Comparing Enacted App Store Accountability Acts

On May 28, 2026, the 5th Circuit granted a stay on the preliminary injunction blocking enforcement of Texas’s App Store Accountability Act (ASAA)—meaning the law is now in effect while litigation on the merits continues. In 2025, Utah, Texas, and Louisiana enacted App Store Accountability Acts (ASAAs) which impose novel and significant age assurance obligations on app store providers and app developers. These laws require account holder age verification and parental consent for minors at the app store level, with age band and consent data transmitted between the two parties via bespoke “age signals.” Texas’s law was the first scheduled to go into effect on January 1, 2026. Before the law took effect, however, two groups filed suit challenging its constitutionality on First Amendment grounds. In December 2025, a federal judge issued a preliminary injunction blocking the law, finding it more likely than not an unconstitutional content-based regulation. Attorney General Paxton quickly appealed this decision to the 5th Circuit seeking a stay on the injunction, which was subsequently granted last week. 

The uncertain constitutional outlook of ASAAs puts compliance teams in a difficult position. Moving slowly risks liability if the laws survive legal challenge; moving quickly risks sunken compliance costs if ASAAs are ultimately struck down—costs that could have otherwise been diverted to other important trust and safety priorities. While Utah’s, Texas’s, and Louisiana’s laws impose broadly similar obligations on app store providers and developers, important distinctions will shape how companies ultimately achieve compliance. Amendments to Utah’s and Louisiana’s laws in 2026 further shape the developing obligations in each state. FPF created a comparison chart detailing the key terms, scope, and core obligations of these laws, including changes incorporated by 2026 amendments. The chart also includes an Appendix detailing current information about Developer APIs released publicly by app stores to aid developers as these requirements go into effect. 

Key takeaways from this resource include:

• Scope: These laws apply broadly to apps publicly available to consumers for download in an app store with very narrow exceptions, such as for settings apps or essential device drivers, and no wholesale exemptions from application. Uniquely, Louisiana also applies to apps that are available for download from an app store onto connected devices.
• Obligations: These laws require app store providers to implement age verification and obtain parental consent for minor account holders making purchases, downloads, in-app transactions, or significant account changes. Utah and Louisiana extend this requirement to a minor’s first-time access to many pre-loaded apps. Developers must request and receive age signals from app stores, use that data to manage minor access, and implement appropriate safety features. Utah and Louisiana add notable nuances for developers, such as allowing them to request that app stores block minor access to their apps entirely, or permitting reliance on a primary account holder’s age data for “family account apps.”
• Enforcement: Private rights of action (PRAs) are a trending enforcement mechanism in ASAA models. While Utah relies solely on a PRA for enforcement, Texas’s law only allows a PRA through incorporated references to the Deceptive Trade Practices Act (DTPA). Louisiana is the only law that  does not include a PRA.

The ASAA trend has continued into 2026 with Alabama enacting a new ASAA law back in February. Alabama’s law largely tracks with the ASAA models in Utah and Louisiana following their 2026 amendments. As ASAA legislation and litigation continues to develop, the 5th Circuit’s stay on injunction means that compliance teams must figure out how to navigate this growing thicket of app store age signals and online safety requirements in the meantime.