Politicians will do any draconian measure to help kids except try and improve the lives of their parents so that they can actually dedicate time to parenting. Making it slightly harder to access the internet fixes nothing. What if instead of having the largest prison population in the world our government supported communities that make raising good children possible? Our society needs to lose this urge to diagnose each other and provide some forceful treatment and instead set sights on providing the pre-conditions for everyone to prosper and lead their version of a fulfilling life. Only then will we have functional, healthy children. I quite like what the mayor of Baltimore has been doing to revitalize his city and it seems to be leading to actual change there if you want a good example: https://m.youtube.com/watch?v=XQs59YY-e2I&pp=ygUXY2hhbm5lbCA...
IF it were for the kids - but I don't think it is.
> Making it slightly harder to access the internet fixes nothing.
This assumes it is about the children. But if you do not think so
then it opens up new alternatives suddenly, be it from tracking
people, to targeted ads or any other information that could be
gathered and eventually either monetized or put in tandem with
other information. We'd get age graphs that way too.
Before that we could speculate to some extent, but with mandatory
age sniffing and id-showing at all times, those who track people
and benefit from it, benefit now even more.
> IF it were for the kids - but I don't think it is.
Exactly. If it was about kids, then you do not direct legislation towards everybody, but at parents. Give parents the software and tools (parental control settings) to restrict their child from searching certain terms and accessing certain sites. Bob or Susan (middle age adults), down the street, should have nothing to do with that.
It's about outright surveillance, tracking, censorship, control, and politicians putting money in their pocket. "Kids" is just a cover for their intentions and dirt. More has to be done to call out the deception.
Agreed. I’m sure some house members will vote for it because they only had a random staffer read the bill and heard that it gives them a good talking point in the next election. I just wanted to point out what’s maybe obvious to everyone that this won’t help kids. I’m sure this is being pushed by Meta/whatever other ad dependent business wants to pass off liability of verifying age with the added benefit to everyone in power that it’s easier to track everyone as a result.
The proving-your-age thing seems like a weasely way to talk about it. As you mentioned, providing a legible photo of your US state ID is a lot more data than your birth date!
well, and this bill literally only makes you prove age to ... set up the device.
how are we in 2026 and phones dont have guest mode or "i handed it to my kid mode"
apple's guided access is a terrible 1% solution to the problem. in one click i should be able to put my phone into some kind of locked down mode that exposes only what is allowed, starting with nothing unless whitelisted, with multiple profiles.
in the same sense, all the streaming services having their own separate kids profiles, instead of the streaming device having a single kids mode that exposes only the kids mode content from each app makes kids mode useless when a kid can just change the app, or gets stick into a single provider and i have to go help them switch.
In addition to profiles you can also 'pin' an app from the recents menu so the kid cannot exit the app, sortof like a kiosk mode. It requires bio/auth to undo the pin.
To me that's faster and much closer to a safe "hand the device to a kid" mode.
While age gate attempts are comically stupid, an adult giving a kid a device purpose built for addictive behavior should absolutely be as illegal as giving them alcohol or cigarettes. I really hope Apple and Google are not stupid enough to further enable this.
> Politicians will do any draconian measure to help kids except try and improve the lives of their parents so that they can actually dedicate time to parenting.
Because in their eyes your children are not your children. You are simply a custodian of their future work force asset. If you educate your children too much into individualism, they (today’s politicians) may see a diminished return of whatever they want to achieve.
And if you don’t agree with me on an emotional level, well, just remember the words of Elon Musk (paraphrasing): we need people to have children because we need to have workforce in the future. Translation: we need people to have children because who will work for us and makes tons of money.
If you have it too good, you aren’t dependent on them, you have all the carrots. They have no stick. They want to have the stick.
Sure, but this is only tenable as a technical position that aims to reduce all forms of centralized power. It completely fails as a political position applied to the nominal "government". Politically, pushing in this direction seems to only ever play out as reducing the power of governments over corporations, while often even increasing the power of government over individuals (spurred on by corporations looking to wield that power through the government). Whereas for it to achieve its intended individual liberty, the complete opposite would have to happen - decreasing the power of governments over individuals while holding or even increasing the power of governments over corporations - otherwise unrestrained corporations simply step into that nonconsensual role of government and we're back to step #1.
Would you believe that I agree with what you wrote completely?
I’m pretty much a pure anarchist in terms of principles, but I’m a pragmatist in practice. I’d describe my approach in politics as “What do you wish the government would stop doing? Let’s focus on making that happen.”
You can’t change a culture by changing the political system, but my hope is that you can change a political system by changing the culture. I want to be as independent of the state as I can possibly be, and I want to encourage others to do the same. My hope is that this sort of cultural shift will eventually lead the shrinking of the state. I don’t expect to live to see that happen, but I hope my children and their children do.
Aside from the above, just don’t harm others. That’s it.
I would. My own views had to come from somewhere, right?
Responding to what you've said, my unfortunate experience is that culture always ends up going sideways. As movements grow in mindshare they tend to attract people focused on power/expedience, only applying the initial precepts towards those ends. And gaining control over some existing centralized power structures is much more lucrative than a given person's share of the distributed wealth that would be created by successfully constraining them.
Which ties right into the problem I saw with your original comment. A statement like "Government should be so powerless as to be unattractive targets for corporate influence" lands in the political/partisan context by default. And while perhaps that's a symptom of how [unfortunately] inured in centralized politics we are, it's still a fact. So even though we can both take a step back and lay out the context where that can be an agreeable productive statement, the overwhelming use of similar statements is actually to attack individual liberty by getting people to overfocus on the nominal government while giving a pass to another primary contingent of the centralized power structure.
If you’re interested, see my response to a sibling comment of yours for a more complete description of my mindset.
Specific to this, though: there’s a big difference between a stateless society and a failed state. You’re describing failed states.
I also very much agree with you about the result of a power vacuum. I argue that a power vacuums exist not because of the absence of a state, but because of the absence of a state where the populace expects and relies on a state to be.
I didn’t say we should get rid of it all tomorrow morning :)
> Politicians will do any draconian measure to help kids except [...]
They are covering for and not prosecuting perpetrators in the biggest child trafficking and abuse scandal in recent memory -- the Epstein case. Let us do away with even a surface-level pretense that they care about kids at all.
Maybe you mean where in bill does it say a US photo ID is required.
I think your are correct, I don't believe such a requirement exists in the bill itself and that's a big part of the article. Because the law doesn't require this, there's a very real risk that people won't realize that, if you are an adult, you will be required to upload a photo of your state ID. Prople might support the bill and only realize what it means in practical terms once it is too late and it has become law.
It isn't clear to me if requiring photo ID is a practical requirement or a decision the two incumbent vendors have made for their own reasons. My guess is that it is the cheapest and easiest solution.
There is no other technology to do age verification at scale.
Apple, Google and such will contract out this age verification to a third-party which will ask you to upload your ID and a 3D face captcha, which the third party will delete within 15 days, but somehow magically still make it into an unfortunate, unavoidable data leak a couple of years later.
I think you are assuming what their definition of "verify" is going to be, but it's not actually written in the text of the bill, so we don't know. Similar laws in some states only asked the OS to collect the age, it specifically doesn't say that the information must ever be accurate, stored or used for anything.
Collecting the age will be done via a photo of a legal US state ID. We can take bets but, as the article points out, only two vendors can do this and this is how they do it.
> The term “operating system” means software that supports the basic functions of a computer, mobile device, or any other general purpose computing device.
> The term “operating system provider” means a person that develops, licenses, or controls the operating system on a computer, mobile device, or any other general purpose computing device.
So excited to see the GNU vs. Linux debate finally land in court.
[Edit: Never mind, others have explained elsewhere in the discussion. It's the lawsuits Facebook is losing for addicting kids. So rather than, you know, stopping doing that, they want to instead legally force us to alter every OS on the planet. Disgusting.]
Just answering with a possibility here, but they could be seeking freedom from liability for failure to moderate content or ensuring their service is "not harmful". If it's only for consenting adults, and every adult can be pinned down with an identity, whatever happens can have the blame assigned away from meta.
This will be perfect for those washing machine manufacturers! It will permanently pair itself to your passport with e-fuses, so that if you ever try to resell your old washing machine on the secondary market, it'll be worthless unless you also sell the buyer your passport
No worries, by that time so many people will have lost their jobs because of AI that you can hire a homeless person to register all your devices for a snickers. Dirty Mike and the Boys are going to own a lot of mobile devices, and control the world trade of snickers.
I got a house with a 25-year roof, an indestructible Japanese shitbox car I can repair myself from scrap if I have to, and enough in the bank at three to five percent to pay my taxes, all of my hobbies, eating steak every day if I wanted and my share of the universal multi-payer health care system in my country.
That puts me for the rest of my life at a level of fuck you.
And if the system breaks down, I’m just going to hunt and eat you.
How big do you think your chance of survival is meeting someone hungry who spent over a decade in war and conflict zones and is still here?
I’m more concerned about the future for your sake than for mine.
Breathtaking entitlement, self-righteousness, and arrogance.
Arrogance is usually a defense mechanism that you can't fix with logic... people use it to shield themselves from their own insecurities so they don't feel inadequate or threatened.
If you can't see your own flaws, you can't understand why others don't like your behavior.
"As a rule, strong feelings about issues do not emerge from deep understanding."
Haha I think he was just being humorous, expletives notwithstanding.
Know what gave it away?
> enough in the bank at three to five percent
I mean lol if he’s expecting banks to be around in a societal collapse situation he’s got another thing coming, wonder how the shitbox car will do when fuel runs out in 8 weeks worldwide. Mad max baby!
Reading this made me think of the 4chan Navy Seals copypasta about a top of the class navy seals trained in gorilla warfare, the best sniper in the whole US marine corps.
I will send your administration a request to put your statue on top of the Arc de Trump. If they can pay 400 million for a ballroom, they can spend one for a diamond statue of the man that saved a lot of American lives today.
True heroes don’t always wear capes. Sometimes they have butcher knife’s.
Social score is for communists and autocratic regimes, minton. I live in a democra…
Wait, 27% for the right-wing extremists in Germany?
The strongest party if there were elections today?
Some of them publicly state they are the friendly faces of facism?
> It leaves open to interpretation if it applies to all computers, or just general purpose ones.
That's not even the worst part:
> a person that develops, licenses, or controls the operating system
Suppose you write a generic piece of code that some third party then includes in an operating system, but you're the only relevant person in the jurisdiction. Are you now an "operating system provider"? If the "operating system" is made by hundreds of people or more, is it none of them or all of them or what?
Suppose you're a company and you've got a bunch of servers, which are computers, and you have root on them, i.e. you "control" the "operating system".
IMHO, the law tries to target the last entity which has practical control over the OS design and implementation aka the final developer/integrator.
For example in the Linux world, it's the distributions.
Where it gets murky is with Android (and to a lesser extent Windows).
IMHO, the entities which should be responsible are Google and Microsoft.
But since vendors, specially in the Android world, can heavily tweak the OS, there is a case that it's more the device manufacturers like Samsung which are responsible.
The relevant interpretation in practice will usually happen naturally, and the most ambiguous stuff will be set by jurisprudence if necessary.
> IMHO, the entities which should be responsible are Google and Microsoft.
So let's say someone in e.g. South America publishes an Android ROM. >99% of the code was written by Google but the author isn't using Google Play or any form of Google service for updates, it's only using the base Android code with their own updater.
If someone in California uses this ROM and the person in the other jurisdiction made modifications so that it doesn't comply with this law, who is in trouble? It's pretty unreasonable to claim that it's Google, but then is it no one, since the party responsible is outside the jurisdiction?
I would argue it falls more on a case like the Linux distributions one and the guy in South America is responsible.
Google, in my opinion, can be held accountable for Android because they deeply control the ecosystem (App Store, APIs, Services) and de-facto prevents significant modifications, specially when they deal with Android security framework & mechanisms (if you modify this stuff too deeply, the Apps could break).
But if a distribution cuts ties with that, then it's the author or the entity behind it who is responsible, and if it's deemed illegal, downloading his ROM should be blocked in the US.
In truth, if I were a defender of this law (which I'm not), I would not worry too much about it. This text is here to force mainstream OS vendors to provide an API for age verification. The micro-subset of people flashing custom roms onto their phone or recompiling a piece of OSS software with some flag disabled is in practice so small that it's not really an issue.
While I do agree that this law could be better written, properly categorizing in it the cases of MS, Apple, Google and maybe entities like Linux Distribution honestly is kind of a nightmare.
Do we know who is funding this? is this one of these things where Meta doesn't want the responsibility for this, so they are pushing to have the OS have the responsibility or something like that?
They also added this page since I posted that comment: https://web.archive.org/web/20260411112604/https://tboteproj... where they claim their website is "under surveillance" because it got a few thousand requests from Google Cloud et al, most of them to a single page. This really shows how low their standards are.
I share your wariness of the LLM garbage, but I believe the conclusions are correct. This has Facebook's stink all over it. I worked there and know of what I speak.
So we should believe the hallucinations because they sound like something that could be true? Does the LLM in the middle somehow makes it more trustworthy than if GP had just shared their own pattern-matching conjecture?
No. I think LLMs are garbage. Separately, and unrelated: I think Facebook is behind these bills. The LLM may be garbage and still sometimes produce a correct result.
Yes, it would be nice to know with certainty who is behind these bills. It sucks how much opaque money influences American politics.
Josh Gottheimer's press release[1] on HR8250 mentions the "Meta Parents Network." I don't know what that is, but it does have "Meta" in the name.
Buffy Wick's noise about AB1043 claimed it was passed with the support of tech companies. I have spoken directly to one person close to AB1043 who told me Facebook argued against AB1043. I have doubts. But if true, I suspect they were not arguing in good faith and had ulterior motives.
In the end, no matter who is secretly lobbying for or against age verification bills all over the planet, the bills are terrible, and we should fight them.
I was relieved to hear it was an emotionless mega-corporation catalyzing this, and not a sudden competence of evil bureaucracies in the USA and Europe.
> is this one of these things where Meta doesn't want the responsibility for this
Very likely, given the legal liability they are already facing from the "addictive" court cases that are turning against them. Moving the liability for "age verification" away means they will not also be facing a huge number of court cases accusing them of showing an underage person adult age content provided they followed the law's proscribed "ask the OS for the user's age" requirements.
Also, note that only a few months ago Zuckerberg was in court testifying that the single best place to perform "age verification" was in the operating system of a device. Now, like mushrooms after a long rain, at roughly the same time up pop bills in nearly every statehouse, Congress, even Brazil, that all read nearly identically and that all are so broad as to require "the OS in anything with a CPU do age verification". The nearly identical text in each highly implies a single lobbying entity is behind all of them (it would be quite the coincidence that 50 state houses, plus Congress and Brazil, all write nearly identical bills independently). And the connection back to Zuck's court testimony of "age verification is best done in the OS" highly implies that the single lobbying entity is Meta, or funded by Meta to obtain this outcome.
Facebook. There's a wave of child endangerment lawsuits incoming and they want to head that off at the pass by having governments shift all that liability over to the OS vendors.
Microsoft just force-updated my operating system (despite declining every option and prompt) and the first thing I noticed working differently was it offering, in an OS popup, to "connect" the computer to "Facebook".
These people have root access to all our webcams.
I don't think we can tolerate these entities to continue to exist.
What can we do about it? The major tech firms have nearly all the power here, including quite obviously full capture of government (not just here but other countries as well).
Basically a mass-protest via network packets. Could we argue sending packets to a server is essentially a form of protest protected by speech similar to a public gathering?
How does that help Facebook? They already have plenty of signals to guess their users' age, what would they do with an other one? They are not going to ban children anyway.
The OS should start labeling everybody as a child by default. Forbid Facebook to show ads and any harming content by default. The OS has little less to lose with this approach than FB.
FB etc. may argue "device says this user is an adult", even though device may say that only because the parents don't set up separate user accounts e.g. shared family iPad, or because the kids being more tech savvy in the first place like we all were when I myself was a kid.
Every one of these age assurance laws basically says:
1. The OS vendor must provide an age bucket using the minimum amount of data necessary
2. App vendors (i.e. Facebook) must use the OS vendor's age buckets to determine age
The idea is that the next time Facebook gets hit with a child endangerment lawsuit, they can say "Well, we used the age buckets the government told us to, and they said the plaintiff was 18+, so we're not liable".
This, of course, assumes that most social media and Internet regulation will continue being targeted at children only, both because courts are reluctant to enforce 1A on laws that censor children[0] and because the current political class actually benefits from the harms Facebook does to adults. Like, a good chunk of government surveillance is just buying data from Google and Facebook.
[0] The root password to the US constitution is "th1nk0fth3cHIldren!!1" after all
with age requirements for use of social media, Meta faces tremendous liability in many countries if they cannot do the verification correctly.
they don't want to do it, nor face the risks, so they'll push it to the OS.
they also know that banning under-16s means a huge market will be gone, so they want an easy-to-bypass OS fix. if their tween market gets around the hardware and OS it's not their problem, but Meta can't it if it's on them.
in other words lets annihilate the free internet and maybe democracy so we can lower our risk profile
If something is codified in law, they can comply with the law fully, and yet not have any real backlash from users. This can also shield them from many lawsuits. Conversely, if they start ratcheting down age-verification on their own, users will become quite upset. If they don't ratchet it down, then... as you can see, potential lawsuit.
And this isn't just about LLMs, once the concept of "a platform is liable for harm" happens, it's about everything. Including content other people slap into an app store. And the US has been talking about section 230 removal, countries around the world are reducing such exclusions, so the wind is blowing towards even more liability for platforms.
If you look at Google's recent moves to identify all developers prior to install on Android, there may even be some of this in that. How can they ban someone from publishing illegal material, or material Google will be liable for, if they don't even know who the publisher is? They'll just slide into a new account.
(Note, I said "some" not "all", there is often not just one reason for an action)
So I suspect that the push is from all online platforms of any size or scope. It will shield them, protect them from liability, whist at the same time redirecting user ire at the legislation, not them. HN types might still brood, but the average person won't have insight. "Protect the children" as a reason works for the average person, it works very very well, and really, that's what a lot of these lawsuits are about.
So I point back to such lawsuits as the start of all of this. And I see it as why there is a push from Apple, Google, Meta and so on. And simply because I'm saying "big corp wants this, not just Meta", doesn't mean I'm saying "Meta isn't doing anything".
Meta can be pushing this, hard, whilst at the same time every other large corp can be working towards the same outcome.
It must be OS responsibility because that’s the only place that allows the next step.
Everyone is so concerned with kids pretending to be adults, what about adults pretending to be kids? Any service that has any kind of private chat or picture sharing option will be a playground for “verified” kids.
Next step, “we must go further with the verifications until everyone is verified everywhere”. This is where the OS part comes in. Wish it was sarcasm.
MS is ratcheting up the 'mandatory Microsoft account' on Windows, probably for this reason. The 'identity strongly bound with the device' stuff on corporate devices is being tested and secured in that environment, and it is almost certainly one step from being forced onto non-corporate devices, once they 'have to' by law.
The "children's version" has to be engineered to assume some adult users anyway-- since you're going to have some types of helicopter parents logging into the same platforms the kids are on to make sure they're all right. So the threat model of "what if a paedophile gets a Club Penguin account" is already wargamed out.
In many cases, this consists of dramatically limiting user-to-user comms, hyper-aggressive filtering, sometimes even to restricting to pre-canned messages only. (I'm sure someone is already encoding morse code ethnic slurs into patterns of friendly gestures, but that's another story).
... which is entirely consistent with his statements.
Here are more of his own words from the same letter:
> And what country can preserve it’s liberties if their rulers are not warned from time to time that their people preserve the spirit of resistance? Let them take arms. The remedy is to set them right as to facts, pardon and pacify them. What signify a few lives lost in a century or two? The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants. It is it’s natural manure.
The blood of patriots and tyrants. He never expected rebellion to go unchallenged, he was advocating that we should maintain the spirit of rebellion as a guard against tyranny.
I'm glad I got to see the era where the internet was useful and exciting. I feel like every major change since about 2010 has pushed it more toward blandness and made it less useful.
This will be a big one. They're building the groundwork for a world-wide dystopia.
Come join us on what I will call the “scatternet”, the globally distributed, offline-first, async network full of all the things that made the old Internet great.
Save a few ISOs of still-free OSes and hoard a few extra cheap computers. (You might also want to get a 10Mhz capable radio.)
For sporadic medium-long distance communication over packet radio. 10MHz isn’t too crowded and can be easily used for regional communications (and occasionally long distance) via atmospheric bounce. It also works well at low power and the antenna is shorter than other long distance modes like the longer wave HF bands (20m+).
Sending data by radio is messy, slow, and generally disappointing. Start your journey by reading up on the Aloha system https://en.wikipedia.org/wiki/ALOHAnet.
I always felt this moment would come eventually. The trend is centralisation of power and control. It's depressing. It's been a long time coming at a slow but consistent cadence.
Based on the few snippets quoted in the article, I think as written this bill gets closer to a good, privacy-preserving, non-authoritarian version of "age verification" than any of the attempts so far. What it seems to be aiming for is essentially mandatory parental controls at the OS level. No ID checking or government/third party involvement, it just uses whatever age the parents enter when they set up the device/user account for their kid. And apps don't actually get that info so there's very little privacy impact, just exposing an API that would allow apps/websites to query "is this user underage?" seems like it would satisfy the law as written.
The only remaining issue I see here is that I think the law may be a bit too heavy handed in how it tries to legislate this system into existence. Trying to tell Bob Hacker writing an OS in his basement what features his code has to include feels a little too authoritarian for my tastes. Probably there are some economic or regulatory levers that could be pulled instead to ensure this system gains mainstream adoption without criminalizing ordinary software development.
Again though, I didn't read the whole bill, just the article, so I could be wrong here on some of the details.
1. The text implies software should get access to your date of birth, rather than talking about age groups. If it becomes the case that websites can get your precise date of birth, this will be the ultimate fingerprinting vector that will put the fight for online privacy dead in the water.
2. The text talks about "verifying" dates of birth. This can only imply the involvement of face scanning or ID checking and third parties.
3. The text itself is very vague about details such as verifying, because it leaves many details entirely to the FTC, which recently announced they will stop enforcing privacy protections under COPPA for companies violating it to perform age verification of children[0]. So you can fully expect that if we are putting computing entirely in the hands of the current commission we will be probably screwed.
The text itself is less than 4 pages. I recommend reading it for yourself[1].
Ah, I see your point. I could see a way to interpret the language in the bill to mean exactly what I was thinking[1], but it's pretty vague and I could also see a way to interpret it that would seriously hurt privacy. If it's just down to the FTC (i.e. the whims of whoever the president happens to be at any given time) to resolve those ambiguities then that's not something I could support.
[1]: It says the parents verify the user's date of birth, which could just mean they get to say "yes, my kid is 12", and "a system to allow an app developer to access any information as is necessary" could just mean "is user over 18" if that's all that's necessary to comply with the FTC regulations.
The bill mentions a parent verifying a child's age, but the bill also later mentions the issue of "verify the date of birth of a parent or legal guardian" which I can only interpret as a face scan or ID check of the parent
No, this technical implementation is straightforwardly bad. The information flow and point of decision making are completely backwards as the bill was written by Facebook/Meta purely to absolve themselves of liability and foist it into others, including onto parents themselves!
The right way to facilitate parental controls with legislation is to put a requirement on service providers [over a certain number of users] to publish well-known tags stating the age suitability of their site/app/pages. Then put a requirement on mass-market device manufacturers [over a certain size] to include parental control software that can filter based on these tags. When parental controls are enabled on a device, any site/app without tags "fails closed" and doesn't display - meaning the open web and open devices continue to coexist with the tag system.
The key parts 1. the information signals flow the correct way, from the company with a well-known identity to the end-users' device where it can be acted upon per the device owner's desires 2. the legal liability lands in the right place - tags signify legal representations of the suitability of content and 3. the long tail of small-scale websites and devices are completely unaffected
This would also leave the makers of parental control software (bundled with device or third-party aftermarket) free to implement additional features that parents desire (eg block social media, even if the site says it's fine for <18), rather than leaving those decisions entirely in the hands of corporate lawyers (as this bill does, because once again it was written by Facebook/Meta).
Exactly. People often forget that Congress can only exercise a limited domain of enumerated powers. The big one is regulating Interstate Commerce, which is already huge because of how interconnected the country is today, and is even bigger because of creative stretching of its reach (did you know that the Civil Right's Act's ban on discrimination by businesses is within Congress's Interstate Commerce power, because somebody might patronize your business from out of state?).
Anyway, I suspect Bob Hacker has a strong case that such a law as applied to himself would be beyond the scope of Interstate Commerce. Until he tries to sell or make his OS widely available, at least.
Given how broadly the commerce clause has been interpreted I don't think we can rely on that to save us here. Criminalizing Bob publishing his OS on GitHub is still too authoritarian for my liking.
Just off the top of my head, something like "physical hardware with web access sold in the US without an ID check at the checkout counter must include this feature in its preinstalled OS" would be a better way to write the law in my opinion. Plenty of ways around it if you're a hobbyist or for some reason really don't want to comply, but a big enough hassle that all the major commercial OS providers would probably find it easiest to just include the feature. (Especially since this is a feature most parents would probably appreciate anyway.)
why do you think any court in MAGA America would allow this?
we know, for sure, that Clarence Thomas takes bribes. You think Facebook wouldn't cut him a check? Ditto for plenty of other Trump-installed justices on all levels.
It's always the same pattern. There is no way to protect the children while also preserving freedom. The rationale behind it is irrelevant. For this to work everything would have to be locked down right?
This is not in the interest of the people nor any children.
> For this to work everything would have to be locked down right?
No. As long as the focus is on giving parents tools to parent their kids and not on the government taking over that responsibility completely then there's no need for the government to lock anything down. You just give the parents locks and let them do the locking.
> Based on the few snippets quoted in the article, I think as written this bill gets closer to a good, privacy-preserving, non-authoritarian version of "age verification" than any of the attempts so far.
I think you are mixing up the bill this article is covering and the bill that California passed.
The California law requires:
• When setting up an account for a child who is the primary user of a device the OS lets the parent specify the child's age or birthday.
• The OS to provide an API that apps can use to find out if the current user is a child and if so their age range (under 13, 13 but under 16, 16 but under 18, 18 or older).
The bill in Congress requires setting age information for all users. It does not specify how that age information is to be obtained, leaving such details to regulations that the FTC will write.
So it's just an OS-level "I am over 18" checkbox. Essentially useless, except for removing liability from social media companies. As far as they know, every single device accessing their site legally testified they are over 18.
Agreed. Weirdly many people are against. This really seems like the best possible option. Actually helps parents as without this there is no way to enforce kid age. So instead of having it all per account and everything linked in most privacy invading way, just your OS tells the apps/browser whatever was set in there by the parent. I want this now!
> I guess we are expecting this to be backdoored with biometrics later?
Definitely. And with trusted computing for the OS and browser so that those random internet vendors can be sure the OS performed all the required validation.
> I don't see how anyone can force this on Linux.
That will be the problem of Linux, not of the lawmakers.
It is one of the better options. Instead of vaporizing the ship, it only blows it in half at the keel.
As TFA notes, once this is in place, we're behind the eight ball from then on. You want to post something that the government doesn't like, something that insults our Dear Leader or promotes a political alternative? Guess who's getting an "over 21" rating by the feds. We've already seen massive speech pressure brought to bear by the FCC and there's no reason to think this won't continue.
You should actually read the text of the bill. It basically tells anyone who asks what your birthday is. It places no limitations on how your age should be verified, or how requesters can use your information. And if you think this is where this kind of de-anonymization will stop, I have a bridge to sell you.
Listen, I would actually be willing to support something like this, but Jesus Christ when will we put somebody in congress with a CS background who can literally just chime in and say "use Zero Knowledge Proofs for this, people might actually buy that you're not just building a surveillance state."
> when will we put somebody in congress with a CS background who can literally just chime in and say "use Zero Knowledge Proofs for this, people might actually buy that you're not just building a surveillance state."
Well that would be counter-productive to actually building a surveillance state.
1) It's one thing to use secure auth to access government services, banks etc. that need to know beyond reasonable doubt who you are to function at all. It's something else entirely to require every person in the EU (not just citizens) to ask the government for permission to speak online.
there is a significant population in management, court and law enforcement that does support state-mandated registration using full profile ID for using public infrastructure. It was on the railroad system in the USA, and was part of the profound shift to individual cars.
> Vendors shouldn't sell unlocked devices to kids.
This part is neither necessary nor sufficient.
Put aside the Orwellian premise of "devices are locked by default". People keep making the analogy to things like cigarettes, but if a kid wants a steady supply of cigarettes then they need a steady supplier. If they want an "unlocked device" they just need money and Craigslist, once. It doesn't matter what you make Walmart do and it correspondingly doesn't make any sense to involve them.
If your kids have enough unsupervised money to buy electronics then you're either fine with them being unsupervised or you already have bigger problems than a used laptop.
Kids having $20-30 means you're fine with them being unsupervised? Computers and smartphones are incredibly cheap.
In person, we expect stores won't sell cigarettes to kids. We should simply expect companies won't provide age restricted services to kids. The liability and requirements should be on those companies.
If they're able to get a burner phone unsupervised then I think they could also pay an adult to do the face scan for them or borrow your ID from your purse to authenticate an account. What level of security would you need to totally prevent that kind of thing? Unless it checks your age every time you log in with biometrics I don't see it.
(Of course adding any level of friction will deter some kids, but needing to get a whole new device other than the one their parents gave them is already a lot of friction, isn't it?)
We could e.g. try saying it's sufficient that the user makes ongoing credit cards payments as a proof of age. Or sure maybe you need to verify with every purchase, which is how e.g. alcohol works.
Don't currently take payments for your business model? Probably what you're doing is anticompetitive and we shouldn't allow it anyway.
What service? The social media regulations I recall seeing have a size threshold, so hobbyists don't seem relevant. For something like porn, after having actually thought about it some, I don't really see how we've decided that anonymous porn isn't blatantly public indecency, so frankly I don't see how hobbyists openly sharing their work with anyone without knowing who they're giving it to wouldn't be committing a crime.
> I don't really see how we've decided that anonymous porn isn't blatantly public indecency
That one seems pretty obvious. The point of public indecency laws is so that your family can go to McDonald's and not encounter some couple fornicating on the table. Whereas if you go to a private house where someone lives with a reputation for not being very selective about who they take their clothes off in front of, that's not a public establishment.
A privately owned PC connecting to a privately owned server is a private connection, not a public place. It's something you get by going there. You're not required to go to the frat house.
A private business that serves the general public is a public establishment though, even if it's run out of your home. The criteria is whether you restrict access to some private group, not whether it is a privately owned space. I'm not seeing how a server that responds to any traffic without any selectivity (KYC, basically) is not analogous.
It doesn't matter if you're not required to go to the frat house. It matters whether the frat house lets the public in while exhibiting their fornication, or has filters at the door.
I'm not seeing how that affects my framing. Yes, it is more difficult. That sounds like a problem for businesses that want to offer restricted services online, and we should ensure it stays their problem, not everyone else's.
What for?
I use family link for my kids devices. It works good enough.
Everything else seems way too intrusive.
Apple is horrible in this regard. Their solutions never really work.
A joint venture for an (optional) cross-platform family app would be more than enough.
This, plus a (voluntary) content rating that's offered via an API (could even be simple meta data on a webpage).
Done.
the major players need to allow me to elect one of them as my family manager, and control permissions across ecosystems, from my management portal. i should be able to freely swap apple, google, microsoft, facebook, or a startup as my management and permissions tool.
instead I have a disparate management account and portal for every service on the planet. roblox, fortnite, facebook all want to appear to "make it easy" as if they hold the delusional belief that their management portal is the only one I have to manage. then add a spouse that also wants to change or tinker a setting.
if any law is going to get passed: it should be that any company over a certain size, who adds parental controls, needs to expose them externally to 3rd party management software.
Sounds like a problem. Luckily it turns out my phone has two cameras and a laser dot projector pointed at my face right now. Not hard to imagine a future solution to this issue were we to pass this legislation, sadly…
What a crock! Parents actually getting to decide could be trivially accomplished by a first-boot date of birth prompt, at which time the device goes into ‘child mode’ until the date that birthdate becomes the age of majority. Undoing that (say to repurpose the device for an adult) should require the parent who set it up to also do the wiping, much as existing “iCloud Lock” etc requires the owner’s consent to reset.
If a kid is old enough to buy their own phone or whatever and lie that they’re an adult… I’m not that worried about it. Teens have enjoyed sneaking into R-rated movies and raiding Dad’s Penthouse Magazine collection for generations. It’s fine.
Now, whatever this BS is… this has nothing to do with parents deciding.
Reading the actual text of the bill, it seems like a first-boot date of birth prompt and everything else you’ve described is exactly what the bill is asking for actually.
Longer answer: In the UK, Apple already implements age "verification" at the OS level, starting with IOS/IPadOS 26.4. If Apple had not implemented this, it would still be in compliance with UK law. Apple is anticipatorily obedient.
A company like Apple has visibility of the legislative pipeline in its markets. Looks like the UK was a test bed.
Lots of OECD countries, all at the same time, are pushing for online age verification or OS-level age verification, both equally intrusive and implemented in privacy-violating ways by conflating identity verification and age verification.
The end result is not protecttion of minors, but abolishing anonymity on the Internet. Social media companies claim to want the former, but in reality just want to shift liability to OS and device vendors. Governments happily accept the "side effect" of being able to find and root out dissidents.
there is no anonymity on the internet. the sum of your devices characteristics are close to unique anyway (i could be wrong but i think this is accurate). which kind of supports the hypothesis that this is about shifting responsibility for age verification due to laws coming from other countries recently. i have no idea how this will work on linux, it probably wont.
Firstly, you keep using that word; I do not think it means what you think it means.
On the Internet, especially forums such as HN, you are "pseudonymous". That is, you made up a name for yourself, and that's how you're known to others. At the very least, we are all identified by IP addresses, which are again, fairly stable and unique pseudonyms. There are nearly zero truly anonymous corners of the Internet, because anonymous communications are chaotic and anarchic.
Secondly, it was the NSF who mandated that everyone accessing the Internet must have an associated and authenticated account with an identity that is known to their provider. These rules went into effect in the early 1990s. Perhaps they have been discarded or observed only in the breach, but truly, nobody is a stranger on the Internet. Even if nobody knows you're not a dog, your ISP or your coffeehouse still know who you are, when you connected, what device and so forth.
So, please let us stop pretending there is "anonymity" here, or that there ever has been. Whatever you've done in the past, it will eventually be unmasked. Yes, people on Discord and Wikipedia alike are freaking out over this prospect, but it was always going to happen. We've been laying down a very permanent record for over 50 years. Eventually it will all be correlated with real identities, Facebook or not.
The NSF "rules" stopped applying when the NSFnet was shutdown in 1995. Actually, earlier, since commercial providers (upstream ISPs like UUnet, Sprint, MCI, PSI) were not dependent on the NSFnet and did not have to abide by the AUP.
This is tiring. The text is so vague, and if a big country adopts it software companies will comply, and there's no reason to why smaller ones wouldn't, since 'the work is already done'.
I wonder if it would be illegal for an user to use an outdated system without those functions when they roll out, or to use outdated applications, or to distribute outdated applications, or to keep mirrors of multiple versions of operating systems. I doubt they thought that far, or if they care at all.
If they are smart about it, they probably wont make older systems illegal but will merely let other parts of tech advance to the point that old systems become practically useless online. Like running a PowerPC mac online today, yeah you can just barely do it but very few do.
Salvage old free as in freedom distros. Learn about i2pd and tunneling Usenet/IRC and Email (even cool online Nethack/Wesnoth/FreeCiv gameplays over it, any turn based libre game will work).
There are some Usenet servers (text content only, no binaries, all illegal crap it's cut down by design) listening under I2P servers. By design enforcing any cross-pond law it's impossible.
Learn about NNCP in order to tunnel messages over it, really useful for asynchronous connections such as Email and Usenet: https://nncpgo.org
Also, learn connect to a Pubnix and to use Usenet/IRC/Email/Mastodon services (tut it's a TUI Mastodon client) from remote servers. Make their own law obsolete across the world. Learn Mutt and GPG too, it's about 20 minutes of your life and for basic email a simple text editor like Nano, Mg or Mcedit would suffice to compose an email.
Try free Biltbee servers over IRC too, these can be connected even from DOS IRC clients in order to connect to modern services such as Jabber, Steam chat and even discord (join the &bitlbee channel once you connected ot a public Bitlbee server, there are several, and type down 'plugins' to get the available chat systems in that service) and thus any age bullshit for FreeDOS it's by design unenforceable without breaking network drivers and TCP/IP stacks as TSR's and whatnot. Ditto for old Amiga, RiscOS and such old releases which are unsupported. And banning retro computing would make the several civil right unions sue the state (and the judges) like crazy for huge amounts of money. Even META too as being the main lobby instigator.
With the dawn of this bill I am finally building out my airgapped network.
I’ll be passing messages to and from the former internet using NNCP bundles. I’m planning to work on some interesting solutions for async communications over Nostr, with some alternate paths through radio for emergencies. Finally looking into steganography as well.
The federal one was introduced by Democrat Josh Gottheimer (D-NJ) and cosponsored by Republican Elise Stefanik (R-NY). This push is extremely bipartisan.
> Republicans may not like porn, but they put the onus where it belongs, on the operator, not on the OS.
While that might be true, I can't agree with the implication that this is better in any way. Having the onus on the operator forces you to have to send some form of verification out to all such operators you want to visit and they have repeatedly shown they are NOT capable of securely and privately handling that information.
The difference isn't really in the politicians, it's in the base, and how they will react to acts like this. Democrat voters will shame them, endlessly. They may not have alternatives to vote for, but they won't change their opinion to match whatever dweeb they were forced to vote for. Republican voters will always be on board with whatever they're told to be on board with.
It's an option if you can articulate an injury under the bill. I suspect non-commercial "operating system providers" arguing infringement of speech would be best positioned to be plaintiffs. This is not legal advice.
So this bill creates a commission to ensure that the information cannot be stolen or breached from operating systems, but says nothing about how the applications querying this information must protect or leverage it. I basically requires that any application get to know a user's birthday, as long as it's "necessary". What a fucking joke! I'm so sick and tired of this bullshit.
Edit: Oh, and the commission gets to make up the rules on how ages should be verified. So, prepare for a whole other level of PII leakage that isn't even captured by the text of the bill.
I look forward to having to age verify the dbus and chrony and root accounts on every linux-based "smart" device in the future. That should be fun.
Will my children be able to use my smart oven/thermostat after I verify I'm 18+ on those devices?
I also wonder what verification will look like for containers and and VMs that might have a short life. Maybe that's how we keep IT jobs for a little while longer? Human age verification on every local account every time a container or VM is spun up.
I read the bill and I feel like it's missing any technical details. It's almost like they read my suggestion [1] but then left some parts out. The technical parts. As I read it one can just enter whatever name, age and other details in the setup of a computer they desire. It's missing any checks for a header on the server to detect adult content labels. What am I missing? What forces me to enter my real information? Are operating system developers going to be granted access to the DMV databases? Or forced to use some third party that scratched the back of some politicians? If I block connectivity to this will I not be able to log in? If someone performs a successful DDoS to the site will I not be able to log in? It feels like several pages of the bill are missing. How does the OS know it is visiting an adult site?
The site "reclaimthenet" calls it age "verification", but it's not a "verification" at all. There's your mystery.
All the bill wants is that you can set up an iPhone for kids, an children account on Ubuntu (YOU decide whether it's a children's account) and then, presumably, the browser vendors implement an AgeAPI that allows website operators to query the user age.
Your device tells us you're 10 years old. Access to Instagram denied.
Your device tells us you're 16. You're not allowed to visit gambling-porn-and-industrial-accidents.org
It's, of course, exactly the opposite of the "identity-tied age verification government-control, ID-document-leak" dystopia that the scare crowds here are peddling. But you'll never hear a word of acknowledgement from them.
These people act as if those "I'm 13 or older, i can create an Instagram account and waste my life" or "I'm 18 or older, let me watch porn and strangle my girlfriend" buttons are the peak of civilization.
I've noticed this reclaimthenet site has very mixed factuality. Sometimes it posts good content but more often it just posts its preferred form of propaganda. I've reported it to dang but he doesn't care. I don't know why 404media is shadowbanned but reclaimthenet is not. I guess it's about who aligns with YC interests.
Ah, well that's at least half of what I suggested. Telling the site the age seems leaky to me, I would still prefer the apps check for the RTA header so all decisions stay on the device and not leak anything. Curious where it goes from here but based on your reply it does not seem quite as bad as I imagined. Thankyou for the clarification. I imagine eBPF or MAC rules could be used to block this.
Government should like the RTA header as they can fine sites daily that are missing it. Lobbyists could push companies that do the header checks.
They have dropped all the decision making for the details in the lap of the politically controlled FTC. Which also means that future FTCs could change the rules based on political goals.
It's short and in plain language. The article is longer than the bill. Here's the totality of the requirements:
(a) REQUIREMENTS.—An operating system provider, with respect to any operating system of such provider, shall carry out the following:
(1) Require any user of the operating system to provide the date of birth of the user in order to—
(A) set up an account on the operating system; and
(B) use the operating system.
(2) If the relevant user of the operating system is under 18 years of age, require a parent or legal guardian of the user to verify the date of birth of the user.
(3) Develop a system to allow an app developer to access any information as is necessary, collected by the operating system to carry out this section and any regulation promulgated under this section, to verify the date of birth of a user of an app of the app developer.
---
This part from REGULATIONS is also nominally important:
(B) Data protection standards related to how an operating system provider shall ensure date of birth collected by the operating system provider from a user, or the parent or legal guardian of the user, to carry out this section and any regulation promulgated under this secion—
(i) is collected in a secure manner to maintain the privacy of the user or the arent or legal guardian of the user; and
I appreciate the brevity of the bill, but it delegates a lot of discretion to the FTC to regulate things like "How an operating system provider can verify the date of birth of a parent or legal guardian", so it's up to the discretion of someone in the executive branch as to whether GNU and/or Linux will have to scan your driver's license and upload that scan to some government contractor's servers, say.
If this legislation becomes law, it will be interesting to see how the Linux hacker community reacts. Laws are virtually meaningless if there is no practical way to enforce them and if there are enough people who oppose them. Just take a look at the history of file sharing over the past three decades. For this new law to prevent the proliferation of Linux distros that are not in compliance with age verification requirements, there would need to be very powerful enforcement mechanisms, including criminal prosecution. Even then, it's difficult to see how severe criminal penalties and/or civil liabilities could stop hackers from building and distributing illicit versions of Linux. It's just basic economics: demand creates supply. Linux moves into the black market with new distros of Clandestine-OS.
I've been trying to download media for a while now. I don't have a huge collection; most media is not actually very good. But, the internet soon will just be an awful conglomeration of cable TV / a big shitty mall / a horrible outrage & propaganda machine. It's already most of the way there. Either destroyed from within by bots, data brokers and corporations, or destroyed from without by government, surveillance, and regulation. I recommend you start treating the internet like a mall; it's not some place you'd actually like to go. You get in, get what you need, and get out. Some people will will disagree with the analogy on the grounds that they _like_ going to malls. Well, good news, the new internet might be for you.
I mainly post in Usenet and IRC, and download PD movies (seriously) and books. I don't pirate any more because even current pirated media it's somehow a free advertisement for these people.
From Gutenberg, PD comics from the golden era -and pulp scifi-, noir movies, old weird science/fantasy series in B/W and whatnot, I'm pretty much covered. Ironically most current scifi media can be traced to...Bradbury novels, PKD's paranoia and some Weird Science comics.
Once 1984 gets into PD, that's it. It is in Canada, but you can
read it online as long as you don't download or share it:
There’s a version of this I could support:
- pre-specified age gates baked into the protocol (perhaps just 13 and 18).
- account admins on a device get to specify which bracket is associated with the account
- an api that allows sites to query whether the current user’s account is above one of the thresholds
Leaks pretty minimal PII (the user is between 13 and 18 would be the tightest identifier obtainable with the above gates). But still allows for age gating some content without relying on self-reported age.
Am I optimistic the actual solution won’t be more invasive? Sadly no…
I hope Josh Gottheimer will get a lot of money for his work there.
I also remember a few weeks ago, people such as Poettering and others
said this is all harmless, nothing bad would ever possibly happen.
Lo and behold, now it is the new mandatory law. All people will soon
have to go for age sniffing, in order to access information. Linux
is only for the Underground now.
I wish there were a way to fire lobbyists. There is no feedback loop, they can be as bad as they want and never suffer a minute for taking away peoples rights.
All these bills about age verification have nothing to do with protecting kids. This is just an easier pill for folks that aren’t privacy minded to follow. In the end, all your online activity and offline activity (flock cameras) will be tracked, because it gives our politicians and national security apparatus the type of power they crave.
I can already smell the exceptions - some companies will be exempted from these restrictions due to "national security implications", or, more realistically, "we distracted the President with a golden gewgaw and a bribe".
I compiled most of the operating systems I used from source code as a minor, and will parent the same way. I do not know how one age verifies a Linux From Scratch install, but I sure hope politicians try and give me a good laugh.
They should mandate age verification from the other direction- make serving certain content to children a liability. They'll quickly figure out how to verify age all by themselves. No need to legislate implementation details.
We still have to provide a way for people that don’t have (smart) phones, but I would absolutely implement asking the phone instead of a 3rd party when available.
We don’t gain anything from asking a 3rd party. In fact it costs money per request.
If all they wanted was to prove you were over 18 or over 21, those can be checkboxes rather than birthdates. It’s clear the bill’s author is an idiot or insincere.
Much of the USA accepts "gun deaths" as an unfortunate but acceptable price that must be paid for the widespread freedom to own guns.
When those same people are hysterical about Protecting The Children, you should understand that "protecting the children" is a distraction from whatever the actual intent may be.
The general public is thoughtless, and there's little reason to think the decision-makers are much more thoughtful, but Protecting The Children is merely this age's Trojan Horse.
Age verification inherently means identity verification. There's no way to prove your age without first proving that you are YOU, either by showing your face or authenticating with some third party authority, usually government or a corporation.
The idea that you should be locked out of using your own computer until you do this is utterly insane. What problem does it solve that existing parental control tools don't? A generation of parents already trust their babies with iPads for this reason. And what of the millions of Americans who don't have current ID?
"To require operating system providers to verify the age of any user of an operating system, and for other purposes."
- And For Other Purposes.
am i the only one seeing that?
i see a lot of discussion pro and con age verification, there should be much more concern about the purpose of that phrase for other puposes.
is some one actually trying to sneak a catch all like that into it, or is it a bargaining chip. [see we removed "for other purposes", its all better, now we can pass it]
This is so dumb. There are 100 other ways to protect children that would be more effective than this. Not only will this approach not actually protect children, this will violate the privacy of billions of people. It will introduce identity theft at mass scale (good luck solving that on short notice) and it will make activist/journalists/military/political opposition vulnerable. Perhaps this is the purpose. Who would benefit from such a scenario...mmm?
As a parent this is perfect. I am baffled why this is not a standard yet. So setting an account age in Netflix works but the child can access anything. Make new accounts even. So I have to block half the internet. Somehow. On a shared computer. And all companies would have to get your ID and track that. It's crazy.
This compromises 0 privacy until it requires an ID. EU solution actually does and only supports specific devices.
> "Once the operating system knows your age with verified certainty, it can tell any app to deliver, restrict, or withhold content accordingly."
Instead of "age verification", call it (and everything like it) Epstein law. The government wants the information of who is a kid and who isn't broadcasted to all the apps, safe AND malicious. There's no good reason to let random developers freely collect lists of kids out of those people who choose to try an app. It's Epstein law.
Being able to easily bypass an age gate makes such info unreliable, verification removes the unreliability such that the data can then be used for both good and evil reasons.
Glad to see that Elise Stefanik came out of fucking hiding in NY-21 to dump this stupid "parents decide" bill on us when she couldn't even be assed to help her constituents over the past several months when one of the main hospitals in her district is bankrupt and closing.
Last time we saw her anywhere near here was her "farewell tour" when she was supposed to go be Trump's UN stooge. Haven't seen her up here since.
Glad to know we get to die up here for on-device age verification for everyone else.
All this fake good intent to prevent another TikTok which was the only media which transmited the reality on the ground during the Gaza genocide. And its aftermath in the youth mind and in the University campuses.
Fascists and industrialists have to take control, again, of the minds.
(See oligarchy's appetite for social and media companies)
Same could be said for SITHOAG. Yet, modern preachers have found far more success with other approaches.
Consider: if the tone of your writing will put off anyone who disagrees with you, what’s the value in “livening it up”? Again, it’s preaching to the choir.
It is just crazy how much of a tech billionaire centric the US government is, they can come up with Thanos' idea of wiping out 50% of the population and politicians would do it as long as Zuckerberg or anyone else in the techno bubble asked for it.
> they can come up with Thanos' idea of wiping out 50% of the population and politicians would do it as long as Zuckerberg or anyone else in the techno bubble asked for it.
Stay tuned. With mass unemployment/underemployment there’s gonna a be a lot of “extra” people.
In short: you seem to want the Internet to parent your child. I have kids and do not want any of this for them, because all of it is a slippery slope to falling deeper into the surveillance state.
As a parent: do your job and take responsibility for your kids. While it's not trivial this also isn't overly complicated anymore.
If your child needs a helmet to use the internet, as the politicians announcing HR8250 seem to think[1], Apple or whomever is free to offer that as a feature. There is no need for this to be legislated, especially when the legislation does not work in open source environments.
[1] Not hyperbole. They said that. It was an analogy, but one that highlights how ignorant of the technology the authors of these bills are.
I can understand the "baby mode" desire, but as the other reply pointed out, this does not need to be legislated. The big OS companies can easily offer this feature for those that want it.
I'm curious though about all this porn that apparently hides behind a rock on the device and leaps out to corrupt tiny minds when they least suspect it.
Shock websites aside, pornography generally doesn't ambush you. Unless you're a republican giving a presentation and have no idea how that porn got in there.
And, AB1043 specifically exempts websites, so it doesn't protect anyone from the goatse's of the world anyway.
These bills will not do what they purport to do, but they will do a whole lot of bad stuff.
There's already like 17 different parental control solutions out there for every device platform. You can and should use one and don't let your kid go to any website or use any specific app without your approval first.
> We do want a way to signal there's a kid driving a device.
Which is extremely irresponsible. It creates a false sense of security and abandons your child to the whims of strangers. This seems akin to putting a "please don't hurt me" sticker on your child and then letting them roam around downtown unsupervised.
> But if we can just have a way to put bright orange vests on devices that require special treatment
There is software you can already use which will lock the device down and only allow it to go to pre-approved sites. I'm unwilling to give up any of my civil rights for your level of convenience above this.
Yeah this is the way for sure. The OP forgets that young users advertising their age online with an "orange vest" might not be best idea.
There's almost endless choice of legit quality native apps for kids, curated from trusted sources. These alone far exceed healthy screen time if all were downloaded. Or as you say, curated web links in a locked browser.
How much screen time should kids do anyway, it's crazy how much is available before worrying about WWW on top of their games, apps and videos.
I have a kid. Actually two kids. They have their usage controlled by google family. I review weekly their internet usage, screen time is limited to 2 hours/day. They dont have social media. School research and etc, they do at home, in the "main computer" in our dinning room. Youtube too. In the end is our responsibility to educate and protect our kids. I truly dont see a need for such extra controls if the parents aren't interested in enforcing it.
Or just don't give your child unfettered access to screens. There is zero reason your child needs x unmonitored hours with YouTube or Netflix or a browser or anything else.
You put your child in the driver’s seat and expect others to make sure it doesn’t make a wrong turn? Did you really have to give it the keys to this hypothetical car instead of, say, LEGO?
The breathless fearmongering over an age field on account set up is just completely over-the-top. This is probably the least bad out of all possible ways to implement age checking. The benefit of this is that it can short-circuit support for more onerous age verification. The writing has been on the wall for some time now: the era of completely unrestricted internet is coming to an end. The question is how awful will the new normal be? Legislation like this is a win all around, a complete nothingburger. We should be celebrating it, not fighting it tooth and nail.
The tech crowds utter derangement over this minor mandate is truly a sight to behold.
Let's try to be a little bit sensible here. Presumably the requirement to check depends on the nature of the application. A completely offline app for example has no use for an age check and thus wouldn't need to read it.
```
(b) (1) A developer shall request a signal with respect to a particular user from an operating system provider or a covered application store when the application is downloaded and launched.
```
That should be read as "when the application is (downloaded and launched)".
If it were meant as "when the application is downloaded and every time the application is launched" it would probably have been written as "when the application is downloaded or launched".
Also, there would be no point in mentioning downloads if that was a separate check because the app developer cannot request the signal upon download because their app is not running then.
The most reasonable conclusion is that the app must check the first time it is launched.
This needs to be simply fought because it's a measure that is supposed to fight the reluctance of the society, not actual problem. For the actual problem it's ineffective. This will be met by surprise once it's fully implemented and new, worse measures will be proposed. Hence, it needs to be cut off as early as possible to spare everyone the trouble.
This bill requires actual verification and leaves it up to the politically controlled FTC to determine how this should happen. It’s a disaster.
> The Parents Decide Act solves the self-reported-birthday problem by demanding something verifiable, which in practice means a government ID, a credit card, a biometric scan, or some combination.
> However, Gottheimer has not specified which. The bill does not either. It’s up to the FTC to decide.
The article's analysis doesn't appear to be accurate. From the bill:
(a) Requirements.—An operating system provider, with respect to any operating system of such provider, shall carry out the following:
(1) Require any user of the operating system to provide the date of birth of the user in order to—
(A) set up an account on the operating system; and
(B) use the operating system.
(2) If the relevant user of the operating system is under 18 years of age, require a parent or legal guardian of the user to verify the date of birth of the user.
(3) Develop a system to allow an app developer to access any information as is necessary, collected by the operating system to carry out this section and any regulation promulgated under this section, to verify the date of birth of a user of an app of the app developer.
The only requirement for "verification" is to enter a birthdate on account set up, and underage accounts have the parent "verify" the birthdate. There is certainly some ambiguity in the bill which is not good, but efforts should be towards resolving the ambiguity in favor of a lack of intrusiveness.
(1) IN GENERAL.—Not later than 180 days after the date of the enactment of this Act, the Commission shall promulgate, under section 553 of title 5, United States Code, regulations to carry out this section, including regulations relating to the following:
(A) How an operating system provider can—
(i) verify the date of birth of a parent or legal guardian described in subsection (a)(2); and
(ii) carry out the requirements described in subsection (a) with respect to an operating system of such provider that may be shared by individuals of varying ages.
(B) Data protection standards related to how an operating system provider shall ensure a date of birth collected by the operating system provider from a user, or the parent or legal guardian of the user, to carry out this section and any regulation promulgated under this section—
(i) is collected in a secure manner to maintain the privacy of the user or the parent or legal guardian of the user; and
No, derangement is declaring "The writing has been on the wall for some time now: the era of completely unrestricted internet is coming to an end." without fighting it at all and just mindlessly accepting it because you were told it was going to happen.
It should be really easy to get your bank account information then. You're just going to give it to me, right? What is this? You're fighting me tooth and nail instead of celebrating giving me your banking info?
Well, perhaps your mental model of the actual objections to it are incomplete. There are a few problems and I'm curious what you have to say about them. First, "The benefit of this is that it can short-circuit support for more onerous age verification". Do you think that it "can" or that it "will"? Big difference. It could also go the other way, right? Opening the door to a more onerous version? Why do you think that isn't worth considering? Secondly, "This is probably the least bad out of all possible ways to implement age checking". What about parental controls that exist already? Someone seriously tried to tell me last time that parental controls "suck", but that's irrelevant, they don't have to suck, and in fact anything can suck. That's just happenstance. So, assuming parental controls were correctly implemented, why do you think this is "least bad" including parental controls? Thirdly, this "age verification" doesn't actually verify anything, because underage people can just choose "adult" anyway. What do you have to say to that? In that case, parental controls actually give you more power, and make this new age check completely obsolete. Thoughts? Lastly, maybe you're not from the USA, but we have a concept of "free speech" which includes the idea that people cannot be "compelled" to certain speech. If people were required to add a "sign here to confirm you're an adult" in every romance novel, that would be fine right? It's also a nothingburger, right? But then, you've compelled people to put something in every published book. Actually, that's a bad analogy. We should say that ALL BOOKS require this signature field on the first page. After all, we don't know what kinds of expletives and horrible things people might have written in the margins of the book (assuming it's being sold second-hand). That would be okay with you, right? Nothingburger? But it compels people to write something, and that's a door most legal scholars know not to open.
> The writing has been on the wall for some time now: the era of completely unrestricted internet is coming to an end.
And books..? And the newspaper? What if a child reads about a horrible murder in the newspaper that keeps them up at night? What if the government outlaws books and newspapers because they can contain bad things? We'd better add a "adult/ not adult" checkbox to the first page to "short-circuit support for more onerous age verification".
This was a great comment, you challenged them but in a reasonable way and with really good questions
I wish public discourse were more this way - if someone is arguing in good faith, actually answering what you asked moves the conversation forward, it’s just on the person to give you a serious answer
>It could also go the other way, right? Opening the door to a more onerous version?
I don't see a plausible scenario where the implementation of this mandate makes further mandates more easy to get passed. An age field and an API to access it is as trivial as it gets. More onerous age checking is not something that is an extension to or somehow made more easy given the pre-existence of the age field. No argument against more onerous checking is undermined or rendered less severe due to an age field already existing. There is no slippery slope here.
>So, assuming parental controls were correctly implemented, why do you think this is "least bad" including parental controls?
There is already a pretty significant market for parental controls, so presumably if their quality were a limiting factor in their adoption the market would have responded already. Parents simply aren't interested enough or savvy enough to apply them. Parental controls also just intrinsically suck for a lot of reasons. They are either mostly ineffective or wildly intrusive, like giving total access to children's communications and internet activity to external companies.
>Thirdly, this "age verification" doesn't actually verify anything, because underage people can just choose "adult" anyway. What do you have to say to that?
Presumably an adult is involved in purchasing devices and setting up accounts for their young children. Putting an age of account holder field into the account set up workflow seems pretty effective. It's not 100%, but it doesn't need to be for it to be a major improvement over the status quo. The lack of verification is a feature of this mandate, not a bug.
>we have a concept of "free speech" which includes the idea that people cannot be "compelled" to certain speech. If people were required to add a "sign here to confirm you're an adult" in every romance novel, that would be fine right?
As those pushing this kind of legislation are fond of pointing out, we have age checks for buying alcohol or purchasing adult magazines in shops. Presumably these don't run afoul of the first amendment. This idea that we can't or shouldn't mandate age checking in some form to access content deemed inappropriate to children is just a losing argument. Again, the writing is on the wall here.
>No argument against more onerous checking is undermined or rendered less severe due to an age field already existing
From your point of view.
What I can tell you is that there are definitely people who will argue that this is, by the fact of being written into law, now the spirit of the law.
Then these people will argue that the spirit of the law is being broken, and the implementation needs to be better and tighter. Not that it needs to be repealed! Because clearly this is something that was wanted. And to many, many people, this will be sufficient argument not to complain about further measures.
At this point anything that makes computers less usable is a good thing, time we go back to the real world. It was extremely unpleasant while it lasted.
US national level OS-level age verification bill proposed - https://news.ycombinator.com/item?id=47772203 - April 2026 (223 comments)