NetChoice testified before the Virginia Senate to oppose SB 85, “The Digital Choice Act,” warning that the bill compromises user safety and violates the Constitution. We argued that by mandating “third-party-accessible interoperability,” the legislation effectively forces companies to build security backdoors that malicious actors can exploit, dragging all platforms down to the lowest common denominator of security. Furthermore, the bill misunderstands how people use the internet, treating distinct online communities as interchangeable utilities and risking the exposure of private data to unvetted services users never trusted. Ultimately, SB 85 faces insurmountable legal hurdles, infringing on First Amendment rights against compelled speech and raising serious Takings Clause concerns regarding proprietary technology.
NetChoice Testimony in Opposition to Virginia SB 85, The Digital Choice Act
February 3, 2026
Virginia Senate
Committee on General Laws and Technology
201 North 9th Street
Senate Room B
Richmond, VA 23219
Dear Chair Ebbin and Distinguished Members of the Senate General Laws and Technology Committee:
NetChoice, a national trade association working to make the Internet safe for free enterprise and free expression, wishes to express our opposition to SB 85. While we share the Committee’s desire for a competitive online ecosystem, we respectfully oppose SB 85 because it attempts to force a technical architecture on private services that will degrade user privacy, break the consumer experience and violate the Constitution of the United States.
Our primary concern is that this bill compromises the safety, security, and privacy of Virginia residents. By mandating “third-party-accessible interoperability interface[s]” (§ 59.1-577.2) the state would effectively require companies to build and maintain open entry points that can be exploited by malicious actors. While “interoperability” sounds like a helpful standard, in this context, it mandates a backdoor for data harvesting. It is a common refrain among cybersecurity experts that once a backdoor is created where it did not otherwise exist, it is not just there for the good guys. It is inherently a new vulnerability exploitable by bad actors as well.
Furthermore, the requirement to share “social graphs” creates a significant consent and privacy issue. If just one person in a user’s network migrates to a less secure, unvetted platform, they take their interaction history with them. This means a third-party consumer’s private data could be exposed to the security standards of a service they never trusted and never signed up for, dragging everyone down to the lowest common denominator of security.
Crucially, this legislation also creates a perverse incentive structure that freezes security standards in time. Platforms may be forced to delay or abandon advanced encryption and safety upgrades simply because they are incompatible with the mandated interoperability protocols, effectively prioritizing static compliance over the dynamic ability to innovate against evolving cyber threats. These security and privacy tradeoffs are particularly hard to square when considering that the supposed problem the bill seeks to solve is a mirage.
SB 85 fundamentally misunderstands how users engage online. It operates on the flawed premise that all social networks are interchangeable utilities. But users intentionally treat them as distinct communities. People curate different profiles for different audiences; they do not want their professional network on LinkedIn merging with their private family photos on Instagram, or their neighborhood watch discussions on Nextdoor bleeding into public political debates found on X. By treating these distinct contexts as obstacles to be removed, the bill homogenizes the internet. It forces diverse platforms to act like “dumb pipes,” thereby actually reducing consumer choice and is akin to forcing every restaurant to serve every cuisine.
Finally, this bill faces insurmountable hurdles when it comes to the federal Constitution. As the Supreme Court affirmed in Moody v. NetChoice (Moody v. NetChoice, 144 S.Ct. 2383 (2024)), platforms have a First Amendment right to curate content and design their services as they see fit. Forcing a platform to carry the data, code or content of a competitor is a form of compelled speech. Moreover, requiring companies to hand over proprietary technology and user data to rivals without compensation raises serious Takings Clause concerns. Combined with the Dormant Commerce Clause issues raised by creating a state-specific technical mandate on fundamentally interstate services such as online social media platforms, this bill is legally compromised.
For these reasons, we respectfully urge you to protect the privacy and constitutional rights of your constituents by opposing SB 85.
Sincerely,
Patrick Hedger
Director of Policy, NetChoice (The views of NetChoice expressed here do not necessarily represent the views of all NetChoice members)
NetChoice is a trade association that works to protect free expression and promote free enterprise online.