Apparently this will include Linux…
Good luck with that
Every day this gets worse
And literally no one is doing shit to stop this. It is almost like personal property rights, privacy, and everything else are now dirty words that will make you look like a criminal.
I’ll just copy my comment from a similar bill in colorado, I will leave the link to the colorado bill in, but here is the california bill as well if you want to read it yourself.
The title is very misleading. This is the actual bill that they are trying to pass. The link already includes a summary, so I will just give you an even simpler explanation and some practical examples why this is actually really neat.
First of all, this is not age verification. No IDs have to be submitted, no selfies or videos will be submitted to any age estimation AIs, so put your pitchforks away (for now, until they decide to expand the bill to include these measures as well, then it’s time to burn it down). The name of the bill already tells you what it is: Age Attestation. Aka what every piece of software already does before it shows you explicit content.
With the bill in place, every “operating system provider” has to ask you for your age or date of birth during OS setup, which will then be made available to other software via an API. So instead of having to fill in your date of birth or checking “Are you 18+/21+?” boxes, software will use the new API to check instead, saving you the trouble of doing it manually every time for every application that is not made for all ages.
What makes it even better is that the OS does not have to provide your actual age or birth date, the bill has a minimum requirement of just disclosing age-bracket data. So it could work just like age ratings, which also rely on age groups rather than specific years. Also, the bill explicitly forbids asking for more than your age, sharing more than that via the new API and using the entered age data for anything else than the described purpose, like sending it to a server for tracking purposes.
And finally, as mentioned in the beginning, no IDs or anything else as it is with age verification necessary. You can still lie, just enter 1.1.2000 or whatever you want. Nothing changes, except that you will only have to do it once every time you reinstall/reset your OS or buy a new device.
Sure. But this is step 1. Things never stop at step 1.
Of course, and I will fight the next steps with pleasure, but I welcome a qol feature anytime, even one enforced by law.
Thanks for putting this here. Kinda getting sick of people that only read the headlines or have only seen the Lunduke journal video that has so many clear inaccuracies.
The laws aren’t perfect but they do have some nice protections for the users as you mention.
The only thing that I think is missing is that developers are restricted from collecting additional information but the OS providers are not, at least as far as I understand from reading the California law. At the very least, they still have the restriction on using the information in other places or sending it to third parties.
I posted this in another thread but I’ll repeat it here. I think it is shortsighted that some linux distros are taking the kneejerk reaction of leaving/banning California residents. We need to band together and figure out a solution.
Oh, I have one solution in mind. Two, actually:
- leave California
- ask some questions ™ to authors of the bill. Like who is going to benefit from this, who was paid how much for what etc.
I guess Linux distros are about to be banned in Cali.
Good fucking thing Linux is kernel
What the absolute fuck are these people doing!? An OS does not require age verification for anything but totalitarian intents. Fuck this timeline.
In essence, while the bill doesn’t seem to require the most egregious forms of age verification (face scans or similar), it does require OS providers to collect age verification of some form at the account/user creation stage—and to be able to pass a segmented version of that information to outside developers upon request.
So you just fake a date and call it a day… thank you Cali…
For real though I can’t imagine the sysadmin and docker nightmares that arise from having to completely overhaul your account orchestration scripts to input a garbage birthday.
I don’t think anyone thought of the fact that an account on an OS doesn’t always correspond to a human.
The law only specifies “computer, mobile device, or any other general purpose computing device.”
Which is extremely vague. It appears that the intention was to just affect end user devices. Not specific purpose systems.
I saw the developers of MidnightBSD state that they are going to block users in California when this law gets put into place. I hope that more OSs do the same. Especially Windows, it could be devastating to California’s economy and make them, along with other states and countries, reconsider their decisions on age verification.
I don’t live in California but I’m interested in seeing if there are any other OSs that will be blocking California users. I’m probably fine to just continue using Linux Mint but I’m open to trying other distros/OSs in order to participate in this protest if Linux Mint doesn’t.
In my opinion, it is foolish and shortsighted of these developers to just block the state and move on. (I do live in Cali but hear me out)
Whether people like it or not we are stuck with this law now. A law that leaves all of the implementation details up in the air. The big corporations, Microsoft and Apple, are not going to be pulling out of California. Do we really want to leave all the power to determine how this system works to them? Leave the 4th largest economy in the world entirely in their hands?
If we ignore what is going on here then we will give up our chance to even propose a minimal acceptable solution to this law. One that does not require ID or face scans.
I desperately hope that the linux foundation is taking this seriously and is already looking at implementing a solution.
This law aims to place at least some of the responsibility back onto the parents that allow their children to run wild on the internet. Is the law perfect? Absolutely not. Would I repeal it if I could? Yes, of course. But this is the hand we are dealt.
(also it is midnightbsd)
I know that we do need better regulations for protecting children online but I don’t think we’re ever going to get that. It seems like the government that we have now just wants to have full control over everyone. In fact, the FTC made a statement saying that they’re basically giving companies a loophole that allows them to partially ignore COPPA, which is one of the best protections children had online. It’s obvious that they have no interest in protecting children online, if they’re making statements like that.
Just to reiterate I do not think this law is good and I would get rid of it in an instance but…
I don’t really see this as a law to protect children. I see this as a law that focuses on the parents. The parents become liable under this law if they circumvent the system and their child is hurt. If developers decide to flaunt this law and ignore the signals then they would be liable.
So if you don’t have children this law should effectively not affect you other than you might need to choose which age bracket you are in. Which sounds like such a small price to pay for making parents take responsibility over their children on the internet.
I mean, as long as they don’t require an ID that’s fine I guess, even though what they’re proposing can be easily circumvented. But my biggest, and everyone else’s, concern is that, as with what’s been going on with age verification, it’s possible that it’ll just snowball into something worse. It doesn’t help that there are people, like me, that currently can’t get IDs. There are already several websites that I have to use through a VPN, so if these age verification laws keep getting worse, people like me might completely lose the ability to use the internet entirely, unless they make getting IDs easier.
I’m sorry that you have to deal with that. IDs should be as easy as reasonable to get. (fucking SAVE act).
You are right, this could be used as a stepping stone towards gathering IDs and the deanonymization of the internet. We (Cali residents) need to make sure that we contact our reps and are heard. Voice our concerns with this law in its current form and that we will be up in arms if they go any closer towards ID verification being required.
It depends on how the system is implemented. It is entirely possible that MS will implement it with ID verification or face scans, since the law does not forbid them from doing that. But that is why the open source community/linux foundation need to make sure that we put forward a reasonable solution rather than just “forcing” users in Cali to go back to using windows.
I mean, it’d suck for all of us outside of California to have more surveillance just because y’all have that law, and it’s absolutely not really about protecting children, it’s about surveillance
I’d love for you to go into more detail on how this is surveillance since that seems to be your main concern.
The law does not require providing IDs or face scans or any other identifiable information. There are clauses in the law limiting where the data gets sent to and that if data does need to be sent then it is the minimum that is necessary.
The law only requires that an account holder “indicate[s] the birth date, age, or both, of the user of that device”. Outside of the abstract the law not once mentions any type of verification that must happen.
Also it’s a California law. It doesn’t affect anyone outside of Cali so if you are affected take it up with your os provider or fork your distro.
Please explain to a complete doofus how can someone enforce this?
Cant they just download any linux distro from millions of different places and install them on any machine, even offline?
Bios are becoming more and more locked down, that’ll be the next thing, at the tech lobbyists behest.
soon we will need bootloader unlock exploits (or the blessing of our overlords) to install anything other than (unrooted) stock os, not unlike android and chromebooks.
we desperately need to break free from US tech.
The law only penalizes instances that affect children. So by circumventing this law does not mean you would be charged with any fines. But if you circumvent it and your child uses the device then you would be liable no more than 7500$ (since in this case it would be an intentional violation).
I am not a lawyer. This is just what I understand the law to penalize.
OS providers and developers are also not liable if you set an incorrect age for your child intentionally or by mistake, only you would be.
But if they flaunt this law (do not try to comply with best effort) then they would be liable for each affected child.
Edit: sorry this didn’t exactly answer your question. How they enforce it would be that it is tacked onto other charges from what I understand.
Edit 2: oh and children can’t be charged, only adults (18+).
Gotta love it when people who have no understanding of how Linux works writes laws about how Linux should work…
It goes way beyond Linux. Think any device that could download something at some point. Gas station pump, calculator, FreeDos, VxWorks, etc.
There is a lot of language like “or can download an application”, so if you can download something, then that thing could be an application, and thus that device and it’s OS is covered.
And every point of sale system everywhere
I have never internally facepalmed harder in my life
The law only specifies “computer, mobile device, or any other general purpose computing device.”
Which is extremely vague. It appears that the intention was to just affect end user devices. Not specific purpose systems.
what are they they gonna do against it?
of all the shit out there, that’s what needed attention?!
Curious for what it’s a distraction, eh?
All this age verification crap. Where is the fucking parents? I get that big tech has some responsability in all this. But how about we just make the responsible choice, of not letting a 8 year old near tiktok forinstance? Oh, it is just another excuse for private survailance you say? I see, I see…
I’m a parent and legit think that majority of parents should not have been parents and have no minimum required skill to raise a human being. It’s sad because it’s really not that hard but most people don’t think a day ahead when raising their kids and just follow a “vibe”, so spending a weekend on parental controls is an insurmountable task.
I’m not a parent and wish there was some kind of minimum requirement.
I AM a parent. And I will take the fight. Even though all other parrents will call me the “tin foil hat” rather that, than letting my child become a predators next meal online… These parrents has no idea what social media is all about. It’s a fucking addiction. The children can’t see this, this is why it’s our job to protect them.
Just want to clarify that nowhere in the actual law does it require verifying the age of the user. It does not require IDs or face scans.
https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=202520260AB1043
Please read it. It is a very short law <15 minute read tbh.
The law does exactly what you ask for. Parents setup the device and put their child’s age. If they lie or circumvent the system then the parents get fined if their child is affected by content on the internet.
As usual, the solution is education. Parental education needs to be prioritized imo. That said, I have no idea how we would implement such a thing. Most likely better general education would help at least.
“Won’t anyone think of the cHiLdReN?!”
Agreed. IDK how the conversation has made it beyond someone’s dumb idea to the front page (well, i do, but it’s pretty cynical). I’ve yet to hear any details as to how verification will protect kids. Kids could get their hands on the device of an adult. It’ll increase identity theft. Once one starts to think adversarially the number of holes to plug increase exponentially. underage drinking is a joke. This is an even more complex issue and the privacy trade offs are staggering.
Everyone needs to realize that all the age verification stuff is just a step towards the purpose, which is having any and all computer operation tied to the person — i.e. as Cory Doctorow has put it, the war on general computation.
As a Californian parent, I’m teaching my kids to use Linux to be safer against surveillance and control. It is 100% my responsibility because I chose to have children and let them use computers. It’s a dangerous world out there.
IDs in databases get leaked.
No one is going to enforce this. It’s political theater, and will in no way protect children.
Easy enough to send threatening cease and desist letters to distro maintainers that may not have a penny in savings. This is a huge gift to Apple and Microsoft that probably had enough of Linux hoarding in on their market share.
Were that to happen, I imagine it would be a relatively simple matter to move everything out of state, or even out of the country if need be.
Well… don’t live in rogue nations then, I guess?
Linux distributions should react by asking users to confirm they’re not in California. They’ll backpedal fast.
Eveny single website running should do this, and refuse to display for Californians