Comment by vineyardmike
1 day ago
While there are some enforcement questions here, especially around non commercial OSes, most of your reactions are clearly based on the headline alone.
It defines operating system in the law. This wouldn’t apply to embedded systems and WiFi routers and traffic lights and all those things. It applies to operating systems that work with associated app stores on general purpose computers or mobile phones or game consoles. That’s it.
Enforcement applies as civil fines per-child usage. So no suppression of speech by banning distribution.
(Also it’s not age verification really, it’s just a prompt that asks for your age to share as a system API for apps from above app store, no verification required)
> It defines operating system in the law.
No, it doesn't.
It defines the following terms: "account holder", "age bracket data", "application", "child", "covered application store", "developer", "operating system provider", "signal", and "user".
> This wouldn’t apply to embedded systems and WiFi routers and traffic lights and all those things. It applies to operating systems that work with associated app stores on general purpose computers or mobile phones or game consoles.
Presumably, this based on reading the language that in the definition of "operating system developer", and then for some reason adding in "game consoles" (the actual language in both of those includes "a computer, mobile device, or any other general purpose computing [device".
(I've also rarely seen such a poorly-crafted set of definitions; the definitions in the law are in several places logically inconsistent with the provisions in which they are applied, and in other places circular on their own or by way of mutual reference to other terms defined in the law, such that you cannot actually identify what the definitions include without first starting with knowledge of what they include.)
From the bill:
> "Covered application store” does not mean an online service or platform that distributes extensions, plug-ins, add-ons, or other software applications that run exclusively within a separate host application
There is a reasonable argument that a linux distribution is, itself, a host application. This is clearly an argument against their intention... but makes perfect sense to me. With this argument, the law does not apply to pretty much any environment where the applications are scheduled and run by a supervising process, at least by my reading.
No operating system (including windows, which uses a translation layer in userspace — “host application”?) provides a windows-compatible kernel API.
So I guess that excludes all windows apps and app stores.
In typical jury trials, the jury is instructed that any terms not defined in the relevant statutes are to have their common-sense, ordinary meanings as understood by the jury. The jury is usually also selected to be full of reasonable, moderate people, and folks who are overly pedantic usually get excused during voir dire.
Do you really think a pool of 12 people off the street is going to consider an embedded system, wi-fi router, or traffic light as an "operating system" under this law? Particularly since they don't even have accounts or users as a common-sense member of the public would understand them?
Not sure why you are appealing to the rule on terms that aren’t defined, since the actual question is whether or not thet consider the vendor of the software powering the device as an “operating system vendor” which is, in fact, defined in the law, and the answer there seems to be hinge on whether or not they think it is a general purpose compute device, which would seem almost certain to be no for a traffic light, and likely to be no (but more debatable and potentially variable from instance to instance) in the other cases you list.
> Particularly since they don't even have accounts or users as a common-sense member of the public would understand them?
Not sure what having accounts or users “as a common sense member if the public would understand them” is relevant to since, to the extent having a “user” is relevant in the law, it to is defined (albeit both counterintuitively and circularly) in the law, and having an “account” isn’t relevant to the law at all.
The jury is selected randomly. They try to weed out obvious kooks, but there is no attempt to make it either reasonable or moderate.
The hope is that twelve of your peers will at least avoid being able to persecute you for political goals. I hope neither of us ever has to find out.
4 replies →
MOST cases don't make it to jury. They're more likely to be resolved via motions and countermotions and the decisions of a jduge.
To dumb down "operating system" for normies, they're probably going to say something along the lines of "the software that makes your computer work.. like Windows." If it stays at that level, we'll have a specific, discrete definition in play.
A broader, equally correct definition could be "the software that makes technology work.. there's an operating system on your computer, your cell phone, your Alexa, and even your car." Then yes, some people will think of their Ring doorbell, the cash register at the coffee shop, and other embedded systems, even if they've never heard the word "embedded."
The definition that shows up will depend entirely on a) the context of the case and b) the savviness of the attorneys involved.
Not a bet I want to take.
2 replies →
You'll be arrested for some weird law that doesn't make sense, but it's ok because a pool of 12 people off the street won't consider whatever random thing you did a real crime!
" It applies to operating systems that work with associated app stores on general purpose computers or mobile phones or game consoles. That’s it"
Everything is a general purpose computer. Just look at how many things have been made to run doom. I haven't read the law specifically but if it actually does say this then that language is useless and means practically everything.
Wood is edible when processed correctly, but it's not legally considered "food" because there are a bunch of nontrivial steps to get it into that state. Likewise, any reasonable interpretation of "general purpose computer" in this context by a judge would not include your microwave oven just because someone with skill and finesse could transform it into a cursed Doom arcade machine.
Laws are interpreted by people trained to fill in the blanks[1] with a best guess of the legislative body's intent. And the intent here seems pretty clear: to regulate computing devices that let end users easily install software from a centralized catalog.
[1] which we all do subconsciously in day-to-day speech, because all language is ultimately subjective
They exempt applications that run inside another “host application” though, which is ~ everything in any modern app store.
I guess Linux native games on GoG might be covered. All windows and wsl programs run in userspace compat layers. iOS might be covered. Snap, probably not (containers), AppImage? Maybe?
Nix, and brew? Probably not.
vague laws are put in place so that they can be used selectively to punish particular victims while letting friends through the nets
All laws are vague and interpreted, and in common law (as in the UK and US) interpreted based on precedent rather than the specific text of the original law.
If people with power over you want to "selectively punish you" they don't need new laws.
And if you want perfectly proscriptive, defined laws in all situations with no "human interpretation" you're in the wrong universe, and may as well be shouting at clouds. The world, and especially human society and interactions, just doesn't follow strict definitions like that.
2 replies →
Vague laws are not required for selective enforcement. You can have strictly defined laws result in selective enforcement through law enforcement and prosecutorial discretion.
until you root out their friends and maliciously develop app stores for their products, then install them multiple billions of times on a docker and let them rack up charges ;) doom can run on -anything-
3 replies →
> (Also it’s not age verification really, it’s just a prompt that asks for your age to share as a system API for apps from above app store, no verification required)
It's not enough to adhere to the age signal:
> (3) (A) Except as provided in subparagraph (B), a developer shall treat a signal received pursuant to this title as the primary indicator of a user’s age range for purposes of determining the user’s age.
> (B) If a developer has internal clear and convincing information that a user’s age is different than the age indicated by a signal received pursuant to this title, the developer shall use that information as the primary indicator of the user’s age.
Developers are still burdened with additional liability if they have reason to believe users are underage, even if their age flag says otherwise.
The only way to mitigate this liability is to confirm your users are of age with facial and ID scans, that is why age verification systems are implemented that way: doing so minimizes liability for developers/providers and it's cheap.
> Developers are still burdened with additional liability if they have reason to believe users are underage, even if their age flag says otherwise.
This is true, but
> The only way to mitigate this liability is to confirm your users are of age with facial and ID scans,
This doesn’t follow. It says “if” the developer has clear reason, it doesn’t obligate the developer to collect additional information or build a profile.
I read this as - if you in the course of business come across evidence a user is under age, you can’t ignore it. For example - “you have to ban a user if they post comments saying they are actually underage”
That would have to be litigated in court, and the easiest and cheapest way to avoid litigation is to do what all platforms currently do: make sure the person using their system is who they say they are via face scans and ID checks.
As a developer, that is not the kind of liability I want to take on when I can just plug ID.me, or whatever, into my app and not worry if someone writes "im 12 lol" in a comment on my platform.
Is a repository on a linux machine an app store? Are custom repositories app stores? Does this mean that now most automated deployments are now not automated? If they can be automated, does that mean that having the automation by default makes sense?
The law defines a user as a child running software on a general purpose computer.
> “User” means a child that is the primary user of the device.
It’s definitely more vague that necessary, but I’d imagine courts would readily find automated software deployment by an adult or corporation does not constitute a child using the device. Especially if done for servers or a fleet. Because then it’s pretty obvious that a child is not the primary user of the computer nor the software. Even if that software is a server that involves childish activities (eg game servers).
But I’d imagine that Linux package managers associated with a desktop operating system provider would fall under this law. And that raises questions about the software distributed by said package managers.
Flat packs are fucked…
What’s going to happen when there’s no UI, just a shell, and they pacman -S <mything>? This law is unconstitutional based on criteria of vagueness. If they want it to stick, they need to call out the commercial app stores of Microsoft, Apple, Google, etc where a credit card is attached. Otherwise it’s too vague a term unless they define “store”.
1 reply →
Android systems use Linux as their operating system, and the law applies to operating systems.
Android has associated app stores, therefore Linux must follow this at account setup ..
(I'm mostly hoping I'm just jesting here, that they'd surely not enforce it in this way, plus, who "provides" my Linux OS?)
In any event, it does seem like a very silly overreaching law, that should be highlighted, pointed out, and laughed at.
PS I have not read the law in question. I have read a PC Gamer article though, which is surely much the same.
Linux isn’t really an operating system but more the kernel of the OS. In this case, Android would be the OS.
Do you remember this copypasta?
https://www.reddit.com/r/copypasta/s/3nonwfDeyX
1 reply →
Are you jesting? Honestly it could be. It's impossible to tell.
The language in the bill says operating system “or” application store. Isn't that then implying any operating system that would download applications, even if it doesn’t come from a store. But IANAL.
Seems to me this would include TVs, cars, smart devices, etc. The Colorado version of this bill excludes devices used for physical purchase, so your gas pumps and POS systems would be excluded in CO. But I didn’t see that in the CA bill.
They’re both overly broad, ill-considered, frankly terrible bills that make as much sense as putting your birthday into a brewery site or Steam. Enter your birthday and we trust you. Now do that for every single one of those 100 VMs you just deployed…
Just the idea of requiring age verification to admin each VM in a fleet of VMs makes me chuckle.
> per-child usage
If the First Amendement is to prevent a government from letting you speak, shouldn’t that also concert a government from letting you hear that speech?
If so, then this seems to go against the Forst Amendment.
Sorry, Australian here so just speculating
By that logic, my NAS (TOS6) falls under that category.
Servers still kinda fit.
So, all of us-west-1?
> Also it’s not age verification really
Not yet, but it will be one day if it passes