You must log in or # to comment.
the fuck
That’s going to be so much fun for the literal millions of automatically provisioned servers owned by silicon valley companies.
On a related note how do they define a computer? Will smart tvs need it? What about smart thermostats? Cars?
What about desktop PCs with no webcams?
Apparently, from clicking the link in the article:
(g) “Operating system provider” means a person or entity that develops, licenses, or controls the operating system software on a computer, mobile device, or any other general purpose computing device.
But I fully agree with you that they didn’t think this through very well. Seems that nowadays, politicians see it as their jobs to destroy all the beautiful things that technology built. :(
Hey now, dipshit politicos have existed since forever
That one ended up not passing, and while arguably it was more stupid, it was considerably less harmful.
The bill is pretty clear that the user just has to provide their age bracket, there’s nothing about validating it, so no webcam required.
Amazing! Yes, thank you. Destroy the US as a technology hub with asinine bills like this.
Make another bill to force OSes to have biometrics for unlocking for age gating. Introduce another bill to duplicate and send traffic to the government! And another to make the use of opensource illegal in the US. Please. I want to see it all burn 🤣
Working on the assumption that some form of age gating for things like app stores and web sites is coming (the rights and wrongs of that are a separate discussion), I actually quite like this bill as probably the least harmful way to do it.
The bill itself doesn’t say that the OS should validate the user’s age, just that it should:
Provide an accessible interface at account setup that requires an account holder to indicate the birth date, age, or both, of the user of that device for the purpose of providing a signal regarding the user’s age bracket to applications available in a covered application store.
Similarly it must:
Send only the minimum amount of information necessary to comply with this title and shall not share the digital signal information with a third party for a purpose not required by this title.
So you set a flag (under 13, 13 to 16, 16 to 18, or 18 plus) when you create an account on your OS and that’s all third parties see. They also can’t request more information:
A developer that receives a signal pursuant to this title shall use that signal to comply with applicable law but shall not do either of the following:
(A) Request more information from an operating system provider or a covered application store than the minimum amount of information necessary to comply with this title.
(B) Share the signal with a third party for a purpose not required by this title.No, it is completely stupid to require providers of operating systems to implement any features at all.
How does this work with something like FreeDOS which AFAIK doesn’t even have accounts??? Will they be required to implement that? What if I am developing a new FOSS operating system, am I prohibited from pushing its source code to a public git repo before I have implemented accounts?
I think this should be challenged in court as a free speech violation on the grounds that distributing software is a form of speech and the government cannot legally impose conditions on speech.
Actually the bill seems to address those points adaquately.
The requirement to collect the user’s age bracket at account creation, so no accounts means no account creation, so no requirement to collect the flag. If FreeDOS or your new OS has no accounts but does have an app store, then I think you could collect it on first use without trouble.
If you were developing an FOSS OS I think you could make a good arhument that you were not the “Operating system provider” as you don’t control the opperating system on the end user’s computer, and had no control over them installing it. That would leave the Californian end user to handle it themselves.
If you read the bill itself it actually looks like it’s designed to minimise the risks associated with age gating, and provides various get out clauses that mean that app designers can avoid collecting intrusive information and must instead rely on what they’re told by this flag. Without something like this, developers instead need to rely on third parties like Persona that use ID dicuments and videos to validate users, and then, inevitably, get hacked.
As I said before, all if this is based on the assumption that age gating will happen, and that is looking like a certainty. Given that, I’d much rather have laws like this than ones requiring privacy destroying and intrusive checks.
I mean the definition is:
(g) “Operating system provider” means a person or entity that develops, licenses, or controls the operating system software on a computer, mobile device, or any other general purpose computing device.
Note the three verbs there: “develops, licenses, or controls”. Now the ideology of free software, of course, holds that the person or entity that “controls” the operating system software ought to be the device owner, so that one is arguably inapplicable to free software.
But “develops” means “write the source code”, and “licenses” can mean “put under a free software license”. I don’t see how I can argue legally that if I’m developing an experimental OS in my own git repo, putting that under an MIT license, and someone in California then installs it on their computer, I am not the person that developed and licensed it. Will any foreigner who did that now be arrested when they enter the US?
If they had to at all, they should have written that law to apply only to operating systems that are preinstalled on devices sold in California. That would have been in the realm of product regulation that only manufacturers and vendors of computers in California have to ever care about. If some FOSS operating systems then do implement it so they can be sold preinstalled in California, there’s nothing harmful about that.
Ok, first off, I agree that limiting it to the OS that comes preinstalled on a computer would be a much less ambiguous way to write it. However, I think they’re actually trying to prevent more egregious means of age verification by saying “if you get this signal, you will use it, you will not use anything else, and if you stick to that you’re in the clear”, so having it apply to all operating systems actually helps.
The crux if the matter then is what is an operating system, who is the developer, and what does it mean to licence it? In your example you talk about publishing your code in a git repository. Whilst there doesn’t seem to be any language in the bill clarifying this, and I am, very much, not a lawyer, it seems to me that there us a difference between publishing source code that can be compiled into an operating system, and publishing an operating system. You cannot just load the source onto a machine an have it run, you need to compile it and build it into a usable image first. From that I would say that the operating system is the compiled artefact, and so the developer and licensor of that is whoever built the image, and the controller is obviously the person who put it on the machine.
That would mean that you are free to publish the code, and only those who package it (likely either the end user or a company that sells OSs) would have to concern themselves with implementing the user age bracket flag.
and yet even that definition covers any OS with a live CD .iso on its website
Damn bro, Linux servers about to be illegal in Cali
