• d-RLY?@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    8 months ago

    Just ranting

    I get that at least some amount of lawmakers may just really and truly want to protect children and jump to creating laws that involve lots of things that they have no real understanding. And blowback that can and will be created by hyper focusing on a micro level (even if they think they are thinking macro) points. But there are far more of them that just want to keep one-upping other lawmakers in being “the most proactive” or “tough on crime” compared to other folks in power because of all the money they get ever election cycle (which never end).

    I know why it would be a massive shitshow (the “antichrist” crowd turns every little thing into a “sign”), but kind of wondering when they will just push for laws to put pet style GPS chips in all children at this point. I mean it isn’t really much of a jump that they could require phones used by children to be forced to have GPS (and data) be registered to state level tracking (just like all the stuff collected by NSA already). But that wouldn’t be enough for the one-upping shit, and GPS chips would be usable if the devices aren’t with the children (or ones that don’t have devices yet). All extreme levels of shit, but eventually seems like they would be the only levels that could “go further to protect children” at some point.

    I really look forward to seeing all the “fuck privacy even if you don’t have children” crowd catch literally all possible bad things that their own laws create happen to them personally. We already know that basically all the previous efforts to have kids only versions of things end up just creating massive targets for the very predators to get to the kids. And that automated flags can turn into so much false reporting without any real ways for the flagged accounts to speak with actual people to correct those false reports (YT being a great example even without anything involving children).

    The government already slashes funds for things that aren’t police/military (things like the already existing social services that are for kids/education/families never have money for even general staffing). And the private contracted (for profit) companies already find ways to make more than the government contracts by making paid tiers and constant ads. So those private entities shouldn’t be trusted with data on children in the first place.

  • Scrubbles@poptalk.scrubbles.tech
    link
    fedilink
    English
    arrow-up
    1
    ·
    8 months ago

    Interesting, it’s vague, and obviously going to go through legal hurdles. Windows, Google, and Apple will just do it. Ubuntu might, but what about Debian, or any number of server OS’s? Will users need to verify their age logging into a server? What about forks? Forks of forks? OSes developed outside of the US?

    Where this could be an opportunity, and hear me out, is that this could pave the way for privacy-friendly age checks to shut them up about “what about the children”. The bill says that all it needs to check is age - nothing else. If the OSS community can come up with a way to privacy-friendly validate age, then this whole thing could be solved. Websites wouldn’t need to store IDs, they could ask the browser who would check the OS. In fact, that might be the purpose of this bill, to curb all the “Just collect their IDs” with the websites. If the OS had a check stored securely that you’re over 18 and nothing else, then all other age checks could be cut.

    Also interestingly, it reads like they might be angling against Microsoft and Google for collecting private information on minors because “We didn’t know they were minors, how could we?”.

    I don’t like it one bit and it’s going to be completely unenforceable - and OSes like Arch will say “You can’t use this in California”, but if that’s the angle they’re trying to do, it might work.

    • Eugene V. Debs' Ghost@lemmy.dbzer0.comOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      8 months ago

      Yeah it’s so good damn vague, you can say a simple checkbox of “I am above the age of majority” would suffice, or a full actual ID check whenever you make an account at Microsoft.

      I think Linux distros will have to either make a check/declaration on their website or just block IP addresses from California.

      I don’t know how far this will go, or if it means anything different by the start of 2026, when make laws here go into effect.

      • Scrubbles@poptalk.scrubbles.tech
        link
        fedilink
        English
        arrow-up
        1
        ·
        8 months ago

        Yeah reading through the bill I’m feeling better about it.

        Provide an accessible interface at account setup that requires an account holder to indicate the birth date, age, or both, of the user of that device for the purpose of providing a signal regarding the user’s age bracket to applications available in a covered application store.

        Where an “Account Holder” is:

        (1) “Account holder” means an individual who is at least 18 years of age or a parent or legal guardian of a user who is under 18 years of age in the state. (2) “Account holder” does not include a parent of an emancipated minor or a parent or legal guardian who is not associated with a user’s device.

        The way I read this, this bill actually assumes the person installing it is over 18 and an adult. (Let’s not argue with them on that). It’s simply saying that "You need to provide a way to create child accounts, and your app stores will need to respect that).

        What I do not see is that OS’s must validate IDs or anything.

        provide an accessible interface that allows an account holder to indicate the birth date, age, or both, of the user of that device for the purpose of providing a signal regarding the user’s age bracket to applications available in a covered application store.

        “Mom or dad need to set the age bracket for junior so that apps rated NSFW can’t be downloaded”

        This title does not require the collection of additional personal information from device owners or device users other than that which is necessary to comply with Section 1798.501.

        Honestly, rereading it, this is how I would do age protection if I were to do it. Rereading this multiple times now, this might be the most privacy safe way to validate age, shut up lawmakers who cry “what about teh children!!!” and let us adults move on in peace.

        You buy jr a laptop, it’ll ask on account creation how old they are. That’ll be a flag they can’t modify that will be passed into browsers and app stores. That will prevent children from accessing content they can’t. Adults then continue on. Jr grows up and either buys his own device, or mom and dad swap their account to adult.

              • hobovision@mander.xyz
                link
                fedilink
                arrow-up
                1
                ·
                8 months ago

                Google could do it right now if they wanted to. It’s not against the law to require your customers to provide PII to use services. It just opens them to bad press, liability for mishandling the data, and potentially liability for knowing a user is a minor and showing them mature content anyway.

        • 0x0@lemmy.zip
          link
          fedilink
          arrow-up
          1
          ·
          8 months ago

          If parents want nanny software they can install it on windows, no need to forcefeed this bullshit on everyone else.

          • Scrubbles@poptalk.scrubbles.tech
            link
            fedilink
            English
            arrow-up
            1
            ·
            8 months ago

            It’s going to be a drop-down that a parent can select on account creation. No one is being forced into it, unless mom bought your device.

  • ZoteTheMighty@lemmy.zip
    link
    fedilink
    arrow-up
    1
    ·
    8 months ago

    You just know that when a bill is titled “Protect the little children from eternal suffering bill”, it’s gonna contain some real fucked up anti-privacy nonsense in it.

    • floquant@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      1
      ·
      8 months ago

      Most dystopian “child safety” bill. Let’s not legitimize the claim that these laws are made to protect children while having privacy-invading side effects - they are privacy-invading laws disguised as child protection, while failing to have any real impact on children’s online safety and wellbeing

    • cassandrafatigue@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      8 months ago

      I’m not sure anything this repressive is implemented anywhere in the world.

      Edit: wait this is the other half of the thing everywhere else is doing that would make this nightmare shit.

      • ICCrawler@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        8 months ago

        The only thing that I can think of is how China regulates it’s online gaming.

        What is China’s Age Verification System?

        China’s Age Verification System or 游戏适龄提示 in Chinese, is a government-mandated infrastructure that restricts minors’ access to online games and digital platforms. In China, all users must undergo “Real Name Verification” (实名认证) before accessing gaming services, enabling platforms to enforce age-appropriate restrictions automatically.

        The system is overseen by the National Press and Publication Administration (NPPA) and integrates with national databases to verify user identities in real-time.

        https://appinchina.co/blog/the-complete-guide-to-chinas-age-verification-system/

        The move to do this was largely in part thanks to complaints of parents in regards to their kids’ habits with gacha games. For anyone interested, what I posted was a small excerpt from the link, there’s a lot more info on it there.

          • ICCrawler@lemmy.world
            link
            fedilink
            arrow-up
            0
            arrow-down
            1
            ·
            8 months ago

            It is similar, not the same. Some other key differences to consider are that while the US one is at the OS level, it’s just asking you to provide an age that isn’t linked to your ID or anything. It’s just like when a website asks your age, you can absolutely lie about it. But now it’s being done on the OS account, not the website.

            Whereas, yeah, it is just for games in China, but it is absolutely being run against the person’s ID in a national database. Some games even require facial recognition. So it’s on a whole other level of verification and tracking.

  • WolfLink@sh.itjust.works
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    8 months ago

    Read the link yall

    The bill requires:

    • OSes to take user birthday during account creation
    • this info is binned into categories (<13, 13-16, 16-18, >18)
    • the category info must be made available to basically all software
    • software is supposed to use this data to age gate content but is not allowed to send this data to 3rd parties

    What this bill does not do:

    • Your full birthday is specifically not to be sent to every application
    • OSes are not being asked to check your id it doesn’t say the OS should do anything to verify the birthday, just that it should record it
    • There isn’t anything to prevent you from entering 1/1/2000 instead of your real birthday

    Honestly this doesn’t seem that bad to me. If anything it’s a little pointless. This style of age verification is basically universally already used. I guess you could read this as forcing OSes to have parental controls.

    I do think there is a bit of a privacy issue in this information being shared with every program, but they attempt to minimize this using the binning (so ironically it really only hurts the privacy of teenagers since for adults it will just say >18), and this information is supposed to not be shared with 3rd parties (but we all know Facebook and Google are going to do whatever they can this info, pushing the limits of that part of the law, or just waiting to be sued and paying the fine when it happens).

    I honestly think most Linux distros will just implement it.

  • hobovision@mander.xyz
    link
    fedilink
    arrow-up
    0
    ·
    8 months ago

    Please update your title to remove the misinformation about the bill, specifically calling it “OS-level ID verification” is not even close. It’s not got anything to do with personally identifying information or any actual verification of age information.

    It’s actually an incredibly privacy conscious method of doing what it is trying to do, which is to allow parents to set up a child’s account with their age information on a device and have that age bracket information passed to websites and applications. That way, it makes it harder for a child to bypass age-restrictions, but without requiring dangerous age verification methods such as ID or face scans.