Politics

Connecticut steps up online safety measures for minors and expands data protections amid legislative push

Thursday, 5 February 2026 11:55PM UTC

Connecticut officials have announced targeted updates to bolster oversight of online activities for minors and strengthen residents’ personal data protections, responding to enforcement insights and emerging technological risks as lawmakers prepare a new legislative agenda.

Connecticut officials unveiled plans on Thursday to tighten oversight of online activity by minors and expand protections for residents’ personal information as lawmakers prepare a slate of bills this legislative session. The announcements, made by Attorney General William Tong and state Senator James Maroney at a morning briefing, signalled a push to build on the Connecticut Data Privacy Act and to address gaps revealed since the law took effect. According to the Attorney General’s office, the move responds to broader concerns about emerging technologies and data collection practices. ^[2],^[4]

Tong warned of the risks to residents if data safeguards are not strengthened, saying, "If we don’t take action, and we just leave our information open to the dark web, there are very serious consequences for people here in Connecticut." The officials framed the proposals as targeted updates rather than an overhaul, focusing on areas where the current statute does not reach. The CTDPA, enacted in 2022 and effective July 1, 2023, grants Connecticut residents specific rights over their personal data and sets obligations for covered businesses, but does not cover all categories of data or actors. ^[1],^[2]

Enforcement activity over the past year has informed the policy agenda. The Attorney General’s report on CTDPA implementation recorded nearly 70 complaints about data deletion and similar issues and more than 1,830 breach notifications, prompting 63 warning letters and several Assurances of Voluntary Compliance that yielded more than $750,000 in payments in 2025. Officials say about a third of complaints involved entities or data that are currently exempt from the law, highlighting limits in the statute’s scope. ^[4],^[6]

Lawmakers signalled particular concern about chatbot and generative artificial intelligence systems that increasingly serve as interactive companions for young people. Maroney cited research suggesting widespread teen engagement with companion chatbots and warned that current legal definitions did not anticipate these uses. He said the legislature will examine narrower definitions of "publicly available information" and potential bans on commercial geolocation tracking while considering a state-level analogue to California’s Delete Act to give consumers clearer rights to remove personal data. ^[1],^[3]

Governor Ned Lamont has filed complementary measures that would place a Chief Data Officer within the Office of Policy and Management, establish an AI "regulatory sandbox" through the Department of Economic and Community Development, and require certain chatbot developers to adopt protocols for users exhibiting mental-health distress. A separate administration bill would set default safety settings for minors on online platforms and require platforms to report metrics about minor usage, including numbers, average time spent and usage patterns by age and time of day. The proposals reflect an ambition to balance consumer safeguards with preservation of innovation. ^[1],^[2]

Advocates and investigators have flagged how easy it can be for children and adolescents to circumvent age controls, sometimes exposing them to sexualised or violent content from AI companions and apps with weak age-verification measures. A recent CT Insider investigation found reports of students forming relationships with AI companions and described popular companion apps as lacking robust age protections despite content that appeals to children and teens. Those findings have helped shape the urgency lawmakers expressed at the press conference. ^[1],^[4]

The administration and legislators acknowledged trade-offs. Lawmakers emphasised they do not wish to stifle technological development yet argued regulation is required to curb harms that have already materialised. Maroney warned that an unfettered "move fast" approach by some technology companies has produced real-world consequences and said Connecticut must act carefully to avoid repeating mistakes while still encouraging responsible innovation. The state’s 2025 amendment process and proposals before the General Law committee aim to align Connecticut’s privacy regime more closely with other state laws while filling identified gaps. ^[1],^[3]

The coming weeks are expected to bring specific bill texts and committee debates that will define the pace and reach of any new requirements for platforms, AI developers and data collectors. Industry groups, privacy advocates and state agencies are likely to engage in the deliberations as lawmakers weigh whether additional statutory authority or new regulatory tools are required to protect minors and other vulnerable groups. Government materials note the Attorney General retains exclusive enforcement power under the CTDPA, a factor that will shape how new provisions are policed. ^[2],^[6]

Source Reference Map

Inspired by headline at: ^[1]

Sources by paragraph:

Paragraph 1: ^[2],^[4]
Paragraph 2: ^[1],^[2]
Paragraph 3: ^[4],^[6]
Paragraph 4: ^[1],^[3]
Paragraph 5: ^[1],^[2]
Paragraph 6: ^[1],^[4]
Paragraph 7: ^[1],^[3]
Paragraph 8: ^[2],^[6]

Source: Noah Wire Services

More on this

https://ctmirror.org/2026/02/05/data-privacy-online-safety-tong-ct/ - Please view link - unable to able to access data
https://portal.ct.gov/ag/sections/privacy-/the-connecticut-data-privacy-act - The Connecticut Data Privacy Act (CTDPA), effective from July 1, 2023, grants Connecticut residents rights over their personal data and establishes obligations for businesses handling such data. The Act applies to entities conducting business in Connecticut or targeting its residents, and it outlines consumer rights and business responsibilities regarding personal data processing.
https://www.insideprivacy.com/state-privacy/connecticut-legislature-amends-its-privacy-statute/ - On June 24, 2025, Connecticut Governor Ned Lamont signed Senate Bill 1295, amending the Connecticut Data Privacy Act (CTDPA). Effective July 1, 2026, the amendment introduces provisions related to minor privacy and aligns the CTDPA with requirements in other state privacy statutes, reflecting substantive provisions similar to the California Consumer Privacy Act (CCPA).
https://portal.ct.gov/ag/press-releases/2025-press-releases/attorney-general-tong-releases-updated-report-on-connecticut-data-privacy-act?trk=organization_guest_main-feed-card-text - Attorney General William Tong released an updated report detailing the Office of the Attorney General's actions in 2024 to enforce compliance with the Connecticut Data Privacy Act (CTDPA). The report highlights common deficiencies and problematic privacy practices under investigation, emphasizing the Office's ongoing efforts to ensure transparency and compliance with the Act.
https://www.taftlaw.com/news-events/law-bulletins/connecticut-becomes-the-fifth-state-to-pass-data-privacy-act/ - On May 10, 2022, Connecticut became the fifth state to enact a comprehensive data privacy law, the Connecticut Data Privacy Act (CTDPA). The Act, effective July 1, 2023, grants consumers rights over their personal data and imposes obligations on businesses handling such data, aligning with similar laws in other states like California and Virginia.
https://www.hinckleyallen.com/publications/reminder-connecticut-data-privacy-act-becomes-effective-july-1-2023/ - The Connecticut Data Privacy Act (CTDPA), effective July 1, 2023, imposes requirements on businesses regarding consumer health data and children's online privacy protection. The Act does not contain a private right of action, and the Connecticut Attorney General has exclusive enforcement authority under the Act.
https://www.jonesday.com/en/insights/2022/05/connecticut-enacts-comprehensive-data-privacy-law - On May 10, 2022, Connecticut enacted the Connecticut Data Privacy Act (CTDPA), becoming the fifth state to do so. The Act, effective July 1, 2023, applies to entities conducting business or targeting consumers in Connecticut and outlines consumer rights and business obligations regarding personal data processing.

Noah Fact Check Pro

The draft above was created using the information available at the time the story first emerged. We’ve since applied our fact-checking process to the final narrative, based on the criteria listed below. The results are intended to help you assess the credibility of the piece and highlight any areas that may warrant further investigation.

Freshness check

Score: 8

Notes: The article reports on recent legislative initiatives announced on February 5, 2026, concerning online safety and data privacy for minors in Connecticut. Similar legislative efforts were reported in January 2026, indicating that the content is current and not recycled. ([portal.ct.gov](https://portal.ct.gov/governor/news/press-releases/2026/01-2026/governor-lamont-attorney-general-tong-announce-legislation-to-combat-youth-social-media-addiction?utm_source=openai))

Quotes check

Score: 7

Notes: Direct quotes from Attorney General William Tong and State Senator James Maroney are included. These quotes are consistent with their public statements in recent press releases. ([portal.ct.gov](https://portal.ct.gov/ag/press-releases/2026-press-releases/attorney-general-tong-releases-updated-report-on-connecticut-data-privacy-act?utm_source=openai)) However, the exact dates of these statements are not specified, making it challenging to verify the freshness of the quotes.

Source reliability

Score: 8

Notes: The primary source is the Connecticut Mirror, a reputable news outlet. The article is supported by official press releases from the Connecticut Attorney General's Office and Governor's Office, which are authoritative sources. ([portal.ct.gov](https://portal.ct.gov/ag/press-releases/2026-press-releases/attorney-general-tong-releases-updated-report-on-connecticut-data-privacy-act?utm_source=openai))

Plausibility check

Score: 9

Notes: The legislative measures proposed align with ongoing national discussions on data privacy and online safety for minors. The concerns about AI chatbots and social media platforms are consistent with recent reports on the topic. ([ctmirror.org](https://ctmirror.org/2026/02/05/data-privacy-online-safety-tong-ct/?utm_source=openai))

Overall assessment

Verdict (FAIL, OPEN, PASS): PASS

Confidence (LOW, MEDIUM, HIGH): MEDIUM

Summary: The article provides current and plausible information supported by reputable sources. However, the freshness of some quotes is uncertain due to unspecified dates, and the reliance on official sources without independent verification slightly lowers the confidence level.

Data Privacy
Online Safety
AI Regulation