How South Carolina’s AADC Law Stands Apart: Key Differences Across State Approaches
As more states adopt Age-Appropriate Design Code (AADC) laws, important differences are emerging in how they regulate online services for minors. South Carolina’s approach introduces notable distinctions in scope, obligations, and enforcement compared to earlier laws in states like California and others. This blog examines the key areas where South Carolina diverges, offering insight into what these differences could mean for businesses, policymakers, and the broader future of youth online safety regulation.
Understanding the nuances is essential for multi-state compliance strategy. The table below draws directly from the enrolled text of all five statutes.
Our audit engagements are structured around the law's nine required report elements, with a methodology that satisfies South Carolina's requirement for auditors to 'follow inspection and consultation practices designed to ensure that reports are comprehensive and accurate’ including the statutory mandate to consult with experts on minors' use of covered online services.
Understanding the nuances is essential for multi-state compliance strategy. The table below draws directly from the enrolled text of all five statutes.
| South Carolina/ SC (H3431) |
California/ CA (AB 2273) |
Maryland/ MD (HB 603) |
Nebraska/ NE (LB 504) | Vermont/ VT (S.91) |
|
| Audit Mechanism | Independent 3rd-party public audit filed with AG annually | Data Protection Impact Assessment (DPIA) — internal | DPIA — internal | No audit requirement | No formal audit requirement |
| Review (or Submission) Deadline | Annual July 1 submission (recurring) | Biennial review | — | — | — |
| Public Disclosure | YES — posted on AG's website | No — DPIA is confidential | No — DPIA protected unless asked by Attorney General | — | — |
| Penalty Structure | TREBLE (3x) actual damages + personal officer liability | Up to $7,500/affected child (intentional) | Up to $2,500/affected child; cure period available | Up to $50,000 per violation (from July 2026) | Unfair/deceptive trade practice framework |
| Officer Personal Liability | YES — for willful/wanton violations | No | No | No | No |
| Notification Windows | 10PM–6AM nightly; 8AM–3PM school days (Aug–May) | No specific statutory hours | No specific hours mandated | 10PM–6AM nightly; 8AM–4PM school year weekdays | Midnight–6AM nightly |
| Dark Patterns | Prohibited; plus, also = UTPA unlawful trade practice | Prohibited | Prohibited | Prohibited | Prohibited |
| Default-On Protections | All protections on by default for known minors | Highest protection by default | Required by default | Required by default | Required by default |
| Enforcer | Attorney General | Attorney General | Consumer Protection Division of Attorney General’s Office | Attorney General | Attorney General |
What Makes the SC Audit Unlike Any Other State Requirement
- Third-party independence required by statute
- Expert consultation on minors' use required
- Submitted to Attorney General — not retained internally
- Annual — not a one-time exercise
- Full access to platform operations and data required
- Nine defined statutory report elements
- Posted publicly on the AG's website
- No cure period for late or incomplete filing
The Critical Distinction
South Carolina is the first state to require a publicly filed independent audit — posted on the Attorney General's website for anyone to read. California and Maryland use an internal DPIA model: the company completes the assessment, retains it, and shares it with regulators only if requested. South Carolina's model is the opposite. Reputational risk joins legal risk as a compliance motivator.How BBB National Programs Can Help
BBB National Programs has built its practice around the intersection of technology design, data governance, and children's digital privacy — the exact overlap that the South Carolina AADC puts under the microscope. We provide the independent third-party audit services that § 39-80-70 requires, with deep expertise in minor-facing platforms and the statutory compliance frameworks that the law demands.Our audit engagements are structured around the law's nine required report elements, with a methodology that satisfies South Carolina's requirement for auditors to 'follow inspection and consultation practices designed to ensure that reports are comprehensive and accurate’ including the statutory mandate to consult with experts on minors' use of covered online services.