"Age verifications" AKA "A complete ID and access record of all that you do on your personal electronics." This is some seriously dystopian surveillance and control shit and it has nothing at all to do with children.
this post was submitted on 02 Nov 2025
306 points (94.2% liked)
Privacy
4126 readers
310 users here now
Welcome! This is a community for all those who are interested in protecting their privacy.
Rules
PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!
- Be civil and no prejudice
- Don't promote big-tech software
- No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
- No reposting of news that was already posted
- No crypto, blockchain, NFTs
- No Xitter links (if absolutely necessary, use xcancel)
Related communities:
Some of these are only vaguely related, but great communities.
- !opensource@programming.dev
- !selfhosting@slrpnk.net / !selfhosted@lemmy.world
- !piracy@lemmy.dbzer0.com
- !drm@lemmy.dbzer0.com
founded 1 year ago
MODERATORS
The whole point of the GNU/Linux operating system is for free speech. Whatever you're trying to do California, it's not going to happen. I refuse to run any proprietary software on my machines. It's astounding that any porch for freedom is just gets blindly attacked by a bunch of uneducated fools. What a boring dystopia we live in...
Computer code is a form of speech. It is mind-boggling to me that California wants to assert its rules over all FOSS software.
If California is able to do this, what stops them from next requiring Arch to be bundled with ID-checking Persona as part of a mandatory GUI installation?
Maybe Arkansas wants a mandatory "governemnt module" in Fedora to allow easy remote access?
Perhaps Dubai would like ProxMox to ping Dubai's government so they can create an IP registry of ProxMox users?
And since so many developers use github, will github just ban developers who don't comply?
I understand that such a rule could undermine Project 2025's objectives, but it is still a slippery slope.
What is the point of bucketizing the actual age when anything querying it can simply note the date at which the user shifts to the next bucket to determine the exact birth date even if it never sees the exact birth date?
Furthermore, what about a common login like on a media PC?
What about a Steam Deck that gets shared around a household?
This is all very dumb. Could be a lot worse but it's still very dumb.
Why do I need to show my ID to install Gentoo?
Because how can Persona (and the government) know who is using Gentoo without an ID requirement? What is someone doesn't use javascript when browsing the internet?
I'd like to see them try. Is it during installation or download?
Oops, forgot to compile that module. Oh well.
Take it from a Brit... It's not about the children. It's never about the children.
One of the architects of Project 2025 confessed on secret camera that the purpose of age verification laws is a de facto porn ban.
I'm sorry but you're using that term wrong. You mean a de jure porn ban.
A de facto porn ban would mean that you actually couldn't get any. And that's just ridiculous.
Like drugs are illegal de jure, but de facto getting weed pretty much anywhere in the world is not a challenge. Usually even easier than getting alcohol as an underage person. Not that I have experience of that in the past few decades (being underage that is).
I mean I guess it's "de facto" in sofar that it's not exactly presciptively de jure illegal when it's done like that. So in that sense you are right to use it like that, but eh. I disagree with who I was when I started writing this. No matter we're on lemmy.
Maybe for them. But for governments in general the point is that age verification is ID verification and it means everything you do online or on any electronic device can be surveilled and tied to your real identity. And that makes political dissent a lot harder to organize without being shut down.
This bill, beginning January 1, 2027, would require, among other things related to age verification with respect to software applications, an operating system provider, as defined, to provide an accessible interface at account setup that requires an account holder, as defined, to indicate the birth date, age, or both, of the user of that device for the purpose of providing a signal regarding the user’s age bracket to applications available in a covered application store and to provide a developer, as defined, who has requested a signal with respect to a particular user with a digital signal via a reasonably consistent real-time application programming interface regarding whether a user is in any of several age brackets, as prescribed. The bill would require a developer to request a signal with respect to a particular user from an operating system provider or a covered application store when the application is downloaded and launched.
I'm not sure how this is going to be enforceable. So, in essence:
-
The OS should have an accessible API that returns the age bracket of the user, presumably for the purposes of eliminating a lack of compliance on apps using children's data for advertising. That's not necessarily a massive problem, though I don't like the idea of age brackets, I'd prefer it if it's just a "Adult" vs "Child" bracket.
-
It doesn't seem to be asking that the age be verified through some external provider, so simply stating the age of the user is enough.
-
App developers are expected to always request that information on launch/installation, which is simply not going to work because how would you enforce it for software made before this law came into effect?
-
The definition of "covered application store" is way too broad and covers basically anywhere you can download software, including things like public docker hubs or Github, so no that's never going to work out. Apple and Google can maybe include the request for age brackets and provide that information by default as part of the SDK, but legacy software? Good luck getting WinRAR to request that information. You've essentially banned all software made before 2025.
So... The OS-level stuff isn't a huge deal, but the requirements on app developers are way too strict and would be unworkable. If I were to re-write the bill, I'd make it so the age bracket must be available at the OS level, but not required by the app developer to actually use it. I would then add more strict requirements on sites to not use children's data for advertising, with the reasoning being that they could have asked for the age bracket from the OS at any time, and the fact that they didn't even bother means they actually wanted to use children's data.
The bigger problem IMO is the implication that a device/OS must have a defined "account holder" that is associated with an actual person with an age. Nevermind that there isn't any verification happening that could de-anonymize a user or be breached - as an administrator, am I responsible for ensuring users only use a specific account with the correct age identified? What about google or apple? Are devices meant for children to be locked down so that new users or accounts can't be created to circumvent restrictions?
This law is too vague to have any meaningful impact on child safety, and the implications behind it make future erosion of privacy far more likely.
That's not even accounting for server racks. Servers run operating systems too, and a server doesn't really have a 'user' as such. Sure there's the admin account, but there isn't a definitive person you can tie that to.
So the "age verification" boils down to the same level of security as that pop-up on PornHub asking if I'm over 18? And Newsom wants to create a legal precedent that can open the way to mandated State-controlled malware on every electronic device in the State just for that?
I mean, he's a politician. He's very aware that people can and do lie all the time. Which means that the stated goal of this legislation is very obviously not its actual goal.
i hope people talking about him as a potential president remember this; he's a conservative robot who doesn't give a shit about you.
load more comments
(6 replies)
Mandatory os-level
Cute attempt, but libre software - as always - remains superior and impossible to control. That's by design. Write any law you want, I can modify whatever line of code implements this stupid check, remove it, and move on.
You mean the libre software that is all primarily stored on AWS, Azure, or Google infrastructure, especially github?
Linux is the giant it is using email as the primary infrastructure for development. We will be fine.
Can't we just fork it over to something like Codeberg eventually? I know it's a lot to move over, but with time and patience, it seems achievable.
On a PC that isn't so hard to do. The problem though is that online services will start requiring the os level check which itself will likely require phoning home to some service.
Plus open software on phones and tablets is still in very early stages.
On a PC that isn’t so hard to do. The problem though is that online services will start requiring the os level check
Easy peasy, the browser checks the OS them reports it to the website
load more comments
(2 replies)
Coincidentally, my birthday is 1900, January 1st.
1970, Jan 1st is better for this situation
He can go fuck himself. "Dems are the good guys!!!" Fuck off. This isnt about protecting kids. Its about tracking, profiling and data collection. No doubt to sell to 3rd parties. Fuck all these cunts who push this shit.
load more comments
(3 replies)
seems like MS lobbying group.
Lovely aint it?
Can't wait for the big wigs to start sponsoring bills going after whistleblower protection.
view more: next ›