The "Child Data Privacy and Protection Act" seeks to strengthen the safeguarding of personal data for children under eighteen in South Carolina by introducing a new Article 9 to Chapter 5, Title 39 of the South Carolina Code. This legislation establishes definitions related to child data privacy and mandates that entities offering online products for children conduct data protection impact assessments. It prohibits the collection, retention, processing, or sale of personal data unless necessary for product provision or legal compliance. The bill also emphasizes privacy by default settings, requires parental consent for targeted advertising, and mandates that entities grant parents or guardians access to user accounts upon request.

Additionally, the bill outlines the responsibilities of the Office of the Attorney General, including executing a public awareness campaign and producing a biennial compliance report. It establishes a framework for imposing civil penalties on violators, with penalties reaching up to twenty thousand dollars per violation and a total cap of two hundred fifty million dollars. The Attorney General must provide written notice of alleged violations before legal action, allowing for rectification. The distribution of collected penalties is specified, with twenty percent allocated for public awareness and eighty percent for enforcement. The act also allows legal action on behalf of child users harmed by violations, with successful plaintiffs entitled to damages and legal remedies. The act will take effect one hundred eighty days after the Governor's approval.