California Moves To Exempt Linux From Upcoming Age-Verification Law (tomshardware.com)
- Reference: 0183396856
- News link: https://linux.slashdot.org/story/26/05/26/0450245/california-moves-to-exempt-linux-from-upcoming-age-verification-law
- Source link: https://www.tomshardware.com/software/linux/california-moves-to-exempt-linux-from-its-upcoming-age-verification-law-after-backlash-over-forcing-operating-systems-to-collect-users-ages-amendment-proposed-by-the-same-lawmaker-who-wrote-the-original-law
> Assembly Bill 1856 (AB 1856), currently moving through California's legislature ahead of committee reviews in June, would amend the state's earlier age-assurance law by excluding software distributed under licenses that allow users to "copy, redistribute, and modify the software." The proposed amendment specifically states: "Operating system provider" does not mean a person or entity that distributes an operating system or application under license terms that permit a recipient to copy, redistribute, and modify the software.
>
> The amendment follows months of backlash after California passed the original Assembly Bill 1043 (AB 1043), formally known as the Digital Age Assurance Act, in late 2025. The law sought to shift online age verification away from individual websites and apps and down to the operating-system level instead. Under the original law, operating systems would be required to request a user's age or birth date during device setup, then expose an "age bracket signal" to apps and app stores. The law, which defined brackets such as "under 13," "13-15," "16-17," and "18+," immediately raised questions about how such requirements would apply to decentralized, open-source software ecosystems. [...]
>
> AB 1856 does not repeal the original Digital Age Assurance Act. Instead, it narrows the definition of who qualifies as an "operating system provider" under the law. Commercial platforms with proprietary app ecosystems could remain subject to California's age-assurance requirements even if most open-source Linux distributions are ultimately exempted. California Assembly Member Buffy Wicks introduced the amendment on February 11, 2026. However, the open-source exemption language appeared in later revisions that began drawing attention across Linux and privacy communities. The latest version is dated May 18, 2026, and as of May 19, 2026, the bill was read a second time and ordered to third reading.
[1] https://www.tomshardware.com/software/linux/california-moves-to-exempt-linux-from-its-upcoming-age-verification-law-after-backlash-over-forcing-operating-systems-to-collect-users-ages-amendment-proposed-by-the-same-lawmaker-who-wrote-the-original-law
[2] https://tech.slashdot.org/story/26/03/04/197220/computer-scientists-caution-against-internet-age-verification-mandates
[3] https://tech.slashdot.org/story/26/02/26/233213/colorado-lawmakers-push-for-age-verification-at-the-operating-system-level
This should not be acceptble... (Score:4, Insightful)
This should not be acceptable. Carve-outs are always temporary. Always. Do not give them an inch. This is just large media companies like Meta, Tiktok, and Youtube pushing responsibility for verifying their users are old enough onto someone else to dodge liability for the addictive garbage they produce.
Re: (Score:2)
how can that be, do parents let kids setup their devices?
Re: (Score:3)
No responsible parent would do such a thing. And any reasonably intelligent kid will get around whatever the parents did, or the kid will ask a reasonably intelligent friend to do it for them.
Re: This should not be acceptble... (Score:3)
Good thing all parents are responsible and tech savvy
Re: (Score:2)
well i am just trying to understand how psychopathic media can offload responsibility based on this.
Re: (Score:2)
Even if the parent's set-up the phone with all the parental controls, if they can send a text to a friend, the friend can walk the kid through how to bypass the parental controls.
If it's up to the OS, that only works if it's an app... otherwise the OS is going to have to hook into Chrome or Edge and monitor every single web request.
Re: (Score:2)
Probably. In the 90s as a teen I built my own computer and installed and configured the OS and software on it. My parents had no clue how to do that shit.
Re: This should not be acceptble... (Score:4)
Most, but not all, kids of the current generation are neither knowledgeable in computers or interested in learning. People just want to connect with friends on their phone and play games.
Re: (Score:3)
Is that a serious question? Even in the late '70s when dinosaurs roamed the earth, the kids were dealing with the technology the parents didn't understand. While that is starting to be inverted (GenX and Millennials seemed to be peak tech-able), many parents still rely on the kids for that sort of thing.
Re: (Score:2)
Re: (Score:2)
> This is just large media companies like Meta, Tiktok, and Youtube pushing responsibility for verifying their users are old enough onto someone else to dodge liability for the addictive garbage they produce.
Because having to verify your age with multiple different companies is clearly superior to just doing it once and being done with it?
Look, I get it when some people say they don't want any age checks. That's how the internet used to work, and it's not entirely unreasonable to place the burden of parenting (ie keeping kids away from age inappropriate content by enabling the appropriate parental controls) on parents. But a few states already have age gate laws that work the way you're describing (at the sit
Re: This should not be acceptble... (Score:4, Insightful)
Either the age check is very weak, or you have to provide your identity to the OS in a way that's verifiable by somebody other than you, and completely disregards privacy. This is truly the dichotomy you're dealing with here -- pick one or the other. If it's the former, then what's the point of all of this?
I don't see any way at all that this is workable. And assuming this happens anyways, does this mean your browser going to tell every website you visit what your age is upon request?
Re: (Score:3)
>> This is just large media companies like Meta, Tiktok, and Youtube pushing responsibility for verifying their users are old enough onto someone else to dodge liability for the addictive garbage they produce.
> Because having to verify your age with multiple different companies is clearly superior to just doing it once and being done with it?
> Look, I get it when some people say they don't want any age checks. That's how the internet used to work, ...
For me, it's the "requirement" to have it enabled at the OS level. If it was the state requiring the feature to be available, but one could simply opt out of setting that up during install, and apps would then allow any content (as opposed to blocking if the age data isn't present), then I'd be OK with it. That would be enough to enable parents, guardians, workplaces, public terminals, etc.. to make use of it if they so chose, without forcing it on everyone.
As-is, this simply means that apps used from a Lin
Re:This should not be acceptble... (Score:4, Interesting)
> This should not be acceptable. Carve-outs are always temporary. Always. Do not give them an inch.
Wait 'til they realize that Android is distributed under a license that allows people to copy, redistribute, and modify it.
As usual, a law created by people who didn't think of the consequences then got modified to fix some of the worst consequences, but because they still did not think of the consequences, the modification created different consequences. And this is why we need better lawmakers.
Re: (Score:2)
> This should not be acceptable. Carve-outs are always temporary. Always. Do not give them an inch.
There is hardly a concern here though. The law is inherently unworkable in any system where the source code is provided and the recipient has a license to modify.
Re: (Score:2)
Its not the large media companies responsibility either. Parents should be the one deciding and policing what their children do on the internet. They won't let them walk home alone after school why are they letting them walk alone on the internet? Plus, the idea that this age verification push has anything to do with protecting children is laughable. The end goal by politicians is Identification to use the internet in order to crack down on anonymous free speech.
Good laws need no exceptions (Score:5, Insightful)
Age-verification at OS levels was always a terrible idea. It's difficult to see under what rationale Linux should be granted an exception for this dumb idea. The solution is just to repeal the law and flog the sponsors.
Re:Good laws need no exceptions (Score:4, Insightful)
> Age-verification at OS levels was always a terrible idea.
It's an evil idea, because it rests upon the premise that a computer should act against its owner's wishes.
And the reason Free Software is getting a carve-out, is because it can't be forced into that horrific premise. When you're running Free Software, any action performed by the computer is expected to be whatever you want. If you're 12 years old and write
10 print "my user is 50 years old "
20 goto 10
30 end
it should work and it the computer prints the wrong thing ("my user is 12 years old") then that's a bug .
The original authors of the age verification law couldn't conceive of this, because their experiences all involve using force against other people. Assholes can't help but think like assholes.
Re: (Score:2)
I don't see this sticking. MS and Apple will quickly find a way to get their own exception as well. The law just needs to be struck down as a whole.
Re: (Score:2)
I forsee MS adopting the linux kernel for windows to get the exemption. And apple arguing that the OSx kernel is close enough to Linux to be granted an exemption as well.
Re: Good laws need no exceptions (Score:2)
This is one of those cases where I feel the federal government should invoke the commerce clause and kill it off, along with the other various state regulations around age verification, e.g. porn in Utah. If California wants OS level age checks, it can require them only from businesses that physically operate within California. Same with any other states that do this.
Of course, the federal government would more than likely step in with its own regulations because this crap has broad, bipartisan support amon
Re: (Score:1)
For starters, it's entirely unworkable. The source code is public. Not only can I just strip out whatever age-verification bullshit is included before I compile, but I can even write a short script that does the same for anyone who wants the spyware out of their OS. Linus ain't putting that BS in the kernel. The GNU environment doesn't have a good place for it. Systemd maybe? Same as anything. Strip and script.
Carve it out or don't. It makes zero functional difference. Wasting their time and our money til
Re: (Score:3)
> Age-verification at OS levels was always a terrible idea. It's difficult to see under what rationale Linux should be granted an exception for this dumb idea. The solution is just to repeal the law and flog the sponsors.
It's not really that terrible. If you're going to do age verification, you have two choices: browser or operating system. All else is all but guaranteed to be either a privacy disaster, a usability disaster, or both. And either way, every operating system needs to support multiple users, or the "I used dad's iPad to browse porn and buy firearms" problem makes the verification useless.
And major operating system or browser vendors that cater to the general public should make it available by default, because
Re: (Score:3)
> Age-verification at OS levels was always a terrible idea. It's difficult to see under what rationale Linux should be granted an exception for this dumb idea. The solution is just to repeal the law and flog the sponsors.
Well, the problem is age verification to begin with. But since we have some states wanting age verification, it's a privacy nightmare. OS based age verification seems to solve the largest problem of all - needing to submit to a third party your ID information to confirm your age. Because they
Re: (Score:2, Insightful)
Because, it's California, and the Governor and mayors can't put the responsibility for actually taking care of their kids and making sure they aren't on a website "that could be dangerous".
Remember, everything in Cali might give you cancer!
Re: (Score:3)
> Because, it's California, and the Governor and mayors can't put the responsibility for actually taking care of their kids and making sure they aren't on a website "that could be dangerous".
> Remember, everything in Cali might give you cancer!
Meanwhile, the list of states that currently have age verification laws for adult content (NOTE: California isn't on this list):
Alabama
Arizona
Arkansas
Florida
Georgia
Idaho
Indiana
Kansas
Kentucky
Mississippi
Missouri
Montana
Nebraska
North Carolina
North Dakota
Ohio ** the only one Pornhub isn't blocking due to an exception in the laws language
Oklahoma
South Carolina
South Dakota
Tennessee
Texas
Utah
Virginia
Wyoming
Source: [1]https://mashable.com/article/p... [mashable.com]
[1] https://mashable.com/article/pornhub-blocked-states-2025
Re: (Score:2)
What is defined as "adult content"? Something like what you see on House M.D or CSI: Miami? How about The Shield? Of course, porn sites.
Does the age verification system fail if the kid got a plastic mustache and had the mop head on their head?
I still lean toward the parental units should be keeping an eye on what the kids are doing online... after all, they are the parents, so they should maybe do some parenting.
Re: California (Score:2)
Most parents are crap at parenting so being a parent doesn't show that a person has anytime useful to say about the subject
Re: (Score:2)
43/m, no kids (it seems that requires a second party)
A parent today: give 8YO Alice a tablet, and let the tablet handle the parenting stuff. Alice finds TikTok and learns how to pole-dance and sucker guys into giving her money from the videos on there.
Go ahead and call me "disgusting" or whatever because I would ever think of this... go ahead and take a look at what's posted on there constantly... is that what you want your kid watching? How about YouTube? "A Is For Adley" is great for teaching kids that
Re: (Score:2)
> Because, it's California, and the Governor and mayors can't put the responsibility for actually taking care of their kids and making sure they aren't on a website "that could be dangerous".
There's no safe way to prove your age to a website. Any scheme requires trusting some arbitrary third party that could secretly be the government doing timing comparisons between the verification and DNS queries and stuff to unmask anonymous users. At least with operating system or browser vendors, they presumably have a strong commitment to minimizing the risk of someone publicly posting "John Doe just visited sexwithseaturtles.com" or whatever.
Re: (Score:2)
Exactly... but, if it's the OS (need a pic of your ID, a face panning picture, SSN), I would assume that's stored for that user profile... which means if an adult sits down wanting to check The Book Of Face, they're limited to what the kid's computer says is "OK".
Not to mention, where does that data go? If it's stored internal to the computer or _only_ sent to MS for the verification step, that might be okay.
Of course, you also have to wonder about the computer sending that "age verification" data to whate
Re: California (Score:2)
Because solving housing, water, land use, power, and jobs are problems beyond what most of the scum in Sacremento can solve. So they find all these little pet projects because they have a lot of free time on their hands. A true Idiocracy, being ruled by the most incompetent.
Re: (Score:2)
> Doesn't matter what happens - if pornhub requires full identity+device attestation, CA's silly law to subject Linux to boot the OS really doesn't matter.
Maybe you're unaware, but Pornhub has chosen to restrict access rather than comply with age verification laws. There already 23 states where they have done this (see my post above for the list). I doubt they'll cave to this even-more-draconian law. ... or maybe you're using "pornhub" like "kleenex"?
Age Verification for any OS is insane (Score:5, Insightful)
This would be like requiring every single restaurant and fast food place to check photo ID because somewhere in the entire state a bar exists where you have to be 21.
Re:Age Verification for any OS is insane (Score:4, Interesting)
> Blue state BS
[1]Texas [reddit.com] and [2]Florida [x.com] aren't blue states.
[1] https://www.reddit.com/r/texas/comments/1bzyf70/message_i_get_when_logging_on_to_redgifs_now/
[2] https://x.com/goencommando999/status/1894940052314034645
Re: (Score:1)
> Texas and Florida aren't blue states.
Texas would be, if not for gerrymandering. Florida would still be red, though, due to it being a retirement swamp.
Re: Age Verification for any OS is insane (Score:2)
Number of laws are similar between Red and Blue states. Don't buy into propaganda designed to force you to pick a team instead of thinking (and voting) for yourself.
The Democratic machine in California is corrupt and lives off big donor money from major industry. Similar story for the GOP in the states where they hold a significant majority.
Re: (Score:2)
> Blue state BS
Are you colorblind? How many of the 24 states that already have age verification laws, and are already blocked by Pornhub, are blue states?
State list: [1]https://linux.slashdot.org/com... [slashdot.org]
[1] https://linux.slashdot.org/comments.pl?sid=24001654&cid=66161104
Re: (Score:2)
> This would be like requiring every single restaurant and fast food place to check photo ID because somewhere in the entire state a bar exists where you have to be 21.
Not really. It's more like requiring all vendors who sell cash registers used in restaurants to support checking photo IDs because some restaurants also serve alcohol.
If they have written this badly enough... (Score:3)
If they have written this badly enough, then no device running a Linux kernel will have to support this. This includes phones, tvs, and tablets, which is probably 99% of streaming video use.
Re: (Score:2)
Firstly this only covers general purpose computing, so TVs are excluded, but it does apply to mobiles and tablets. Secondly this only permits the elimination of an OS level API check. It does nothing for any device that needs an active account to operate (everything except a Mac these days) as the existing law already requires service providers to perform age verification. So yay, your OS providers Samsung will sell you an Android phone without an OS level API, but unfortunately your device may still be res
It's a trap law (Score:2, Flamebait)
It was meant to make Gavin newsom look bad. If he signed it he pissed off the entire tech sector, of he didn't he gets hammered by think of the children attack adds. As an added bonus Facebook, Twitter and Planitir want this.
I'm not surprised their quietly gutting the law. It's what I predicted.
Re: It's a trap law (Score:2)
Newsome doesn't care all that much. Because he can't run a third term for governor. And the kind of political friends that lead to power in California are subtly different from the kind that are necessary to win in a Presidential primary. He is playing a very different game, and frankly does not need to make nice with tech industry to do it. Those buffoons will donate to both parties anyways.
It's not Age Verification (Score:2)
AB-1856 (https://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=202520260AB1856) is titled "Age verification signals: software applications and online services", but that's primarily for show. The key part of the proposed law says:
There is no verification of age. It's self-report of age at OS setup. There is no verification required by this code. The OS then provides age bracket range upon request.
Re: (Score:2)
It's not age verification yet . The obvious next step is to institute verification because people lie. But first they will spend a bunch of our money proving that people lie, because nothing says representative government like handouts to contractors.
Re: (Score:2)
I mean, really, we should all be calling this what it is: The initial steps to forcing your OS to dox you. The "dox-yourself" laws. Internet ID. Anyone that ever pretended any of these laws were ever intended to to anything to "protect children" is selling you and obvious lie or has fallen for an obvious lie.
Kids will now become Linux savvy. (Score:3)
Windows 11 is already getting plenty of bad vibes. Now add the "age check" defect and there will be widespread moving over to Linux. Also, this will encourage SteamOS to support more than their own store to get around this.
"What's a computer?" (Score:2)
Most of the devices kids use these days have locked bootloaders. You're not installing Linux on a current gen iPhone or iPad, and Samsung locks their stuff down too.
If some kid really wants to fap to porn on his desktop rig that he installed Linux on, that's something only the clutchiest of pearl clutchers is worrying about.
Re: (Score:2)
Finally the year of the linux desktop. But seriously stupid to do the age check. Last I checked my car doesn't ask my age. An officer might, but not the car . Or liquor bottles don't have a thumbprint reader and cell connection that I have to get authenticated before I can open the bottle/can. Cigs same thing, ... I suppose we could put an age verification on the sale of the computer, phone, etc like we do with cars, booze and cigs. But the backlash from that would be revolution level.
I was wondering how FreeDOS would handle this (Score:2)
Guess that's not a problem now.
Re: I was wondering how FreeDOS would handle this (Score:2)
I can write a TSR for it in about an hour.
Re: (Score:2)
F8, bitch!
linux (Score:3)
So now everything moves to linux to skip this stupid law.
So ... systemd? (Score:2)
Redhat and Systemd already implemented it in proactive compliance. Will they remove their age verification integration now?
Re: (Score:3)
They didn't implement age verification. They just added a place to put the date in systemd. If nothing enters or reads the date, it doesn't do anything.
Solution then ? (Score:2)
Someone come up with a solution then.
what we have is not working and everyone is avoiding responsibility
Would you feel the same if it was your daughter who go nudified by kids at school ?
You saying "Parental responsibility" protected you daughter exactly how ?
Its anonymous, so who are you going to sue
"Parental responsibility" is no better than :"houghts and prayers" after every school shooting, 100% worthless and is used instead of finding an actual solution.
That information wants to be free...
Re: (Score:2)
Uhh... Richard M. Stallman Political Action Committee?