Comment by andix
14 hours ago
I don't think age restriction will impact FOSS in the long term. If there are some regulations that threaten FOSS now, they are going to be adopted in the long term.
Regulations for age restriction are understandable. A lot of modern technology is harming kids (and I don't mean dirty videos, social media seems to be much more harmful).
A sensible regulator would leave some responsibility to the parents, but require restrictions for consumer devices (smartphones, laptops). Maybe even enable age restrictions by default, block replacing the OS or the firmware, and only allow it once the age was confirmed.
I don't see a point of including all kind of OS or software into this regulation. Just the ones that are preinstalled on consumer devices, and commercially distributed to consumers. Once the age of the user was confirmed, the devices should be able to become as open as we know them now.
I strongly disagree. There are no kids in my household, and no one else ever uses my devices, so the idea that I need to prove that I'm not a kid for me to be able to pay bills or file taxes on a stock device is ridiculous.
"Age restriction" can be implemented where stock devices are completely unrestricted. For example, just with better parental controls and education: children don't have access to property, so the parent takes their device and enables the parental controls, but you own your device so leave them disabled.
And this wouldn't affect Linux or FOSS: on a child's device their parent installs either a proprietary OS or a FOSS with parental controls, but again, on your device you install whatever you want.
That's not what the comment I responded to was proposing:
> Maybe even enable age restrictions by default, block replacing the OS or the firmware, and only allow it once the age was confirmed.
Having an extra hurdle before installing Linux would be an awful secondary effect for this type of regulation independent of whether the check itself is already objectionable (which I always obviously think it is, although obviously plenty of people also don't)
Is anyone proposing age verification to file taxes? I'd hope you already have to provide some sort of stronger proof of identity to file a tax return anyway.
That's exactly my point; websites that already have absolutely no threat from having kids access them are literally unavailable due to the operating system put up a block that isn't necessary due to a hypothetical kid using the device to access an entirely different hypothetical website. The regulation is absurdly overbroad for what it's trying to actual protect against.
2 replies →
I don't understand the force of that argument. Where is the "so" coming from?
I don't understand what's hard to understand. Regulation that affects people and devices that have no risk of being used for the purported thing that's supposed to be protected against is not well-scoped.
4 replies →
> A sensible regulator would leave some responsibility to the parents
(Speaking as a parent of three) why can't we just leave all responsibility to the parents? In our experience in the offline world it seems this applies!
I speak as someone who's taken each of my three children - for two of them, multiple times - to the emergency room to be treated for broken bones incurred in the course of Real Life[tm].
Yes, they play contact sports.
Yes, we use Family Link with pretty restrictive settings.
Despite the series of broken bones, I'm still in favour of kids playing sports and still dubious about the effect of screen time on young minds...
> (Speaking as a parent of three) why can't we just leave all responsibility to the parents?
Then I'm sure that you appreciate that there are both legal and informal checks in place ensuring that you can take responsibility for your children in the offline world. For example: I would be surprised if your children were able to play organized sports without your permission. Failing to ask for permission would deny you the responsibility of protecting your child as you see fit.
Uhm, I am pretty sure kids do not require signed permission to go on a field with their friends and play basketball or football (either the European or American... or Australian one :). And you are likely to not even find out about it unless someone has broken something.
Signed permissions are needed for "organized sport", where there are other adults or companies that can be held liable in case something relatively usual happens (like broken bones in contact sports, but also pulled or ruptured tendons/muscles in non-contact sports...).
So the challenge is: how do we ensure kids enough freedom to do the things which they need to explore themselves, while ensuring no life altering harm of high chance (death/disability/going to jail...) comes to them or they instill on others — and do not have to have them tracked completely throughout their lives.
Even in the offline world that is not the case. Ex. Alkohol sales
You don't need to show your ID to go into the store and buy something else though, so why would this provide any sort of precedent for "you can't use the internet for literally anything on this device without proving your age"?
1 reply →
In many areas, this is left up to the parents - minors can't buy alcohol at stores, but parents are legally allowed to give alcohol to their children to drink.
3 replies →
An analogous good implementation of age restriction is that one must show their ID to buy an unrestricted device if they look too young.
They can't be tracked, as long as the devices are in randomly sorted identical boxes. Of course someone can buy a device and give it to a kid, but that's already possible with alcohol (and legal if it's their kid).
1 reply →
> Even in the offline world that is not the case. Ex. Alkohol sales
I bought a beer yesterday and shared it with our 16 year-old, and I shared some wine with him this evening.
How does that not come under "parental responsibility"?
>why can't we just leave all responsibility to the parents?
because we don't live in a 15th century peasant village. The average adult reads at a 7th grade level, 20% of adults are considered functionally illiterate, most adults can't navigate digital spaces, privacy and social media themselves or take on trillion dollar companies.
This also hasn't applied in the offline world since idk, Kant and Hegel, every modern state recognizes that children are persons and citizens in development, not private possessions. If your children have broken bones you can't explain or your parenting is considered to threaten the welfare of your child you can be pretty sure you'll have the authorities at your door quickly, and countries like France have given children the right to sue their parents in case they breach their digital privacy. So called 'sharenting' laws exist because it's not guaranteed that parents are even respecting the privacy of their own children.
> If your children have broken bones you can't explain [..]
I don't mean to be combative about this but
1) do you have children and 2) if yes, how many times have you taken your child to hospital with a broken bone
I have (unfortunately) got a certain amount of experience with this, and I'm not sure it works the way the uninitiated may think it does.
1 reply →
Your sharents don't love you like your parents do.
Why do you use yourself as an example of parenting?
The issue isn’t the parents who can’t imagine bad parenting.
> A lot of modern technology is harming kids (and I don't mean dirty videos, social media seems to be much more harmful).
If that's all we want then that's trivial -- just make certain phones that don't have access to social media, or have whatever limitations enforced. And kids only get those phones. I don't think anybody's addicted to desktop social media.
This gets us the privacy and the protection at once.
That's how the California act works, but we lumped it under "age verification" anyway. If you have to select whether the device is for someone over or under 18 in a drop-down menu, apparently that's "age verification"
It likely would! It is also probably the better solution all in all.
However society doesn’t have the stomach for that (yet).
Also, as the article correctly identified, society is gearing up to deal with other types of crime online.
I think legislation could quite sensibly require OSes and browsers to have easy to enable well-integrated parental controls (which mostly already exists). Browsers could voluntarily send "I'm a child" flag, if you want to make it every website's problem.
But the current legislation is stupid. Treating toddlers like hackers, and forcing every website to deanonymize users. It is so backwards, that it's hard to believe it's not done on purpose as the first step to ban anonymity and strictly control all online access. In the UK of course they're already talking about having a VPN ban, because the hacker toddlers are learning how to mask their IP addresses.
The sensible regulation would be aiming at socially harmful features of tech, not forcing people to provide proof of identity to a third party in order to continue harming themselves with the same exact features.
Imagine if such an approach was taken to, for example, food safety? Instead of closing down a restaurant that has poor hygiene, you'd be instead horce the restaurant to hire a private security contractor to check people's IDs to verify that they are old enough to consent to getting a foodborne illness. That's an absurd approach.
Sadly a lot of tech is potentially harmful for kids. And also adults, but they should be able to handle it better.
But it extends to many other common items. Kitchen knifes, cars, lawn mowers, ...
Except we do that for venue that serve poison aka bars, so if you put it that way, it doesn't seem totally absurd.
And gambling! A poison of the mind, if you will.
I think a reasonable way to divide up responsibilities would be identify child-locked devices, not people. It should be trivial for a website to identify a device with a child lock turned on. Then it's up to parents to make sure their kids get a child-locked device. Manufacturers can make it easy to turn on, and society can help by not selling devices to kids without a child lock turned on.
It won't work against a determined teen (too many unlocked devices out there), but it doesn't have to work perfectly to change the culture that most kids have to deal with.
This is part of the very sensible Digital Age Assurance Act that is currently the law in California. It prohibits facial recognition, but requires each device to have a child lock. FOSS can implement this no problem.
What disconnects this discussion from reality, and maybe causes questions like “why don’t they just do it this way”, is the assumption that this is really only or even mainly about age verification and “protecting the children”.
The reason it’s not done “this way” or “that way” even when those are objectively better ways to achieve the stated goal, but rather in an unexplainable way broader way is because the goal is broader that that and age verification is just the tip of the spear. The rest of it is laying the groundwork for a framework to control the freedom on the internet by linking identity to speech and action.
Look at what solution is implemented to decide what problem is it supposed to fix, otherwise you’re just looking at the smoke and mirrors.
Not that every state and country is on board with this, but it’s getting a lot harder to maintain the pressure to keep these initiatives down. Every time they get pushed one step forward it’s that much harder to regain that ground.
How do you know that's the ulterior motive? Anything more than vibes?
There are a lot of different people in different countries pushing for age verification and I imagine they wouldn't all have the same motives.
> social media seems to be much more harmful
The stuff I've seen on this doesn't look terribly convincing. It seems to mostly be along the same lines as saying that since some people get bullied or hang out with a bad crowd, socializing in general is harmful.
It is already happening. E.g. soon F-Droid and any unattested open source Android app distribution will be gone, due in Sep 2026.
Same with GitHub and similar, we have CLAs for a while now for licensing. But I see project maintainers are frustrated with AI generated slop PRs and bad actor contributions. The ecosystem will be closing. You will be able to read code, but forget creating PR without some ID verification (because this is for kids or against terrorism).
> soon F-Droid and any unattested open source Android app distribution will be gone
This is not connected to age restrictions. It might've been used as an excuse.