Just moving the Overton window is not a good argument for or against anything. If you are concerned about what data the government may gather then say that and we can have a real discussion.

I am going to assume that you are referencing the epstein files. This is not a law about that, if you want them to be prosecuted then that is something you should direct at your congressperson. Not at a state level law about age attestation.

I fully agree, the definition of application is too broad and should be revised. But how do we revise it without also introducing loopholes that companies can exploit.

All the law requires developers to do is receive the signal and treat that as the primary indicator of the user’s age and to comply with applicable laws (ie. things you should have been doing already anyways).

For applications like ls (which let me be clear that I do not believe this app should be covered by this law) it could be as easy as requesting the signal from the OS, deciding that the user’s age bracket does not matter for your execution, and just performing as usual.

They should really limit the definition of application to just social media apps. (which would likely include things like irc apps).

Yea they have to ask for your age bracket. That’s not the same as an ID.

I agree, the definition of an application is much too broad. And should be revised. But the difficulty is how do you restrict it without also creating a multitude of loopholes for businesses to exploit. At the very least we should restrict it to applications whose primary purpose is to interact with the internet.

And before you say it, yes I am aware that that still leaves many apps like curl, wget, ssh being covered. But it could be a start.

Or maybe just restrict it to social media applications. I am not a lawyer, I definitely don’t have a great grasp of how to create the type of language that is appropriate for laws.

Leaving it to parents is the reason why we are in this mess.

Someone else had brought up in the past few days that parents either don’t know that parental controls like this exist. Or they don’t care.

This law puts that age setting front and center and allows apps, like Discord, so say “no <13 year olds”. I think where this maybe gets tricky is if an app says “only <13 year olds”. As like people have said there is nothing stopping people from lying, and that is a two-way street.

It prevents apps from asking for additional ID verification. I’d rather my os ask me for a number I am able to lie about than to have to send my ID to 30 different apps and data aggregators.

Many people say that we should put more responsibility on the parents for what their kids are allowed to do online. This law does that.

Sorry it is really hard to understand what you are arguing here.

If you don’t want your info (whether you are an adult a teen or a child) to be shared with “owners of apps that are on the Epstein list”, then don’t install those apps. There is nothing in this law requiring you to download any particular app.

If an app were sending this data to a third party, like palantir, then they would be in direct violation of this law.

If you were expecting to be able to leave decisions about your personal privacy and security to any governing body then you are in for a sore awakening. You should be well aware of how privacy and security are things that we have to take personal responsibility for.

I agree until this law there was no reason for my os to know my age. This law creates that reason.

Any law can be bad if we take into account the imagined future possibilities. Should we outlaw electricity because it might be used in some way to make nukes?

If lawmakers try to issue further requirements for ID or facial scans then we can fight that. But until then there is nothing in this law that affects me outside of needing to enter a number less than 2005 when I setup my OS.

If you don’t have any kids then you literally can’t be fined under this law.

No… The law literally says that if you make a good faith effort then you are not liable.

An operating system provider or a covered application store that makes a good faith effort to comply with this title, taking into consideration available technology and any reasonable technical limitations or outages, shall not be liable for an erroneous signal indicating a user’s age range or any conduct by a developer that receives a signal indicating a user’s age range.

Also the 2500$ is only for negligent violations.

Look, I don’t want linux to leave Cali. I have primarily used linux for the past 8 years and have no desire to use windows anymore than I have to. But, as you said, the linux community throwing their hands up and deciding to exit Cali and Colorado is just playing right into Microsoft’s desires.

The law actually has a specific provision preventing both os providers and developers from sending your information to whoever they want.

And the OS is only allowed to send the minimum information that is required. Ie. your age bracket.

Send only the minimum amount of information necessary to comply with this title and shall not share the digital signal information with a third party for a purpose not required by this title.

I mean yea. If you don’t make a good faith effort to implement this age attestation page and api to allow apps to pull from it. Then yes. You would be liable.

You could of course decide to not provide to residents of California and Colorado. No one is forcing you to provide for either of these states.

There is not requirement in the bill to prevent users in specific age brackets from accessing certain content or applications.

It simply defines that a method for age attestation (not verification) must exist and that the age bracket data be made available to apps and appstores.

The people who decide what age brackets can access would be the appstores and the developers.

I will concede that using the word “controls” for the OS provider could be misunderstood. What I would assume is that they are meaning control as in the person/entity that provides updates for the system. Ie, MS, Apple, Linux Foundation, Canonical, etc.

… That is literally what this law does.

When a parent creates the account for their child they specify the age. If the parent decides to lie or circumvent the system and it affects their child then they would be fined.

Just to be clear the law itself says absolutely nothing about actually verifying the age.

I haven’t seen any devs in the linux space actually write about a real solution but my guess is likely not. Since the law specifies that users are “children”.

Are they? The law effectively only applies penalties to the parents. If you have not ready the law I highly recommend it. It is very short and says nothing about actually verifying the age of the user. It is equivalent of entering your age on steam or the “are you 18+” questions.

I think people are down voting you since they actually have not read the law themselves and don’t realize that the law itself says nothing about actually verifying that the age is correct. It is no more than what you said, like steam asking your birthdate before you look at certain games in the store.

The point of it is actually the exact opposite. With this law the parent would set the age of their child. And if they decide to lie and their child is affected then they could be fined.

The other thing it does is if a platform decides to ignore the age range of a user and it affects a child then they could be fined. But as long as they do best effort then it really only affects the parents.

It also prevent platforms from requesting additional ID verification unless they have confidence that the age bracket of that user is incorrect.

I mean you can. They only get fined for children affected by violations of the law. Soooo…

The point isn’t to verify your age the point is to have the account holder (the parent) attest to the age of the user (their child). If the parent lies and it negatively impacts the child then the parent can be fined.

It also penalizes apps that see the user’s age is in a lower bracket and still shows them sensitive content.

There is a huge fascist issue everywhere in the US. SV is not special in that respect.

Thanks for putting this here. Kinda getting sick of people that only read the headlines or have only seen the Lunduke journal video that has so many clear inaccuracies.

The laws aren’t perfect but they do have some nice protections for the users as you mention.

The only thing that I think is missing is that developers are restricted from collecting additional information but the OS providers are not, at least as far as I understand from reading the California law. At the very least, they still have the restriction on using the information in other places or sending it to third parties.

I posted this in another thread but I’ll repeat it here. I think it is shortsighted that some linux distros are taking the kneejerk reaction of leaving/banning California residents. We need to band together and figure out a solution.