Companion Chatbot Laws Are Arriving Fast — And They're About Persona Data, Not Just Safety

A wave of state legislation targeting persona-driven AI interactions is moving faster than most founders expected. Illinois signed its AI Safety Measures Act on July 6. California's SB 300 and SB 1119 are working through Appropriations. Oregon, Washington, and Connecticut already have companion chatbot laws on the books. The Future of Privacy Forum is tracking 98 chatbot-specific bills across 34 states and three federal proposals. If you build anything that remembers a user and responds in character — a companion, an assistant, a coach — this affects you. And the part most people are missing is that these laws aren't just about preventing harm. They're about who owns the data a persona generates, how long it's kept, and what it's used for.

Key Takeaways

What Actually Happened This Week?

Illinois Governor Pritzker signed the Artificial Intelligence Safety Measures Act on July 6, 2026. It requires "large frontier developers" — defined as those generating at least $500 million in yearly revenue — to submit to annual independent third-party audits and develop safety plans. It takes effect January 1, 2028. Capitol News Illinois called it the most stringent AI law in the nation, noting it was modeled on similar bills from California and New York.

This law targets frontier model developers broadly — it's not companion-chatbot-specific. But Illinois was also advancing a separate bill, SB 316, which would have created the Artificial Intelligence Companion Model Safety Act with protocols for detecting suicidal ideation and self-harm expressions. That bill didn't pass before the May 31 adjournment. The pattern matters: states are running frontier-model regulation and companion-specific regulation on parallel tracks, and the companion track consistently includes data provisions the frontier track doesn't.

Which States Have Companion Chatbot Laws Right Now?

More than you'd think. Here's the current map as of early July 2026:

That's six states with active law or near-final bills. And those are just the ones getting press coverage — there are 92 more bills in various stages elsewhere.

Why Are These Bills Really About Data?

Because the safety mandates — crisis detection, content filtering, age verification — are the visible part. The data provisions are the structural part. And they're the part that changes how you build.

Look at what's actually in these bills. Orrick's analysis of 2026 state chatbot laws identifies a clear pattern: emerging legislation includes restrictions on collecting, sharing, or selling chatbot input data, requirements for data minimization or deletion, and restrictions on using minors' data for AI training or advertising. These aren't afterthoughts. They're core provisions.

The framing is child safety. The mechanism is data governance. A bill that says "you must detect self-harm" is a product feature requirement — you add a classifier, you comply. A bill that says "you may not use conversations with minors to train future models" is an architecture requirement. It changes what you store, how you store it, and whether your business model works at all if that business model depends on conversation data as a training asset.

This distinction matters because most companion chatbot products treat user conversations as a resource. The persona remembers you because it retains your data. The product improves because it trains on your conversations. The company monetizes because it profiles your engagement patterns. Every one of those activities is now under regulatory scrutiny — not someday, but in laws that take effect in October 2026 and January 2027.

What Is the FTC Actually Investigating?

The Federal Trade Commission launched a Section 6(b) inquiry into AI companion chatbots on September 11, 2025, issuing orders to seven companies. The press coverage focused on child safety — which is real and important. But read the actual 6(b) orders. The inquiry specifically asks how companies use or share personal information obtained through users' conversations with the chatbots. It probes how companies monetize user engagement. It asks about advertising practices.

This is a data-brokerage investigation wearing a child-safety costume.

The FTC wants to know: when a user tells a companion chatbot about their anxiety, their relationship, their daily routine — where does that information go? Is it sold? Is it used for ad targeting? Is it retained after the user deletes their account? Is it aggregated and licensed to third parties?

These are the same questions the state bills are asking. The difference is the FTC has enforcement authority that doesn't require new legislation, and their findings — expected to be published around summer 2026 — could set the tone for every state bill still in committee.

How Does the 72% Teen Usage Stat Drive This Legislation?

A Common Sense Media report from July 2025 found that 72% of teens have used AI companion chatbots at least once, with more than half using them a few times a month. That number appears in virtually every legislative analysis we've read. It's the single most-cited rationale for these bills.

Legislators respond to concrete numbers. "AI might affect children" is a concern. "72% of teens are already using these products monthly" is a crisis narrative — and crisis narratives produce fast legislation. The speed of the 2026 wave is partly a function of this single data point making the problem feel urgent rather than hypothetical.

But here's the part that should concern every founder in this space: the 72% number means the regulatory environment is being shaped by the worst actors. If the most popular companion chatbots are retaining conversation data, training on minors' inputs, and monetizing engagement without meaningful consent — and those are the products 72% of teens are using — then the laws are being written to address those practices. If your product doesn't do those things, you still have to comply with laws designed to stop companies that do.

What Does "Safety Theater vs. Data Minimization" Mean in Practice?

It means that audits and pop-up disclaimers don't change the underlying business model of memory-driven engagement. Only architecture choices do.

Consider what most of these bills require on the "safety" side: crisis detection classifiers, content filtering for explicit material, age verification or age estimation, disclosure that the user is talking to an AI. These are important — we're not dismissing them. But they're feature-level requirements. You can add a suicidal ideation detector to a product that still retains every conversation indefinitely and trains on it.

The data provisions are different. A requirement to delete conversation data upon request — actually delete it, from training sets, from backups, from derived embeddings — is a system-level constraint. A restriction on using minors' conversation data for model training is a pipeline constraint. A requirement for data minimization — only collecting what's necessary for the service — is a design constraint.

Most products in this space weren't designed with these constraints in mind. They were designed to accumulate conversational data because that data is the product. The persona gets better because it remembers you. The model gets better because it trains on everyone. The business gets better because engagement data is valuable.

When you build the other way — treating conversation data as a liability rather than an asset — these laws become easier to satisfy. Not trivial, but structurally easier. You can't violate a data-retention restriction if you don't retain the data. You can't improperly train on minors' conversations if your architecture doesn't route conversation data to training pipelines.

Why Does the State Patchwork Matter for Product Architecture?

Because 34 states with 98 different bills means 98 potentially different definitions of "companion chatbot," "minor," "operator," "personal information," and "data minimization." If you're building to satisfy each state's specific requirements after the fact, you're playing whack-a-mole with compliance. If you're building with the strictest plausible interpretation as your baseline, you're structurally compliant in most jurisdictions simultaneously.

Oregon's private right of action with $1,000 per-violation statutory damages is an example. That's not an AG enforcement action you can negotiate — it's individual plaintiffs, potentially class actions, with a fixed per-violation number. If your product has 100,000 users in Oregon and you violate the statute in a way that affects all of them, the math is straightforward and unpleasant.

Baker McKenzie's analysis frames it directly: companies with limited visibility into chatbot design face an added layer of regulatory and litigation risk. Troutman Pepper's analysis is more blunt — these laws are transforming companion chatbot deployments from a UX decision into a regulatory and litigation risk, with statutory damages, potential class actions, and heightened scrutiny from state attorneys general.

If you're a founder, the implication is that your privacy architecture is now a compliance moat. Products built with strict data segregation, minimal retention, and no persistent behavioral profiling are lower-risk under multiple overlapping state frameworks. That's not a marketing claim — it's a structural observation about how these laws are written.

What Does This Mean for How We Build Selina?

We build a companion AI that remembers you. That means every one of these laws applies to us directly, and we've been watching them closely.

Our approach is to treat conversation data as something to protect, not something to extract. Some specifics:

Content in Selina is encrypted at rest. Memory is NOT end-to-end encrypted — a slice of each request reaches a frontier provider at inference, which means we can't make a zero-knowledge claim about memory. We state that limit plainly because it's the honest answer. Files and transfers through SelinaSEND are a different story — those are end-to-end encrypted. But memory isn't, and we won't pretend otherwise.

We use a stack of frontier models, routed per task. Non-content operational metadata is kept for a short retention window — not zero retention, but bounded. Your account is protected. Your content is encrypted. Delete means gone — actually gone.

Selina's memory is adaptive, not a transcript. It doesn't store everything you've ever said verbatim. It's not perfect or complete — it's designed to remember what matters without accumulating a comprehensive record of your conversations. That's partly a product decision and partly a data-minimization decision. Under most of the bills we're tracking, less data retained means less regulatory surface area.

We don't train on your conversations. We don't sell conversation data. We don't use it for advertising. These aren't new commitments we're making in response to legislation — they're architecture decisions we made before any of these bills existed. The legislation is catching up to a position we already hold.

That said, we're not claiming compliance with laws that aren't final yet. California's SB 1119 and SB 300 are still in Appropriations. The definitions of "companion chatbot operator" vary across states. We're monitoring the tracker the Future of Privacy Forum maintains and adjusting as provisions stabilize. Stating certainty about compliance with bills that haven't passed would be dishonest.

What Should Founders Be Watching Next?

Three things, in order of urgency:

First, the FTC's aggregated findings. The Section 6(b) inquiry submissions were expected to be analyzed through early 2026, with findings potentially published by summer 2026. When those drop, they'll set the narrative for every pending state bill. If the FTC finds that major companion chatbot operators are using conversation data for training or selling it to third parties, expect the data provisions in pending bills to tighten significantly.

Second, California's SB 1119 timeline. The bill passed the Assembly Privacy committee and is in Appropriations. If it passes, the July 1, 2027 compliance deadline means operators have roughly a year to implement annual comprehensive risk assessments and prepare for independent audits, with confidential reports going to the Attorney General. That's not a long runway for products that need to retrofit data-handling practices.

Third, the definition convergence question. Right now, different states define "companion chatbot" differently. Some scopes are narrow — products specifically designed to simulate a relationship. Others are broad enough to capture any AI that maintains conversational context across sessions. If you build anything with persistent memory and a consistent persona — which describes most useful AI assistants, not just companion chatbots in the colloquial sense — you may be in scope in some states and out of scope in others. Watch for how these definitions converge as bills move through committees.

Is This Really About Children, or Is It About Everyone?

It's about children first. It'll be about everyone soon.

The political dynamics are clear: child safety is the accelerant that gets these bills through committee. The 72% teen usage stat provides the urgency. No legislator wants to vote against protecting children from AI. So the companion chatbot bills lead with minors.

But the data provisions don't have a natural stopping point at age 18. If it's wrong to retain and train on a 15-year-old's conversation data without meaningful consent, the argument that it's fine to do the same to a 25-year-old gets harder to sustain — especially when the FTC's inquiry covers advertising and data handling broadly, not just for minors. The 2026 legislative update from LP makes this point: chatbot bills are becoming a broader data-governance vehicle, not just a child-safety tool.

For founders, the implication is that building data practices that only protect minors is a temporary solution. If you're going to minimize data retention and restrict training on conversations, doing it for all users is both simpler to implement and more durable against the next legislative wave — which will almost certainly expand scope beyond minors.

What Don't We Know Yet?

A lot. We don't know which of the 98 tracked bills will pass. We don't know how courts will interpret "companion chatbot" in enforcement actions. We don't know whether the FTC will pursue enforcement actions or just publish findings and let states act. We don't know whether federal legislation will preempt the state patchwork or add another layer on top.

We also don't know how audit requirements will work in practice. Illinois requires annual independent third-party audits for frontier developers. California's SB 1119 would require independent audits with confidential reports to the AG. Who conducts these audits? What standards do they use? How do you audit a model's propensity to generate harmful content in the context of a persistent persona relationship? These are unsolved problems, and the legislation is moving faster than the audit infrastructure.

What we do know is the direction. More states, more data provisions, more enforcement mechanisms, more private rights of action. The trend line is unambiguous even if the specifics are still forming. Building as if these laws will arrive — and arrive in their stricter forms — is the lower-risk bet.

The conversation about companion AI regulation started with safety. It's landing on data. The founders who figured that out early — who treat conversation data as a liability to be minimized rather than an asset to be mined — are the ones who won't need to retrofit when the next state signs its bill.

If you want to see what a privacy-first companion AI actually looks like in practice, start a free 7-day trial — no card required.

Frequently Asked Questions

What is the main difference between the safety provisions and data provisions in these new chatbot laws?

Safety provisions like crisis detection or content filtering are feature-level requirements you can add to an existing product. Data provisions, like restrictions on retaining or training on conversation data, are architecture-level requirements that can change whether your underlying business model works at all.

Which states currently have companion chatbot laws in effect or nearly finalized?

Oregon, Washington, and Connecticut have signed companion chatbot laws, California's SB 300 and SB 1119 are advancing through Appropriations, and Illinois signed a broader AI Safety Measures Act targeting frontier developers rather than companion chatbots specifically.

Is the FTC's inquiry into AI companion chatbots really just about child safety?

No — while the September 2025 Section 6(b) inquiry into seven companies is framed around child safety, its actual orders ask how companies use or share personal information from conversations, how they monetize engagement, and their advertising practices, making it fundamentally a data-brokerage investigation.

Why did companion chatbot legislation move so quickly in 2026?

A July 2025 Common Sense Media report found 72% of teens had used AI companion chatbots and more than half used them monthly, and that statistic became the most-cited rationale in legislative analyses, turning a hypothetical concern into an urgent crisis narrative that sped up lawmaking.

Does building a privacy-first chatbot product still require compliance with these laws even if it doesn't engage in data monetization?

Yes — because the 72% teen usage stat suggests the worst actors' practices (data retention, training on minors' inputs, monetizing engagement) are shaping the legislation, so even compliant products must still meet laws designed to stop those practices.

Sources & References

Michael C.

Michael C.

Founder & Principal Engineer, Selina Labs

Michael builds Selina, a privacy-first AI that remembers you across conversations. He ships security-sensitive AI in production — real attacks, real fixes, measured in minutes and dollars — and writes about privacy, security, and LLMs from that seat. Top Rated Plus and expert-verified on Upwork.