this post was submitted on 15 Apr 2026
893 points (98.5% liked)
Technology
83929 readers
2850 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Obviously everyone here hates this, but I'm gonna offer another perspective here and prepare for the down votes I guess.
There is a very good argument for OS level age 'tracking' as a means of creating a cohesive environment for software and websites to operate without having to implement individual age verification. The biggest actual issue here is how the OS determines what the user's age is. If this is implemented similar to what California has done, the OS would simply ask for the user's age at setup, and store that value, which can then be reported to programs and websites as needed. This would allow parents to setup a device for the child and not have to separately implement parental controls on every individual conceivable program, which are often easily circumvented. This would undermine any individual website's attempts to use age verification as an excuse to collect government ID data, and the security risks inherent to that.
There's no need to put any kind of validation onto this, it should simply be self-reported.
Now admittedly I don't trust our government to implement this in any kind of reasonable way so I definitely understand and respect the outrage, but I guess I'm just trying to find some positive aspect of how this might be implemented.
This is steel-manning an argument for a feature no one wants which is most likely the thin end of the wedge for increased surveillance and censorship.
This is just how it starts so they can trick well meaning developers into making websites and platforms which make use of this verification while it is still self-ID, but when the laws become more demanding and require connecting your user account to your real-world identity, it'll already be too late, all of your online activity can be tied back to you.
When I make this argument, people like to call it a slippery slope, but the fact is that there are so many nations cracking down on free, unmonitored access to the internet, with social media restrictions, platforms like Discord requiring you to provide identification, and so on.
All for this, all of that risk, all for a feature that adds very little value to the computing experience of anyone.
This isn't why those pushing for want it. It isn't about the kids safety but harvesting more information so they can tie all the other tracking data they have to a individual. its alway think of the children but lets make some money while we are at it.
Wrong. There are things that belong at the application level and others that belong in user space. Fundamentally it doesn’t make sense for any sort of mandate.
TF should I have to put my age or any other personal information into my pihole or any other system I’m running.
Absolutely not, age data is biometric data. It can and will be used to fingerprint you.
So just put in a different DOB. My suggestion is entirely self reported. The point is for parents to be able to setup a device and have a single point of control.
I still have an issue with that. It's like having a public facing UUID. "Man these 'users' all born at the same time seem to have similar habitats.
You're not thinking ahead. Think about the people who aren't even part of the discussion today. Will they know not to answer truthfully?
Sure, make it an optional field that you can fill in with whatever. Don't make laws requiring it though.
The system D thing was optional and self reported and had no call home.
Dude got fucking death threats over it
You LITERALLY can't win.
The death threats were shitty, I agree. But they were at least partially fueled by the fact that we have lawmakers trying to make it illegal to use an operating system that doesn't ask for your age. If that systemd change was introduced in a different time, I doubt people would have even noticed or cared.
Not trying to excuse the death threats, because again, that's shitty, there's no reason to do that. I think it's important to understand the context and nuance around all that though.
I'll appreciate that it's hard to be a devil's advocate on an argument and provide a nuanced take. But I will say the points made on the Ageless Linux website demonstrate why that's an issue, primarily around how you're teaching kids from their first time on the internet to lie. It really doesn't matter whether this happens through a drivers' license pic or a DOB selector.
Their argument is entirely based on the assumption that the child can change their DOB on the device at any time. That's trivially easy to avoid with a simple admin password requirement. If this was implemented in any competent way (granted, that is a lot to expect of legislators) the DOB would not be able to be changed once the device/user account is setup, or would require an administrator password which obviously shouldn't be given to the child.
But they turn around and say this is good and how things should work:
Yeah, the kid that's willing to change their device settings is definitely going to go check in with Mom before they access something they know they shouldn't be on. That's just an unbelievably bad argument.
In the normal case where a moderate/low-tech mom buys a child an iPad, there is no step at which they're likely to recognize it has an "admin setup", or configure a password. They unwrap their christmas gift, and they're likely the one to figure it out.
I can easily picture this discussion in a household strangled for time.
"Mom! I tried to use that new tablet, but it wouldn't work!"
"Okay...sweetie, I'm running late for my shift, what's the problem?"
"It says I'm...that I must be 18 or older to akkept the terms-"
"Did you give it your age?"
"My birthday? Yeah. Does it give you like presents on your birthday?"
"Put in...put in 1980 for the year. It's fine. I gotta go. Love you."
"Really? Okay. ...Hey, it worked! I can play Fortnite now!-
slam
"Huh. What's HotChat...?"
Versus this: (What the website proposes)
"Mom? Is it okay if I chat with people on the internet?"
"Chat with who? You mean like your friends? Is Derek from school on there?"
"Well there's this thing that came installed on the tablet. It says I can chat with people on the internet. But I should ask first."
"Let me see. ...Sweetie, this doesn't look like something that's for you. We don't know if the people you're talking to are strangers, or even dangerous people." "Ohhh."
"I can...I gotta go, but I'll try to find you some apps that will let you chat with kids from school. Okay?"
"Aw. Okay. I can still play Fortnite though, right?"
"I...yeah. Fortnite is fine. Don't put anything on there without talking to me, you promise?"
"I promise."
The site even backs this up: That open communication about dangers, rather than hard, automatic restrictions tends to lead to healthier upbringing from kids. Setting up fully automated barriers just leads to creative workarounds, since ultimately, adults and businesses will demand convenience - and kids will find ways to get access to it too.
So scenario one has a parent who is paying no attention to their child's questions, but in scenario 2 they're suddenly attentive and totally in tune with what their child is doing?
Look, you can't fix everything for everyone, but a simple explanation for first time setup of a device is not difficult, especially if it was implemented as a national movement (law or otherwise). Absentee parents are still gonna absentee, but it would be a tool that parents who give a shit could really benefit from.
Both scenarios I give involve the parent attempting to address the problem the child has. In the first one, the child had to ask for a way around an age blocker. The parent was never going to say no to the request because they're not going to make the case that the child "doesn't deserve to use devices". You could even theorize that the last part, discovering "HotChat", happens on their own time.
In the second one, the child was advised to consult an adult before using a chat program. The answer to their problem was a direct refusal - a NO from the parent, and an explanation as to why not to proceed - rather than any form of direct help. I'm even positing this second scenario starts from the child being left to their devices.
I'd need a much more detailed description of what a universal, government-driven, "simple explanation for first time setup" would be, for all operating systems on the market: Forcing all users to make admin accounts, store a password, and then create a child account; and trusting that people won't take simple paths for it, when most children are granted their own devices.
I'm very much in favor of giving parents tools for those things. But the way security works is, it will always be at war with convenience. As soon as people lean towards shortcuts that circumvent the intent of security (because not everyone's lives are based around these secure systems), the tight-gripped approach to security fails out. We want parents to choose to learn these tools on their own time, not simply have them presented as a roadblock to access.
I agree with you on this. I wouldn't mind if there was a mechanism on browsers which would send 'child/teen/adult' (or whatever they'd be called) data to websites in request headers since they already report a ton of stuff to the server anyways. It would be trivial for adult sites to check one header and limit access based on that. But the setting needs to be local only, so that parents could easily set restricted accounts for their kids. The point where user age must be validated via any 3rd party it's no longer about parental controls and the whole thing becomes a surveillance tool.
Also the limits should be agreed somehow on at least somewhat global basis so that it's only used for porn/gore/horror and other stuff like that. Things like sexual education, religious topics (likely both pro- and against-), medical stuff and things like that should be left out of the filtering. But as with practically every 'think of the children'-thing proposed for the internet it's got nothing to do with children nor used only for that.
The biggest damned issue i have with the "child / teen / adult" markers is they would literally serve up minors to predators.
Malicious sites already use browser markers to tailor exploits, now they can scoop up the kiddies with ease. A 14 year old browsing substack is currently just another random user. But put in OS level markers and now they're spotlighted.
That's the irony. It would make kids more fucking readily ltargetted.
Of all the comments this post has generated, this is absolutely the most compelling argument against what I suggested. Thanks for your input.
That is a problem, I agree. But I still feel like it would be beneficial if there was some standard on HTTP or other protocols which could limit user access based on PG-rating instead of everyone developing their own approach. It could also be something like robots.txt, but for PG-rating, where client would do the verification.
And, as I already mentioned, that should be strictly local only setting and only for parental/guardian controlling what minors can and can't do with their devices.
See I would be fine with this. A user input. Cannot be modified after installation. The parent installs the OS, the kid is locked down. Easy.
I'd suggest it would need to be per-user. Family computers are a lot less common nowadays, but are still a thing
Maybe not family computers so much any more, but shared devices, absolutely.
It still needs to be per user, per app. If I hand my phone to my kid or my niece, I don't need them looking up or accidentally seeing adult content because the apps don't ask anymore.
If the apps stop asking the user, and instead just query the OS, there's no longer any connection to the current user. So porn sites, for example, or any app that might have adult-only content, would still have to ask. In which case - what's the point of the OS age requirement? This is in no way more secure than the apps or websites just asking the user.
What about servers? I have several devices in my house that serve content to the rest of the house or provide other services. Would they need my birthday, even though my kids use the services? What about gaming consoles, or TVs? IoT devices? Does my thermostat, garage door opener, living room lamp, or washing machine need my birthdate?
This whole thing is truly a slippery slope that hasn't been thought through, at least on its face. Unless, of course, the whole point of this legislation has nothing to do with "protecting children".