Or simply 'mental age verification' for the politicos...

I'd say bring back sortition, but I've met people. People are the worst.

It is called "maturity verification" and it should be mandatory for every politician to pass "maturity verification" on the subject he or she is about to vote upon. Any politician's failure to pass the "maturity verification" will void any and all votes of the entire assembly and the bill will fail to pass.

I'm sure many of them will easily pass a "mental age verification" of 97.

Can we somehow verify their knowledge or IQ?

" It is vague, using terms that allude but do not define. It sets specific and punitive fines for non-compliance, without specifying what non-compliance looks like. "

Sounds like somebody has been taking notes from the UK's recent Online Safety Act.

The California law cited in the article is age indication, not age verification. You tell the OS how old you are, the app stores installed on your OS use that age.

It's '10 INPUT "What is your age? "; age' stuff.

There is a even a [1]Linux package which does it as mentioned by a fellow commentard in another article. You don't have to gold-plate the law, you don't have to use age indication for non-desktop users or apt/yum.

This is not the hill you need to die on, that hill is New York's hill.

If you're a parent and you want to keep social media sewage firehose off PCs or phones then this does that. If the rest aren't willing to move a slider or type "18" into a textbox then we're at a bit of an impasse.

[1] https://packages.debian.org/sid/libmalcontent-0-0

If you were a parent and you wanted to keep social media sewage firehose off PCs or phones, then you'd have done that without the implication of politicians. Don't let the nanny state do it for you.

This is an improvement on the present-day situation - parents need to sign up for parental controls with Google, Apple, or another company which sells parental controls, and give them more PII.

I see no reason why Google needs to know the parent's real name, address, and credit card number so a parent can enable parental controls on a device that they own.

You're naive if you believe it stops there.

The identity fetishists have already laid out a roadmap which requires everyone using Internet-connected devices to be third-party verified against offline identities. Apple and Google are already doing that in many cases, but there's still more room to add government documents and additional commercial databases on the road to making it 100% legally required.

The open source community is against allowing this camel's nose under the tent.

Digital freedom is fundamentally incompatible with enforced identity.

Many of the open source community are parents, I'm sure they're perfectly fine with on-device age indication.

The rest of us are unwilling to sacrifice our privacy because some people don't want to be attentive parents.

The identity fetishists will use the standardization of identity systems to engage in scope creep. They've been trying since the early 2000's. They're salivating at the thought of everyone having a digital identity loaded on their devices which must be used for nearly everything they do.

The rest of us are unwilling to sacrifice our privacy because some people don't want to be attentive parents.

First, where is the identity in setting up an account on the device as admin and specifying the child account's age? You won't be able to tell me because there is none.

Secondly, are you saying parents should be constantly shoulder surfing when their children use computers or phones? How practical is that? More to the point, how healthy is that? Parents will of course sit next to their children at the beginning when using computer and show them what to do, but sooner or later later on they've got to let them work a computer on their own within screen time limits that they set. If they are to view the computer as a tool instead of something dangerous then applications should follow the parents' wishes. What freedom is being curtailed by their account having an age field set up by the parent which says that, no, the computer is not to download and run apps from the app store aimed above ages 8, 10, or 12 or whatever?

You don't need to be constantly shoulder-surfing to check what's installed or what sites they've visited. Nor do you need to check those things daily until the moment they turn 18. I was 8 before I was allowed to go out after school or at the weekends on my own, and I had to say where I was going, what I'd be doing, and when I'd be back. As I got older, the restrictions were slowly relaxed (barring a few punishments for abusing my privileges), until by the time I was 16, I was basically trusted to come and go as I pleased. The same applied to the digital world. Firstly, I was given screen time on the computer in a shared space, but with no internet. Then, I was allowed online for a few hours a week. Then I got a computer in my own room, and a year or so later, I got admin rights on it so I could install whatever I wanted. I was 14 before the parental controls got removed completely. It's not surveillance, it's parenting. Surveillance is what you get when the state steps in at the invitation of parents who are too lazy to actively parent, and results in stuff like the UK OSA or the New York law. This isn't quite there, but making it a legal requirement for all classes of device and user is in the same ballpark, and it's the thin end of the wedge.

I am a parent, I only run FOSS software (including the OS), and in some cases on open-source hardware, too, and I am absolutely NO OK with on-device age indication. I have root on the devices I give to my child, and I, only I decide what they can watch or access without supervision (i.e. from their own account). Without supervision this law makes no sense and is not needed; with supervision (i.e. from my account in my presence) it is useless and not needed.

Thinking back to when I was 7: my parents made sure I had unfiltered Internet. The upsides outweighed the downsides.

They also sat me down and made me watch George Carlin. Learned a lot about bad language, sex, drugs, and what adults did when they became adults.

I also learned how to be a skeptic and question what I was being told.

Guess which has proved more influential and meaningful in life?

I don't have kids, but if I did, I would do the same thing.

I don't care if some people are offended by Carlin's bluntness. I'm offended by kids being wrapped up in some stupid walled garden filled with dumb animated characters and shitty music in service of stupid plotlines. I'm offended by kids seeing 10,000 cartoon murders before their 10th birthday but not learning truths about the real world from their parents.

(although, come to think of it, I wouldn't be adverse to the OPPOSITE application of this stupid law, "sorry honey, daddy is too old, this cartoon just cannot be accessed from his account" !)

And how do you decide what they can watch or access without supervision on a device without parental controls?

> And how do you decide what they can watch or access without supervision on a device without parental controls?

That's called parental supervision and dialogue.

It requires more effort than abandoning kids to an algorithm which blankets them in "kid-friendly" content, like cartoon murders and consumerism.

Do kids talk to a parent about a world they're learning to understand? If not, there's bigger problems than some age-indicating tech spec.

It still has the same implementation problems.

"They don't know how this can be made to happen, but they know it can be if only the industry is made to think about it hard enough."

All they have to do is to commission a proof of concept good enough to stand critical inspection by security experts. Once they've demonstrated that it's possible we'll believe them.

Surely the security only has to be good enough to defeat a politician.

Now THAT is a low bar.

You just have to dangle a thick brown envelope.

Just at more age verification steps. Verify when booting, when logging in, when opening a file, when saving a file, when opening an application, when staring at the screen, when not staring at the screen, when powering off the computer, when working on a document for more than a minute. Generally just keep age verifying at all times and then verify the verification. Then send a civil servant to check that person is verifying their age. Do a cavity search at that.

Can we have a mode that only applies that spectacular idea to legislators and their staff? Like the Volkswagon emissions testing scandal, except where the software detects that it's being used by someone who spends too much time thinking about children in relation to adult content?

Additionally, can the civil servants hang around afterwards for post-search mutual enjoyment of the adult content, or would that be too awkward? But who would verify the age of the civil servant? Eh, it's probably fine. They attested that they were twenty-one in neon pink crayon when they got the job.

I’ve yet to come across a new law, one intended to fix a specific concern, that actually does so. Especially where the concern arises from the behaviour of bad actors as the new law inevitably punishes the rest; bad actors will continue to flout what would be deemed as responsible behaviour, whilst those who previously acted responsibly now have additional hoops to jump through. The double whammy is that it’s the previous good actors who subsequently bear the brunt of any punishments.

It’s not just IT issues, it’s almost anything. The current UK trend of reducing traffic speed limits in urban areas (30mph down to 20mph) rarely slows down those who previously ignored the 30 limit; the justification of fewer accidents is tenuous as there’s rarely a direct causal link with the change in limit (correlation, easy to prove with the careful choice of data, doesn’t prove causation). H&S laws (something I was involved with before retirement) mostly affected the players who were already minimising workplace risk; they now had more paperwork and expense in order to comply (and, being open about things, were easier targets for anything short of perfection). The poor players mostly carried on as before, only now they had different paperwork to “fiddle” with.

If enforcement of good practice was easy, the new law wouldn’t be needed; if it wasn’t easy before, then it won’t be easy after, but it will be easier to prosecute clear breaches - which are almost always with those who are trying to comply.

I'm guessing that the reason the text of the law is so sloppily written is because the California legislators were more focused on the scramble to line their pockets with Microsoft bribes.

Instead of actually legislating consumer protections by protecting consumer privacy (e.g., by encouraging fully encrypted systems without backdoors), they do just the opposite, which usually leads to companies requiring photos of my children.

I wouldn't say this is the most shameless thing politicians have ever proposed, but it is certainly par for the course.