4 CCR 904-5
Colorado Department of Law ONLINE DATING SAFETY ACT RULES 4 CCR 904-5 [Editor’s Notes follow the text of the rules at the end of this CCR Document.] PART 1 GENERAL APPLICABILITY Rule 1.01 Authority The statutory authority for this Part 904-5 is sections C.R.S. §§ 6-1-108(1) and 6-1- 731.5(4.5).
Rule 1.02 Severability If any provision of these Online Dating Safety Act Rules, 4 CCR 904-5, is found to be invalid by a court of competent jurisdiction, the remaining provisions of the Rules shall remain in full force and effect.
PART 2 DEFINITIONS Rule 2.01 Authority and Purpose The statutory authority for the rules in this Part 2 is C.R.S. §§ 6-1-108(1) and 6-1- 731.5(4.5). The purpose of these rules is to define certain undefined terms that are used throughout the Online Dating Safety Act, C.R.S. § 6-1-731.5, and these Online Dating Safety Act Rules, 4 CCR 904-5. The terms defined by this rule and C.R.S. § 6-1-731(1) are capitalized where they appear in the rules to let the reader know to refer to the definitions. When a term is used in a conventional sense, and is not intended to be a defined term, it is not capitalized.
Rule 2.01 Defined Terms “Annual Safety Report” means the annual report concerning Member safety and the Online Dating Service’s compliance with C.R.S. § 6-1-731.5 as required by C.R.S. § 6- 1-731.5(4)(b).
PART 3 SAFETY POLICY Rule 3.01 Authority and Purpose A. The statutory authority for the rules in this Part 3 is C.R.S. §§ 6-1-108(1) and 6-1- 731.5(4.5). The purpose of the rules in Part 3 is to ensure that Online Dating Services understand the process to submit to the attorney general's office the URL for its Safety Policy and that the Safety Policy is understandable to Members.
Rule 3.02 Process to Submit Safety Policy URL A. Pursuant to C.R.S. § 6-1-731.4(a), an Online Dating Service shall submit the URL for its Safety Policy posted on its website to the attorney general’s office within fifteen days after enacting the Safety Policy. If an Online Dating Service updates the URL for its Safety Policy, it shall submit the updated URL to the attorney general’s office within seven days after updating the URL.
B. An Online Dating Service shall submit the required Safety Policy URL to the attorney general’s office through the form available on the attorney general’s website, located at https://coag.gov/dating-safety/.
Rule 3.03 Requirements for Safety Policy A. The Safety Policy made available to Members pursuant to C.R.S. § 6-1-731.5(2) must be:
1. Understandable and accessible to Members, considering the vulnerabilities or unique characteristics of the target audience of the Online Dating Service. For example, the Safety Policies shall use plain, straightforward language and avoid technical or legal jargon.
2. Reasonably accessible to Members with Disabilities, including through the use of digital accessibility tools. For Safety Policies provided online, the Online Dating Service shall follow generally recognized industry standards, such as the Web Content Accessibility Guidelines, version 2.1 of June 5, 2018, from the World Wide Web Consortium, incorporated herein by reference as described at Rule 5.02. In other contexts, the Online Dating Service shall provide information on how a Member with a disability may access the disclosure or communication in an alternative format.
3. Available in the languages in which the Online Dating Service in its ordinary course provides web pages, interfaces, contracts, disclaimers, sale announcements, and other information to Members.
4. Readable on all devices through which Members interact with the Online Dating Service, including on smaller screens and through mobile applications, if applicable.
PART 4 ANNUAL REPORT Rule 4.01 Authority and Purpose A. The statutory authority for the rules in this Part 4 is C.R.S. §§ 6-1-108(1), 6-1- 731.5(4)(b)-(c), (4.5). The purpose of the rules in Part 4 is to clarify the scope and content of the Online Dating Service Annual Safety Report required by C.R.S. § 6-1-731.5.
Rule 4.02 Scope A. An Online Dating Service shall create an Annual Safety Report as required by C.R.S. § 6-1-731.5. An Online Dating Service Annual Safety Report shall be a genuine, thoughtful analysis that:
1. documents measures taken by the Online Dating Service to comply with C.R.S. § 6-1-731.5;
2. describes the Online Dating Service policies to promote safer online and in-person dating experiences for Members; and 3. details the implementation of the Online Dating Service policies concerning Member safety.
B. If an Online Dating Service creates an Annual Safety Report for the purpose of complying with another jurisdiction’s law or regulation, the report for the other jurisdiction shall satisfy the requirements established in this section if that report is reasonably similar in scope and effect to the Annual Safety Report required by this Part 4.
C. If an Online Dating Service has internal documents which contain the same information required by the Annual Safety Report, the Service may provide those documents to fulfill the report requirements along with an appendix which references where the required information may be found in the documents. Rule 4.03 Annual Safety Report Content A. At a minimum, the Annual Safety Report must include each of the following:
1. The date the Online Dating Service most recently updated its Safety Policy;
2. The date the Online Dating Service most recently submitted the URL for its Safety Policy to the attorney general’s office;
3. Which of the following tiers the Online Dating Service belongs to:
a. Tier 1: Greater than 10 million monthly active users during the reporting period;
b. Tier 2: Between 5 million – 10 million monthly active users during the reporting period;
c. Tier 3: Between 1 million – 5 million monthly active users during the reporting period;
d. Tier 4: Between 500,000 – 1,000,000 monthly active users during the reporting period; or e. Tier 5: Less than 500,000 monthly active users during the reporting period.
4. Information about the enforcement of the Online Dating Service Safety Policy during the reporting period, including:
a. Enforcement metrics based on violations of the Online Dating Service's Safety Policy within the reporting period, including the total number of Members or accounts subject to Remedial Action, the percentage of active users during the reporting period represented by those Members or accounts, the Safety Policy provisions violated, including violations involving Misconduct that Threatens Public or Personal Safety, the type of Remedial Action taken, and whether the Remedial Action resulted from a report from another Member or proactive review or moderation by the Service;
b. A summary of the process by which the Online Dating Service notifies other Members who interacted with Members removed from the Online Dating Service for violations of the Safety Policy, including information about the number of Members notified, disaggregated by type of reported content or conduct that resulted in removal.
c. A summary of the forms of proactive review or moderation utilized by the Online Dating Service, including what automation measures are used by the Online Dating Service for enforcing its Safety Policy, processing reports, or other measures taken to address Member safety;
d. A summary of the process the Online Dating Service uses to prevent individuals who have been removed or banned for violations of the Safety Policy from re-registering or creating new accounts;
e. The number of Members or accounts which, during the reporting period, were prevented from re-registering or creating new accounts on the Online Dating Platform after being removed or banned for violations of the Safety Policy, including the percentage of active users during the reporting period represented by these Members or accounts;
f. If an Online Dating Service is owned or operated by a parent company that owns or operates one or more additional Online Dating Services, a summary of the process in place to ensure that an individual who has been removed, suspended, or banned by an affiliated Online Dating Service for violations of its Safety Policy is subject to review before being permitted to create or maintain an account on a different, affiliated Online Dating Service; and g. The number of individuals who, during the reporting period, were prevented from creating or maintaining an account on the Online Dating Service after being removed, suspended, or banned violating the Safety of an affiliated Online Dating Service.
5. Information about the enforcement of the Online Dating Service’s policy concerning criminal background screening during the reporting period, including, if applicable:
a. A summary of the Online Dating Service’s process regarding Member criminal background screening;
b. The number of criminal background checks conducted and the number of individuals excluded from the Online Dating Service based on the results of a background check;
c. Whether individuals are notified when a criminal background check results in their exclusion or suspension from the Online Dating Service, and whether they may appeal the decision, including a description of the appeal process and timeframes;
d. Whether and how the service conducts periodic further criminal background checks or ongoing monitoring of Members with existing accounts, and under what circumstances (e.g., following a report or periodically); and e. When and where the Online Dating Service provides disclosures regarding their criminal background check policies outside of the Safety Policy, and copies of or links to any such disclosures.
6. Information on enforcement of the Online Dating Service Member identity verification and age verification policies during the reporting period, including, if applicable:
a. A summary of the Online Dating Service’s process regarding Member identity verification;
b. A summary of the Online Dating Service’s process regarding Member age verification;
c. The number of Members or accounts who were removed from the Online Dating Service and the number of individuals not allowed on the Service as result of identity verification conducted by the Online Dating Service or their parent company or affiliates; and d. The number of Members or accounts removed from the Online Dating Service and the number of individuals not allowed on the Service as a result of age verification conducted by the Online Dating Service or their parent company or affiliates.
7. A high-level overview of the process and factors considered by the Online Dating Service when deciding whether to take Remedial Action on a Member report about prohibited content or conduct, and whether prior reports or prior Remedial Actions involving the reported Member are considered in that determination.
8. Information on Member reporting and appeals during the reporting period, including:
a. The mechanism(s) for Members to report other Members for prohibited content or conduct, including where on the Online Dating Service the reporting forms are accessible;
b. What type of notice or communication reporting Members and reported Members receive throughout the reporting processing period, including through any appeal process and upon resolution;
c. The mechanism(s) for reported Members to appeal the report, if any, including where on the Online Dating Service the reported Member can submit an appeal and what information is required to submit an appeal;
d. The notices, communications, or limitations on an account or appealing Member can expect while an appeal is pending, including whether account restrictions remain in place until resolution;
e. The number of Members or accounts who were the subject of more than one Member report of prohibited content or conduct within the reporting period, specifying the numbers of reports for Misconduct that Threatens Public or Personal safety, and including whether Remedial Action was taken after the first, second, or subsequent report;
f. The number of reports of prohibited content or conduct the Online Dating Service identified as knowingly false, malicious, or submitted in bad faith, and whether any Remedial Actions were taken against the reporter in response; and g. The average and median time between when a report of prohibited content and conduct is received and when the Online Dating Service takes final action or closes the report.
9. Information on safety resources for Members provided by the Online Dating Service, including:
a. The locations and methods by which the resources required by C.R.S. § 6-1-731.5(2)(i), are provided to Members;
b. Whether and which resources required by C.R.S. § 6-1-731.5(2)(i), have been developed in consultation with appropriate online safety or dating experts or advocacy organizations; and c. The total number of Members who have accessed the resources required by C.R.S. § 6-1-731.5(2)(i) during the reporting period.
10. Information on the Online Dating Service’s policies and processes to promote safer online and in-person dating experiences for Members, including:
a. A description of the safety measures the Online Dating Service implemented as features of the Service to promote safer online and in-person dating experiences for Members as referenced in C.R.S. § 6-1-731.5(2)(j), including which safety measures are on by default and what risks the features were designed to address.
b. Of the safety measures implemented as outlined 10(a), what percentage of Members have engaged with those measures during the reporting period;
c. What, if any, controls Members have over the visibility of their personal information, discoverability of their profile, or ability to block other Members on the Online Dating Service;
d. How a Member’s geolocation is used, if at all, and if Members can control the use of or opt out of geolocation services;
e. A summary of platform-wide Trust & Safety resources and investments, including high-level information about the cross- functional expertise that contributes to user safety;;
f. A summary of training relevant to Member safety the Online Dating Service trust and safety team receive, including but not limited to appropriate training to assist or refer Members who have made a genuine complaint or report to the appropriate support;
g. A summary of the Online Dating Services’ process for responding to requests for information from law enforcement; and h. A summary of when or under want circumstances the Online Dating Service proactively refers Members, Member activity, or Member complaints to law enforcement, i. The total number of Members referred to law enforcement during the reporting period.
11. Dates the Annual Safety Report was reviewed and approved. Rule 4.05 Process to Submit Annual Safety Report A. Pursuant to C.R.S. § 6-1-731.5(4)(b), an Online Dating Service shall submit an Annual Safety Report to the attorney general’s office on or before January 31, 2026, and on or before January 31 of each year thereafter.
1. The first Annual Safety Report submitted to the attorney general's office Pursuant to C.R.S. 6-1-731.5(4)(b) must include at a minimum the information required in Rule 4.03 subparts (A)(1-3). If all information required by Rule 4.03 is also included in this first report, no additional report is needed. If only the minimum required information is included, a supplemental report containing all information required by Rule 4.03 must be provided to the attorney general's office by August 31, 2026.
2. All subsequent Annual Safety Reports must contain all information required in Rule 4.03 on or before January 31 of each year thereafter.
B. An Online Dating Service shall submit the required Annual Safety Report to the attorney general’s office through the form available on the attorney general’s website, located at https://coag.gov/dating-safety/.
PART 5 MATERIALS INCORPORATED BY REFERENCE Rule 5.01 Authority and purpose A. The statutory authority for the rules in this Part 5 is C.R.S. §§ 6-1-108(1) and 6-1- 731.5(4.5). The purpose of the rules in this Part 5 is to incorporate by reference the guidelines that are referred to in 4 CCR 904-5, Rule 3.03. Rule 5.02 Web Content Accessibility Guidelines A. The Web Content Accessibility Guidelines, version 2.1 of June 5, 2018, from the World Wide Web Consortium, are hereby incorporated into 4 CCR 904-5, Rule
3.03 by reference pursuant to C.R.S. § 24-4-103(12.5), and do not include any
later amendments.
B. Copies of the Web Content Accessibility Guidelines that are incorporated by reference into these rules may be obtained by sending a written request to the following address by U.S. mail:
Colorado Department of Law Ralph L. Carr Judicial Center 1300 Broadway, 9th Floor Denver, CO 80203 C. The Web Content Accessibility Guidelines published by the World Wide Web Consortium incorporated by reference into these rules are available at no cost in an electronic form online at https://www.w3.org/TR/WCAG21/.
D. The Colorado Department of Law also maintains a copy of the Web Content Accessibility Guidelines that are incorporated by reference into these rules that is available for public inspection at the Colorado Department of Law’s office during regular business hours.
Editor’s Notes History New rule eff. 03/30/2026.