Age verification is the quickest road to ending general-purpose computing, because it plays on people's knee-jerk emotions. It won't do it by itself, but it'll goes a long way towards it.
The goal in my mind is to have an account a parent can setup for their child. This account is set up by an account with more permissions access. Then the app store depends on that OS level feature to tell what apps are can be offered to the account.
Let say the the age questions happen when you install the app store. That means if you can install the app store while logged in as the child account the child can answer whatever they want and get access to apps out side of their age range. The law could require the app to be installable and configurable from a different account then given access or installed on the child account, however at a glance that seem a larger hurdle than an os/account level parental control features.
The headline calls this age verification, but the quote in the article "(2) Provide a developer who...years of age." Make it sound way different and much more reasonable than what discord is doing.
I would much rather have OSs be mandated with parental control features than what discord is currently doing. I am going to read the bill later but here is how discord age verification could work under this law.
During account creation discord access a browser level api and verifies it server side. discord no knows if the OS account is label as for someone under 13 years, over 13 and under 16, over 16 and under 18, or over 18. Then sets their discord account with the appropriate access.
No face scan, no third party, and no government ID required.
That sounds like an OS feature that parents would like to have. Probably has some market value. Maybe just let the market figure that one out.
Or, we could have an overbroad law passed that torpedoes every open-source OS in existence. If I were MS, Google, or Apple, that'd be a great side benefit of this law. Heck, they probably already have this functionality in place.
The problem here is legally-mandated age verification, not where it is placed (although forcing it into all OSes is absolutely ...). The gains are minimal for children and the losses are gigantic for children and adults. I'm not keen to have children avoid blisters by cutting off their feet.
Put control back with the parents. Let them buy tech that restricts their children's access. This law doesn't protect children from the mountains of damaging content online.
And let all the adults run Linux if they want to without requiring Torvalds to put some kind of age question in the kernel and needing `ls` to check it every single run.
If there was a competitive market for OSs this probably would work, but we do not really have that. Getting the market to be competitive likely either takes considerable time, or other forms of government intervention. If there really was a competitive market then this would have been a solved problem ~15-20 years ago since parents have been complaining about this for ~25-30 years at this point.
> Or, we could have an overbroad law passed that torpedoes every open-source OS in existence. If I were MS, Google, or Apple, that'd be a great side benefit of this law. Heck, they probably already have this functionality in place.
I do not think the law does that. Either a additional feature making age/birth date entry and age bracket query available, or indicated the os is not intended for use in California, both seem to let developers continue along like normal. edit Or, I think, indicate that it is not for use by children.
> The problem here is legally-mandated age verification, not where it is placed (although forcing it into all OSes is absolutely ...). The gains are minimal for children and the losses are gigantic for children and adults. I'm not keen to have children avoid blisters by cutting off their feet.
In this case the mandate is entering an age/birth date at account creation where you can lie about said age/birth date. The benefit is the ability of an adult to set up parental controls for a child account.
> Put control back with the parents. Let them buy tech that restricts their children's access. This law doesn't protect children from the mountains of damaging content online.
This puts control in the parents hands. When they set up their child's account they can put in their child's age, or not, they can make it an adult account.
> And let all the adults run Linux if they want to without requiring Torvalds to put some kind of age question in the kernel and needing `ls` to check it every single run.
So from the literal reading of the law the age checks are only required when "a child that is the primary user of the device". It does not need to effect accounts where the primary user is not a child. Nor does it seem like any application needs to run the check every time the application is launched.
The law unfortunately does require:
> (b) (1) A developer shall request a signal with respect to a particular user from an operating system provider or a covered application store when the application is downloaded and launched.
So in the case where a child is the primary account/device user. The app needs to request the signal at least once when first launched, though it is not required to do anything with it. Delegating that to the package manager would make sense, but this part of the law should be modified, apps that can not use the signal for anything should not be required to request it, 'ls' for example.
It's just asking for some OS feature to report age. There's no verification during account setup. The app store or whatever will be doing verification by asking the OS. Still dumb to write this into law, but maybe not a bad way to handle the whole age verification panic we're going through.
There is no reason to tell the application, and by extension their developers, how old the user is. The application should tell the user what bracket it is appropriate for and then the operating system could filter appropriately without any of the user’s identifying information leaving their system.
This is also technically superior because it moves the logic for filtering out of being custom implemented by each and every single application to a central common user-controlled location; you do not have to rely on every application developer doing it right simultaneously.
And your point about fail open versus closed also makes no sense since if there are zero repercussions to not writing filtering logic then nobody would even bother. If there is liability, then obviously everybody will fail closed and every application developer needs to evaluate and change their application to only allow acceptable usage. This is much harder if they have to write custom filtering logic instead of just publishing their data categorization.
I do wonder who benefits from all the propaganda causing this kind of kneejerk reaction though.
Like, I’m not American and in Germany we have ID cards that actually have your age encoded on an NFC chip in the card and an ID number that encodes the age. Like, age is part of the ID number and checksum.
You could totally do all of this age verification offline on device and just expose an API that offers the age of the user to applications. You’d never need to talk to the internet for this, the API just says if you are a minor or adult, the browser can pass that to websites who don’t need to collect personal data and everything is fine.
But that’s not going to happen. It’s gonna be some AI facial recognition kinda garbage that is gonna send your face in every angle to Apple or Microsoft or another third party.
As is common these days they are going to try really hard to absolve you as the user of any responsibility for the sake of protecting kids so they can’t let this be a simple offline thing where your personal information never ever have to leave the device because what if kids find a way around it? Well the obvious answer is don’t let your kids just use a computer without supervision but if people would do that we’d not be in need of this garbage anyway.
have you literally ever met a kid?
Look at the thread on Block’s layoffs while they are profitable.
What I did say was:
>if there has to be age verification
That is far, far different than saying I want that shit. I do not make the laws, and I wouldn't vote for it either, so please, get your head out of your ass.
I'm not the one making laws about age verification, so I'm not sure how you get off blaming me for anything.
Well, the politicians probably meant to say “Apple, Google, Microsoft, plus maybe Sony and Nintendo”
i.e. the companies that already have biometrics, nigh-mandatory user accounts, app stores linked to real identities, parental controls, locked down attested kernels, and so on.
If phones had workable parental controls that let parents opt their kid into censorship, that’s better than the give-your-passport-to-the-porn-site approach the UK have taken.
Of course if they have applied it to every OS, not just the big corporate-controlled options, that’s a dumb choice.
I guess we'll just have to trust that our legislators are technologically savvy...
There are essentially two desktop operating systems, Windows and macOS. Linux is a decimal point and too fractured to worry about.
There are essentially two mobile operating systems, Android and iOS. And while Android is fractured, Google still has reasonable control they can exert.
This is (weirdly) the smart way to do this type of law.
Make the consumer OS providers add an age signal. That property can be bound to an account with the inability to change it.
Behold, "universal enough" parental controls which will require only a handful of lawsuits to litigate.
The "why" is also clear: deflecting/shifting responsibility.