In the US there is no single federal age verification law for general online access. Instead, a growing number of states have passed or proposed laws that require age checks for social media, gaming, or adult content. The result is a patchwork: requirements and acceptable methods differ by state, and some laws have been challenged on First Amendment grounds.
Virginia, California, and court challenges
Virginia’s law, for example, was at least temporarily blocked by a federal court in 2026, with the judge citing free-speech concerns. Other states are advancing similar bills. California and Colorado have moved toward requirements for app stores and OS-level age APIs (e.g. for "general purpose" devices), with implementation dates in 2027. Even if you do not operate in a given state today, more states are likely to add similar obligations over the next few years.
Practical implications for US platforms
Most teams should (1) track which states you serve and which laws apply; (2) choose age verification that can be configured for different thresholds and flows; and (3) minimise data retention so that if one state’s law is struck down, your handling of user data still looks reasonable to a regulator. The FTC has also signalled that it will look favourably on certain age-verification technologies under COPPA when they meet conditions around accuracy, security, notice, and data retention.
One integration for a multi-state patchwork
If you have users in multiple states, consider a solution that gives you a single integration point and lets you adapt to state-specific rules (and court decisions) without rebuilding your flow each time.
Frequently asked questions
No general federal age verification law covers all online access. COPPA applies to services aimed at children under 13, and several states have passed their own laws for social media, gaming, or adult content.
Texas, Louisiana, Utah, Virginia, Arkansas, Tennessee, and many others have passed age verification laws, though scope and status vary. California and Colorado are advancing rules for app stores and OS-level age APIs with 2027 implementation.
Mixed. Virginia's law was temporarily blocked in 2026 on First Amendment grounds, and others face similar challenges. Texas and Louisiana laws remain in force, and the Supreme Court has upheld some state age-check requirements.
The FTC's 2026 COPPA Policy Statement says it will use enforcement discretion for age verification technologies that are accurate, secure, provide clear notice, and minimise data retention. Well-designed privacy-first tools are less likely to be targeted.
