Our president is fucking children, and you’re telling me I gotta verify my date of birth to run Linux, in the name of “Protecting the Children”?
Get the fuck outta here.
They’ve gotta know if you’re fuckable.
You’re antifa if you run Linux anyway.
I would like to think I’m antifa no matter what I run.
What are you if you run Mac Os then? Dyslexic Autistic Vegan Attack Helicopter.
A mark.
You guys are asking the wrong questions.
How is Linux going to do this? There’s no server for the os to send the information to report the age of its users, no way of forcing its user base to comply and no single person or entity to fine, arrest or otherwise force into compliance.
They made a law they cannot enforce.
Or they made a law to attempt to ban operating systems with free software licenses.
But that’s the thing you can’t ban them.
It’s just software that’s freely available. There’s no one corporate entity that controls Linux. Anybody can literally make a distro for it make notation for it illegal for California and be done with it.
But they can fine every single developer of every single application. Sure, a lot of people won’t be in the jurisdiction of the state of California, but there are a hell of a lot of developers who are.
Linux is not a company. There is no CEO of Linux sitting in Sacramento waiting for instructions. It is a decentralized, global, open source ecosystem. If one U.S.-based distro tried to bolt on age verification, someone would fork it almost immediately and strip it out. You cannot age gate software that people can freely download, modify, compile, and redistribute.
From a technical standpoint, what would this even look like? Government ID verification at the kernel level? A biometric scan before you can run apt update? A centralized identity server for Arch users? That runs directly against how Linux is designed. The ecosystem prioritizes privacy, user control, and minimal centralized telemetry. Age verification requires centralized identity services, persistent user binding, and logging. Those models do not align. Even if someone tried, it would be trivial to bypass. VPN, foreign mirror, alternative distro. Done. You cannot meaningfully regulate something that is globally mirrored and open source.
And this law is aimed at online services and platforms anyway. The harms legislators are worried about do not originate in your bootloader. They happen on social media platforms and content services. The operating system is simply the wrong choke point.
The only places where age verification is realistically enforceable are platforms, app stores, and tightly controlled commercial device ecosystems. Not a globally distributed kernel maintained by volunteers across multiple jurisdictions. The idea that Linux is going to meaningfully comply in a way that changes outcomes is technologically naive. At best you get some compliance language from U.S. commercial vendors. At worst you get symbolic features that any moderately technical user can remove in minutes.
That is not how open systems work. Pretending otherwise just advertises a lack of understanding of the architecture being regulated.
I am fully aware of the open source ecosystem. I have contributed to dozens of projects, including the linux kernel, CPython, Perl, and others.
It’s astonishingly obvious that you haven’t bothered to read the bill at all and are just spewing nonsense. Take ten minutes and then pull your head out of your ass.
Sections 1798.501.b, 1798.502.a and b. Every developer of every application that can be downloaded from every website, platform and package system MUST request your age bracket every time it is downloaded. And every time it is launched.
Thats every application, from ‘ls’ to World of Warcraft. Thats every place on the internet that hosts software packages. It doesn’t matter if you feel like it is only aimed at “online services and platforms “ or “social media platforms and content services”.
It is written to cover everything that runs on a computer that can be downloaded and the places that host them. PyPI, crates.io, flathub, Debian mirrors, everything.
And that’s every individual developer who lives in or visits CA.
You’re invoking contributions to the Linux kernel, CPython, and Perl as if that settles the matter, but you have been conspicuously vague about what that actually means. Those projects accept everything from typo fixes to deep subsystem work. If you want that credential to carry argumentative weight, specify what you worked on. Kernel networking stack? Filesystems? A CPython PEP? Core interpreter changes? Because right now it reads like résumé seasoning, not authority.
More importantly, your statutory interpretation is maximalist to the point of implausibility.
You are asserting that Sections 1798.501(b) and 1798.502(a)-(b) require every application binary, including local utilities like ls, to request an age bracket at download and at launch. That is an extraordinary claim. If true, it would not just affect “platforms.” It would upend global software distribution infrastructure including mirrors, package repositories, container registries, and academic hosts.
Where in the definitions does the statute eliminate business thresholds? Where does it explicitly define a standalone executable with no network component as a regulated “online service”?
Where does it impose a per-launch runtime obligation on locally executed software?
Statutory scope hinges on defined terms. If you are correct, quote the operative definitions that extend coverage to every distributed binary and every individual developer who merely visits California. Because that is not a narrow reading. That is a reading that would trigger immediate Commerce Clause litigation.
You may very well have contributed to major opens source projects. That does not make your legal interpretation automatically sound. Right now you are asserting universal coverage without walking through the definitional cross-references that would be required to sustain that position.
If the text truly says what you claim, show the definitional chain. Otherwise this looks less like careful statutory analysis and more like an overextended reading fueled by frustration.
From TFB:
First, from the LEGISLATIVE COUNSEL’S DIGEST
The bill would require a developer to request a signal with respect to a particular user from an operating system provider or a covered application store when the application is downloaded and launched. This bill would punish noncompliance with a civil penalty to be enforced by the Attorney General, as prescribed.
That’s not an encouraging start. Of course, that’s not the bill itself just the official summary, so we will need to dig in deeper.
At the beginning of the bill proper, there are some definitions, emphasis mine.
Section 1798.500
© “Application” means a software application that may be run or directed by a user on a computer, a mobile device, or any other general purpose computing device that can access a covered application store or download an application.
There are no business threshold or network capability requirements for the application (though there is one for the computer, sorta). It’s simply anything that may run on a computer. ‘ls’ definitely qualifies as an application per this definition. This is a pretty reasonable definition of ‘application’, even if it is a bit circular. We could also have quite a conversation about what counts as a “other general purpose computing device”, but it isn’t defined here.
(e) (1) “Covered application store” means a publicly available internet website, software application, online service, or platform that distributes and facilitates the download of applications from third-party developers to users of a computer, a mobile device, or any other general purpose computing that can access a covered application store or can download an application. (2) “Covered application store” does not mean an online service or platform that distributes extensions, plug-ins, add-ons, or other software applications that run exclusively within a separate host application.
PyPI, a Debian mirror, crates.io and GitHub qualify as a “covered application store”. Pip and cargo are an “software application” that “distributes and facilitates the download of applications from third-party developers to users of a computer” so they are as well. Depending on case law curl, rsync and scp might also, though the ‘distributes’ qualifier may exempt them. Oddly, browser add-ons are probably exempt due to (e)(2). And there may be a grey area around things like VMs. A purely personal website that only has software developed by that person probably doesn’t qualify due to the ‘third-party’ qualifier. Again, there is no business threshold listed.
(f) “Developer” means a person that owns, maintains, or controls an application.
Again, a fairly straightforward definition, that would apply to anyone who maintains any “software application that may be run or directed by a user on a computer, a mobile device” per 1798.500.c.
So, we’ve got that developer is a simple definition that basically matches what one would expect, as does application. Covered application store is probably broader than one would expect, and has an odd carve out, but covers most modern software distribution channels. I guess it might not cover sending CDs in the mail.
Then we get to a single simple sentence:
Section 1798.501
(b) (1) A developer shall request a signal with respect to a particular user from an operating system provider or a covered application store when the application is downloaded and launched.
It’s a really simple sentence that can be really easy to gloss over. But read it again. Maybe you could argue that it only applies the first time an application is run. But it absolutely applies when it is downloaded. There are no exceptions listed, no threshold tests, no “social media applications only”. This applies to all applications, all developers, and all “covered application stores”. Now CA jurisdiction doesn’t cover downloads from outside of CA, but it does cover anyone downloading something inside of CA, or someone living in CA. So if a kid in CA downloads something from a outside of CA, the developer is in violation even if they are outside of CA. CA may not have the resources or desire to track down every developer outside of the state, but if they so choose they would be able to file a claim in the same way that CA can file claims on foreign people who violate other laws that involve CA victims, such as fraud.
Finally, there is this bit: 1798.504
(f) This title does not apply to any of the following: (3) The delivery or use of a physical product.
So, it looks like it doesn’t apply to CDs in the mail.
Edit:
Of course, I forgot to talk about the penalty. Maybe there is something in there?
1798.503
(a) A person that violates this title shall be subject to an injunction and liable for a civil penalty of not more than two thousand five hundred dollars ($2,500) per affected child for each negligent violation or not more than seven thousand five hundred dollars ($7,500) per affected child for each intentional violation, which shall be assessed and recovered only in a civil action brought in the name of the people of the State of California by the Attorney General.
Nope, no exceptions or commercial clauses. It just applies to anyone. And paragraph b?
(b) An operating system provider or a covered application store that makes a good faith effort to comply with this title, taking into consideration available technology and any reasonable technical limitations or outages, shall not be liable for an erroneous signal indicating a user’s age range or any conduct by a developer that receives a signal indicating a user’s age range.
Well, an OS provider or covered application store isn’t responsible for someone lying to them, tech failures, or the actions of a rogue developer. But developers have no such waiver.
How is Linux going to do this? There’s no server for the os to send the information to report the age of its users
The law doesn’t require sending the data anywhere, so that’s not a problem.
no way of forcing its user base to comply and no single person or entity to fine, arrest or otherwise force into compliance.
The law doesn’t require anything of users, it requires something of OS providers. OS providers have addresses and entities to fine.
Yes it fucking does. Go read the bill, particularly section 1798.501.b, 1798.502.a and b. Every developer of every application that can be downloaded from every package system MUST request your age bracket every time it is downloaded. And possibly every time it is launched. Basic utilities like ‘ls’ and ‘cat’, that pong example I pushed as a test, everything.
Me: It doesn’t require anything of users
You: Yes it does require something of developers
??
You are correct, but how does that disagree with my comment?
Sorry, I see that I was unclear.
Yes it fucking does require sending the data somewhere, specifically to every “application store”, which by their definition includes such things as Github, PyPI, Crates.io, Debian mirrors, apt/rpm repos, and personal websites that have hobby projects from more than one person.
Can you quote the relevant part of the bill? I don’t see it. From what I’m reading:
- The OS provider has to collect the age information from the user
- The OS provider has to make the age information available to any app that asks for it
- The developer of any app has to request the age information from either the OS or from an Application Store
There is nothing about how the Application Store obtains the age information (presumably they mean something like Google Play or the App Store that already have the information about users and of course haven’t considered anything else), and there is nothing about the OS sending the age anywhere other than an app running on it that asks for it.
The law doesn’t require anything of users, it requires something of OS providers.
For a FOSS OS, any user with root access would be considered an “OS Provider” under the definitions provided in this law. With FOSS, there is no real distinction between “user” and “developer”.
You are right, it just says whoever “controls the OS”, which is very vague. Even without going to open source, a user still controls the OS even on Windows or macOS. To a lesser degree of course, but in the same way a driver controls a car even if they can’t or won’t try to modify it.
The windows user uses the OS. The windows user does not control the OS. They only have access to the functions that Microsoft has provided. The Attorney General of California won’t be able to argue that the sysadmin is the OS Provider of a Windows installation. The OS Provider of Windows is Microsoft.
The Attorney General of California would easily be able to argue that the OS Provider of a particular Linux instance is the sysadmin of that instance.
They only have access to the functions that Microsoft has provided.
And a user of Ubuntu only has access to the functions that Canonical has provided.
Unless they have root access and modify the OS. Or they have administrator access on Windows and modify the OS. Which is the case for both by default. I don’t really see the distinction. There is clearly a provider company behind both, and in both cases the user could add this age check functionality by themselves by installing an utility that provides it.
And a user of Ubuntu only has access to the functions that Canonical has provided.
That is not at all accurate.
Administrator access to Windows is not at all comparable to root access on Linux. Windows “root” access is held solely by Microsoft, and granted only to Microsoft employees and contractors. They are the only ones with the capability of changing Microsoft’s binary blobs.
Canonical doesn’t restrict root access. Everyone who installs Ubuntu has root access by default.
Suppose Canonical adds this capability to Ubuntu. Suppose I take an Ubuntu install, and remove this capability. Who is the provider of the resulting OS, Canonical, or me? Obviously, I am responsible for the changes; I am obviously the OS Provider in this scenario.
What I am saying is that I was the OS provider before I made the changes.
Let’s remember that the law distinguishes between the OS and Applications running on that OS. They require that the signalling apparatus be included in the OS. Technologically, the distinction between OS and Application is somewhat arbitrary. For commercial OSes, it’s pretty simple: The OS is what Microsoft declares to be part of “Windows” is the OS; everything else is an application.
Suppose Microsoft refuses to include this signaling apparatus. The end user cannot modify Windows, so does not become liable as the “OS Provider”. The user can bolt on the functionality as an application, but cannot make it part of the OS. Microsoft is the one facing the fines under this law.
For FOSS software, the end user’s root access gives them the ability to add this signaling capability to the OS running on their machines, even if Canonical refuses to distribute a compliant OS. The user’s ability to make their own OS compliant with California law makes them the party liable for non-compliance.
What does the comparability of root/admin access change in this situation?
Suppose Microsoft adds this capability to Windows, and you edit the registry to disable it. How is that any different?
I can see the argument for something like iOS. But on Windows you would be able to add or remove such functionality. What is the difference that makes the user the OS Provider on Ubuntu but not on Windows, in your eyes?
Let’s say you own a computer store in California, you sell Windows laptops, and you setup your preinstalled Windows image with the registry edit made, because customers don’t like the silly age prompt. How are you not the OS Provider?
No addresses or entities tied to the distro respins I’ve made.
That was not a requirement in the software license.
Great, but how does that help? 99.9% Linux users use a Linux distro that has, ay the very least, a website behind it, with a domain name, that has a registration info.
That the 0.01% of people that use an OS only hosted by anonymous devs on a Russian website does not make this law any better for the rest of us.
Which is why we all should aspire to join linux, and reject newsome and other greasy california politicians cynically playing us for the billionaires.
What if banning Linux is part of the Agenda? And what will they do for the servers? I am declaring my pc a server as of right now…
How do you want to do this? Linux is a kernel the world relies on. It powers your car, your fridge, your satellite, your phone, the entire Internet, the army, etc. Nothing comes close to Linux in market share. The distros are built upon the kernel. System76 may have to comply, but the other maintainers don’t give a flying fuck. They could even write a small line somewhere on their repo that says “this distro is not allowed in California” and call it a day.
I wonder if that “this distro is not allowed in California” approach is even compatible with the various free software licenses.
Terms of Use / Terms of Service are different from Licenses. That said, even if it was compatible that would be a good thing, as the impression I’ve got is that the “hard-liner” Free Software licenses are becoming a thing of the past now that what is needed is “Ethical Source” licenses, that eg.: restrict usage in AI.
From what I understood, it’s a requirement for a local API (for apps to use) and could be implemented during user creation.
It will be a slippery slope and IANAL, just my interpretation.
Since people aren’t reading the article and the headline is misleading. The law requires:
- The OS ask the user their date of birth on account creation (kinda like the Steam date of birth prompts)
- The OS provide an API that returns which of four age brackets the user fits in
- Companies notified by the OS that the user is under age may be liable
It was explicitly written by the authors not to mandate ID or facial recognition checks. You can lie about your date of birth. This basically creates a standard set of parental controls for parents configuring kids devices.
I think that this might actually help with the whole discord facial recognition issue in places other than the UK by allowing them to offload the issue to parents setting up devices rather than collecting kids biometrics.
So now when I spin up a VM at my sysadmin job I have to tell the server I’m an adult? Does anyone actually know what the fuck we are doing here? What an absolute clown show.
This is what happens when boomers never die and stay in office for a lifetime. They don’t understand technology but are allowed to make the laws that govern their use.
Nha boomers are not the cause for this shit. Smart ass marketeers and tech bro pushing for more precise target identification and thus more reach for them are to blame. And those I stumble upon are definitely on the younger side.
When can just change the laws when they leave
Wut?
They don’t understand technology
Considering most said technology was built by boomers… yeah sure, buddy.
Simple solution. From now on Linux distros should ship with a big message “NOT FOR USE IN CALIFORNIA”.
You want to force age verification? No server in all of California will run. Period.
“My name is Microsoft, and I approved this message.”
Microsoft’s own servers run Linux. An in-house build IIRC named Azure Linux.
And there’s nothing keeping them from adding it themselves for their own in-house use & profit.
What does that have to do with anything?
Because these scumbag companies are essentially running business like mafia thugs. Every OS is just linux with DRM if you dig deep enough.
If the only server OS legally capable of running in CA is Microsoft’s - be it Windows, or their particular spin of Linux - guess who’s gonna sop up all that government contract money?
And why would this particular law exempt Azure Linux only and specifically?
Wow, I’ve really got to spell it out for you, huh? Azure Linux will not be exempt - Microsoft will add the required routines to it, and if they are the only ones to do so, then they soak up the server market in CA.
ETA: I doubt that will wind up being the case as other commercial vendors will not want to be left behind, but we were discussing the theoretics.
“We’re every datacenter in Canada e Mexico and we collectively and politely agreed it’s a good move as well.”
Whose age do they want on the server? The admins? Whoever staged it? Lol. Sure. Jan 1 1970.
Do I need to put my birthdate onto my firewalls?
Ooh are all enterprise firewalls going to start coming with CISA filters pre-enabled? Gotta protect those kids!
Yeah… It says just that in the article. You did read the article, right? I mean you didn’t just read the title and then rush in here to make a comment?
How people farm internet points is serious business
Holy shit you can click those?
Supposedly the age verification thing that’s needed is the equivalent to a porn site verification. Just enter a birthday that’s in the 1800s, and you’re set. This is still a bad direction to go towards though, as it’ll set precedent for future bullshit.
Exactly. Today you can enter Jan 1 1800 and it will take it. That’s not the problem.
The real problem is the precedence it sets. An asinine rule gets passed and companies adhere to it, meaning they are enforcers.
Tomorrow when laws require real verification, like ID scan then they’ve already agreed to be the gate keeper for said asinine laws. It’s harder to back out at that point.
It’s all surveillance and it should be stopped.
There is nothing that’s “needed”. Its an OS not some demonic construct. It should also be noted that teens will be impacted in it as well - all minors. All this age gating, discriminatory behaviour is eating us alive. Age verification should not exist at all.
That would be a completely unworkable law since devices may not even have internet connectivity, or a user interface. And even if they did, it would have a chilling effect on software development in California.
No biggie. I got ready for this in minutes after hearing about it.
#!/usr/bin/env fish read -P "Are you old enough? (yes/no) " input if test "$input" = "yes" -o "$input" = "Yes" echo "Proceeding..." else echo "You are not old enough. Exiting." exit 1 end… What? … Why are you all looking at me like that?
No matter how hard they try, you can’t legislate parenting.
Despite signing it, Newsom issued a statement urging the legislature to amend the law before its effective date, citing concerns from streaming services and game developers about “complexities such as multi-user accounts shared by a family member and user profiles utilized across multiple devices.”
then why did you fucking sign it in the first place??
words cannot describe the depths of my seething hatred for the complete, museum grade, massive piece of shit that is Gavin Newsom
People already hate him this much, and he wants to run for president. Because Democrats didn’t lose badly enough last time.
Because it’s a metric, a bullet point, and campaign speech fodder. Newsome thinks of his position in terms of a career rather than an office, his job isn’t to lead a nation towards what’s right or wrong, it’s to pander so that he can be re-elected or elected to higher office.
The bullshit way that lobbying groups conduct polling and market research means they he’s chronically out of touch and that his focus is on perpetuating his time in office so he can continue to “represent the people”, making a calling out of bowing to the desires of the mis-informed, outraged, panicked mob he believes his electorate to be instead of actually having a spine and exercising good judgement.
The consequences of shoddy legislation take second place to being able to declare he did something to “keep kids safe”. It doesn’t even have to work, all that matters is having something to wave around and back up that claim. Something to placate the plebeians and let him continue to do what he does best… listen to lobbyists who are lying about what people think.
Why? Because that’s what gets people elected these days. Despite being on a foundation of pure bullshit, somehow it works. So he goes along with it, encourages it, and remains in office as a result.
deleted by creator
Despite signing it, Newsom issued a statement urging the legislature to amend the law before its effective date, citing concerns from streaming services and game developers about “complexities such as multi-user accounts shared by a family member and user profiles utilized across multiple devices.”
Then why the fuck did you sign it if it wasn’t ready and needed amendments? Is this what you’re going to do as president too?
Rhetorical, of course. Note how he doesn’t say he disagrees with the bill, just that it needed to consider family devices.
If this is who wins the primary, we are done. We’re basically already done, for sure, but him winning the primary would be the final nail in the coffin.
You know, bankroll the bribe money, settle the details out later. Politics 101
Yup. This. I’m in California and this is not even a topic. This is not even in the local news. It’s as quiet as: the bullet train project, the gigantic water pipeline for the south project, the drought solution, the power grid solutions, etc. But, boy, the amounts of money that it blew thru.
because he is a conservative dumbfucking cunt.
judge: the jury finds the defendant guilty of 9 counts of child negligence, and will serve 5 months in prison with a fine of $10,000 in damages.
prisoner: what you here for? what did you do?
father: I allowed my child to create his own account on Debian Trixie 13.3 with KDE Plasma interface.
prisoner: chuckles
This is a whole new level for system level fingerprinting
Am I missing something or would the following not meet the requirements?
Add a module that does the following:
On first account login to an interactive interface, ask for an age category (<=13, 15-15,16-17,18+). So a value between 0 and 3. Store that somewhere alongside user-level application settings. Include a library for applications to link against. Library contains one function, that function just returns whatever value was stored before.
I think that meets their bare minimum while also demonstrating just how dumb this is.
It wouldn’t. It would require a dedicated server to ping constantly and also an API that applications should use to ask the computer for age in background. Everyone could therefore us this data to fingerprint users…this makes everything even dumber and more prone for mass surveillance
EDIT: Sorry for the misunderstanding. Thanmk you for correcting me
No, you’re just wrong. The law just says, there needs to be a local API, that apps can use to ask, what of 4 age brackets the user is in. That’s basically it. There is nothing about some online server that needs to hold that data.
No, sorry, you’re wrong. Go read the bill, particularly section 1798.501.b, 1798.502.a and b. Every developer of every application that can be downloaded from every package system MUST request your age bracket every time it is downloaded. And possibly every time it is launched. Basic utilities like ‘ls’ and ‘cat’, that pong example I pushed as a test, everything.
But they could still just request the age bracket that is stored on the system at the time of download, no?
It’s not at all impossible, it just has to be implemented.
That is correct. Every program that is downloadable on the internet, from a big commercial application store, a open source repository, a single project webpage, or a random personal hobby site that has a single file on it that gets an update after 1/1/2026 must request your age bracket when it is downloaded. Or launched. Every singe one, every single time.
Since I took at look at your user profile, that means you would need to add that to all of your github and itch.io projects. And if they are included in some other packaging system, you better be sure that they are doing it as well. Otherwise you will be personally responsible for a $2500-$7500 fine every time a kid downloads one of your games. Your site has a direct download, so what are you going to do to implement that?
Impossible? Certainly not. But why the fuck should we have to do that? Why should every bit of code you put up on the internet be required to check the age API every time it is run? What are you going to do?
Yeah, don’t get me wrong, this is an insane law. It makes no sense and it is utterly ridiculous and dystopian.
I am just saying, that it is still manageable to continue, we shouldn’t give up. We should continue to fight against this law, but we can also realistically keep distributing our software regardless of this law.
I think, the age thing only has to be implemented by the operating system, not by every piece if software. We as app developers can then choose to use an API to age restrict our apps, if we want to.
We just have to make sure our app isn’t recognized as an operating system in itself.
Nothing in the law requires some kind of online server. Only a local API, which a local library that can be linked is. And it only requires age to bebe described in four brackets, hence just storing a value 0-3. Didn’t see anything obvious as to why this wouldn’t actually meet the requirements, while being as dumb and pointless as possible.
The law does not require photo ID uploads or facial recognition, with users instead simply self-reporting their age, setting AB 1043 apart from similar laws passed in Texas and Utah that require “commercially reasonable” verification methods, such as government-issued ID checks.
What even is the point of this then? To make shitty parents feel better?
It’s so next year when they expand the requirements the infrastructure is already in place.
Sell data. profile people more accurately.
Moving towards removing anonymity on the internet.
IRL Community is dead in america, They know the only thing we have left to band together on against their Nazi regime is the internet. This is why they are trying to destroy anonymity.
Soon it will be “Linux is for criminals” (like they said with graphene).
Yup. Replacing cash with digital transactions and eliminating anonymity online.
Yep!! All their plan, laid out clear as day. But you’re the crazy person if you bring that up among normies!
The point of it is actually the exact opposite. With this law the parent would set the age of their child. And if they decide to lie and their child is affected then they could be fined.
The other thing it does is if a platform decides to ignore the age range of a user and it affects a child then they could be fined. But as long as they do best effort then it really only affects the parents.
It also prevent platforms from requesting additional ID verification unless they have confidence that the age bracket of that user is incorrect.
There is absolutely no reason for an OS to know a users age. At this point it is certain that they can escalate this into including gender or even race.
The children or even the teens have no meaning in this law - they are simply used as sugarcoating for the cyanide pill that’s aimed at the populace.
I agree until this law there was no reason for my os to know my age. This law creates that reason.
Any law can be bad if we take into account the imagined future possibilities. Should we outlaw electricity because it might be used in some way to make nukes?
If lawmakers try to issue further requirements for ID or facial scans then we can fight that. But until then there is nothing in this law that affects me outside of needing to enter a number less than 2005 when I setup my OS.
If you don’t have any kids then you literally can’t be fined under this law.
If your code is installed on a general purpose computing device that is provided to a child, you can be fined.
If you provide code to the general public without requesting an age signal from the receiver’s OS, you can be fined.
The attorney general of California might consider the JavaScript in your web page to be “content”. They might consider it to be an “application”. There is no clear distinction. If you request an age signal before providing content, you can be fined. If you fail to request an age signal before providing an application, you can be fined.
The more I read about this law, the less I think it will actually go into effect. It’s going to face a whole series of injunctions. The lawyers are going to bill thousands of hours, but the whole thing is going to be scrapped.
Should we outlaw electricity because it might be used in some way to make nukes?
No, because there are lots of good uses for electricity. What is the good use of this bill?
It prevents apps from asking for additional ID verification. I’d rather my os ask me for a number I am able to lie about than to have to send my ID to 30 different apps and data aggregators.
Many people say that we should put more responsibility on the parents for what their kids are allowed to do online. This law does that.
But it actually does require that. Read section 1798.502.b. Every developer of every application has to ask for your age bracket through this mechanism. The open source developers behind ‘ls’, ‘cp’, ‘rsync’ are all suddenly required to ask my age category of face a $2500-$7500 fine per time my kids run apt upgrade. That is utterly absurd.
Hell, I’m suddenly liable if a kid downloads my pong example project that I put up on crates.io or PyPI?!?
Yea they have to ask for your age bracket. That’s not the same as an ID.
I agree, the definition of an application is much too broad. And should be revised. But the difficulty is how do you restrict it without also creating a multitude of loopholes for businesses to exploit. At the very least we should restrict it to applications whose primary purpose is to interact with the internet.
And before you say it, yes I am aware that that still leaves many apps like curl, wget, ssh being covered. But it could be a start.
Or maybe just restrict it to social media applications. I am not a lawyer, I definitely don’t have a great grasp of how to create the type of language that is appropriate for laws.
The ONLY way this is even remotely OK is if the OS is set to 18+ all other age verification laws are satisfied and I don’t have to provide even more intrusive information to random companies.
How will this affect embedded os like freertos or vxworks? There are lightbulbs that have operating systems these days, am I going to have to show ID to turn on my light?
My guess would be these OS’s just wont do it and stop doing business in that state.
Lucky for you, you can just download them anyway.
My guess is also that these lawmakers dont care nor considered other OS’s than Windows, MacOS, iOS and Android.
As those are not general purpose computing devices, and additionally have no app store - no, and no.
From the law text:
© “Application” means a software application that may be run or directed by a user on a computer, a mobile device, or any other general purpose computing device that can access a covered application store or download an application.
cool, then neither is my desktop pc. i get all my software on 5 1/4" floppies.
The quote is that it can download an application though
it can’t.
try to disprove me.
I forgot to include nm and wpa supplicant to my arch install before I committed it to disk and am now stuck installing everything from offline pacman caches carried to my via local homeless people in the form of random USB sticks found in parking lots. Prove me wrong.
The law defines a public webpage as a covered app store. Anything that can run doom and view a webpage is potentially covered.
It’s way overbroad and unclear how it could be implemented, and likely to be challenged in court if it even gets that far.
Definitely broad and “just trust us bro” energy.
I’m looking for orgs fighting the Colorado one. I got “replaced” by AI recently, so I have all the time in the world to write letters, make calls, and go to town halls. I just don’t want to do it alone.
It all but makes the law useless, but the law characterizes viable age verification as being self reported, so the Id wouldn’t be necessary.
How the hell are they going to enforce this?
Basically, it’ll become a crime to sell a computer with a pre-installed operating system unless it supports an age assurance system.
You make it sounds like a good thing; people will wont have microslops os by default… they may pick loonix!!! (this comment is brought to you by me)
Wait im dumb miceoslip WILL HAVE AGE ASSURANCE!!! GET out everyone will you can
Armed thugs of the state break into every home, and install their bigbrotherware operating system, and kill anyone who flinches like they might be committing any acts of dissidence. There we go. Everybody happy. And of course, you wont own the software. You’ll be renting it. Like everything else. Own nothing, be happy. Maybe they care. :/
It’ll be like the tv license inspectors in the UK but they’ll be armed
Them being armed will make it a lot more thrilling when you persist in asking them under what conditions are you lawfully obligated to comply.
OK Newsom, you’ve lost me. I enjoyed your chaotic responses to the drumpf but you’ve officially lost me.
Realize, this has always been him. He is NOT a liberal. He is a conservative who calls himself a democrat.
That’s called a liberal.
Government-mandated age verification stuff on private hardware is basically the opposite of liberal though
Those who call themselves liberal have been doing shit like this for so long that this rank hypocrisy is part of what it means to be liberal.
If liberals don’t like it, they should have had some integrity instead of ridiculing the concept as a “purity test.”
Yup.
Welcome to newspeak, USA-flavor.
Still drinking hair of the dog to nurse the McCarthyian redscare hangover.
Layers deep into the newspeak. Liberal, conservative, democrat… all these terms already many contortions and inversions distanced from original meaning. Soon, even “him”, “he” and “himself” too. Then even “is” and “not”, and then the CIA’s work will be done.
He used to be married to the woman that also used to be Trump Jr.’s fiancé.
He is still overwhelmingly liberal and progressive. Calling him conservative is insane.
He is basically as conservative as you can be here in California while holding a state wide elected position and even that may not be true anymore with how things have shifted since the last governor election. Point is he is generally on the more conservative end of Californian politics, hell I know some Schwarzenegger style conservatives who are more progressive than him.
If only all those agents hadn’t told us to not use the political compass, we might be less lost now. :3
He’s not even making most of those responses to Trump. His social media manager is doing it. He’s still just another Howard Schultz. “I like the idea of equality as long as rich people don’t have to reduce the rate at which they become richer.”
Yikes
