates Section 230, specifically its preemption provision [47 U.S.C. § 230(e)(3)]. The brief predicts that this law would undeniably affect platforms in such a manner. Drawing from the case Lemmon v. Snap, it raises concern that in some prior instances, the Court has found Section 230 inapplicable due to the focus of the analysis being on activities not obviously expressive.
• Lastly, the brief asserts that legislative efforts targeting the exercise of expression should be assessed based on their impact on expressive interests and their protection under both constitutional and statutory frameworks.

Electronic Frontier Foundation (EFF) and Center For Democracy & Technology (CDT)

• The Electronic Frontier Foundation (EFF) and the Center for Democracy and Technology (CDT) are non-profit organizations advocating for online users’ free expression and privacy rights. They have a history of challenging laws that burden internet users’ rights and supporting well-crafted consumer data privacy laws.
• Their brief argues that the CAADCA violates the First Amendment by imposing age-verification requirements and vague standards that burden free expression and access to information online.
• Amici contend that the unconstitutional provisions of the CAADCA cannot be separated from the rest of the statute, suggesting that the entire AADC should be struck down.
• While the brief suggests that the Court should not address the CAADCA’s data privacy provisions, it notes that if it does, these should be subject to intermediate scrutiny, not strict scrutiny, as they regulate commercial speech on matters of private concern. Proceeding this way avoids casting doubt on the validity of other consumer data privacy laws with provisions similar to the CAADCA.

Professor Eric Goldman

• Professor Eric Goldman is a Professor of Law at Santa Clara University School of Law and has been researching and writing about Internet Law for thirty years. His recent research focuses on the censorial consequences when government regulators impose and enforce transparency obligations on content publishers’ editorial decisions. He previously submitted an amicus brief to the district court in this case, which the district court cited in support of its conclusions.
• In his current brief, Professor Goldman argues that the CAADCA’s age-assurance requirements impede access to constitutionally protected online speech. He asserts that age assurance creates onerous barriers for accessing content online and will deter internet usage and chill speech online since the CAADCA does not require age verification and rather requires “age assurance, which means determining whether a user is a minor or adult with an appropriate degree of confidence”. This provision, in his view, creates confusion both because the CAADCA does not specify the exact method regulated entities must use to carry out age assurance, nor is anyone clear on how this requirement can be implemented.
• He contends that the Courts have struck down age-verification requirements for years as they deem to violate the First Amendment principles. Just like the prior age-verification requirements, the CAADCA’s age-estimation provision imposes high implementation costs on regulated businesses, deters user traffic through increased latency and intrusive requests for personal information, and—as a result—chills protected speech.

International Center for Law & Economics (ICLE)

• The International Center for Law & Economics (ICLE) is a non-profit, non-partisan research and policy center that focuses on law and economics methodologies to inform policy debates. They have expertise in Internet regulation and free speech, particularly in relation to privacy rules and the First Amendment.
• ICLE supports the plaintiff-appellee NetChoice, LLC, in its First Amendment claim against the CAADCA. The ICLE argues that the CAADCA’s restrictions on data collection for speech curation and targeted advertising should be subject to strict scrutiny because they are likely to restrict minors’ access to lawful online speech platforms.
• ICLE contends that data collection for speech curation and targeted advertising is protected by the First Amendment. They assert that the CAADCA’s restrictions are not narrowly tailored to serve a compelling government interest and that less restrictive means, such as education and parental controls, are available.
• The brief concludes with ICLE stating that the CAADCA is unconstitutional as it would restrict minors’ participation in the marketplace of ideas and access to lawful content online.

Reporters Committee for Freedom of the Press and 14 Media Organizations

• The Reporters Committee for Freedom of the Press and 14 media organizations, including The Associated Press, The New York Times, and The Washington Post, are the amici, advocating for First Amendment protections and access to news for minors.
• The amici contend that the CAADCA imposes content-based restrictions that are unconstitutional. They argue that these restrictions undermine the editorial autonomy of news publishers and limit the public’s access to a broad range of information. The amici are concerned that such restrictions could lead to a chilling effect on free speech, as publishers may engage in self-censorship to avoid potential penalties under the Act.
• The brief criticizes the CAADCA for its vague and broad definitions, particularly concerning what constitutes “harmful” content. This lack of clarity could result in arbitrary enforcement and compel publishers to self-censor. The amici highlight the difficulty in determining the threshold for harm, especially when it comes to content that may be deemed inappropriate for minors but is otherwise lawful and informative.
• They assert that the CAADCA infringes upon the First Amendment rights of minors. They emphasize that access to news and information is crucial for minors’ development and participation in civic life. The brief suggests that the Act’s restrictions could prevent minors from engaging with content that is essential for their education and growth as informed members of society.
• Further, the amici are concerned that the CAADCA’s requirements could lead to undue interference in the editorial decisions of news organizations. The Act could force publishers to alter or restrict access to lawful content based on subjective assessments of what might be harmful to minors. This interference, according to the amici, could compromise the integrity of news reporting and the diversity of viewpoints available to the public.
• They also warn that the CAADCA could have a detrimental impact on public discourse. By limiting access to a range of content, the Act could stifle the exchange of ideas and opinions that is fundamental to a healthy democracy.
• They conclude by stating that the CAADCA could set a dangerous legal precedent. If the Act’s provisions are upheld, it could pave the way for further regulations that impose even greater restrictions on speech. The brief cautions against allowing the CAADCA to become a model for future legislation that could erode First Amendment protections.

TechFreedom

• TechFreedom is a nonprofit, nonpartisan think tank based in Washington DC, dedicated to promoting technological progress that improves the human condition. TechPolicy opposes government efforts to control online speech, including laws that mandate online age verification or age estimation.
• TechFreedom argues that the law CAADCA which requires age estimation is not narrowly tailored, and although the District Court ruled that it violates the First Amendment, it could have gone further.
• The brief agrees with the court’s assessment that a high privacy default and age estimation would have a vast chilling effect but it stresses that age estimation poses a threat to users’ privacy and anonymity as it functions as a measure of collecting information. It contends that the high privacy default would chill speech on covered websites, while age estimation would chill users who engage with websites by creating friction (“time delays and other barriers to entry”) that will frustrate users, causing them to leave websites without accessing and viewing any content.
• The brief further notes that it reviewed various warnings the public has been receiving regarding the perils of undue data collection and organized the commentators into two categories: a “left” group and a “right” group. It notes that the ideological left fears that digital surveillance will promote corporate power and destroy personal privacy, whereas the ideological right fears that digital surveillance will promote the monitoring of “social credit” and enable political oppression.
• Additionally, the brief claims that in enacting CAADCA, California “turn[ed] a blind eye” to its “own complicity” in the erosion of online privacy. And that many Internet users will see that CAADCA’s age-estimation requirement is exactly the kind of surveillance-promoting, anonymity-destroying device that left-wing commentators warn about. The brief also agrees with the right-wing commentators that it is naïve to assume that data, once collected, will only be used legally and properly. It contends that many right-wing Internet users will expect websites to misuse age estimation data, either at the direct command of or in an indirect attempt to appease the government.

Amicus Briefs in support of California Attorney General Bonta

The American Federation Of Teachers and the California Federation Of Teachers

• One of the largest teachers’ labor unions in the US, the American Federation of Teachers (AFT), and its California chapter (CFT), filed an amicus brief in support of the California Age Appropriate Design Code ACT with request for the preliminary injunctions’ reversal. The AFT alleges that “surveillance advertising,” or targeted advertising practices used by social media platforms to collect “excessive data” and maximize time spent online exploits young users’ vulnerabilities and affects their sleep, study time, classroom learning, and more. This has diverted schools’ resources away from instructional learning as the unions’ teacher members continue to witness an increase in students’ anxiety, depression, and more from a mental health crisis exacerbated by the addictive nature of social media, according to the brief.
• The filing argues that the collection and trading of data, which makes up nearly all of Google, Meta, Tiktok, and Snaps’ revenue streams, is fundamentally “economic activity” that needs be assessed by the CAADCA’s Data Protection Impact Assessments (DPIA) to change incentives for these businesses that “materially alleviate the harms at issue.” To counter the court’s argument that the Act’s enforcement would likely violate the First Amendment, the brief points to Interpipe Contr., Inc. v. Becerra, which established in 2018 that “a law regulating conduct that merely alters incentives rather than restricts the ingredients necessary for speech does not regulate conduct that is ‘inherently expressive[.]’”

The Amici States

• Attorneys general from Nevada and Washington, DC, along with nineteen other states that signed on, filed a brief asking the court to reverse its decision to block the CAADCA. The “Amici States” largely took issue with the court’s alleged assumption that the First Amendment is implicated by any regulation of information. The brief argues that the court’s “over broad” application of general free-speech principles ignores relevant First Amendment doctrine, subjects consumer-protection regulation to inappropriate means-end scrutiny, and could “strangle” good-faith state efforts to regulate internet practices if widely adopted.
• As laid out by the Amici States, the court’s error in judgment lies in its assumed application of the First Amendment, particularly in its interpretations of the CAADCA’s mandatory reporting and disclosure requirements; businesses’ use of ‘dark patterns;’ and companies’ internal policy enforcement. The brief further took issue with the court’s decision to evaluate the law in its entirety under strict scrutiny, noting that with this logic, “virtually all regulations of the modern information economy would be subject to judicial scrutiny.”
• The brief additionally argues that the lower court ruling infringes on state Attorneys General’s “long-recognized police powers to protect children” dating back to the nineteenth century, such as when child labor laws and protections were challenged by businesses on grounds of violating the Fourteenth Amendment’s Due Process and Equal Protection Clauses—a constitutional reading struck down by the courts. The Amici States also made note of states’ previously successful efforts to protect children from pornography and sexual exploitation online, despite First Amendment challenges in cases like State v. Robins and People v. Hsu.

The American Academy Of Pediatrics And The American Psychological Association

• The AAP and APA argue that there is currently no sufficient comprehensive regulatory framework nationally or in California, and that COPPA, the primary law that provides internet privacy protections for children under thirteen, has increasingly problematic limitations twenty five years after its initial passage. This includes leaving older children without any privacy protections, and age determination practices for users one through twelve that online service providers have consistently fallen short on.
• The amici parties believe it is necessary to expand protections to all children, as opposed to the federal age-13 cutoff, because “adolescence is a critical developmental stage” that can leave them vulnerable to many of the manipulative design and privacy practices used by social media and digital platforms. The brief argues that these companies have the duty to design their online products in child-friendly ways, similarly to regulations for cribs and toys, rather than turning a “blind eye” to “the young people that are widely understood to be spending their time there,” and urges the court to uphold the CAADCA.

The Center For Humane Technology

• The Center for Humane Technology, represented by the Social Media Victims Law Center, the first firm to file product liability claims against social media platforms based on youth addiction, argues that the preliminary injunction should be vacated on grounds that the district court “misapplied First Amendment doctrine to 21st-century Advanced Digital Technologies” and ignored the broader reality of how these products allegedly harm children.
• The brief argues that California is obligated to use its “police power” to protect children from the “well-documented physical and mental health harms” of advanced technologies and their unique characteristics.
• The brief argues that the CAADCA 1) does not encroach on the freedom of expression enshrined in the First Amendment because algorithmic outputs are not “speech” and 2) simply regulates the design of digital products, the code that builds them, and the data that fuels them.” It argues the lower court failed to recognize that the only way to protect kids online is to “regulate their data and code with forward-looking regulatory schemes focused on requiring safe digital designs rather than outcome-based regulations destined to quickly become obsolete.”

Design Scholars

• The listed Amici scholars have published extensively on the First Amendment, regulation of addictive technologies, digital product design laws, and public and children’s health in the digital age. They include Micah L. Berman, Susan Benesch, Gaia Bernstein, Brett Frischmann, John Kindt, Kyle Langvardt, Matthew Lawrence, Lawrence Lessig, Harry Levant, Zephyr Teachout, Michael R. Ulrich, and Tim Wu.
• The amici scholars believe that the District Court misapplied the applicable First Amendment principles, first by accepting NetChoice’s logic that functional design categorically implicates the First Amendment and by subjecting it to strict scrutiny. The brief states that “even if some aspects of digital product design regulation impact speech, any regulatory burden would at most constitute a content-neutral time, place, or manner restriction warranting intermediate scrutiny.”
• The CAADCA passes intermediate scrutiny, the amici scholars argue, because it “furthers the California Legislature’s compelling interest in protecting children from the serious health effects of addictive and other harmful online products while only imposing incidental and limited (if any) burdens.”
• The amici scholars urge the District Court to consider two approaches to the CAADCA’s First Amendment implications and a reversal of its preliminary injunction. The first approach is the court ruling that digital product design regulations do not implicate the First Amendment more broadly, and the other is reconsidering the level of scrutiny that sufficiently considers California’s interest in protecting children’s health.

The Electronic Privacy Information Center

• EPIC says the lower court’s injunction calls into question established privacy law including the Children’s Online Privacy and Protection Act.
• EPIC argues that the “lower court’s decision is deeply flawed because it fails to recognize the state’s substantial interest in protecting the privacy of children online and incorrectly analyzes the requirements of the California Age-Appropriate Design Code (‘AADC’). The lower court’s analysis hinges in part on false assumptions that the AADC requires companies to limit access to content and to deploy invasive age verification techniques. The AADC does not require either of those things, and its privacy and design-focused requirements allow for a flexible approach to age estimation that incentivizes companies to provide heightened privacy protections to all users to mitigate harms to children.”
• Further, the lower court “failed to appreciate the specific privacy harms that the commercial collection and use of personal information poses to children and failed to recognize that the AADC is designed to address these harms.”

Elizabeth Denham CBE And Stephen Wood

• Elizabeth Denham, a former Information Commissioner in the United Kingdom and Stephen Wood, a former Deputy Information Commissioner, played a significant role in the implementation of the UK Age Appropriate Design Code, known as the Children’s Code, a regulation implemented in 2020 and on which the California AADCA is based.
• Denham and Wood argue that their experience suggests “that, contrary to the district court’s findings, the AADC—like the Children’s Code—does not impermissibly interfere with protected speech.”
• The brief argues that, similar to the process undertaken in the UK, the AADCA directs the “California Children’s Data Protection Working Group” to deliver a report to the Legislature on best practices for its implementation, but that the Working Group has not yet had the opportunity to undertake this process.
• And, it argues that contrary to NetChoice’s arguments about the detrimental effects of the AADCA, platforms have lauded the Children’s Code in public statements. “There is no evidence that the changes resulting from the Code’s implementation have undermined freedom of expression,” argue Denham and Wood. “But evidence does support that those changes have made a meaningful difference to children’s privacy online.”

Fairplay et al.

• A group including the nonprofits Fairplay Inc., the Center for Digital Democracy, Common Sense, 5Rights Foundation, Children’s Advocacy Institute, Accountable Tech, Beyond the Screen, Children & Screens, Design It For Us, The Tyler Clementi Foundation, Becca Schmill Foundation, and Meta whistleblowers Arturo Béjar and Frances Haugen argue that the CAADCA “does not regulate commercial speech: it regulates data capitalism.” The purpose of the law is to protect children in the context of an exploitative business model, they argue.
• In granting the preliminary injunction, they argue, “the District Court fell for NetChoice’s misdirection: that the CAADCA regulates the free speech rights of companies. The contextual insertion of free speech arguments fails to grasp the reality: Big Tech is not in the market of speech. It is in the business of extracting personal data from users’ interactions, expressions, and preferences and selling that data to various marketing and advertising companies.”
• The brief argues that contrary to the lower court’s opinion the Data Protection Impact Assessment requirement in the CAADCA does not regulate speech, and that there are numerous other laws and regulations both at the federal and state level that require similar assessments that have not been found to be unconstitutional restrictions on speech.

Federal Trade Commissioner Alvaro M. Bedoya

• The Federal Trade Commission, which is the primary enforcer of Children's Online Privacy Protection Act (COPPA), allows states to “write and enforce their own kids’ privacy laws—separate and apart from COPPA—so long as those laws are not ‘inconsistent’ with it.” The CAADCA is one such effort, according to the Commissioner, and the district court did not “adequately consider the full range of harms to children” that the California Act could protect against.
• COPPA’s twenty five year record shows broad consensus in recognizing that the “unauthorized and unnecessary collection, use, retention, and sale of children’s data hurts children and their families,” practices that were not considered in the preliminary injunction’s analysis of the CAADCA’s constitutionality.
• The Commissioner did not request a reversal, instead urging the courts to consider the “full range of harms” the CAADCA could protect children from.

The Lawyers’ Committee For Civil Rights Under Law

• The Lawyers’ Committee for Civil Rights Under Law, a nonprofit legal advocacy organization dedicated to pursuing racial justice, argues that “the district court’s opinion erroneously expanded the scope of First Amendment scrutiny to cover unprotected speech and conduct and then misapplied First Amendment scrutiny, thus striking down a law protecting Black people and other people of color from data-driven discrimination and protecting privacy rights.” Fundamentally, the Committee argues, “Not all information-processing activities are speech and a business’s use of the internet does not transform routine commercial conduct into protected speech.”
• “Laws regulating the use of privacy-invasive data practices play a vital role in protecting civil rights,” the Committee argues, and the CAADCA does so “in several ways,” including by requiring data minimization, data protection impact assessments, and the prohibition on “uses of dark patterns on children.”
• The brief argues that the lower court incorrectly relied on Sorrell v. IMS Health Inc., arguing that the case does not diminish the validity of privacy regulations in general, and that the lower court was flawed in its rejection of the CAADCA’s regulation of unfair and deceptive practices.

Privacy And First Amendment Law Professors

• The amici parties, defined as law professors and scholars of data privacy, constitutional law, and the First Amendment, include Hannah Bloch-Wehba, Danielle Keats Citron, Julie E. Cohen, Mary Anne Franks, Woodrow Hartzog, Margot E. Kaminski, Gregory P. Magarian, Frank Pasquale, Neil Richards, and Daniel J. Solove.
• The amici scholars, with representation from G.S. Hans of Cornell Law School, argue that data privacy laws are constitutional under the First Amendment, and the lower court’s analysis of the CAADCA threatens to upend much, if not all, of data privacy law. They urge the court to reverse and remand the district court’s ruling.
• The brief argues that “most data privacy regulations fail to trigger any First Amendment scrutiny, as they function as economic regulations that only incidentally burden speech.” However, If the courts find that the CAADCA implicates First Amendment review, the amici scholars argue that it at most qualifies as “commercial speech” and thus warrants only intermediate scrutiny, rather than the strict standard applied in the preliminary injunction. They additionally note that following the Supreme Court’s decision in Sorrell v. IMS Health, other courts have evaluated data privacy laws that applied intermediate scrutiny and were found constitutional.

Amicus Curiae Briefs in support of neither party

The Princeton University Center For Information Technology Policy, Tech Policy Clinic

• The Princeton University Tech Policy Clinic makes a narrow argument around whether provision of the CAADCA that addresses the use of dark patterns by online services “runs afoul of the First Amendment.”
• The brief argues that the provision “passes muster under the First Amendment because it is directed at non-expressive conduct” and that “even if viewed as a commercial speech regulation, the Act’s provision is a reasonable, content-neutral regulation aimed at preventing unfair or deceptive practices from harming vulnerable users.”
• The brief cites multiple enforcement actions, including by the FTC and the New York Attorney General, that illustrate the harms of dark patterns, and argues that the CAADCA is consistent with established consumer protection law.
• Finally, the brief argues that even if the CAADCA were to be regarded as regulating commercial speech, it would still be permissible under the “Central Hudson test,” which evaluates commercial speech regulation. The CAADCA meets the threshold for the test since “the regulation of dark patterns mainly concerns regulating potentially misleading interfaces that induce users to take actions they would not have otherwise chosen.”

The Institute For Law, Innovation & Technology, Temple University Beasley School of Law

• The Institute for Law, Innovation & Technology at the Temple University Beasley School of Law focuses on the Data Protection Impact Assessment (DPIA) component of the CAADCA.
• “Categorically invalidating a state law with potentially national and international implications should, at the very least, be premised on an accurate and nuanced understanding of this important and widely used technical tool,” the Institute states.
• The Institute points out such assessments are common; nearly half of US states either currently require DPIAs or are considering legislation to implement them, according to the brief, and they are used widely in Europe. In the US, they are rooted in federal privacy law going back to the 1970s.
• Similar to the brief from Denham and Wood, the Institute notes that the law sets in place a working group procedure to further advise the legislature on how the law should be implemented, “although the facial challenge at bar did not allow that process to unfold.”