Politicians will do any draconian measure to help kids except try and improve the lives of their parents so that they can actually dedicate time to parenting. Making it slightly harder to access the internet fixes nothing. What if instead of having the largest prison population in the world our government supported communities that make raising good children possible? Our society needs to lose this urge to diagnose each other and provide some forceful treatment and instead set sights on providing the pre-conditions for everyone to prosper and lead their version of a fulfilling life. Only then will we have functional, healthy children. I quite like what the mayor of Baltimore has been doing to revitalize his city and it seems to be leading to actual change there if you want a good example: https://m.youtube.com/watch?v=XQs59YY-e2I&pp=ygUXY2hhbm5lbCA...
basch 8 hours ago [-]
well, and this bill literally only makes you prove age to ... set up the device.
how are we in 2026 and phones dont have guest mode or "i handed it to my kid mode"
apple's guided access is a terrible 1% solution to the problem. in one click i should be able to put my phone into some kind of locked down mode that exposes only what is allowed, starting with nothing unless whitelisted, with multiple profiles.
in the same sense, all the streaming services having their own separate kids profiles, instead of the streaming device having a single kids mode that exposes only the kids mode content from each app makes kids mode useless when a kid can just change the app, or gets stick into a single provider and i have to go help them switch.
mkroman 7 hours ago [-]
> how are we in 2026 and phones dont have guest mode or "i handed it to my kid mode"
They do. Android have had multi-user and guest profiles since Android 5.
The only reason I really know this is because I heard how Google completely bungled it in Android 14 on Pixel devices[1] :D
While age gate attempts are comically stupid, an adult giving a kid a device purpose built for addictive behavior should absolutely be as illegal as giving them alcohol or cigarettes. I really hope Apple and Google are not stupid enough to further enable this.
ranger_danger 5 hours ago [-]
In addition to profiles you can also 'pin' an app from the recents menu so the kid cannot exit the app, sortof like a kiosk mode. It requires bio/auth to undo the pin.
To me that's faster and much closer to a safe "hand the device to a kid" mode.
HumblyTossed 7 hours ago [-]
Apple is a hardware company. They want to sell more devices.
shevy-java 9 hours ago [-]
IF it were for the kids - but I don't think it is.
> Making it slightly harder to access the internet fixes nothing.
This assumes it is about the children. But if you do not think so
then it opens up new alternatives suddenly, be it from tracking
people, to targeted ads or any other information that could be
gathered and eventually either monetized or put in tandem with
other information. We'd get age graphs that way too.
Before that we could speculate to some extent, but with mandatory
age sniffing and id-showing at all times, those who track people
and benefit from it, benefit now even more.
snaking0776 7 hours ago [-]
Agreed. I’m sure some house members will vote for it because they only had a random staffer read the bill and heard that it gives them a good talking point in the next election. I just wanted to point out what’s maybe obvious to everyone that this won’t help kids. I’m sure this is being pushed by Meta/whatever other ad dependent business wants to pass off liability of verifying age with the added benefit to everyone in power that it’s easier to track everyone as a result.
throw1234567891 8 hours ago [-]
> Politicians will do any draconian measure to help kids except try and improve the lives of their parents so that they can actually dedicate time to parenting.
Because in their eyes your children are not your children. You are simply a custodian of their future work force asset. If you educate your children too much into individualism, they (today’s politicians) may see a diminished return of whatever they want to achieve.
And if you don’t agree with me on an emotional level, well, just remember the words of Elon Musk (paraphrasing): we need people to have children because we need to have workforce in the future. Translation: we need people to have children because who will work for us and makes tons of money.
If you have it too good, you aren’t dependent on them, you have all the carrots. They have no stick. They want to have the stick.
snaking0776 7 hours ago [-]
I agree. Just was trying to point out that this has nothing to do with helping kids
enceladus06 6 hours ago [-]
Translation: government is the problem not the solution.
aceazzameen 6 hours ago [-]
Hard disagree. Corporations running the government instead of a nation's people is the problem.
Ancapistani 5 hours ago [-]
Government should be so powerless as to be unattractive targets for corporate influence.
aceazzameen 2 hours ago [-]
So you want to take power away from the people even more than now?
red-iron-pine 4 hours ago [-]
a government not worth of influence is not a government
mindslight 2 hours ago [-]
Sure, but this is only tenable as a technical position that aims to reduce all forms of centralized power. It completely fails as a political position applied to the nominal "government". Politically, pushing in this direction seems to only ever play out as reducing the power of governments over corporations, while often even increasing the power of government over individuals (spurred on by corporations looking to wield that power through the government). Whereas for it to achieve its intended individual liberty, the complete opposite would have to happen - decreasing the power of governments over individuals while holding or even increasing the power of governments over corporations - otherwise unrestrained corporations simply step into that nonconsensual role of government and we're back to step #1.
antisthenes 4 hours ago [-]
That just creates a power vacuum that corporate techno-feudalists (or violence specialists) fill in.
It's not a solution to anything.
For example of powerless governments - look at literally any war-torn African country and their standard of living.
red-iron-pine 4 hours ago [-]
the governemnt is the only thing holding even worse things back.
those even worse things have tried very, very hard to obstruct, slow, impede, and ruin government trust so they can enforce their monopolies.
C6JEsQeQa5fCjE 6 hours ago [-]
> Politicians will do any draconian measure to help kids except [...]
They are covering for and not prosecuting perpetrators in the biggest child trafficking and abuse scandal in recent memory -- the Epstein case. Let us do away with even a surface-level pretense that they care about kids at all.
HumblyTossed 7 hours ago [-]
I would rather them write a bill that says all kids are provided lunches at schools ("free lunch" if you will).
I believe that would help kids out much more than this shit bill would.
gibsonsmog 7 hours ago [-]
Feed, cloth and educate our population? What's next? Structure society in a way that benefits the people? How horrifying!
This. We need to stop calling this “age verification.” You are uploading your full ID. Not your age.
ranger_danger 5 hours ago [-]
Where does it say a "full ID" must be uploaded?
red-iron-pine 4 hours ago [-]
how do you validate citizenship and authenticity without a full ID?
ranger_danger 49 minutes ago [-]
Where does it say citizenship must be validated?
lrvick 2 hours ago [-]
A privacy preserving cryptographic digital ID that supports zero knowledge proofs.
...in a world where any legislator ever consulted with cryptography and security engineers on this sort of thing.
What we are going to get is people printing fake IDs on paper and holding them up to a camera.
bloppe 14 hours ago [-]
> The term “operating system” means software that supports the basic functions of a computer, mobile device, or any other general purpose computing device.
> The term “operating system provider” means a person that develops, licenses, or controls the operating system on a computer, mobile device, or any other general purpose computing device.
So excited to see the GNU vs. Linux debate finally land in court.
oceansky 12 hours ago [-]
Brazil just passed the exact same law, nearly unanimously. Even the wording and definitions are exactly the same. This is scary as hell.
phr4ts 9 hours ago [-]
>This is scary as hell.
"The greatest trick the devil ever pulled was convincing the world he didn't exist."
If it looks like a conspiracy, it's probably one.
oceansky 8 hours ago [-]
It's not even a conspiracy at this point, Meta was proven to be lobbying hard for this via small proxy companies.
AnimalMuppet 8 hours ago [-]
And why? What's in it for Meta?
[Edit: Never mind, others have explained elsewhere in the discussion. It's the lawsuits Facebook is losing for addicting kids. So rather than, you know, stopping doing that, they want to instead legally force us to alter every OS on the planet. Disgusting.]
wcarss 8 hours ago [-]
Just answering with a possibility here, but they could be seeking freedom from liability for failure to moderate content or ensuring their service is "not harmful". If it's only for consenting adults, and every adult can be pinned down with an identity, whatever happens can have the blame assigned away from meta.
edit: I took too long to write this :)
silon42 7 hours ago [-]
I wonder if they plan to provide "services" to web sites that need age verification... via their app and Facebook account..
As someone that doesn't have a Meta account (and will not), this could become potentially problematic.
RobotToaster 14 hours ago [-]
This is horribly vague.
>a computer, mobile device, or any other general purpose computing device.
It leaves open to interpretation if it applies to all computers, or just general purpose ones.
Does a car count as a mobile device?
pjc50 13 hours ago [-]
Car is clearly a mobile device; it has a touchscreen and an IMEI.
Going to be fun when my washing machine asks me to upload a scan of my passport to the CIA before it will open the door.
pradeeproark 12 hours ago [-]
were you trying to launder any dirty laundry :)
a2128 7 hours ago [-]
This will be perfect for those washing machine manufacturers! It will permanently pair itself to your passport with e-fuses, so that if you ever try to resell your old washing machine on the secondary market, it'll be worthless unless you also sell the buyer your passport
Jamesbeam 11 hours ago [-]
No worries, by that time so many people will have lost their jobs because of AI that you can hire a homeless person to register all your devices for a snickers. Dirty Mike and the Boys are going to own a lot of mobile devices, and control the world trade of snickers.
lol what makes you think YOU won’t be the homeless person.
Jamesbeam 8 hours ago [-]
I got a house with a 25-year roof, an indestructible Japanese shitbox car I can repair myself from scrap if I have to, and enough in the bank at three to five percent to pay my taxes, all of my hobbies, eating steak every day if I wanted and my share of the universal multi-payer health care system in my country.
That puts me for the rest of my life at a level of fuck you.
And if the system breaks down, I’m just going to hunt and eat you.
How big do you think your chance of survival is meeting someone hungry who spent over a decade in war and conflict zones and is still here?
I’m more concerned about the future for your sake than for mine.
wafflemaker 7 minutes ago [-]
Reading this made me think of the 4chan Navy Seals copypasta about a top of the class navy seals trained in gorilla warfare, the best sniper in the whole US marine corps.
Digital currency can help control you. Imagine negative inflation based on your social score.
Jamesbeam 7 hours ago [-]
Social score is for communists and autocratic regimes, minton. I live in a democra…
Wait, 27% for the right-wing extremists in Germany?
The strongest party if there were elections today?
Some of them publicly state they are the friendly faces of facism?
Oh, oh. I’m in danger.
loloquwowndueo 4 hours ago [-]
Hahah calm down man. Google for “daddy chill meme”.
alphawhisky 8 hours ago [-]
Cannibalism threats on HN - is this a recession indicator?
nekusar 7 hours ago [-]
To be fair, people who eat ultraprocessed foods are basically human wagyu.
It’s conditional cannibalism Sir. That’s a difference.
Oh, AGI can turn everyone into matchsticks, but when I talk about turning humans into tasty sausage the internet goes wild.
It’s obviously sarcasm, just for the neurodivergent talent in here panic buying cannibalism safe bunkers now.
/s
alphawhisky 8 hours ago [-]
Oh, you're german? Man, here I was worried you had crazy plus guns. Just crazy.
I'm adapted to the American diet, so I'm sure that they'll cover my nutritional needs.
Let's stay on opposite sides of the pond like Godzilla and King Kong.
Jamesbeam 7 hours ago [-]
Jokes on you. I have a Waffenbesitzkarte.
I like you whisky.
That’s a deal I can get behind.
I will send your administration a request to put your statue on top of the Arc de Trump. If they can pay 400 million for a ballroom, they can spend one for a diamond statue of the man that saved a lot of American lives today.
True heroes don’t always wear capes. Sometimes they have butcher knife’s.
ranger_danger 5 hours ago [-]
Breathtaking entitlement, self-righteousness, and arrogance.
Arrogance is usually a defense mechanism that you can't fix with logic... people use it to shield themselves from their own insecurities so they don't feel inadequate or threatened.
If you can't see your own flaws, you can't understand why others don't like your behavior.
"As a rule, strong feelings about issues do not emerge from deep understanding."
loloquwowndueo 4 hours ago [-]
Haha I think he was just being humorous, expletives notwithstanding.
Know what gave it away?
> enough in the bank at three to five percent
I mean lol if he’s expecting banks to be around in a societal collapse situation he’s got another thing coming, wonder how the shitbox car will do when fuel runs out in 8 weeks worldwide. Mad max baby!
Jamesbeam 4 hours ago [-]
> Breathtaking entitlement, self-righteousness, and arrogance.
Oh stop it. You’re breathtaking!
AnthonyMouse 10 hours ago [-]
> It leaves open to interpretation if it applies to all computers, or just general purpose ones.
That's not even the worst part:
> a person that develops, licenses, or controls the operating system
Suppose you write a generic piece of code that some third party then includes in an operating system, but you're the only relevant person in the jurisdiction. Are you now an "operating system provider"? If the "operating system" is made by hundreds of people or more, is it none of them or all of them or what?
Suppose you're a company and you've got a bunch of servers, which are computers, and you have root on them, i.e. you "control" the "operating system".
kakwa_ 8 hours ago [-]
IMHO, the law tries to target the last entity which has practical control over the OS design and implementation aka the final developer/integrator.
For example in the Linux world, it's the distributions.
Where it gets murky is with Android (and to a lesser extent Windows).
IMHO, the entities which should be responsible are Google and Microsoft.
But since vendors, specially in the Android world, can heavily tweak the OS, there is a case that it's more the device manufacturers like Samsung which are responsible.
The relevant interpretation in practice will usually happen naturally, and the most ambiguous stuff will be set by jurisprudence if necessary.
paulirwin 9 hours ago [-]
And what about containers/VMs, or booting software bare metal?
Does my laptop have to pass my age verification to a Docker container?
Am I at risk of government censorship (or worse) if I create a hobby smart home app that boots bare metal on a Raspberry Pi?
Or even the shell apps that I run daily. Does curl (which can access any web url) have to validate my age? What about AI models/ollama?
shakna 12 hours ago [-]
Is a scientific calculator, like kids are expected to use at school, a general purpose device?
It has an OS, a network stack, an interpreter. Usually used for games as much as for classwork.
mapt 10 hours ago [-]
"General Purpose Computing Device"
A car houses numerous Turing-complete computation systems.
Ekaros 10 hours ago [-]
BIOS or now UEFI support basic functions of computers... Does that mean those should as well have On-Device age checks?
Random_BSD_Geek 14 hours ago [-]
Thank you for the laugh in these dreadful times. :D
globalnode 11 hours ago [-]
yeah there is no "one" provider in that example
ButlerianJihad 14 hours ago [-]
[flagged]
bayindirh 12 hours ago [-]
Long live Linux!
12 hours ago [-]
laughing_man 9 hours ago [-]
I'm glad I got to see the era where the internet was useful and exciting. I feel like every major change since about 2010 has pushed it more toward blandness and made it less useful.
This will be a big one. They're building the groundwork for a world-wide dystopia.
iamnothere 9 hours ago [-]
Come join us on what I will call the “scatternet”, the globally distributed, offline-first, async network full of all the things that made the old Internet great.
Save a few ISOs of still-free OSes and hoard a few extra cheap computers. (You might also want to get a 10Mhz capable radio.)
rolph 4 hours ago [-]
BBS was born, BBS has risen, BBS will come again.
nhecker 8 hours ago [-]
Why the 10 MHz radio?
iamnothere 8 hours ago [-]
For sporadic medium-long distance communication over packet radio. 10MHz isn’t too crowded and can be easily used for regional communications (and occasionally long distance) via atmospheric bounce. It also works well at low power and the antenna is shorter than other long distance modes like the longer wave HF bands (20m+).
rickydroll 7 hours ago [-]
Are you thinking of 100mhz (3m)?
Sending data by radio is messy, slow, and generally disappointing. Start your journey by reading up on the Aloha system https://en.wikipedia.org/wiki/ALOHAnet.
iamnothere 1 hours ago [-]
My apologies, I meant 10m (28 MHz). Brain fart. It’s slow but it’s more than adequate for text, and range is excellent (hundreds of miles).
brightball 8 hours ago [-]
Running a network of old school BBS's over radio would be great
scrollop 7 hours ago [-]
Perhaps we could leave the crappy public internet and build better things behind Tor/darkweb.
sph 3 hours ago [-]
Perhaps we could leave the crappy internet and build better things in meatspace.
6 hours ago [-]
edg5000 6 hours ago [-]
I always felt this moment would come eventually. The trend is centralisation of power and control. It's depressing. It's been a long time coming at a slow but consistent cadence.
xt00 17 hours ago [-]
Do we know who is funding this? is this one of these things where Meta doesn't want the responsibility for this, so they are pushing to have the OS have the responsibility or something like that?
They also added this page since I posted that comment: https://web.archive.org/web/20260411112604/https://tboteproj... where they claim their website is "under surveillance" because it got a few thousand requests from Google Cloud et al, most of them to a single page. This really shows how low their standards are.
Random_BSD_Geek 14 hours ago [-]
I share your wariness of the LLM garbage, but I believe the conclusions are correct. This has Facebook's stink all over it. I worked there and know of what I speak.
AlecSchueler 13 hours ago [-]
So we should believe the hallucinations because they sound like something that could be true? Does the LLM in the middle somehow makes it more trustworthy than if GP had just shared their own pattern-matching conjecture?
Random_BSD_Geek 12 hours ago [-]
No. I think LLMs are garbage. Separately, and unrelated: I think Facebook is behind these bills. The LLM may be garbage and still sometimes produce a correct result.
AlecSchueler 11 hours ago [-]
Ok, but then we should look for an actual source beyond "Don't worry that it's garbage, it smells ok in this case."
Random_BSD_Geek 11 hours ago [-]
You are arguing with something I did not say.
Yes, it would be nice to know with certainty who is behind these bills. It sucks how much opaque money influences American politics.
Josh Gottheimer's press release[1] on HR8250 mentions the "Meta Parents Network." I don't know what that is, but it does have "Meta" in the name.
Buffy Wick's noise about AB1043 claimed it was passed with the support of tech companies. I have spoken directly to one person close to AB1043 who told me Facebook argued against AB1043. I have doubts. But if true, I suspect they were not arguing in good faith and had ulterior motives.
In the end, no matter who is secretly lobbying for or against age verification bills all over the planet, the bills are terrible, and we should fight them.
I was relieved to hear it was an emotionless mega-corporation catalyzing this, and not a sudden competence of evil bureaucracies in the USA and Europe.
pwg 9 hours ago [-]
> is this one of these things where Meta doesn't want the responsibility for this
Very likely, given the legal liability they are already facing from the "addictive" court cases that are turning against them. Moving the liability for "age verification" away means they will not also be facing a huge number of court cases accusing them of showing an underage person adult age content provided they followed the law's proscribed "ask the OS for the user's age" requirements.
Also, note that only a few months ago Zuckerberg was in court testifying that the single best place to perform "age verification" was in the operating system of a device. Now, like mushrooms after a long rain, at roughly the same time up pop bills in nearly every statehouse, Congress, even Brazil, that all read nearly identically and that all are so broad as to require "the OS in anything with a CPU do age verification". The nearly identical text in each highly implies a single lobbying entity is behind all of them (it would be quite the coincidence that 50 state houses, plus Congress and Brazil, all write nearly identical bills independently). And the connection back to Zuck's court testimony of "age verification is best done in the OS" highly implies that the single lobbying entity is Meta, or funded by Meta to obtain this outcome.
Neikius 7 hours ago [-]
Does it matter as long as you can set whatever age you want?
with age requirements for use of social media, Meta faces tremendous liability in many countries if they cannot do the verification correctly.
they don't want to do it, nor face the risks, so they'll push it to the OS.
they also know that banning under-16s means a huge market will be gone, so they want an easy-to-bypass OS fix. if their tween market gets around the hardware and OS it's not their problem, but Meta can't it if it's on them.
in other words lets annihilate the free internet and maybe democracy so we can lower our risk profile
riffraff 16 hours ago [-]
How does this undercut apple? This entrenches apple's position as a provider of "verified" devices.
politelemon 13 hours ago [-]
Nope. Apple have been enthusiastic in their implementation of it even without it being required in several countries.
b112 11 hours ago [-]
One thing which companies don't like, is a law suit.
If something is codified in law, they can comply with the law fully, and yet not have any real backlash from users. This can also shield them from many lawsuits. Conversely, if they start ratcheting down age-verification on their own, users will become quite upset. If they don't ratchet it down, then... as you can see, potential lawsuit.
And this isn't just about LLMs, once the concept of "a platform is liable for harm" happens, it's about everything. Including content other people slap into an app store. And the US has been talking about section 230 removal, countries around the world are reducing such exclusions, so the wind is blowing towards even more liability for platforms.
If you look at Google's recent moves to identify all developers prior to install on Android, there may even be some of this in that. How can they ban someone from publishing illegal material, or material Google will be liable for, if they don't even know who the publisher is? They'll just slide into a new account.
(Note, I said "some" not "all", there is often not just one reason for an action)
So I suspect that the push is from all online platforms of any size or scope. It will shield them, protect them from liability, whist at the same time redirecting user ire at the legislation, not them. HN types might still brood, but the average person won't have insight. "Protect the children" as a reason works for the average person, it works very very well, and really, that's what a lot of these lawsuits are about.
So I point back to such lawsuits as the start of all of this. And I see it as why there is a push from Apple, Google, Meta and so on. And simply because I'm saying "big corp wants this, not just Meta", doesn't mean I'm saying "Meta isn't doing anything".
Meta can be pushing this, hard, whilst at the same time every other large corp can be working towards the same outcome.
kmeisthax 16 hours ago [-]
Facebook. There's a wave of child endangerment lawsuits incoming and they want to head that off at the pass by having governments shift all that liability over to the OS vendors.
mapt 10 hours ago [-]
Microsoft just force-updated my operating system (despite declining every option and prompt) and the first thing I noticed working differently was it offering, in an OS popup, to "connect" the computer to "Facebook".
These people have root access to all our webcams.
I don't think we can tolerate these entities to continue to exist.
Eddy_Viscosity2 9 hours ago [-]
What can we do about it? The major tech firms have nearly all the power here, including quite obviously full capture of government (not just here but other countries as well).
MSFT_Edging 7 hours ago [-]
Internet wide coordinated DDOS?
Basically a mass-protest via network packets. Could we argue sending packets to a server is essentially a form of protest protected by speech similar to a public gathering?
progval 15 hours ago [-]
How does that help Facebook? They already have plenty of signals to guess their users' age, what would they do with an other one? They are not going to ban children anyway.
yborg 14 hours ago [-]
It helps them by making it somebody else's responsibility to get it right and thus shields them from liability.
Frieren 12 hours ago [-]
The OS should start labeling everybody as a child by default. Forbid Facebook to show ads and any harming content by default. The OS has little less to lose with this approach than FB.
progval 14 hours ago [-]
So it lets them know for sure who is a child. What liability does that shield them from, and how?
ben_w 14 hours ago [-]
FB etc. may argue "device says this user is an adult", even though device may say that only because the parents don't set up separate user accounts e.g. shared family iPad, or because the kids being more tech savvy in the first place like we all were when I myself was a kid.
kmeisthax 7 hours ago [-]
Every one of these age assurance laws basically says:
1. The OS vendor must provide an age bucket using the minimum amount of data necessary
2. App vendors (i.e. Facebook) must use the OS vendor's age buckets to determine age
The idea is that the next time Facebook gets hit with a child endangerment lawsuit, they can say "Well, we used the age buckets the government told us to, and they said the plaintiff was 18+, so we're not liable".
This, of course, assumes that most social media and Internet regulation will continue being targeted at children only, both because courts are reluctant to enforce 1A on laws that censor children[0] and because the current political class actually benefits from the harms Facebook does to adults. Like, a good chunk of government surveillance is just buying data from Google and Facebook.
[0] The root password to the US constitution is "th1nk0fth3cHIldren!!1" after all
close04 13 hours ago [-]
It must be OS responsibility because that’s the only place that allows the next step.
Everyone is so concerned with kids pretending to be adults, what about adults pretending to be kids? Any service that has any kind of private chat or picture sharing option will be a playground for “verified” kids.
Next step, “we must go further with the verifications until everyone is verified everywhere”. This is where the OS part comes in. Wish it was sarcasm.
jasonjayr 10 hours ago [-]
MS is ratcheting up the 'mandatory Microsoft account' on Windows, probably for this reason. The 'identity strongly bound with the device' stuff on corporate devices is being tested and secured in that environment, and it is almost certainly one step from being forced onto non-corporate devices, once they 'have to' by law.
Neikius 6 hours ago [-]
This is actually a very good point.
hulitu 16 hours ago [-]
Apple, Google, Meta and Microsoft. Maybe with a push from 3 letter agencies, because it makes their life easier.
jona-f 14 hours ago [-]
Yes, time for pitchforks and guillotines is long overdue.
Alas, wrong crowd.
RobotToaster 14 hours ago [-]
"god forbid we should ever be 20 years without such a rebellion" - Thomas Jefferson
mapt 10 hours ago [-]
And then didn't (publicly) come out against suppressing the Whiskey Rebellion.
Ancapistani 5 hours ago [-]
... which is entirely consistent with his statements.
Here are more of his own words from the same letter:
> And what country can preserve it’s liberties if their rulers are not warned from time to time that their people preserve the spirit of resistance? Let them take arms. The remedy is to set them right as to facts, pardon and pacify them. What signify a few lives lost in a century or two? The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants. It is it’s natural manure.
The blood of patriots and tyrants. He never expected rebellion to go unchallenged, he was advocating that we should maintain the spirit of rebellion as a guard against tyranny.
gnarlouse 7 hours ago [-]
Listen, I would actually be willing to support something like this, but Jesus Christ when will we put somebody in congress with a CS background who can literally just chime in and say "use Zero Knowledge Proofs for this, people might actually buy that you're not just building a surveillance state."
C6JEsQeQa5fCjE 6 hours ago [-]
> when will we put somebody in congress with a CS background who can literally just chime in and say "use Zero Knowledge Proofs for this, people might actually buy that you're not just building a surveillance state."
Well that would be counter-productive to actually building a surveillance state.
aes25423 6 hours ago [-]
ZKP doesn't solve the problem of issuers colluding (or being forced to cooperate) with verifiers
ZK is detrimental to the true cause of these bills: mass surveillance.
mistrial9 6 hours ago [-]
there is a significant population in management, court and law enforcement that does support state-mandated registration using full profile ID for using public infrastructure. It was on the railroad system in the USA, and was part of the profound shift to individual cars.
Ajedi32 8 hours ago [-]
Based on the few snippets quoted in the article, I think as written this bill gets closer to a good, privacy-preserving, non-authoritarian version of "age verification" than any of the attempts so far. What it seems to be aiming for is essentially mandatory parental controls at the OS level. No ID checking or government/third party involvement, it just uses whatever age the parents enter when they set up the device/user account for their kid. And apps don't actually get that info so there's very little privacy impact, just exposing an API that would allow apps/websites to query "is this user underage?" seems like it would satisfy the law as written.
The only remaining issue I see here is that I think the law may be a bit too heavy handed in how it tries to legislate this system into existence. Trying to tell Bob Hacker writing an OS in his basement what features his code has to include feels a little too authoritarian for my tastes. Probably there are some economic or regulatory levers that could be pulled instead to ensure this system gains mainstream adoption without criminalizing ordinary software development.
Again though, I didn't read the whole bill, just the article, so I could be wrong here on some of the details.
a2128 6 hours ago [-]
This is not the bill you're hoping for:
1. The text implies software should get access to your date of birth, rather than talking about age groups. If it becomes the case that websites can get your precise date of birth, this will be the ultimate fingerprinting vector that will put the fight for online privacy dead in the water.
2. The text talks about "verifying" dates of birth. This can only imply the involvement of face scanning or ID checking and third parties.
3. The text itself is very vague about details such as verifying, because it leaves many details entirely to the FTC, which recently announced they will stop enforcing privacy protections under COPPA for companies violating it to perform age verification of children[0]. So you can fully expect that if we are putting computing entirely in the hands of the current commission we will be probably screwed.
The text itself is less than 4 pages. I recommend reading it for yourself[1].
Ah, I see your point. I could see a way to interpret the language in the bill to mean exactly what I was thinking[1], but it's pretty vague and I could also see a way to interpret it that would seriously hurt privacy. If it's just down to the FTC (i.e. the whims of whoever the president happens to be at any given time) to resolve those ambiguities then that's not something I could support.
[1]: It says the parents verify the user's date of birth, which could just mean they get to say "yes, my kid is 12", and "a system to allow an app developer to access any information as is necessary" could just mean "is user over 18" if that's all that's necessary to comply with the FTC regulations.
a2128 3 hours ago [-]
The bill mentions a parent verifying a child's age, but the bill also later mentions the issue of "verify the date of birth of a parent or legal guardian" which I can only interpret as a face scan or ID check of the parent
tzs 2 hours ago [-]
> Based on the few snippets quoted in the article, I think as written this bill gets closer to a good, privacy-preserving, non-authoritarian version of "age verification" than any of the attempts so far.
I think you are mixing up the bill this article is covering and the bill that California passed.
The California law requires:
• When setting up an account for a child who is the primary user of a device the OS lets the parent specify the child's age or birthday.
• The OS to provide an API that apps can use to find out if the current user is a child and if so their age range (under 13, 13 but under 16, 16 but under 18, 18 or older).
The bill in Congress requires setting age information for all users. It does not specify how that age information is to be obtained, leaving such details to regulations that the FTC will write.
ronsor 8 hours ago [-]
> Trying to tell Bob Hacker writing an OS in his basement what features his code has to include feels a little too authoritarian for my tastes.
This is the one thing that risks getting the law struck down by a court.
cvoss 7 hours ago [-]
Exactly. People often forget that Congress can only exercise a limited domain of enumerated powers. The big one is regulating Interstate Commerce, which is already huge because of how interconnected the country is today, and is even bigger because of creative stretching of its reach (did you know that the Civil Right's Act's ban on discrimination by businesses is within Congress's Interstate Commerce power, because somebody might patronize your business from out of state?).
Anyway, I suspect Bob Hacker has a strong case that such a law as applied to himself would be beyond the scope of Interstate Commerce. Until he tries to sell or make his OS widely available, at least.
Ajedi32 7 hours ago [-]
Given how broadly the commerce clause has been interpreted I don't think we can rely on that to save us here. Criminalizing Bob publishing his OS on GitHub is still too authoritarian for my liking.
Just off the top of my head, something like "physical hardware with web access sold in the US without an ID check at the checkout counter must include this feature in its preinstalled OS" would be a better way to write the law in my opinion. Plenty of ways around it if you're a hobbyist or for some reason really don't want to comply, but a big enough hassle that all the major commercial OS providers would probably find it easiest to just include the feature. (Especially since this is a feature most parents would probably appreciate anyway.)
red-iron-pine 4 hours ago [-]
why do you think any court in MAGA America would allow this?
we know, for sure, that Clarence Thomas takes bribes. You think Facebook wouldn't cut him a check? Ditto for plenty of other Trump-installed justices on all levels.
tencentshill 4 hours ago [-]
So it's just an OS-level "I am over 18" checkbox. Essentially useless, except for removing liability from social media companies. As far as they know, every single device accessing their site legally testified they are over 18.
rolph 4 hours ago [-]
no its not, the bill also contains "for other purposes"
in present form its more than age verification, technically it could be for any other purposes.
edg5000 7 hours ago [-]
It's always the same pattern. There is no way to protect the children while also preserving freedom. The rationale behind it is irrelevant. For this to work everything would have to be locked down right?
This is not in the interest of the people nor any children.
Ajedi32 5 hours ago [-]
> For this to work everything would have to be locked down right?
No. As long as the focus is on giving parents tools to parent their kids and not on the government taking over that responsibility completely then there's no need for the government to lock anything down. You just give the parents locks and let them do the locking.
mindslight 7 hours ago [-]
No, this technical implementation is straightforwardly bad. The information flow and point of decision making are completely backwards as the bill was written by Facebook/Meta purely to absolve themselves of liability and foist it into others, including onto parents themselves!
The right way to facilitate parental controls with legislation is to put a requirement on service providers [over a certain number of users] to publish well-known tags stating the age suitability of their site/app/pages. Then put a requirement on mass-market device manufacturers [over a certain size] to include parental control software that can filter based on these tags. When parental controls are enabled on a device, any site/app without tags "fails closed" and doesn't display - meaning the open web and open devices continue to coexist with the tag system.
The key parts 1. the information signals flow the correct way, from the company with a well-known identity to the end-users' device where it can be acted upon per the device owner's desires 2. the legal liability lands in the right place - tags signify legal representations of the suitability of content and 3. the long tail of small-scale websites and devices are completely unaffected
This would also leave the makers of parental control software (bundled with device or third-party aftermarket) free to implement additional features that parents desire (eg block social media, even if the site says it's fine for <18), rather than leaving those decisions entirely in the hands of corporate lawyers (as this bill does, because once again it was written by Facebook/Meta).
Neikius 7 hours ago [-]
Agreed. Weirdly many people are against. This really seems like the best possible option. Actually helps parents as without this there is no way to enforce kid age. So instead of having it all per account and everything linked in most privacy invading way, just your OS tells the apps/browser whatever was set in there by the parent. I want this now!
Neikius 7 hours ago [-]
I guess we are expecting this to be backdoored with biometrics later? I don't see how anyone can force this on Linux.
I still prefer to have this in my OS above having every Random internet vendor collecting my biometrics and id documents.
beej71 5 hours ago [-]
It is one of the better options. Instead of vaporizing the ship, it only blows it in half at the keel.
As TFA notes, once this is in place, we're behind the eight ball from then on. You want to post something that the government doesn't like, something that insults our Dear Leader or promotes a political alternative? Guess who's getting an "over 21" rating by the feds. We've already seen massive speech pressure brought to bear by the FCC and there's no reason to think this won't continue.
So I'm reluctant to give 'em an inch.
jmholla 5 hours ago [-]
You should actually read the text of the bill. It basically tells anyone who asks what your birthday is. It places no limitations on how your age should be verified, or how requesters can use your information. And if you think this is where this kind of de-anonymization will stop, I have a bridge to sell you.
Dwedit 16 hours ago [-]
People lend phones or computers to kids. The age associated with the user account means absolutely nothing.
big-and-small 15 hours ago [-]
And there obviously gonna be market for "verified" devices. Not like there is anything at all that could stop people of any ages looking at porn.
skybrian 15 hours ago [-]
Identify devices, not people.
Distinguishing between child-locked and unlocked devices is something any website should be able to do easily. Adult-only should be a config setting.
Vendors shouldn't sell unlocked devices to kids.
Then it's up to parents take sure their kids only have locked devices. (Or not, if they're okay with it.)
AnthonyMouse 10 hours ago [-]
> Vendors shouldn't sell unlocked devices to kids.
This part is neither necessary nor sufficient.
Put aside the Orwellian premise of "devices are locked by default". People keep making the analogy to things like cigarettes, but if a kid wants a steady supply of cigarettes then they need a steady supplier. If they want an "unlocked device" they just need money and Craigslist, once. It doesn't matter what you make Walmart do and it correspondingly doesn't make any sense to involve them.
If your kids have enough unsupervised money to buy electronics then you're either fine with them being unsupervised or you already have bigger problems than a used laptop.
ndriscoll 9 hours ago [-]
Kids having $20-30 means you're fine with them being unsupervised? Computers and smartphones are incredibly cheap.
In person, we expect stores won't sell cigarettes to kids. We should simply expect companies won't provide age restricted services to kids. The liability and requirements should be on those companies.
nemomarx 9 hours ago [-]
If they're able to get a burner phone unsupervised then I think they could also pay an adult to do the face scan for them or borrow your ID from your purse to authenticate an account. What level of security would you need to totally prevent that kind of thing? Unless it checks your age every time you log in with biometrics I don't see it.
(Of course adding any level of friction will deter some kids, but needing to get a whole new device other than the one their parents gave them is already a lot of friction, isn't it?)
ndriscoll 9 hours ago [-]
We could e.g. try saying it's sufficient that the user makes ongoing credit cards payments as a proof of age. Or sure maybe you need to verify with every purchase, which is how e.g. alcohol works.
Don't currently take payments for your business model? Probably what you're doing is anticompetitive and we shouldn't allow it anyway.
iamnothere 9 hours ago [-]
What about non businesses, like nonprofits, hobbyist groups, or individuals offering a service out of their own charity?
guzfip 9 hours ago [-]
> In person, we expect stores won't sell cigarettes to kids. We should simply expect companies won't provide age restricted services to kids.
Stores won’t sell cigarettes to kids because doing that will probably get you arrested and shut down pretty quickly.
IAmBroom 9 hours ago [-]
You are gliding past the crucial difference: detecting that someone is a minor in person is magnitudes easier than doing so online.
ndriscoll 8 hours ago [-]
I'm not seeing how that affects my framing. Yes, it is more difficult. That sounds like a problem for businesses that want to offer restricted services online, and we should ensure it stays their problem, not everyone else's.
GuestFAUniverse 12 hours ago [-]
What for?
I use family link for my kids devices. It works good enough.
Everything else seems way too intrusive.
Apple is horrible in this regard. Their solutions never really work.
A joint venture for an (optional) cross-platform family app would be more than enough.
This, plus a (voluntary) content rating that's offered via an API (could even be simple meta data on a webpage).
Done.
stephbook 10 hours ago [-]
Nice. How does pornhub.com "verify" your age when accessing it from your family computer's Ububtu account "my kids account"?
Oh, there is no config to retrieve, no We API to speak to.
"I'm 18 or older"-button it is. Is that a workable solution?
Neikius 6 hours ago [-]
Well let's postulate parent set age on that up Ubuntu account to 13. Pornhub will query browser spi, which will query os API. Very elegant.
Ofc as soon as you give your child root access it is over but that is on you
basch 8 hours ago [-]
the answer, as always, is always a protocol.
the major players need to allow me to elect one of them as my family manager, and control permissions across ecosystems, from my management portal. i should be able to freely swap apple, google, microsoft, facebook, or a startup as my management and permissions tool.
instead I have a disparate management account and portal for every service on the planet. roblox, fortnite, facebook all want to appear to "make it easy" as if they hold the delusional belief that their management portal is the only one I have to manage. then add a spouse that also wants to change or tinker a setting.
if any law is going to get passed: it should be that any company over a certain size, who adds parental controls, needs to expose them externally to 3rd party management software.
9 hours ago [-]
muyuu 12 hours ago [-]
Very plausible that they would outlaw this if these bills pass and consolidate. Would be seen as a loophole.
nicce 10 hours ago [-]
Probably works as well as "forbidding" adults to sell or give beer to underage.
peyton 14 hours ago [-]
Sounds like a problem. Luckily it turns out my phone has two cameras and a laser dot projector pointed at my face right now. Not hard to imagine a future solution to this issue were we to pass this legislation, sadly…
14 hours ago [-]
harrisoned 10 hours ago [-]
This is tiring. The text is so vague, and if a big country adopts it software companies will comply, and there's no reason to why smaller ones wouldn't, since 'the work is already done'.
I wonder if it would be illegal for an user to use an outdated system without those functions when they roll out, or to use outdated applications, or to distribute outdated applications, or to keep mirrors of multiple versions of operating systems. I doubt they thought that far, or if they care at all.
HerbManic 29 minutes ago [-]
If they are smart about it, they probably wont make older systems illegal but will merely let other parts of tech advance to the point that old systems become practically useless online. Like running a PowerPC mac online today, yeah you can just barely do it but very few do.
kardianos 8 hours ago [-]
I hope people realize that most of these bills are being introduced in blue states by Democrats.
Republicans may not like porn, but they put the onus where it belongs, on the operator, not on the OS.
NekkoDroid 7 hours ago [-]
> Republicans may not like porn, but they put the onus where it belongs, on the operator, not on the OS.
While that might be true, I can't agree with the implication that this is better in any way. Having the onus on the operator forces you to have to send some form of verification out to all such operators you want to visit and they have repeatedly shown they are NOT capable of securely and privately handling that information.
NoGravitas 8 hours ago [-]
The federal one was introduced by Democrat Josh Gottheimer (D-NJ) and cosponsored by Republican Elise Stefanik (R-NY). This push is extremely bipartisan.
Ancapistani 5 hours ago [-]
I can list as many reasons as you'd like to vote against Democrats, but this just isn't one of them.
If anything, the GOP is worse on this issue.
RajT88 7 hours ago [-]
> Republicans may not like porn
I am certain they love it, given what kinds of businesses see a spike when the RNC comes to town.
More accurately, restricting it is a useful policy platform that helps them win elections.
kgwxd 8 hours ago [-]
Oh geez, wish I had vote for Republicans then :/
The difference isn't really in the politicians, it's in the base, and how they will react to acts like this. Democrat voters will shame them, endlessly. They may not have alternatives to vote for, but they won't change their opinion to match whatever dweeb they were forced to vote for. Republican voters will always be on board with whatever they're told to be on board with.
cubefox 8 hours ago [-]
> A bill introduced by Representative Josh Gottheimer in the House on April 13
Josh Gottheimer is indeed a Democrat.
stogot 8 hours ago [-]
I noticed when the party name is hidden in news articles, it’s often that party as I always have to go look for the rep’s page
yabutlivnWoods 15 hours ago [-]
Tim Apple argued it was a violation of their engineers and managers free speech to make them engineer back doors
Wonder if they will stand up against this on the same grounds
Longer answer: In the UK, Apple already implements age "verification" at the OS level, starting with IOS/IPadOS 26.4. If Apple had not implemented this, it would still be in compliance with UK law. Apple is anticipatorily obedient.
A company like Apple has visibility of the legislative pipeline in its markets. Looks like the UK was a test bed.
Lots of OECD countries, all at the same time, are pushing for online age verification or OS-level age verification, both equally intrusive and implemented in privacy-violating ways by conflating identity verification and age verification.
The end result is not protecttion of minors, but abolishing anonymity on the Internet. Social media companies claim to want the former, but in reality just want to shift liability to OS and device vendors. Governments happily accept the "side effect" of being able to find and root out dissidents.
Random_BSD_Geek 14 hours ago [-]
> abolishing anonymity on the Internet.
This is what Facebook wants.
globalnode 11 hours ago [-]
there is no anonymity on the internet. the sum of your devices characteristics are close to unique anyway (i could be wrong but i think this is accurate). which kind of supports the hypothesis that this is about shifting responsibility for age verification due to laws coming from other countries recently. i have no idea how this will work on linux, it probably wont.
ButlerianJihad 12 hours ago [-]
> abolishing anonymity on the Internet.
Firstly, you keep using that word; I do not think it means what you think it means.
On the Internet, especially forums such as HN, you are "pseudonymous". That is, you made up a name for yourself, and that's how you're known to others. At the very least, we are all identified by IP addresses, which are again, fairly stable and unique pseudonyms. There are nearly zero truly anonymous corners of the Internet, because anonymous communications are chaotic and anarchic.
Secondly, it was the NSF who mandated that everyone accessing the Internet must have an associated and authenticated account with an identity that is known to their provider. These rules went into effect in the early 1990s. Perhaps they have been discarded or observed only in the breach, but truly, nobody is a stranger on the Internet. Even if nobody knows you're not a dog, your ISP or your coffeehouse still know who you are, when you connected, what device and so forth.
So, please let us stop pretending there is "anonymity" here, or that there ever has been. Whatever you've done in the past, it will eventually be unmasked. Yes, people on Discord and Wikipedia alike are freaking out over this prospect, but it was always going to happen. We've been laying down a very permanent record for over 50 years. Eventually it will all be correlated with real identities, Facebook or not.
icedchai 3 hours ago [-]
The NSF "rules" stopped applying when the NSFnet was shutdown in 1995. Actually, earlier, since commercial providers (upstream ISPs like UUnet, Sprint, MCI, PSI) were not dependent on the NSFnet and did not have to abide by the AUP.
iamnothere 10 hours ago [-]
My coffeehouse running an obsolete consumer router and accepting only cash actually has zero record of who I am.
ButlerianJihad 31 minutes ago [-]
> obsolete consumer router
So your router probably belongs to at least 2 botnets, and I bet they have logs of your MAC, your browser fingerprints, and your comings and goings!
seethishat 8 hours ago [-]
How many cameras do you drive past and walk by to get to the coffee shop ;)
Random_BSD_Geek 11 hours ago [-]
o_O
> Firstly, you keep using that word; I do not think it means what you think it means.
I posted that word exactly once in this thread, and I was quoting someone else. But I like the Princess Bride too.
No idea what you're talking about with regard to the 90s. I can only tell you I was on the Internet then and it was not as you describe.
Regardless, there is a difference between "unmasked with a court order" and "everything you do online is tied to you for the benefit of ad brokers."
We can have reasonable privacy protections and still allow law enforcement to function.
kmlx 14 hours ago [-]
i think Apple turned on age verification in Singapore, South Korea and the UK:
It's short and in plain language. The article is longer than the bill. Here's the totality of the requirements:
(a) REQUIREMENTS.—An operating system provider, with respect to any operating system of such provider, shall carry out the following:
(1) Require any user of the operating system to provide the date of birth of the user in order to—
(A) set up an account on the operating system; and
(B) use the operating system.
(2) If the relevant user of the operating system is under 18 years of age, require a parent or legal guardian of the user to verify the date of birth of the user.
(3) Develop a system to allow an app developer to access any information as is necessary, collected by the operating system to carry out this section and any regulation promulgated under this section, to verify the date of birth of a user of an app of the app developer.
---
This part from REGULATIONS is also nominally important:
(B) Data protection standards related to how an operating system provider shall ensure date of birth collected by the operating system provider from a user, or the parent or legal guardian of the user, to carry out this section and any regulation promulgated under this secion—
(i) is collected in a secure manner to maintain the privacy of the user or the arent or legal guardian of the user; and
I appreciate the brevity of the bill, but it delegates a lot of discretion to the FTC to regulate things like "How an operating system provider can verify the date of birth of a parent or legal guardian", so it's up to the discretion of someone in the executive branch as to whether GNU and/or Linux will have to scan your driver's license and upload that scan to some government contractor's servers, say.
rolph 53 minutes ago [-]
just occured to me, there will be some cohort that gives this the windows treatment, refusing to update, or upgrade versions, and retain present OS.
the next step if this bill passes seems to nessecarily involve excluding holdouts from content rated beyond toddler safe.
greyface- 16 hours ago [-]
So, who's gearing up to sue the FTC for a declaratory judgment that this is unconstitutional?
Random_BSD_Geek 14 hours ago [-]
Is that an option? Tell me more.
Yes, I am looking to sue to stop this insanity. If you're a lawyer reading this, please reach out.
m4ck_ 7 hours ago [-]
I look forward to having to age verify the dbus and chrony and root accounts on every linux-based "smart" device in the future. That should be fun.
Will my children be able to use my smart oven/thermostat after I verify I'm 18+ on those devices?
I also wonder what verification will look like for containers and and VMs that might have a short life. Maybe that's how we keep IT jobs for a little while longer? Human age verification on every local account every time a container or VM is spun up.
Neikius 7 hours ago [-]
Obviously it does not make sense to age verify root stuff. Also as root you can set whatever age you want to your accounts.
m4ck_ 7 hours ago [-]
I agree, but the law is pretty vague. Root is a user on an operating system on a general purpose computer after all.
lrvick 2 hours ago [-]
I compiled most of the operating systems I used from source code as a minor, and will parent the same way. I do not know how one age verifies a Linux From Scratch install, but I sure hope politicians try and give me a good laugh.
diogenes_atx 6 hours ago [-]
If this legislation becomes law, it will be interesting to see how the Linux hacker community reacts. Laws are virtually meaningless if there is no practical way to enforce them and if there are enough people who oppose them. Just take a look at the history of file sharing over the past three decades. For this new law to prevent the proliferation of Linux distros that are not in compliance with age verification requirements, there would need to be very powerful enforcement mechanisms, including criminal prosecution. Even then, it's difficult to see how severe criminal penalties and/or civil liabilities could stop hackers from building and distributing illicit versions of Linux. It's just basic economics: demand creates supply. Linux moves into the black market with new distros of Clandestine-OS.
egorfine 5 hours ago [-]
> interesting to see how the Linux hacker community reacts
We already saw that: some eagerly implemented this stuff, some rejected.
jmholla 15 hours ago [-]
So this bill creates a commission to ensure that the information cannot be stolen or breached from operating systems, but says nothing about how the applications querying this information must protect or leverage it. I basically requires that any application get to know a user's birthday, as long as it's "necessary". What a fucking joke! I'm so sick and tired of this bullshit.
Edit: Oh, and the commission gets to make up the rules on how ages should be verified. So, prepare for a whole other level of PII leakage that isn't even captured by the text of the bill.
pkphilip 13 hours ago [-]
This is yet another underhanded attempt at making digital id mandatory. Child protection is just the trojan horse.
EU also released their age verification legislation. Notice how closely they are timed.
Well I'm going to keep using GrapheneOS and whatever version(s) of Linux refuse to comply.
Makes me even more glad that I've already transitioned off Windows.
Neikius 6 hours ago [-]
Just make your OS say you are 99.
This is all fine until they put some Id verification in. Then anything open is cooked.
hightrix 4 hours ago [-]
Sounds like a business opportunity. A simple tool to create an ID that passes checks with any information on it you'd like.
Bender 9 hours ago [-]
I read the bill and I feel like it's missing any technical details. It's almost like they read my suggestion [1] but then left some parts out. The technical parts. As I read it one can just enter whatever name, age and other details in the setup of a computer they desire. It's missing any checks for a header on the server to detect adult content labels. What am I missing? What forces me to enter my real information? Are operating system developers going to be granted access to the DMV databases? Or forced to use some third party that scratched the back of some politicians? If I block connectivity to this will I not be able to log in? If someone performs a successful DDoS to the site will I not be able to log in? It feels like several pages of the bill are missing. How does the OS know it is visiting an adult site?
The site "reclaimthenet" calls it age "verification", but it's not a "verification" at all. There's your mystery.
All the bill wants is that you can set up an iPhone for kids, an children account on Ubuntu (YOU decide whether it's a children's account) and then, presumably, the browser vendors implement an AgeAPI that allows website operators to query the user age.
Your device tells us you're 10 years old. Access to Instagram denied.
Your device tells us you're 16. You're not allowed to visit gambling-porn-and-industrial-accidents.org
It's, of course, exactly the opposite of the "identity-tied age verification government-control, ID-document-leak" dystopia that the scare crowds here are peddling. But you'll never hear a word of acknowledgement from them.
These people act as if those "I'm 13 or older, i can create an Instagram account and waste my life" or "I'm 18 or older, let me watch porn and strangle my girlfriend" buttons are the peak of civilization.
7 hours ago [-]
Bender 8 hours ago [-]
Ah, well that's at least half of what I suggested. Telling the site the age seems leaky to me, I would still prefer the apps check for the RTA header so all decisions stay on the device and not leak anything. Curious where it goes from here but based on your reply it does not seem quite as bad as I imagined. Thankyou for the clarification. I imagine eBPF or MAC rules could be used to block this.
Government should like the RTA header as they can fine sites daily that are missing it. Lobbyists could push companies that do the header checks.
direwolf20 6 hours ago [-]
I've noticed this reclaimthenet site has very mixed factuality. Sometimes it posts good content but more often it just posts its preferred form of propaganda. I've reported it to dang but he doesn't care. I don't know why 404media is shadowbanned but reclaimthenet is not. I guess it's about who aligns with YC interests.
iamnothere 9 hours ago [-]
They have dropped all the decision making for the details in the lap of the politically controlled FTC. Which also means that future FTCs could change the rules based on political goals.
9 hours ago [-]
cestith 3 hours ago [-]
If all they wanted was to prove you were over 18 or over 21, those can be checkboxes rather than birthdates. It’s clear the bill’s author is an idiot or insincere.
everdrive 10 hours ago [-]
I've been trying to download media for a while now. I don't have a huge collection; most media is not actually very good. But, the internet soon will just be an awful conglomeration of cable TV / a big shitty mall / a horrible outrage & propaganda machine. It's already most of the way there. Either destroyed from within by bots, data brokers and corporations, or destroyed from without by government, surveillance, and regulation. I recommend you start treating the internet like a mall; it's not some place you'd actually like to go. You get in, get what you need, and get out. Some people will will disagree with the analogy on the grounds that they _like_ going to malls. Well, good news, the new internet might be for you.
anthk 10 hours ago [-]
I mainly post in Usenet and IRC, and download PD movies (seriously) and books. I don't pirate any more because even current pirated media it's somehow a free advertisement for these people.
From Gutenberg, PD comics from the golden era -and pulp scifi-, noir movies, old weird science/fantasy series in B/W and whatnot, I'm pretty much covered. Ironically most current scifi media can be traced to...Bradbury novels, PKD's paranoia and some Weird Science comics.
Once 1984 gets into PD, that's it. It is in Canada, but you can
read it online as long as you don't download or share it:
There’s a version of this I could support:
- pre-specified age gates baked into the protocol (perhaps just 13 and 18).
- account admins on a device get to specify which bracket is associated with the account
- an api that allows sites to query whether the current user’s account is above one of the thresholds
Leaks pretty minimal PII (the user is between 13 and 18 would be the tightest identifier obtainable with the above gates). But still allows for age gating some content without relying on self-reported age.
Am I optimistic the actual solution won’t be more invasive? Sadly no…
tzs 2 hours ago [-]
That's pretty much the California law.
jim_lawless 10 hours ago [-]
Related HN post "Ageless Linux- Software for humans of indeterminate age" :
"To require operating system providers to verify the age of any user of an operating system, and for other purposes."
- And For Other Purposes.
am i the only one seeing that?
i see a lot of discussion pro and con age verification, there should be much more concern about the purpose of that phrase for other puposes.
is some one actually trying to sneak a catch all like that into it, or is it a bargaining chip. [see we removed "for other purposes", its all better, now we can pass it]
ergonaught 7 hours ago [-]
Much of the USA accepts "gun deaths" as an unfortunate but acceptable price that must be paid for the widespread freedom to own guns.
When those same people are hysterical about Protecting The Children, you should understand that "protecting the children" is a distraction from whatever the actual intent may be.
The general public is thoughtless, and there's little reason to think the decision-makers are much more thoughtful, but Protecting The Children is merely this age's Trojan Horse.
edg5000 6 hours ago [-]
Yes, it's a recurring pattern also seen in European politics.
bluedino 6 hours ago [-]
> Much of the USA accepts "gun deaths" as an unfortunate but acceptable price that must be paid for the widespread freedom to own guns.
Much of the USA recognizes that "gun deaths" are caused by criminals who aren't going to follow any gun laws in the first place.
beej71 5 hours ago [-]
This response, however, does not really address protecting the children.
nickslaughter02 10 hours ago [-]
This will be required in firmware eventually.
anthk 10 hours ago [-]
Salvage old free as in freedom distros. Learn about i2pd and tunneling Usenet/IRC and Email (even cool online Nethack/Wesnoth/FreeCiv gameplays over it, any turn based libre game will work).
There are some Usenet servers (text content only, no binaries, all illegal crap it's cut down by design) listening under I2P servers. By design enforcing any cross-pond law it's impossible.
Learn about NNCP in order to tunnel messages over it, really useful for asynchronous connections such as Email and Usenet: https://nncpgo.org
Also, learn connect to a Pubnix and to use Usenet/IRC/Email/Mastodon services (tut it's a TUI Mastodon client) from remote servers. Make their own law obsolete across the world. Learn Mutt and GPG too, it's about 20 minutes of your life and for basic email a simple text editor like Nano, Mg or Mcedit would suffice to compose an email.
Try free Biltbee servers over IRC too, these can be connected even from DOS IRC clients in order to connect to modern services such as Jabber, Steam chat and even discord (join the &bitlbee channel once you connected ot a public Bitlbee server, there are several, and type down 'plugins' to get the available chat systems in that service) and thus any age bullshit for FreeDOS it's by design unenforceable without breaking network drivers and TCP/IP stacks as TSR's and whatnot. Ditto for old Amiga, RiscOS and such old releases which are unsupported. And banning retro computing would make the several civil right unions sue the state (and the judges) like crazy for huge amounts of money. Even META too as being the main lobby instigator.
Claim your freedoms back.
iamnothere 10 hours ago [-]
With the dawn of this bill I am finally building out my airgapped network.
I’ll be passing messages to and from the former internet using NNCP bundles. I’m planning to work on some interesting solutions for async communications over Nostr, with some alternate paths through radio for emergencies. Finally looking into steganography as well.
Hope to see you all there.
dizzy9 13 hours ago [-]
An utterly insane idea for a law.
Age verification inherently means identity verification. There's no way to prove your age without first proving that you are YOU, either by showing your face or authenticating with some third party authority, usually government or a corporation.
The idea that you should be locked out of using your own computer until you do this is utterly insane. What problem does it solve that existing parental control tools don't? A generation of parents already trust their babies with iPads for this reason. And what of the millions of Americans who don't have current ID?
BatteryMountain 6 hours ago [-]
This is so dumb. There are 100 other ways to protect children that would be more effective than this. Not only will this approach not actually protect children, this will violate the privacy of billions of people. It will introduce identity theft at mass scale (good luck solving that on short notice) and it will make activist/journalists/military/political opposition vulnerable. Perhaps this is the purpose. Who would benefit from such a scenario...mmm?
Neikius 6 hours ago [-]
As a parent this is perfect. I am baffled why this is not a standard yet. So setting an account age in Netflix works but the child can access anything. Make new accounts even. So I have to block half the internet. Somehow. On a shared computer. And all companies would have to get your ID and track that. It's crazy.
This compromises 0 privacy until it requires an ID. EU solution actually does and only supports specific devices.
sbochins 3 hours ago [-]
All these bills about age verification have nothing to do with protecting kids. This is just an easier pill for folks that aren’t privacy minded to follow. In the end, all your online activity and offline activity (flock cameras) will be tracked, because it gives our politicians and national security apparatus the type of power they crave.
Those were all almost completely useless because they were before the text of the bill was released.
kahrl 9 hours ago [-]
"The age check is the entry fee for owning a computer."
No, the fee is your identity and a record of your every thought and action.
hofo 9 hours ago [-]
Not a mandate at this point. The bill was only introduced on April 13th.
2OEH8eoCRo0 7 hours ago [-]
They should mandate age verification from the other direction- make serving certain content to children a liability. They'll quickly figure out how to verify age all by themselves. No need to legislate implementation details.
7 hours ago [-]
ranger_danger 16 hours ago [-]
That means porn sites won't require me to independently verify my age right? Right?
sorahn 15 hours ago [-]
We still have to provide a way for people that don’t have (smart) phones, but I would absolutely implement asking the phone instead of a 3rd party when available.
We don’t gain anything from asking a 3rd party. In fact it costs money per request.
shevy-java 9 hours ago [-]
Right now the lobbyists are winning.
I hope Josh Gottheimer will get a lot of money for his work there.
I also remember a few weeks ago, people such as Poettering and others
said this is all harmless, nothing bad would ever possibly happen.
Lo and behold, now it is the new mandatory law. All people will soon
have to go for age sniffing, in order to access information. Linux
is only for the Underground now.
frogperson 7 hours ago [-]
I wish there were a way to fire lobbyists. There is no feedback loop, they can be as bad as they want and never suffer a minute for taking away peoples rights.
drivingmenuts 10 hours ago [-]
I can already smell the exceptions - some companies will be exempted from these restrictions due to "national security implications", or, more realistically, "we distracted the President with a golden gewgaw and a bribe".
aes25423 6 hours ago [-]
> "Once the operating system knows your age with verified certainty, it can tell any app to deliver, restrict, or withhold content accordingly."
Instead of "age verification", call it (and everything like it) Epstein law. The government wants the information of who is a kid and who isn't broadcasted to all the apps, safe AND malicious. There's no good reason to let random developers freely collect lists of kids out of those people who choose to try an app. It's Epstein law.
Being able to easily bypass an age gate makes such info unreliable, verification removes the unreliability such that the data can then be used for both good and evil reasons.
bibimsz 6 hours ago [-]
who asked for this?
micromacrofoot 10 hours ago [-]
the US will kill every third space by any means necessary
their dwindling to irrelevance, like the UK, could not happen faster
AlexandrB 9 hours ago [-]
Have you thought about what replaces the US once they're irrelevant? Because it's probably something much worse.
LightBug1 6 hours ago [-]
Agreed. But at the rate we're going, the US and "worse" will likely have converged ...
"TOO LOW, PULL UP. TOO LOW, PULL UP"
Take your country back before it's too late.
abdelhousni 15 hours ago [-]
All this fake good intent to prevent another TikTok which was the only media which transmited the reality on the ground during the Gaza genocide. And its aftermath in the youth mind and in the University campuses.
Fascists and industrialists have to take control, again, of the minds.
(See oligarchy's appetite for social and media companies)
vscode-rest 17 hours ago [-]
Writing like this is frankly so exhausting. I don’t think anyone not already in the choir could make it through.
wakawaka28 16 hours ago [-]
Some people really need shit spelled out to them. This does a great job of doing that in a small package.
vscode-rest 5 hours ago [-]
I doubt this sort of rhetoric will convince a modern audience. Reads like “Sinners in the Hands of an Angry God”.
wakawaka28 3 hours ago [-]
It's not the rhetoric that should convince you, it's the logic. The rhetoric here is purely to liven it up.
vscode-rest 3 hours ago [-]
Same could be said for SITHOAG. Yet, modern preachers have found far more success with other approaches.
Consider: if the tone of your writing will put off anyone who disagrees with you, what’s the value in “livening it up”? Again, it’s preaching to the choir.
LightBug1 6 hours ago [-]
LOL, fuck that
kotaKat 12 hours ago [-]
Glad to see that Elise Stefanik came out of fucking hiding in NY-21 to dump this stupid "parents decide" bill on us when she couldn't even be assed to help her constituents over the past several months when one of the main hospitals in her district is bankrupt and closing.
Last time we saw her anywhere near here was her "farewell tour" when she was supposed to go be Trump's UN stooge. Haven't seen her up here since.
Glad to know we get to die up here for on-device age verification for everyone else.
dev1ycan 10 hours ago [-]
It is just crazy how much of a tech billionaire centric the US government is, they can come up with Thanos' idea of wiping out 50% of the population and politicians would do it as long as Zuckerberg or anyone else in the techno bubble asked for it.
guzfip 9 hours ago [-]
> they can come up with Thanos' idea of wiping out 50% of the population and politicians would do it as long as Zuckerberg or anyone else in the techno bubble asked for it.
Stay tuned. With mass unemployment/underemployment there’s gonna a be a lot of “extra” people.
asxndu 11 hours ago [-]
[dead]
AnIrishDuck 15 hours ago [-]
[flagged]
windexh8er 12 hours ago [-]
In short: you seem to want the Internet to parent your child. I have kids and do not want any of this for them, because all of it is a slippery slope to falling deeper into the surveillance state.
As a parent: do your job and take responsibility for your kids. While it's not trivial this also isn't overly complicated anymore.
ronsor 15 hours ago [-]
The problem is with government mandates.
Apple and Google already ship OSes with comprehensive APIs and parental controls. There's not even any porn on the iOS App Store by policy.
Creating liability for random OS and app developers is absurd, and foreign porn websites aren't going to comply with this anyway.
Random_BSD_Geek 15 hours ago [-]
This.
If your child needs a helmet to use the internet, as the politicians announcing HR8250 seem to think[1], Apple or whomever is free to offer that as a feature. There is no need for this to be legislated, especially when the legislation does not work in open source environments.
[1] Not hyperbole. They said that. It was an analogy, but one that highlights how ignorant of the technology the authors of these bills are.
deaux 13 hours ago [-]
Reddit and X are on the stores. I guess browsers are on the stores, at least on Android where they aren't necessarily Safari reskins.
kcb 9 hours ago [-]
You can just configure the device to not give the child the ability to download apps without approval.
Random_BSD_Geek 14 hours ago [-]
I can understand the "baby mode" desire, but as the other reply pointed out, this does not need to be legislated. The big OS companies can easily offer this feature for those that want it.
I'm curious though about all this porn that apparently hides behind a rock on the device and leaps out to corrupt tiny minds when they least suspect it.
Shock websites aside, pornography generally doesn't ambush you. Unless you're a republican giving a presentation and have no idea how that porn got in there.
And, AB1043 specifically exempts websites, so it doesn't protect anyone from the goatse's of the world anyway.
These bills will not do what they purport to do, but they will do a whole lot of bad stuff.
kcb 9 hours ago [-]
There's already like 17 different parental control solutions out there for every device platform. You can and should use one and don't let your kid go to any website or use any specific app without your approval first.
themafia 14 hours ago [-]
> "there's a baby driving"
Why does your baby need internet?
> We do want a way to signal there's a kid driving a device.
Which is extremely irresponsible. It creates a false sense of security and abandons your child to the whims of strangers. This seems akin to putting a "please don't hurt me" sticker on your child and then letting them roam around downtown unsupervised.
> But if we can just have a way to put bright orange vests on devices that require special treatment
There is software you can already use which will lock the device down and only allow it to go to pre-approved sites. I'm unwilling to give up any of my civil rights for your level of convenience above this.
exodust 10 hours ago [-]
Yeah this is the way for sure. The OP forgets that young users advertising their age online with an "orange vest" might not be best idea.
There's almost endless choice of legit quality native apps for kids, curated from trusted sources. These alone far exceed healthy screen time if all were downloaded. Or as you say, curated web links in a locked browser.
How much screen time should kids do anyway, it's crazy how much is available before worrying about WWW on top of their games, apps and videos.
pelasaco 12 hours ago [-]
I have a kid. Actually two kids. They have their usage controlled by google family. I review weekly their internet usage, screen time is limited to 2 hours/day. They dont have social media. School research and etc, they do at home, in the "main computer" in our dinning room. Youtube too. In the end is our responsibility to educate and protect our kids. I truly dont see a need for such extra controls if the parents aren't interested in enforcing it.
hsbauauvhabzb 15 hours ago [-]
You wouldn’t drop a toddler in the cbd and expect them to be fine, why would you expect a device to be any different?
You need to be a parent and stop expecting the people around you to do it for you.
Edit: and there are already device level parental controls.
basisword 10 hours ago [-]
Or just don't give your child unfettered access to screens. There is zero reason your child needs x unmonitored hours with YouTube or Netflix or a browser or anything else.
ntoskrnl_exe 12 hours ago [-]
You put your child in the driver’s seat and expect others to make sure it doesn’t make a wrong turn? Did you really have to give it the keys to this hypothetical car instead of, say, LEGO?
kahrl 9 hours ago [-]
I think you should just give your away children in servitude to neo-feudal overloards. You're halfway there. You clearly don't want to be a parent.
The breathless fearmongering over an age field on account set up is just completely over-the-top. This is probably the least bad out of all possible ways to implement age checking. The benefit of this is that it can short-circuit support for more onerous age verification. The writing has been on the wall for some time now: the era of completely unrestricted internet is coming to an end. The question is how awful will the new normal be? Legislation like this is a win all around, a complete nothingburger. We should be celebrating it, not fighting it tooth and nail.
The tech crowds utter derangement over this minor mandate is truly a sight to behold.
Random_BSD_Geek 15 hours ago [-]
Like the authors of these bills, you appear not to understand the technology.
Consider AB1043. It mandates that applications check the age of the user each time the application is launched.
Think about what that means when you run `make` in a source directory. How many times is the compiler application launched?
hackinthebochs 10 hours ago [-]
Let's try to be a little bit sensible here. Presumably the requirement to check depends on the nature of the application. A completely offline app for example has no use for an age check and thus wouldn't need to read it.
ndriscoll 9 hours ago [-]
This bill doesn't seem to create a requirement for the application, but e.g. the California one required all applications to check age.
```
(b) (1) A developer shall request a signal with respect to a particular user from an operating system provider or a covered application store when the application is downloaded and launched.
```
tzs 1 hours ago [-]
That should be read as "when the application is (downloaded and launched)".
If it were meant as "when the application is downloaded and every time the application is launched" it would probably have been written as "when the application is downloaded or launched".
Also, there would be no point in mentioning downloads if that was a separate check because the app developer cannot request the signal upon download because their app is not running then.
The most reasonable conclusion is that the app must check the first time it is launched.
3form 12 hours ago [-]
This needs to be simply fought because it's a measure that is supposed to fight the reluctance of the society, not actual problem. For the actual problem it's ineffective. This will be met by surprise once it's fully implemented and new, worse measures will be proposed. Hence, it needs to be cut off as early as possible to spare everyone the trouble.
This bill requires actual verification and leaves it up to the politically controlled FTC to determine how this should happen. It’s a disaster.
> The Parents Decide Act solves the self-reported-birthday problem by demanding something verifiable, which in practice means a government ID, a credit card, a biometric scan, or some combination.
> However, Gottheimer has not specified which. The bill does not either. It’s up to the FTC to decide.
hackinthebochs 9 hours ago [-]
The article's analysis doesn't appear to be accurate. From the bill:
(a) Requirements.—An operating system provider, with respect to any operating system of such provider, shall carry out the following:
(1) Require any user of the operating system to provide the date of birth of the user in order to—
(A) set up an account on the operating system; and
(B) use the operating system.
(2) If the relevant user of the operating system is under 18 years of age, require a parent or legal guardian of the user to verify the date of birth of the user.
(3) Develop a system to allow an app developer to access any information as is necessary, collected by the operating system to carry out this section and any regulation promulgated under this section, to verify the date of birth of a user of an app of the app developer.
The only requirement for "verification" is to enter a birthdate on account set up, and underage accounts have the parent "verify" the birthdate. There is certainly some ambiguity in the bill which is not good, but efforts should be towards resolving the ambiguity in favor of a lack of intrusiveness.
iamnothere 9 hours ago [-]
Verification is explicitly required.
(d) Regulations.—
(1) IN GENERAL.—Not later than 180 days after the date of the enactment of this Act, the Commission shall promulgate, under section 553 of title 5, United States Code, regulations to carry out this section, including regulations relating to the following:
(A) How an operating system provider can—
(i) verify the date of birth of a parent or legal guardian described in subsection (a)(2); and
(ii) carry out the requirements described in subsection (a) with respect to an operating system of such provider that may be shared by individuals of varying ages.
(B) Data protection standards related to how an operating system provider shall ensure a date of birth collected by the operating system provider from a user, or the parent or legal guardian of the user, to carry out this section and any regulation promulgated under this section—
(i) is collected in a secure manner to maintain the privacy of the user or the parent or legal guardian of the user; and
(ii) is not stolen or breached.
Neikius 6 hours ago [-]
Very well hidden. Ugh. So close to a really good solution but ofc there is always a rider somewhere.
hackinthebochs 8 hours ago [-]
Fair point. Leaving the nature of verification open ended is not good and should be part of the legislation.
9 hours ago [-]
tzs 2 hours ago [-]
You are probably mixing up this bill with the California law, which its title kind of suggests it would be similar to but it isn't really.
nurumaik 11 hours ago [-]
least bad way to implement age checking is just asking user
hackinthebochs 10 hours ago [-]
An completely ineffective age check is not an age check.
Nasrudith 12 hours ago [-]
No, derangement is declaring "The writing has been on the wall for some time now: the era of completely unrestricted internet is coming to an end." without fighting it at all and just mindlessly accepting it because you were told it was going to happen.
It should be really easy to get your bank account information then. You're just going to give it to me, right? What is this? You're fighting me tooth and nail instead of celebrating giving me your banking info?
hackinthebochs 10 hours ago [-]
It's derangement to jump from an adult/not-adult bit to bank account information.
kahrl 9 hours ago [-]
[flagged]
hackinthebochs 8 hours ago [-]
Yes, because consensus surely is a reliable guide to truth.
kahrl 6 hours ago [-]
NPD is a bitch.
phendrenad2 15 hours ago [-]
Well, perhaps your mental model of the actual objections to it are incomplete. There are a few problems and I'm curious what you have to say about them. First, "The benefit of this is that it can short-circuit support for more onerous age verification". Do you think that it "can" or that it "will"? Big difference. It could also go the other way, right? Opening the door to a more onerous version? Why do you think that isn't worth considering? Secondly, "This is probably the least bad out of all possible ways to implement age checking". What about parental controls that exist already? Someone seriously tried to tell me last time that parental controls "suck", but that's irrelevant, they don't have to suck, and in fact anything can suck. That's just happenstance. So, assuming parental controls were correctly implemented, why do you think this is "least bad" including parental controls? Thirdly, this "age verification" doesn't actually verify anything, because underage people can just choose "adult" anyway. What do you have to say to that? In that case, parental controls actually give you more power, and make this new age check completely obsolete. Thoughts? Lastly, maybe you're not from the USA, but we have a concept of "free speech" which includes the idea that people cannot be "compelled" to certain speech. If people were required to add a "sign here to confirm you're an adult" in every romance novel, that would be fine right? It's also a nothingburger, right? But then, you've compelled people to put something in every published book. Actually, that's a bad analogy. We should say that ALL BOOKS require this signature field on the first page. After all, we don't know what kinds of expletives and horrible things people might have written in the margins of the book (assuming it's being sold second-hand). That would be okay with you, right? Nothingburger? But it compels people to write something, and that's a door most legal scholars know not to open.
> The writing has been on the wall for some time now: the era of completely unrestricted internet is coming to an end.
And books..? And the newspaper? What if a child reads about a horrible murder in the newspaper that keeps them up at night? What if the government outlaws books and newspapers because they can contain bad things? We'd better add a "adult/ not adult" checkbox to the first page to "short-circuit support for more onerous age verification".
soniczentropy 10 hours ago [-]
This is the most elegant and polite refutation of age verification I've ever seen
frm88 11 hours ago [-]
This is brilliant. I haven't even thought about some of the questions you ask. Thank you.
hackinthebochs 10 hours ago [-]
>It could also go the other way, right? Opening the door to a more onerous version?
I don't see a plausible scenario where the implementation of this mandate makes further mandates more easy to get passed. An age field and an API to access it is as trivial as it gets. More onerous age checking is not something that is an extension to or somehow made more easy given the pre-existence of the age field. No argument against more onerous checking is undermined or rendered less severe due to an age field already existing. There is no slippery slope here.
>So, assuming parental controls were correctly implemented, why do you think this is "least bad" including parental controls?
There is already a pretty significant market for parental controls, so presumably if their quality were a limiting factor in their adoption the market would have responded already. Parents simply aren't interested enough or savvy enough to apply them. Parental controls also just intrinsically suck for a lot of reasons. They are either mostly ineffective or wildly intrusive, like giving total access to children's communications and internet activity to external companies.
>Thirdly, this "age verification" doesn't actually verify anything, because underage people can just choose "adult" anyway. What do you have to say to that?
Presumably an adult is involved in purchasing devices and setting up accounts for their young children. Putting an age of account holder field into the account set up workflow seems pretty effective. It's not 100%, but it doesn't need to be for it to be a major improvement over the status quo. The lack of verification is a feature of this mandate, not a bug.
>we have a concept of "free speech" which includes the idea that people cannot be "compelled" to certain speech. If people were required to add a "sign here to confirm you're an adult" in every romance novel, that would be fine right?
As those pushing this kind of legislation are fond of pointing out, we have age checks for buying alcohol or purchasing adult magazines in shops. Presumably these don't run afoul of the first amendment. This idea that we can't or shouldn't mandate age checking in some form to access content deemed inappropriate to children is just a losing argument. Again, the writing is on the wall here.
3form 8 hours ago [-]
>No argument against more onerous checking is undermined or rendered less severe due to an age field already existing
From your point of view.
What I can tell you is that there are definitely people who will argue that this is, by the fact of being written into law, now the spirit of the law.
Then these people will argue that the spirit of the law is being broken, and the implementation needs to be better and tighter. Not that it needs to be repealed! Because clearly this is something that was wanted. And to many, many people, this will be sufficient argument not to complain about further measures.
gxs 15 hours ago [-]
This was a great comment, you challenged them but in a reasonable way and with really good questions
I wish public discourse were more this way - if someone is arguing in good faith, actually answering what you asked moves the conversation forward, it’s just on the person to give you a serious answer
Jtarii 11 hours ago [-]
At this point anything that makes computers less usable is a good thing, time we go back to the real world. It was extremely unpleasant while it lasted.
US national level OS-level age verification bill proposed - https://news.ycombinator.com/item?id=47772203 - April 2026 (223 comments)
how are we in 2026 and phones dont have guest mode or "i handed it to my kid mode"
apple's guided access is a terrible 1% solution to the problem. in one click i should be able to put my phone into some kind of locked down mode that exposes only what is allowed, starting with nothing unless whitelisted, with multiple profiles.
in the same sense, all the streaming services having their own separate kids profiles, instead of the streaming device having a single kids mode that exposes only the kids mode content from each app makes kids mode useless when a kid can just change the app, or gets stick into a single provider and i have to go help them switch.
They do. Android have had multi-user and guest profiles since Android 5.
The only reason I really know this is because I heard how Google completely bungled it in Android 14 on Pixel devices[1] :D
[1]: https://arstechnica.com/gadgets/2023/10/android-14s-ransomwa...
To me that's faster and much closer to a safe "hand the device to a kid" mode.
> Making it slightly harder to access the internet fixes nothing.
This assumes it is about the children. But if you do not think so then it opens up new alternatives suddenly, be it from tracking people, to targeted ads or any other information that could be gathered and eventually either monetized or put in tandem with other information. We'd get age graphs that way too.
Before that we could speculate to some extent, but with mandatory age sniffing and id-showing at all times, those who track people and benefit from it, benefit now even more.
Because in their eyes your children are not your children. You are simply a custodian of their future work force asset. If you educate your children too much into individualism, they (today’s politicians) may see a diminished return of whatever they want to achieve.
And if you don’t agree with me on an emotional level, well, just remember the words of Elon Musk (paraphrasing): we need people to have children because we need to have workforce in the future. Translation: we need people to have children because who will work for us and makes tons of money.
If you have it too good, you aren’t dependent on them, you have all the carrots. They have no stick. They want to have the stick.
It's not a solution to anything.
For example of powerless governments - look at literally any war-torn African country and their standard of living.
those even worse things have tried very, very hard to obstruct, slow, impede, and ruin government trust so they can enforce their monopolies.
They are covering for and not prosecuting perpetrators in the biggest child trafficking and abuse scandal in recent memory -- the Epstein case. Let us do away with even a surface-level pretense that they care about kids at all.
I believe that would help kids out much more than this shit bill would.
https://en.wikipedia.org/wiki/Bread_and_circuses
TANSTAAFL.
Those Are Not Slogans That Are Applicable Followed Literally.
They are laying the foundation at the infrastructure layer to build a Digital surveillance net, look at the pieces with the eye of an Architect -
https://www.cnbc.com/2026/04/15/banks-citizenship-data-colle...
And
https://www.congress.gov/bill/119th-congress/house-bill/8250...
...in a world where any legislator ever consulted with cryptography and security engineers on this sort of thing.
What we are going to get is people printing fake IDs on paper and holding them up to a camera.
> The term “operating system provider” means a person that develops, licenses, or controls the operating system on a computer, mobile device, or any other general purpose computing device.
So excited to see the GNU vs. Linux debate finally land in court.
"The greatest trick the devil ever pulled was convincing the world he didn't exist."
If it looks like a conspiracy, it's probably one.
[Edit: Never mind, others have explained elsewhere in the discussion. It's the lawsuits Facebook is losing for addicting kids. So rather than, you know, stopping doing that, they want to instead legally force us to alter every OS on the planet. Disgusting.]
edit: I took too long to write this :)
As someone that doesn't have a Meta account (and will not), this could become potentially problematic.
>a computer, mobile device, or any other general purpose computing device.
It leaves open to interpretation if it applies to all computers, or just general purpose ones.
Does a car count as a mobile device?
Going to be fun when my washing machine asks me to upload a scan of my passport to the CIA before it will open the door.
https://www.youtube.com/watch?v=1FkK8ZFE7Y0
The CIA hates that trick.
That puts me for the rest of my life at a level of fuck you.
And if the system breaks down, I’m just going to hunt and eat you. How big do you think your chance of survival is meeting someone hungry who spent over a decade in war and conflict zones and is still here?
I’m more concerned about the future for your sake than for mine.
https://dailydot.com/navy-seal-copypasta
Wait, 27% for the right-wing extremists in Germany? The strongest party if there were elections today? Some of them publicly state they are the friendly faces of facism?
Oh, oh. I’m in danger.
https://health.yahoo.com/wellness/nutrition/articles/ultrapr...
Oh, AGI can turn everyone into matchsticks, but when I talk about turning humans into tasty sausage the internet goes wild.
It’s obviously sarcasm, just for the neurodivergent talent in here panic buying cannibalism safe bunkers now.
/s
I'm adapted to the American diet, so I'm sure that they'll cover my nutritional needs.
Let's stay on opposite sides of the pond like Godzilla and King Kong.
I like you whisky.
That’s a deal I can get behind.
I will send your administration a request to put your statue on top of the Arc de Trump. If they can pay 400 million for a ballroom, they can spend one for a diamond statue of the man that saved a lot of American lives today.
True heroes don’t always wear capes. Sometimes they have butcher knife’s.
Arrogance is usually a defense mechanism that you can't fix with logic... people use it to shield themselves from their own insecurities so they don't feel inadequate or threatened.
If you can't see your own flaws, you can't understand why others don't like your behavior.
"As a rule, strong feelings about issues do not emerge from deep understanding."
Know what gave it away?
> enough in the bank at three to five percent
I mean lol if he’s expecting banks to be around in a societal collapse situation he’s got another thing coming, wonder how the shitbox car will do when fuel runs out in 8 weeks worldwide. Mad max baby!
Oh stop it. You’re breathtaking!
That's not even the worst part:
> a person that develops, licenses, or controls the operating system
Suppose you write a generic piece of code that some third party then includes in an operating system, but you're the only relevant person in the jurisdiction. Are you now an "operating system provider"? If the "operating system" is made by hundreds of people or more, is it none of them or all of them or what?
Suppose you're a company and you've got a bunch of servers, which are computers, and you have root on them, i.e. you "control" the "operating system".
For example in the Linux world, it's the distributions.
Where it gets murky is with Android (and to a lesser extent Windows).
IMHO, the entities which should be responsible are Google and Microsoft.
But since vendors, specially in the Android world, can heavily tweak the OS, there is a case that it's more the device manufacturers like Samsung which are responsible.
The relevant interpretation in practice will usually happen naturally, and the most ambiguous stuff will be set by jurisprudence if necessary.
Does my laptop have to pass my age verification to a Docker container?
Am I at risk of government censorship (or worse) if I create a hobby smart home app that boots bare metal on a Raspberry Pi?
Or even the shell apps that I run daily. Does curl (which can access any web url) have to validate my age? What about AI models/ollama?
It has an OS, a network stack, an interpreter. Usually used for games as much as for classwork.
A car houses numerous Turing-complete computation systems.
This will be a big one. They're building the groundwork for a world-wide dystopia.
Save a few ISOs of still-free OSes and hoard a few extra cheap computers. (You might also want to get a 10Mhz capable radio.)
Sending data by radio is messy, slow, and generally disappointing. Start your journey by reading up on the Aloha system https://en.wikipedia.org/wiki/ALOHAnet.
They also added this page since I posted that comment: https://web.archive.org/web/20260411112604/https://tboteproj... where they claim their website is "under surveillance" because it got a few thousand requests from Google Cloud et al, most of them to a single page. This really shows how low their standards are.
Yes, it would be nice to know with certainty who is behind these bills. It sucks how much opaque money influences American politics.
Josh Gottheimer's press release[1] on HR8250 mentions the "Meta Parents Network." I don't know what that is, but it does have "Meta" in the name.
Buffy Wick's noise about AB1043 claimed it was passed with the support of tech companies. I have spoken directly to one person close to AB1043 who told me Facebook argued against AB1043. I have doubts. But if true, I suspect they were not arguing in good faith and had ulterior motives.
In the end, no matter who is secretly lobbying for or against age verification bills all over the planet, the bills are terrible, and we should fight them.
[1] https://gottheimer.house.gov/posts/release-gottheimer-announ...
https://www.smbc-comics.com/comic/aaaah
I think Facebook is behind these bills. I think that from personal experience working at Facebook.
That an LLM may have arrived at the same conclusion is unrelated. LLMs are garbage. Don't use them.
Very likely, given the legal liability they are already facing from the "addictive" court cases that are turning against them. Moving the liability for "age verification" away means they will not also be facing a huge number of court cases accusing them of showing an underage person adult age content provided they followed the law's proscribed "ask the OS for the user's age" requirements.
Also, note that only a few months ago Zuckerberg was in court testifying that the single best place to perform "age verification" was in the operating system of a device. Now, like mushrooms after a long rain, at roughly the same time up pop bills in nearly every statehouse, Congress, even Brazil, that all read nearly identically and that all are so broad as to require "the OS in anything with a CPU do age verification". The nearly identical text in each highly implies a single lobbying entity is behind all of them (it would be quite the coincidence that 50 state houses, plus Congress and Brazil, all write nearly identical bills independently). And the connection back to Zuck's court testimony of "age verification is best done in the OS" highly implies that the single lobbying entity is Meta, or funded by Meta to obtain this outcome.
with age requirements for use of social media, Meta faces tremendous liability in many countries if they cannot do the verification correctly.
they don't want to do it, nor face the risks, so they'll push it to the OS.
they also know that banning under-16s means a huge market will be gone, so they want an easy-to-bypass OS fix. if their tween market gets around the hardware and OS it's not their problem, but Meta can't it if it's on them.
in other words lets annihilate the free internet and maybe democracy so we can lower our risk profile
https://www.cnn.com/2026/01/07/business/character-ai-google-...
If something is codified in law, they can comply with the law fully, and yet not have any real backlash from users. This can also shield them from many lawsuits. Conversely, if they start ratcheting down age-verification on their own, users will become quite upset. If they don't ratchet it down, then... as you can see, potential lawsuit.
And this isn't just about LLMs, once the concept of "a platform is liable for harm" happens, it's about everything. Including content other people slap into an app store. And the US has been talking about section 230 removal, countries around the world are reducing such exclusions, so the wind is blowing towards even more liability for platforms.
If you look at Google's recent moves to identify all developers prior to install on Android, there may even be some of this in that. How can they ban someone from publishing illegal material, or material Google will be liable for, if they don't even know who the publisher is? They'll just slide into a new account. (Note, I said "some" not "all", there is often not just one reason for an action)
So I suspect that the push is from all online platforms of any size or scope. It will shield them, protect them from liability, whist at the same time redirecting user ire at the legislation, not them. HN types might still brood, but the average person won't have insight. "Protect the children" as a reason works for the average person, it works very very well, and really, that's what a lot of these lawsuits are about.
So I point back to such lawsuits as the start of all of this. And I see it as why there is a push from Apple, Google, Meta and so on. And simply because I'm saying "big corp wants this, not just Meta", doesn't mean I'm saying "Meta isn't doing anything".
Meta can be pushing this, hard, whilst at the same time every other large corp can be working towards the same outcome.
These people have root access to all our webcams.
I don't think we can tolerate these entities to continue to exist.
Basically a mass-protest via network packets. Could we argue sending packets to a server is essentially a form of protest protected by speech similar to a public gathering?
1. The OS vendor must provide an age bucket using the minimum amount of data necessary
2. App vendors (i.e. Facebook) must use the OS vendor's age buckets to determine age
The idea is that the next time Facebook gets hit with a child endangerment lawsuit, they can say "Well, we used the age buckets the government told us to, and they said the plaintiff was 18+, so we're not liable".
This, of course, assumes that most social media and Internet regulation will continue being targeted at children only, both because courts are reluctant to enforce 1A on laws that censor children[0] and because the current political class actually benefits from the harms Facebook does to adults. Like, a good chunk of government surveillance is just buying data from Google and Facebook.
[0] The root password to the US constitution is "th1nk0fth3cHIldren!!1" after all
Everyone is so concerned with kids pretending to be adults, what about adults pretending to be kids? Any service that has any kind of private chat or picture sharing option will be a playground for “verified” kids.
Next step, “we must go further with the verifications until everyone is verified everywhere”. This is where the OS part comes in. Wish it was sarcasm.
Here are more of his own words from the same letter:
> And what country can preserve it’s liberties if their rulers are not warned from time to time that their people preserve the spirit of resistance? Let them take arms. The remedy is to set them right as to facts, pardon and pacify them. What signify a few lives lost in a century or two? The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants. It is it’s natural manure.
The blood of patriots and tyrants. He never expected rebellion to go unchallenged, he was advocating that we should maintain the spirit of rebellion as a guard against tyranny.
Well that would be counter-productive to actually building a surveillance state.
https://www.eff.org/deeplinks/2025/07/zero-knowledge-proofs-...
https://nophonehome.com/
The only remaining issue I see here is that I think the law may be a bit too heavy handed in how it tries to legislate this system into existence. Trying to tell Bob Hacker writing an OS in his basement what features his code has to include feels a little too authoritarian for my tastes. Probably there are some economic or regulatory levers that could be pulled instead to ensure this system gains mainstream adoption without criminalizing ordinary software development.
Again though, I didn't read the whole bill, just the article, so I could be wrong here on some of the details.
1. The text implies software should get access to your date of birth, rather than talking about age groups. If it becomes the case that websites can get your precise date of birth, this will be the ultimate fingerprinting vector that will put the fight for online privacy dead in the water.
2. The text talks about "verifying" dates of birth. This can only imply the involvement of face scanning or ID checking and third parties.
3. The text itself is very vague about details such as verifying, because it leaves many details entirely to the FTC, which recently announced they will stop enforcing privacy protections under COPPA for companies violating it to perform age verification of children[0]. So you can fully expect that if we are putting computing entirely in the hands of the current commission we will be probably screwed.
The text itself is less than 4 pages. I recommend reading it for yourself[1].
[0] https://www.ftc.gov/news-events/news/press-releases/2026/02/...
[1] https://www.congress.gov/bill/119th-congress/house-bill/8250...
[1]: It says the parents verify the user's date of birth, which could just mean they get to say "yes, my kid is 12", and "a system to allow an app developer to access any information as is necessary" could just mean "is user over 18" if that's all that's necessary to comply with the FTC regulations.
I think you are mixing up the bill this article is covering and the bill that California passed.
The California law requires:
• When setting up an account for a child who is the primary user of a device the OS lets the parent specify the child's age or birthday.
• The OS to provide an API that apps can use to find out if the current user is a child and if so their age range (under 13, 13 but under 16, 16 but under 18, 18 or older).
The bill in Congress requires setting age information for all users. It does not specify how that age information is to be obtained, leaving such details to regulations that the FTC will write.
This is the one thing that risks getting the law struck down by a court.
Anyway, I suspect Bob Hacker has a strong case that such a law as applied to himself would be beyond the scope of Interstate Commerce. Until he tries to sell or make his OS widely available, at least.
Just off the top of my head, something like "physical hardware with web access sold in the US without an ID check at the checkout counter must include this feature in its preinstalled OS" would be a better way to write the law in my opinion. Plenty of ways around it if you're a hobbyist or for some reason really don't want to comply, but a big enough hassle that all the major commercial OS providers would probably find it easiest to just include the feature. (Especially since this is a feature most parents would probably appreciate anyway.)
we know, for sure, that Clarence Thomas takes bribes. You think Facebook wouldn't cut him a check? Ditto for plenty of other Trump-installed justices on all levels.
in present form its more than age verification, technically it could be for any other purposes.
This is not in the interest of the people nor any children.
No. As long as the focus is on giving parents tools to parent their kids and not on the government taking over that responsibility completely then there's no need for the government to lock anything down. You just give the parents locks and let them do the locking.
The right way to facilitate parental controls with legislation is to put a requirement on service providers [over a certain number of users] to publish well-known tags stating the age suitability of their site/app/pages. Then put a requirement on mass-market device manufacturers [over a certain size] to include parental control software that can filter based on these tags. When parental controls are enabled on a device, any site/app without tags "fails closed" and doesn't display - meaning the open web and open devices continue to coexist with the tag system.
The key parts 1. the information signals flow the correct way, from the company with a well-known identity to the end-users' device where it can be acted upon per the device owner's desires 2. the legal liability lands in the right place - tags signify legal representations of the suitability of content and 3. the long tail of small-scale websites and devices are completely unaffected
This would also leave the makers of parental control software (bundled with device or third-party aftermarket) free to implement additional features that parents desire (eg block social media, even if the site says it's fine for <18), rather than leaving those decisions entirely in the hands of corporate lawyers (as this bill does, because once again it was written by Facebook/Meta).
I still prefer to have this in my OS above having every Random internet vendor collecting my biometrics and id documents.
As TFA notes, once this is in place, we're behind the eight ball from then on. You want to post something that the government doesn't like, something that insults our Dear Leader or promotes a political alternative? Guess who's getting an "over 21" rating by the feds. We've already seen massive speech pressure brought to bear by the FCC and there's no reason to think this won't continue.
So I'm reluctant to give 'em an inch.
Distinguishing between child-locked and unlocked devices is something any website should be able to do easily. Adult-only should be a config setting.
Vendors shouldn't sell unlocked devices to kids.
Then it's up to parents take sure their kids only have locked devices. (Or not, if they're okay with it.)
This part is neither necessary nor sufficient.
Put aside the Orwellian premise of "devices are locked by default". People keep making the analogy to things like cigarettes, but if a kid wants a steady supply of cigarettes then they need a steady supplier. If they want an "unlocked device" they just need money and Craigslist, once. It doesn't matter what you make Walmart do and it correspondingly doesn't make any sense to involve them.
If your kids have enough unsupervised money to buy electronics then you're either fine with them being unsupervised or you already have bigger problems than a used laptop.
In person, we expect stores won't sell cigarettes to kids. We should simply expect companies won't provide age restricted services to kids. The liability and requirements should be on those companies.
(Of course adding any level of friction will deter some kids, but needing to get a whole new device other than the one their parents gave them is already a lot of friction, isn't it?)
Don't currently take payments for your business model? Probably what you're doing is anticompetitive and we shouldn't allow it anyway.
Stores won’t sell cigarettes to kids because doing that will probably get you arrested and shut down pretty quickly.
Apple is horrible in this regard. Their solutions never really work.
A joint venture for an (optional) cross-platform family app would be more than enough. This, plus a (voluntary) content rating that's offered via an API (could even be simple meta data on a webpage). Done.
Oh, there is no config to retrieve, no We API to speak to.
"I'm 18 or older"-button it is. Is that a workable solution?
Ofc as soon as you give your child root access it is over but that is on you
the major players need to allow me to elect one of them as my family manager, and control permissions across ecosystems, from my management portal. i should be able to freely swap apple, google, microsoft, facebook, or a startup as my management and permissions tool.
instead I have a disparate management account and portal for every service on the planet. roblox, fortnite, facebook all want to appear to "make it easy" as if they hold the delusional belief that their management portal is the only one I have to manage. then add a spouse that also wants to change or tinker a setting.
if any law is going to get passed: it should be that any company over a certain size, who adds parental controls, needs to expose them externally to 3rd party management software.
I wonder if it would be illegal for an user to use an outdated system without those functions when they roll out, or to use outdated applications, or to distribute outdated applications, or to keep mirrors of multiple versions of operating systems. I doubt they thought that far, or if they care at all.
Republicans may not like porn, but they put the onus where it belongs, on the operator, not on the OS.
While that might be true, I can't agree with the implication that this is better in any way. Having the onus on the operator forces you to have to send some form of verification out to all such operators you want to visit and they have repeatedly shown they are NOT capable of securely and privately handling that information.
If anything, the GOP is worse on this issue.
I am certain they love it, given what kinds of businesses see a spike when the RNC comes to town.
More accurately, restricting it is a useful policy platform that helps them win elections.
The difference isn't really in the politicians, it's in the base, and how they will react to acts like this. Democrat voters will shame them, endlessly. They may not have alternatives to vote for, but they won't change their opinion to match whatever dweeb they were forced to vote for. Republican voters will always be on board with whatever they're told to be on board with.
Josh Gottheimer is indeed a Democrat.
Wonder if they will stand up against this on the same grounds
https://www.apple.com/customer-letter/
Longer answer: In the UK, Apple already implements age "verification" at the OS level, starting with IOS/IPadOS 26.4. If Apple had not implemented this, it would still be in compliance with UK law. Apple is anticipatorily obedient.
A company like Apple has visibility of the legislative pipeline in its markets. Looks like the UK was a test bed.
Lots of OECD countries, all at the same time, are pushing for online age verification or OS-level age verification, both equally intrusive and implemented in privacy-violating ways by conflating identity verification and age verification.
The end result is not protecttion of minors, but abolishing anonymity on the Internet. Social media companies claim to want the former, but in reality just want to shift liability to OS and device vendors. Governments happily accept the "side effect" of being able to find and root out dissidents.
This is what Facebook wants.
Firstly, you keep using that word; I do not think it means what you think it means.
On the Internet, especially forums such as HN, you are "pseudonymous". That is, you made up a name for yourself, and that's how you're known to others. At the very least, we are all identified by IP addresses, which are again, fairly stable and unique pseudonyms. There are nearly zero truly anonymous corners of the Internet, because anonymous communications are chaotic and anarchic.
Secondly, it was the NSF who mandated that everyone accessing the Internet must have an associated and authenticated account with an identity that is known to their provider. These rules went into effect in the early 1990s. Perhaps they have been discarded or observed only in the breach, but truly, nobody is a stranger on the Internet. Even if nobody knows you're not a dog, your ISP or your coffeehouse still know who you are, when you connected, what device and so forth.
So, please let us stop pretending there is "anonymity" here, or that there ever has been. Whatever you've done in the past, it will eventually be unmasked. Yes, people on Discord and Wikipedia alike are freaking out over this prospect, but it was always going to happen. We've been laying down a very permanent record for over 50 years. Eventually it will all be correlated with real identities, Facebook or not.
So your router probably belongs to at least 2 botnets, and I bet they have logs of your MAC, your browser fingerprints, and your comings and goings!
> Firstly, you keep using that word; I do not think it means what you think it means.
I posted that word exactly once in this thread, and I was quoting someone else. But I like the Princess Bride too.
No idea what you're talking about with regard to the 90s. I can only tell you I was on the Internet then and it was not as you describe.
Regardless, there is a difference between "unmasked with a court order" and "everything you do online is tied to you for the benefit of ad brokers."
We can have reasonable privacy protections and still allow law enforcement to function.
https://support.apple.com/en-us/125666
what a dystopian world we live in.
Good thing I live in the US?
Those other countries have different legal norms.
Apple has engaged in censorship in China to stay in business there that they didn't engage in in the US.
Until whatever happens happens the idea they will behave the same in their own backyard low effort speculation
They've already been pushing age verification out in several countries.
Other countries are not the US, btw. There are groups here ready to challenge such a move.
Continually amazed at HN ignorance of geography.
With warm weather approaching I will log off this throwaway, setup as something to do during a cold stretch, and forget it exists.
https://www.congress.gov/119/bills/hr8250/BILLS-119hr8250ih....
https://www.congress.gov/bill/119th-congress/house-bill/8250...
It's short and in plain language. The article is longer than the bill. Here's the totality of the requirements:
(a) REQUIREMENTS.—An operating system provider, with respect to any operating system of such provider, shall carry out the following:
(1) Require any user of the operating system to provide the date of birth of the user in order to—
(A) set up an account on the operating system; and
(B) use the operating system.
(2) If the relevant user of the operating system is under 18 years of age, require a parent or legal guardian of the user to verify the date of birth of the user.
(3) Develop a system to allow an app developer to access any information as is necessary, collected by the operating system to carry out this section and any regulation promulgated under this section, to verify the date of birth of a user of an app of the app developer.
---
This part from REGULATIONS is also nominally important:
(B) Data protection standards related to how an operating system provider shall ensure date of birth collected by the operating system provider from a user, or the parent or legal guardian of the user, to carry out this section and any regulation promulgated under this secion—
(i) is collected in a secure manner to maintain the privacy of the user or the arent or legal guardian of the user; and
(ii) is not stolen or breached.
---
I appreciate the brevity of the bill, but it delegates a lot of discretion to the FTC to regulate things like "How an operating system provider can verify the date of birth of a parent or legal guardian", so it's up to the discretion of someone in the executive branch as to whether GNU and/or Linux will have to scan your driver's license and upload that scan to some government contractor's servers, say.
the next step if this bill passes seems to nessecarily involve excluding holdouts from content rated beyond toddler safe.
Yes, I am looking to sue to stop this insanity. If you're a lawyer reading this, please reach out.
Will my children be able to use my smart oven/thermostat after I verify I'm 18+ on those devices?
I also wonder what verification will look like for containers and and VMs that might have a short life. Maybe that's how we keep IT jobs for a little while longer? Human age verification on every local account every time a container or VM is spun up.
We already saw that: some eagerly implemented this stuff, some rejected.
Direct link to the bill: https://docs.reclaimthenet.org/parents-decide-act-os-age-ver...
Edit: Oh, and the commission gets to make up the rules on how ages should be verified. So, prepare for a whole other level of PII leakage that isn't even captured by the text of the bill.
EU also released their age verification legislation. Notice how closely they are timed.
https://www.dw.com/en/eu-chief-urges-bloc-wide-push-on-age-v...
Pure coincidence?
It is all going according to plan.
Makes me even more glad that I've already transitioned off Windows.
This is all fine until they put some Id verification in. Then anything open is cooked.
[1] - https://news.ycombinator.com/item?id=46152074
All the bill wants is that you can set up an iPhone for kids, an children account on Ubuntu (YOU decide whether it's a children's account) and then, presumably, the browser vendors implement an AgeAPI that allows website operators to query the user age.
Your device tells us you're 10 years old. Access to Instagram denied. Your device tells us you're 16. You're not allowed to visit gambling-porn-and-industrial-accidents.org
It's, of course, exactly the opposite of the "identity-tied age verification government-control, ID-document-leak" dystopia that the scare crowds here are peddling. But you'll never hear a word of acknowledgement from them.
These people act as if those "I'm 13 or older, i can create an Instagram account and waste my life" or "I'm 18 or older, let me watch porn and strangle my girlfriend" buttons are the peak of civilization.
Government should like the RTA header as they can fine sites daily that are missing it. Lobbyists could push companies that do the header checks.
From Gutenberg, PD comics from the golden era -and pulp scifi-, noir movies, old weird science/fantasy series in B/W and whatnot, I'm pretty much covered. Ironically most current scifi media can be traced to...Bradbury novels, PKD's paranoia and some Weird Science comics.
Once 1984 gets into PD, that's it. It is in Canada, but you can read it online as long as you don't download or share it:
https://gutenbergcanada.ca/ebooks/ebooks/orwellg-nineteeneig...
Leaks pretty minimal PII (the user is between 13 and 18 would be the tightest identifier obtainable with the above gates). But still allows for age gating some content without relying on self-reported age.
Am I optimistic the actual solution won’t be more invasive? Sadly no…
https://news.ycombinator.com/item?id=47381791
- And For Other Purposes.
am i the only one seeing that?
i see a lot of discussion pro and con age verification, there should be much more concern about the purpose of that phrase for other puposes.
is some one actually trying to sneak a catch all like that into it, or is it a bargaining chip. [see we removed "for other purposes", its all better, now we can pass it]
When those same people are hysterical about Protecting The Children, you should understand that "protecting the children" is a distraction from whatever the actual intent may be.
The general public is thoughtless, and there's little reason to think the decision-makers are much more thoughtful, but Protecting The Children is merely this age's Trojan Horse.
Much of the USA recognizes that "gun deaths" are caused by criminals who aren't going to follow any gun laws in the first place.
There are some Usenet servers (text content only, no binaries, all illegal crap it's cut down by design) listening under I2P servers. By design enforcing any cross-pond law it's impossible.
Learn about NNCP in order to tunnel messages over it, really useful for asynchronous connections such as Email and Usenet: https://nncpgo.org
Also, learn connect to a Pubnix and to use Usenet/IRC/Email/Mastodon services (tut it's a TUI Mastodon client) from remote servers. Make their own law obsolete across the world. Learn Mutt and GPG too, it's about 20 minutes of your life and for basic email a simple text editor like Nano, Mg or Mcedit would suffice to compose an email.
Try free Biltbee servers over IRC too, these can be connected even from DOS IRC clients in order to connect to modern services such as Jabber, Steam chat and even discord (join the &bitlbee channel once you connected ot a public Bitlbee server, there are several, and type down 'plugins' to get the available chat systems in that service) and thus any age bullshit for FreeDOS it's by design unenforceable without breaking network drivers and TCP/IP stacks as TSR's and whatnot. Ditto for old Amiga, RiscOS and such old releases which are unsupported. And banning retro computing would make the several civil right unions sue the state (and the judges) like crazy for huge amounts of money. Even META too as being the main lobby instigator.
Claim your freedoms back.
I’ll be passing messages to and from the former internet using NNCP bundles. I’m planning to work on some interesting solutions for async communications over Nostr, with some alternate paths through radio for emergencies. Finally looking into steganography as well.
Hope to see you all there.
Age verification inherently means identity verification. There's no way to prove your age without first proving that you are YOU, either by showing your face or authenticating with some third party authority, usually government or a corporation.
The idea that you should be locked out of using your own computer until you do this is utterly insane. What problem does it solve that existing parental control tools don't? A generation of parents already trust their babies with iPads for this reason. And what of the millions of Americans who don't have current ID?
This compromises 0 privacy until it requires an ID. EU solution actually does and only supports specific devices.
No, the fee is your identity and a record of your every thought and action.
We don’t gain anything from asking a 3rd party. In fact it costs money per request.
I hope Josh Gottheimer will get a lot of money for his work there.
I also remember a few weeks ago, people such as Poettering and others said this is all harmless, nothing bad would ever possibly happen.
Lo and behold, now it is the new mandatory law. All people will soon have to go for age sniffing, in order to access information. Linux is only for the Underground now.
Instead of "age verification", call it (and everything like it) Epstein law. The government wants the information of who is a kid and who isn't broadcasted to all the apps, safe AND malicious. There's no good reason to let random developers freely collect lists of kids out of those people who choose to try an app. It's Epstein law.
Being able to easily bypass an age gate makes such info unreliable, verification removes the unreliability such that the data can then be used for both good and evil reasons.
their dwindling to irrelevance, like the UK, could not happen faster
"TOO LOW, PULL UP. TOO LOW, PULL UP"
Take your country back before it's too late.
Consider: if the tone of your writing will put off anyone who disagrees with you, what’s the value in “livening it up”? Again, it’s preaching to the choir.
Last time we saw her anywhere near here was her "farewell tour" when she was supposed to go be Trump's UN stooge. Haven't seen her up here since.
Glad to know we get to die up here for on-device age verification for everyone else.
Stay tuned. With mass unemployment/underemployment there’s gonna a be a lot of “extra” people.
As a parent: do your job and take responsibility for your kids. While it's not trivial this also isn't overly complicated anymore.
Apple and Google already ship OSes with comprehensive APIs and parental controls. There's not even any porn on the iOS App Store by policy.
Creating liability for random OS and app developers is absurd, and foreign porn websites aren't going to comply with this anyway.
If your child needs a helmet to use the internet, as the politicians announcing HR8250 seem to think[1], Apple or whomever is free to offer that as a feature. There is no need for this to be legislated, especially when the legislation does not work in open source environments.
[1] Not hyperbole. They said that. It was an analogy, but one that highlights how ignorant of the technology the authors of these bills are.
I'm curious though about all this porn that apparently hides behind a rock on the device and leaps out to corrupt tiny minds when they least suspect it.
Shock websites aside, pornography generally doesn't ambush you. Unless you're a republican giving a presentation and have no idea how that porn got in there.
And, AB1043 specifically exempts websites, so it doesn't protect anyone from the goatse's of the world anyway.
These bills will not do what they purport to do, but they will do a whole lot of bad stuff.
Why does your baby need internet?
> We do want a way to signal there's a kid driving a device.
Which is extremely irresponsible. It creates a false sense of security and abandons your child to the whims of strangers. This seems akin to putting a "please don't hurt me" sticker on your child and then letting them roam around downtown unsupervised.
> But if we can just have a way to put bright orange vests on devices that require special treatment
There is software you can already use which will lock the device down and only allow it to go to pre-approved sites. I'm unwilling to give up any of my civil rights for your level of convenience above this.
There's almost endless choice of legit quality native apps for kids, curated from trusted sources. These alone far exceed healthy screen time if all were downloaded. Or as you say, curated web links in a locked browser.
How much screen time should kids do anyway, it's crazy how much is available before worrying about WWW on top of their games, apps and videos.
You need to be a parent and stop expecting the people around you to do it for you.
Edit: and there are already device level parental controls.
The tech crowds utter derangement over this minor mandate is truly a sight to behold.
Consider AB1043. It mandates that applications check the age of the user each time the application is launched.
Think about what that means when you run `make` in a source directory. How many times is the compiler application launched?
AB1043 is short; you can read it for yourself: https://legiscan.com/CA/text/AB1043/id/3273385
``` (b) (1) A developer shall request a signal with respect to a particular user from an operating system provider or a covered application store when the application is downloaded and launched. ```
If it were meant as "when the application is downloaded and every time the application is launched" it would probably have been written as "when the application is downloaded or launched".
Also, there would be no point in mentioning downloads if that was a separate check because the app developer cannot request the signal upon download because their app is not running then.
The most reasonable conclusion is that the app must check the first time it is launched.
> The Parents Decide Act solves the self-reported-birthday problem by demanding something verifiable, which in practice means a government ID, a credit card, a biometric scan, or some combination.
> However, Gottheimer has not specified which. The bill does not either. It’s up to the FTC to decide.
(a) Requirements.—An operating system provider, with respect to any operating system of such provider, shall carry out the following:
(1) Require any user of the operating system to provide the date of birth of the user in order to—
(A) set up an account on the operating system; and
(B) use the operating system.
(2) If the relevant user of the operating system is under 18 years of age, require a parent or legal guardian of the user to verify the date of birth of the user.
(3) Develop a system to allow an app developer to access any information as is necessary, collected by the operating system to carry out this section and any regulation promulgated under this section, to verify the date of birth of a user of an app of the app developer.
The only requirement for "verification" is to enter a birthdate on account set up, and underage accounts have the parent "verify" the birthdate. There is certainly some ambiguity in the bill which is not good, but efforts should be towards resolving the ambiguity in favor of a lack of intrusiveness.
(d) Regulations.—
(1) IN GENERAL.—Not later than 180 days after the date of the enactment of this Act, the Commission shall promulgate, under section 553 of title 5, United States Code, regulations to carry out this section, including regulations relating to the following:
(A) How an operating system provider can—
(i) verify the date of birth of a parent or legal guardian described in subsection (a)(2); and
(ii) carry out the requirements described in subsection (a) with respect to an operating system of such provider that may be shared by individuals of varying ages.
(B) Data protection standards related to how an operating system provider shall ensure a date of birth collected by the operating system provider from a user, or the parent or legal guardian of the user, to carry out this section and any regulation promulgated under this section—
(i) is collected in a secure manner to maintain the privacy of the user or the parent or legal guardian of the user; and
(ii) is not stolen or breached.
It should be really easy to get your bank account information then. You're just going to give it to me, right? What is this? You're fighting me tooth and nail instead of celebrating giving me your banking info?
> The writing has been on the wall for some time now: the era of completely unrestricted internet is coming to an end.
And books..? And the newspaper? What if a child reads about a horrible murder in the newspaper that keeps them up at night? What if the government outlaws books and newspapers because they can contain bad things? We'd better add a "adult/ not adult" checkbox to the first page to "short-circuit support for more onerous age verification".
I don't see a plausible scenario where the implementation of this mandate makes further mandates more easy to get passed. An age field and an API to access it is as trivial as it gets. More onerous age checking is not something that is an extension to or somehow made more easy given the pre-existence of the age field. No argument against more onerous checking is undermined or rendered less severe due to an age field already existing. There is no slippery slope here.
>So, assuming parental controls were correctly implemented, why do you think this is "least bad" including parental controls?
There is already a pretty significant market for parental controls, so presumably if their quality were a limiting factor in their adoption the market would have responded already. Parents simply aren't interested enough or savvy enough to apply them. Parental controls also just intrinsically suck for a lot of reasons. They are either mostly ineffective or wildly intrusive, like giving total access to children's communications and internet activity to external companies.
>Thirdly, this "age verification" doesn't actually verify anything, because underage people can just choose "adult" anyway. What do you have to say to that?
Presumably an adult is involved in purchasing devices and setting up accounts for their young children. Putting an age of account holder field into the account set up workflow seems pretty effective. It's not 100%, but it doesn't need to be for it to be a major improvement over the status quo. The lack of verification is a feature of this mandate, not a bug.
>we have a concept of "free speech" which includes the idea that people cannot be "compelled" to certain speech. If people were required to add a "sign here to confirm you're an adult" in every romance novel, that would be fine right?
As those pushing this kind of legislation are fond of pointing out, we have age checks for buying alcohol or purchasing adult magazines in shops. Presumably these don't run afoul of the first amendment. This idea that we can't or shouldn't mandate age checking in some form to access content deemed inappropriate to children is just a losing argument. Again, the writing is on the wall here.
From your point of view.
What I can tell you is that there are definitely people who will argue that this is, by the fact of being written into law, now the spirit of the law.
Then these people will argue that the spirit of the law is being broken, and the implementation needs to be better and tighter. Not that it needs to be repealed! Because clearly this is something that was wanted. And to many, many people, this will be sufficient argument not to complain about further measures.
I wish public discourse were more this way - if someone is arguing in good faith, actually answering what you asked moves the conversation forward, it’s just on the person to give you a serious answer