More “feel good” legislation that has no basis in reality. They obviously do not actually intend to enforce this for corporations because it would shut down modern software development and data centers overnight. Imagine spinning up a docker container or a VM with accounts created. Suddenly you’re violating the law because there’s no age attestation. Nor should there be.
If they want this to actually fly, they should be more targeted in their legislation, but that would require they actually know what they’re fucking talking about.
This is obviously targeted at individuals to “protect” them. Great. No thank you.
The title is very misleading. This is the actual bill that they are trying to pass. The link already includes a summary, so I will just give you an even simpler explanation and some practical examples why this is actually really neat.
First of all, this is not age verification. No IDs have to be submitted, no selfies or videos will be submitted to any age estimation AIs, so put your pitchforks away (for now, until they decide to expand the bill to include these measures as well, then it’s time to burn it down). The name of the bill already tells you what it is: Age Attestation. Aka what every piece of software already does before it shows you explicit content.
With the bill in place, every “operating system provider” has to ask you for your age or date of birth during OS setup, which will then be made available to other software via an API. So instead of having to fill in your date of birth or checking “Are you 18+/21+?” boxes, software will use the new API to check instead, saving you the trouble of doing it manually every time for every application that is not made for all ages.
What makes it even better is that the OS does not have to provide your actual age or birth date, the bill has a minimum requirement of just disclosing age-bracket data. So it could work just like age ratings, which also rely on age groups rather than specific years. Also, the bill explicitly forbids asking for more than your age, sharing more than that via the new API and using the entered age data for anything else than the described purpose, like sending it to a server for tracking purposes.
And finally, as mentioned in the beginning, no IDs or anything else as it is with age verification necessary. You can still lie, just enter 1.1.2000 or whatever you want. Nothing changes, except that you will only have to do it once every time you reinstall/reset your OS or buy a new device.
This bill is not “neat”. It literally REQUIRES every piece of software in existence to query for the users age bracket. Do you think that any F/OSS software devs are going to comply with this horseshit?
Who’s lobbying for this? As far as I know, those dinosaurs don’t know anything about technology much less computers
That makes zero sense. We need to be how old to view a desktop ?
The world will end due to corruption by billionaires not because some 12 year old watching only fans…
Viewing a desktop doesn’t even imply you’re going to watch onlyfans either. You might go to xvideos instead.
Maybe next they’ll make you prove you’re over 18 to buy a computer at the store. Maybe put them behinds safety glass too since they’re so dangerous. Or put them on the top shelf where kids can’t reach.
Honestly verifying the buyers age at the store is probably more private embedding age verification into the OS itself
Walmart already locks their computers and other pricey tech up in cabinets for anti-theft reasons.
Also California and others.
It might not be so bad if it was just entering the age of the device’s user when setting it up, since in that case the system would be essentially just a standard for parental controls.
I think that’s what it is.
What it is today. But these things tend to slip-slope their way to worse privacy violations over time. Oh, children are getting around the setting? Well, we better tie it to a government ID.
I’m more afraid of what it becomes than what it starts as.
Valid worry, and I would prefer no such legislation, but I can picture a more optimistic outcome where this diffuses demands for more invasive and anticonsumer verification because it would somewhat address the problem of population scale psychological harm to children that there seems to be public consensus about. The sense of “something must be done” is currently giving repressive authoritarian tech an excuse to be implemented, and while there are strong arguments for why that tech is more dangerous and oppressive than it could possibly be worth, the arguments for how the problem can be addressed instead are much weaker. People often point to parental responsibility and the possibility of setting up parental control software, but this argument has some glaring weaknesses; the problem exists on a collective rather than individual level, exists despite the current possibility of parental action, and the argument does not point towards any real hope of improvement.
This all comes back to the reality that the way we use software is largely dictated by the design of that software. Defaults matter a lot. What I like about this solution is that it would work by adjusting defaults, not asking users to take extra initiative, and leaving ultimate control up to the person who bought the hardware. It would be possible, but difficult to get around it for children who can’t easily acquire their own hardware, and so most of them just wouldn’t, which means there is an actual possibility of it being part of an overall solution to the problem.
Whether it’s the best, or a good solution, I do have some doubts about. Banning children from any participation in public discussion seems like a bad thing for a variety of reasons, and it’s easy to see any sort of effective age verification going there immediately. The ability to check the OS for age category would mean an avenue for practically enforceable legislation about how online services must treat users by those categories, and most of that legislation can be expected to suck. And of course there’s the risk you mention that the law is expanded to try to prevent the hardware owner from actually being in any sort of control. Still, the problem is real, and I don’t think the invasive solutions are going to be defeated without proposing effective noninvasive solutions.
Then the headlines read “Huge OS data breach results in millions of ID data lifted.” Then you’ll get signed up for 2 years of Experian and told to monitor your identity because oopsy-daisy our fault but your responsibility.
