I would also interpret it this way, though California’s government is profoundly technologically incompetent, despite being the home of “Silicon Valley.”

Knowing California, they would try to twist the word “vendor” to cover any entity that does any kind of business, similar to how they dismantled interstate commerce protections for the entire country. If that didn’t work, they would argue that donations make something a vendor.

The situation is stupid and I am long past tired of idiots pushing idiocy on others en masse.

Also showing lawmakers how easy it is means even more laws down the pipeline to really make development disgusting because "it worked before, right?"

I mean.. there's nothing stopping anyone from setting their age to 100 years old. It's not like they are adding any sort of identification check, from what I gather. Just doing the minimum to comply.

But also not surprising at all TBH

You don't need to take remote places like DPRK. Trust me, most Lemmy instances don't follow the laws of 27 European Union countries.

People who live in California, if anyone bothers to enforce it, would have two options:

1. Switch OSs to something that does comply, or
2. Risk criminal actions for using their computer wrong

It should be implemented as "This is only required if you live in California" during setup. However, this does sound completely unenforceable. If I have a connecting flight through LA, will they send a swat team to pick me up at the airport for not setting it up and using the WiFi?

As a European living in Canada, it's quite annoying to think about having to do extra stuff (even if it is very minimal) because one state in America passes a stupid law.

Does it have accounts?

Currently it's self reported, but if it's complied with and then they inevitably say now it needs id they can just block all the self reports until id is provided. This is the same tactic of marginally moving the line that has been happening for years

Standardized parental controls would be great, actually. But it should be proper parental controls, not whatever this is. Because at the end of the day, the parent* should be involved in what their child is up to, and allow (or not) based on what the child needs and/or wants, instead of whatever we are doing now.

Or, to put it another way, if your teen has read Games of Thrones (the physical books), I don't see much of a point in forbidding them from going to the wiki of it, and I'd be hard pressed to justify stopping them from talking about it online with other people who have read the books. The tools should allow for this kind of nuance, because actual people are going to use it and these kind of situations happen all the time.

* some parents are awful and would abuse this, see LGBT+ related things, but that's a social issue, not a technological issue.

I thought similarly that a minimally privacy invasive set up like sending a "I'm over/under 18" signal that didn't require verifying government ID/live face scans/AI "age approximation" would be a good idea, but I now think that this system would fall over very quickly due to the client and server not being able to trust each other in this environment.

The client app, be it browser, chat, game etc, can't trust that the server it is communicating with isn't acting nefariously, or is just collecting more data to be used for profiling.

An example would be a phishing advert that required a user to "Verify their Discord account", gets the username and age bracket signal and dumps it into a list that is made available to groomers [1].

Conversely, the server can't trust that the client is sending accurate information. [2]

Even in the proposal linked, it's a DBUS service that "can be implemented by arbitrary applications as a distro sees fit" - there would be nothing to stop such a DBUS service returning differing age brackets based on the user's preference or intention.

This lack of trust would land us effectively back to "I'm over 18, honest" click throughs that "aren't enough" for lawmakers currently, and I think there would be a requirement in short order to have "effective age verification at account creation for the age bracket signal" with all the privacy invasive steps we all hate, and securing these client apps to prevent tampering.

At best, services wouldn't trust the age bracket signal and still use those privacy invasive steps, joining the "Do Not Track" header and chocolate teapot for usefulness, and at worst "non verified clients/servers" (ie not Microsoft/Apple/Goolge/Meta/Amazon created) would be prevented from connecting.

The allure of the simplicity and minimal impact of the laws is what's giving this traction, and I think the proposals are just propelling us toward a massive patch of black ice, sloped or otherwise.

Having said that, I can't blame the devs for making an effort here, as it is a law, regardless of how lacking it is.

[1] I realise "Won't someone think of the children!" is massively overused by authoritarians, give me some slack with my example :) [2] Whilst the California/Colorado laws seem to make allowance for "people lie", this is going to get re-implemented elsewhere without these exemptions.

In theory yes.

What's bad though is that it's meaningless. Sure the OS can say you are 10 years old or 100 years old and you can't change it... but then you open a page in your browser which runs a virtual machine and that VM now says you are, arbitrarily 50 years old. The VM is just another piece of software but put it in fullscreen (if you want) and voila, you are back to declaring whatever age you want to any application or Web page within that VM. If that's feasible (and I fail to see how it wouldn't, see countless examples in https://archive.org/details/software or https://docs.linuxserver.io/images/docker-webtop/ even though that's running on another machine, so imagine that was a SaaS) then only people who aren't aware of this might provide a meaningful information on the actual age but that's temporary, the same way more and more people now learn to use a VPN.

“We have to comply with the law”. This has become Russia or China where the sheep people do whatever an oligarchy dictate.

"What are we a bunch of Asians?"

Also China isn't run by an "oligarchy" but by a dictatorship of the communist party via a mandate of the masses (they execute CEOs and rich people there, we let them rape kids and commit horrific crimes of greed and fine them less than they made off that crime). Russia is but so is the west and I prefer the term capitalists or if you prefer the original French "bourgeoisie".

There was a study from one of the big ivy league universities that showed that in the US the people don't get what they want, popular policy is consistently not passed nor popular will acted on. Princeton I think.

So it's not what people per se want, it's what the ruling class (capitalists in the west) wants. And they've decided that because the rate of profit falls and their demand for profit grows that they need to put the population under lock and key because they've made economic conditions worse and they're going to get worse yet. They need a police state to control the workers who might want better conditions or gasp to take some or all of their wealth. This is part of that.

This is also because China is rising and they are terrified of people seeing a more equal, just society that can be created through socialism. They are terrified of dissenting voices so they want to remove anonymity so they can terrorize dissidents and opponents into silence. They saw what happened with their attempts at narrative shaping in Gaza, they are deeply alarmed that tik tok won't be the last thing, a new one could pop up anywhere, right now they play whack a mole, they want to control the whole thing top to bottom.

As to people being sheep. It's more like they're beaten down. You defeat this today they come back in a year and then again and again. They have all the money, all the time and are willing to wear people down, use their capitalist owned media to propagandize and sensationalize for this until the people are exhausted and stop fighting it so hard. People work long hours, they take home less money than ever, the government openly abuses people, the police don't act fairly and persecute black people, there's a sense of there being no fairness and not enough time. The people are also mis-educated. They're led to believe there's this big problem, they don't understand technology and passively accept their leadership has some amount of good will in how they pass laws and govern to address real problems the bourgeois press has done its job of propagandizing them for. They can't see the whole picture because of these facts.