The "Child Data Privacy and Protection Act" is designed to enhance the protection of personal data for children under eighteen in South Carolina by introducing a new Article 9 to Chapter 5, Title 39 of the South Carolina Code. This legislation requires entities that offer online products aimed at children to conduct data protection impact assessments, limit data collection to what is necessary, and implement "privacy by default" settings. It also mandates that privacy policies be clearly displayed and understandable to children, and that parental consent is obtained for targeted digital advertising. The bill further outlines the responsibilities of the Office of the Attorney General, which include providing guidelines for data protection assessments, conducting public awareness campaigns, and producing biennial compliance reports.

Additionally, the bill establishes a framework for imposing civil penalties on individuals or businesses that violate its provisions, with penalties reaching up to twenty thousand dollars per violation and a total cap of two hundred fifty million dollars. The Attorney General must provide written notice of alleged violations at least ninety days before taking legal action, allowing the accused to rectify the issue. The distribution of collected penalties is also specified, with twenty percent allocated for public awareness campaigns and eighty percent for enforcement efforts. The act allows for legal action on behalf of child users or their next of kin in cases of harm, providing successful plaintiffs with various damages and legal remedies. The legislation is set to take effect one hundred eighty days after the Governor's approval.