I agree until this law there was no reason for my os to know my age. This law creates that reason.
Any law can be bad if we take into account the imagined future possibilities. Should we outlaw electricity because it might be used in some way to make nukes?
If lawmakers try to issue further requirements for ID or facial scans then we can fight that. But until then there is nothing in this law that affects me outside of needing to enter a number less than 2005 when I setup my OS.
If you don’t have any kids then you literally can’t be fined under this law.
If your code is installed on a general purpose computing device that is provided to a child, you can be fined.
If you provide code to the general public without requesting an age signal from the receiver’s OS, you can be fined.
The attorney general of California might consider the JavaScript in your web page to be “content”. They might consider it to be an “application”. There is no clear distinction. If you request an age signal before providing content, you can be fined. If you fail to request an age signal before providing an application, you can be fined.
The more I read about this law, the less I think it will actually go into effect. It’s going to face a whole series of injunctions. The lawyers are going to bill thousands of hours, but the whole thing is going to be scrapped.
It prevents apps from asking for additional ID verification. I’d rather my os ask me for a number I am able to lie about than to have to send my ID to 30 different apps and data aggregators.
Many people say that we should put more responsibility on the parents for what their kids are allowed to do online. This law does that.
But it actually does require that. Read section 1798.502.b. Every developer of every application has to ask for your age bracket through this mechanism. The open source developers behind ‘ls’, ‘cp’, ‘rsync’ are all suddenly required to ask my age category of face a $2500-$7500 fine per time my kids run apt upgrade. That is utterly absurd.
Hell, I’m suddenly liable if a kid downloads my pong example project that I put up on crates.io or PyPI?!?
Yea they have to ask for your age bracket. That’s not the same as an ID.
I agree, the definition of an application is much too broad. And should be revised. But the difficulty is how do you restrict it without also creating a multitude of loopholes for businesses to exploit. At the very least we should restrict it to applications whose primary purpose is to interact with the internet.
And before you say it, yes I am aware that that still leaves many apps like curl, wget, ssh being covered. But it could be a start.
Or maybe just restrict it to social media applications. I am not a lawyer, I definitely don’t have a great grasp of how to create the type of language that is appropriate for laws.
But why are you even accepting this something like this should exist? What is the threat model that this is protecting against? How would it offer any protection against that threat? Why should everyone who is making any program need to ask about the age of their possible users?
I agree until this law there was no reason for my os to know my age. This law creates that reason.
Any law can be bad if we take into account the imagined future possibilities. Should we outlaw electricity because it might be used in some way to make nukes?
If lawmakers try to issue further requirements for ID or facial scans then we can fight that. But until then there is nothing in this law that affects me outside of needing to enter a number less than 2005 when I setup my OS.
If you don’t have any kids then you literally can’t be fined under this law.
If your code is installed on a general purpose computing device that is provided to a child, you can be fined.
If you provide code to the general public without requesting an age signal from the receiver’s OS, you can be fined.
The attorney general of California might consider the JavaScript in your web page to be “content”. They might consider it to be an “application”. There is no clear distinction. If you request an age signal before providing content, you can be fined. If you fail to request an age signal before providing an application, you can be fined.
The more I read about this law, the less I think it will actually go into effect. It’s going to face a whole series of injunctions. The lawyers are going to bill thousands of hours, but the whole thing is going to be scrapped.
No, because there are lots of good uses for electricity. What is the good use of this bill?
It prevents apps from asking for additional ID verification. I’d rather my os ask me for a number I am able to lie about than to have to send my ID to 30 different apps and data aggregators.
Many people say that we should put more responsibility on the parents for what their kids are allowed to do online. This law does that.
But it actually does require that. Read section 1798.502.b. Every developer of every application has to ask for your age bracket through this mechanism. The open source developers behind ‘ls’, ‘cp’, ‘rsync’ are all suddenly required to ask my age category of face a $2500-$7500 fine per time my kids run apt upgrade. That is utterly absurd.
Hell, I’m suddenly liable if a kid downloads my pong example project that I put up on crates.io or PyPI?!?
Yea they have to ask for your age bracket. That’s not the same as an ID.
I agree, the definition of an application is much too broad. And should be revised. But the difficulty is how do you restrict it without also creating a multitude of loopholes for businesses to exploit. At the very least we should restrict it to applications whose primary purpose is to interact with the internet.
And before you say it, yes I am aware that that still leaves many apps like curl, wget, ssh being covered. But it could be a start.
Or maybe just restrict it to social media applications. I am not a lawyer, I definitely don’t have a great grasp of how to create the type of language that is appropriate for laws.
But why are you even accepting this something like this should exist? What is the threat model that this is protecting against? How would it offer any protection against that threat? Why should everyone who is making any program need to ask about the age of their possible users?