[CW]
Content warning
my take on the California/Colorado OS-level age "verification"/attestation laws.
Show
Hide
Content warning
my take on the California/Colorado OS-level age "verification"/attestation laws.
maybe I'm totally misunderstanding it but like. as far as I can tell. the new California / Colorado "age verification" laws are reasonable and actually can protect kids.
the way I understand it, it requires the operating system to attest the age group of the user. and apps can gate certain content based on the age group.
this is good, no?. like we do not want individual apps doing age verification. they cannot fucking be trusted. and more importantly, it's horrible when we force them to do so.
and, importantly, the OS-level thing doesn't even mandate verification? it's wrong to call that "age verification". all it demands is a signal to applications of what age group the user is in, but imposes zero requirements about how to determine the value of that signal. "it is trivial to bypass with a single prompt asking are you 18 at install time" Yes! That's the point! It lets the user (or, computer administrator) decide whether to restrict the experience or not!
Maybe it's misguided and an age signal isn't enough. Maybe it'd be better to have more granular content controls for all sortsa "scary content". Like, mandating parental controls that are useful in every operating system. I don't think that sounds unreasonable! I don't think it's weird to say that parents should be able to restrict e.g. sexual content from showing up on their very young children's devices. Or, anyone who is an adult but still might not want to see graphic depictions of violence, ever! Or, a corporate device where employees shouldn't be allowed to access social media categorically (but as a higher-level signal rather than e.g. blocking individual sites on a network level). Maybe instead of saying "targeted advertisement is illegal for the child agree group", there could be an OS-level signal to disable targeted adverting, and it'd be legally binding, even for adults
That's not quite what the California/Colorado laws are proposing. Not the level of granularly I just described. But the fundamental model of consent is kinda captured in those laws. That the device owner gets to control what is appropriate to display. There's no intrusive forced verification, only a signal indicating the preference.
The focus is on forcing apps to respect the content preference, and forcing operating systems to signal a content preference. There's no forced ID verification privacy nightmare.
The granularly of the preference leaves a lot to be desired. I wish it wasn't an age signal. because that's Not the part that applications should care about. they should care about the specific things they are or aren't allowed to show or do to this user.