Ignoring all the tedious 'no, you're a bad person for having different priorities and beliefs to me' comments that this will inevitably inspire, I have to ask: why does the operating system need to be involved in this? The intended target of the regulation seems to be app stores.
> why does the operating system need to be involved in this?
The goal in my mind is to have an account a parent can setup for their child. This account is set up by an account with more permissions access. Then the app store depends on that OS level feature to tell what apps are can be offered to the account.
Let say the the age questions happen when you install the app store. That means if you can install the app store while logged in as the child account the child can answer whatever they want and get access to apps out side of their age range. The law could require the app to be installable and configurable from a different account then given access or installed on the child account, however at a glance that seem a larger hurdle than an os/account level parental control features.
The headline calls this age verification, but the quote in the article "(2) Provide a developer who...years of age." Make it sound way different and much more reasonable than what discord is doing.
I would much rather have OSs be mandated with parental control features than what discord is currently doing. I am going to read the bill later but here is how discord age verification could work under this law.
During account creation discord access a browser level api and verifies it server side. discord no knows if the OS account is label as for someone under 13 years, over 13 and under 16, over 16 and under 18, or over 18. Then sets their discord account with the appropriate access.
No face scan, no third party, and no government ID required.
> The goal in my mind is to have an account a parent can setup for their child. This account is set up by an account with more permissions access. Then the app store depends on that OS level feature to tell what apps are can be offered to the account.
That sounds like an OS feature that parents would like to have. Probably has some market value. Maybe just let the market figure that one out.
Or, we could have an overbroad law passed that torpedoes every open-source OS in existence. If I were MS, Google, or Apple, that'd be a great side benefit of this law. Heck, they probably already have this functionality in place.
The problem here is legally-mandated age verification, not where it is placed (although forcing it into all OSes is absolutely ...). The gains are minimal for children and the losses are gigantic for children and adults. I'm not keen to have children avoid blisters by cutting off their feet.
Put control back with the parents. Let them buy tech that restricts their children's access. This law doesn't protect children from the mountains of damaging content online.
And let all the adults run Linux if they want to without requiring Torvalds to put some kind of age question in the kernel and needing `ls` to check it every single run.
I agree. The headline says "all operating systems, including Linux, need to have some form of age verification at account setup", which is pretty inaccurate.
It's just asking for some OS feature to report age. There's no verification during account setup. The app store or whatever will be doing verification by asking the OS. Still dumb to write this into law, but maybe not a bad way to handle the whole age verification panic we're going through.
I think the answer is quite simply: Follow the money. General-purpose computing is scary to big, soulless corporations. They want you to rely on them, not to be able to do stuff yourself. (They want to keep that power for themselves.)
Age verification is the quickest road to ending general-purpose computing, because it plays on people's knee-jerk emotions. It won't do it by itself, but it'll goes a long way towards it.
Because it's the lowest common denominator between the user and every online interaction. The bill basically says provide a date-of-birth as metadata to accounts and provide an API to query the age bracket, not even the age, of the user to applications. It's a privacy-aware, mostly reasonable approach that shifts responsibility to the owner/administrator of a device to enforce it. It's basically just mandating parental controls.
I'm trying to understand how this is even a bad thing. Where is the privacy invading verification? Surely a given OS can implement the API response however it wants? If you're root, tell me your age. If you're not, (a child account), the admin (their parent) sets the age. Seems fine?
Companies like OpenAI are advocating for this because it shifts the burden of responsibility off them. They don’t have to age verifying Microsoft is handling that for them.
As a startup owner, if there has to be age verification, then I'm all for doing that at the OS level. As a human with privacy concerns, I'll continue using Linux.
The operating system needs to be involved because its the easiest set of actors to penalize for non-compliance.
There are essentially two desktop operating systems, Windows and macOS. Linux is a decimal point and too fractured to worry about.
There are essentially two mobile operating systems, Android and iOS. And while Android is fractured, Google still has reasonable control they can exert.
This is (weirdly) the smart way to do this type of law.
Make the consumer OS providers add an age signal. That property can be bound to an account with the inability to change it.
Behold, "universal enough" parental controls which will require only a handful of lawsuits to litigate.
Arguably the operating system (or potentially the user-agent) is the exact place to do this.
What I don't get is why it can't just all be client side. An app will just signal "I am going to show 16+ information" and the OS will either show it or not show it. No need to communicate anything.
Giving people the choice to limit a device for their children is okay by me.
> why does the operating system need to be involved in this?
Well, the politicians probably meant to say “Apple, Google, Microsoft, plus maybe Sony and Nintendo”
i.e. the companies that already have biometrics, nigh-mandatory user accounts, app stores linked to real identities, parental controls, locked down attested kernels, and so on.
If phones had workable parental controls that let parents opt their kid into censorship, that’s better than the give-your-passport-to-the-porn-site approach the UK have taken.
Of course if they have applied it to every OS, not just the big corporate-controlled options, that’s a dumb choice.
The law defines an operating system provider as "a person or entity that develops, licenses, or controls the operating system software on a computer, mobile device, or any other general computing device." If the intent were to target mobile vendors or app store vendors, I would be fine with it, but that's not the text. Of course it's the case that US lawmakers often write incoherent or extremely onerous legislation and then turn around and say, like, "Oh that's obviously not what we actually meant. We don't know what any of this stuff is, it just sounded good."
I don't know, but arguably the OS version is better for privacy, as each app can just trust the signal sent by the OS instead of collecting a bunch of personal/biometric data.
until they decide that the OS now needs to collect a bunch of personal/biometric data to avoid people lying about their age or tricking the OS into sending a different signal than the OS should.
The goal is to lock down anonymous computing and increase control of government and reach of the surveillance state. It isn’t to save little Billy from seeing a titty.
Because that's the first layer that deals with user accounts, and subsequent layers commonly base off of identity information stored in there. Just like how and why every other shared interface exists.
Probably because the OS is the only layer that's both upstream of the app store and (in some ecosystems) in a position to provide a standardized, system-level signal
davorak|3 days ago
The goal in my mind is to have an account a parent can setup for their child. This account is set up by an account with more permissions access. Then the app store depends on that OS level feature to tell what apps are can be offered to the account.
Let say the the age questions happen when you install the app store. That means if you can install the app store while logged in as the child account the child can answer whatever they want and get access to apps out side of their age range. The law could require the app to be installable and configurable from a different account then given access or installed on the child account, however at a glance that seem a larger hurdle than an os/account level parental control features.
The headline calls this age verification, but the quote in the article "(2) Provide a developer who...years of age." Make it sound way different and much more reasonable than what discord is doing.
I would much rather have OSs be mandated with parental control features than what discord is currently doing. I am going to read the bill later but here is how discord age verification could work under this law.
During account creation discord access a browser level api and verifies it server side. discord no knows if the OS account is label as for someone under 13 years, over 13 and under 16, over 16 and under 18, or over 18. Then sets their discord account with the appropriate access.
No face scan, no third party, and no government ID required.
beej71|3 days ago
That sounds like an OS feature that parents would like to have. Probably has some market value. Maybe just let the market figure that one out.
Or, we could have an overbroad law passed that torpedoes every open-source OS in existence. If I were MS, Google, or Apple, that'd be a great side benefit of this law. Heck, they probably already have this functionality in place.
The problem here is legally-mandated age verification, not where it is placed (although forcing it into all OSes is absolutely ...). The gains are minimal for children and the losses are gigantic for children and adults. I'm not keen to have children avoid blisters by cutting off their feet.
Put control back with the parents. Let them buy tech that restricts their children's access. This law doesn't protect children from the mountains of damaging content online.
And let all the adults run Linux if they want to without requiring Torvalds to put some kind of age question in the kernel and needing `ls` to check it every single run.
why_at|3 days ago
It's just asking for some OS feature to report age. There's no verification during account setup. The app store or whatever will be doing verification by asking the OS. Still dumb to write this into law, but maybe not a bad way to handle the whole age verification panic we're going through.
Sophira|3 days ago
Age verification is the quickest road to ending general-purpose computing, because it plays on people's knee-jerk emotions. It won't do it by itself, but it'll goes a long way towards it.
buu700|3 days ago
packetlost|3 days ago
zeta0134|3 days ago
adastra22|3 days ago
leptons|3 days ago
etchalon|3 days ago
There are essentially two desktop operating systems, Windows and macOS. Linux is a decimal point and too fractured to worry about.
There are essentially two mobile operating systems, Android and iOS. And while Android is fractured, Google still has reasonable control they can exert.
This is (weirdly) the smart way to do this type of law.
Make the consumer OS providers add an age signal. That property can be bound to an account with the inability to change it.
Behold, "universal enough" parental controls which will require only a handful of lawsuits to litigate.
shiandow|2 days ago
What I don't get is why it can't just all be client side. An app will just signal "I am going to show 16+ information" and the OS will either show it or not show it. No need to communicate anything.
Giving people the choice to limit a device for their children is okay by me.
michaelt|3 days ago
Well, the politicians probably meant to say “Apple, Google, Microsoft, plus maybe Sony and Nintendo”
i.e. the companies that already have biometrics, nigh-mandatory user accounts, app stores linked to real identities, parental controls, locked down attested kernels, and so on.
If phones had workable parental controls that let parents opt their kid into censorship, that’s better than the give-your-passport-to-the-porn-site approach the UK have taken.
Of course if they have applied it to every OS, not just the big corporate-controlled options, that’s a dumb choice.
beej71|3 days ago
I guess we'll just have to trust that our legislators are technologically savvy...
decidu0us9034|2 days ago
bo1024|3 days ago
autoexec|3 days ago
kjkjadksj|2 days ago
perching_aix|3 days ago
fuzzy2|3 days ago
The "why" is also clear: deflecting/shifting responsibility.
interludead|1 day ago