Forgot your password?
Close
typodupeerror
Government Open Source Software The Internet Linux

California Moves To Exempt Linux From Upcoming Age-Verification Law (tomshardware.com) 93

Posted by BeauHD from the latest-developments dept.
California lawmakers are moving to exempt most open-source operating systems from the state's upcoming age-verification law after backlash from Linux and privacy advocates who warned that the original rules could force decentralized projects to collect users' ages. The amendment would likely shield major Linux distributions, though SteamOS and other Linux-based platforms tied to proprietary app stores may still face compliance questions. Tom's Hardware reports: Assembly Bill 1856 (AB 1856), currently moving through California's legislature ahead of committee reviews in June, would amend the state's earlier age-assurance law by excluding software distributed under licenses that allow users to "copy, redistribute, and modify the software." The proposed amendment specifically states: "Operating system provider" does not mean a person or entity that distributes an operating system or application under license terms that permit a recipient to copy, redistribute, and modify the software.

The amendment follows months of backlash after California passed the original Assembly Bill 1043 (AB 1043), formally known as the Digital Age Assurance Act, in late 2025. The law sought to shift online age verification away from individual websites and apps and down to the operating-system level instead. Under the original law, operating systems would be required to request a user's age or birth date during device setup, then expose an "age bracket signal" to apps and app stores. The law, which defined brackets such as "under 13," "13-15," "16-17," and "18+," immediately raised questions about how such requirements would apply to decentralized, open-source software ecosystems. [...]

AB 1856 does not repeal the original Digital Age Assurance Act. Instead, it narrows the definition of who qualifies as an "operating system provider" under the law. Commercial platforms with proprietary app ecosystems could remain subject to California's age-assurance requirements even if most open-source Linux distributions are ultimately exempted. California Assembly Member Buffy Wicks introduced the amendment on February 11, 2026. However, the open-source exemption language appeared in later revisions that began drawing attention across Linux and privacy communities. The latest version is dated May 18, 2026, and as of May 19, 2026, the bill was read a second time and ordered to third reading.

California Moves To Exempt Linux From Upcoming Age-Verification Law More | Reply

California Moves To Exempt Linux From Upcoming Age-Verification Law

Comments Filter:

  • This should not be acceptble... (Score:4, Insightful)

    by Kili ( 265889 ) on Tuesday May 26, 2026 @12:11PM (#66160912)

    This should not be acceptable. Carve-outs are always temporary. Always. Do not give them an inch. This is just large media companies like Meta, Tiktok, and Youtube pushing responsibility for verifying their users are old enough onto someone else to dodge liability for the addictive garbage they produce.

    • Re: (Score:2)

      by zlives ( 2009072 )

      how can that be, do parents let kids setup their devices?

      • Re:This should not be acceptble... (Score:4, Insightful)

        by gtall ( 79522 ) on Tuesday May 26, 2026 @01:03PM (#66160988)

        No responsible parent would do such a thing. And any reasonably intelligent kid will get around whatever the parents did, or the kid will ask a reasonably intelligent friend to do it for them.

        • Good thing all parents are responsible and tech savvy

          • Re: (Score:2)

            by zlives ( 2009072 )

            well i am just trying to understand how psychopathic media can offload responsibility based on this.

        • Honestly, its almost a good thing.

          A friend recently asked me to look into their kids laptop who had gotten around some age restriction stuff, and I was mystified. I asked the kid how they did it, and they laid out all the registry keys and the line of reasoning they followed to find them, and all I could think was this 10yo kid was as good a security professional as I am (he's not, but well, it was absolutely impressive work. ). I see this as a positive. The world of computers I grew in involved 10yos teach

      • Even if the parent's set-up the phone with all the parental controls, if they can send a text to a friend, the friend can walk the kid through how to bypass the parental controls.

        If it's up to the OS, that only works if it's an app... otherwise the OS is going to have to hook into Chrome or Edge and monitor every single web request.

      • Probably. In the 90s as a teen I built my own computer and installed and configured the OS and software on it. My parents had no clue how to do that shit.

        • Most, but not all, kids of the current generation are neither knowledgeable in computers or interested in learning. People just want to connect with friends on their phone and play games.

          • Re: (Score:2)

            by Sloppy ( 14984 )

            That was equally true for previous generations, and all those generations had exceptions -- kids that were excited about it, despite the other kids not being interested. (I figure the majority of Slashdot may have been such exceptions.)

            Do we have reason to suspect the current generation is a unique special case, the one generation where somehow all of them make an effort to never learn about computers?

            I bet some of them are like some of us, a 2026 minority that we would have recognized 40 years ago.

          • And the children that are installing Linux sure as hell won't be restricted by any such law they could ever hope to conceive.

      • Re: (Score:3)

        by sjames ( 1099 )

        Is that a serious question? Even in the late '70s when dinosaurs roamed the earth, the kids were dealing with the technology the parents didn't understand. While that is starting to be inverted (GenX and Millennials seemed to be peak tech-able), many parents still rely on the kids for that sort of thing.

    • This is just large media companies like Meta, Tiktok, and Youtube pushing responsibility for verifying their users are old enough onto someone else to dodge liability for the addictive garbage they produce.

      Because having to verify your age with multiple different companies is clearly superior to just doing it once and being done with it?

      Look, I get it when some people say they don't want any age checks. That's how the internet used to work, and it's not entirely unreasonable to place the burden of parenting (ie keeping kids away from age inappropriate content by enabling the appropriate parental controls) on parents. But a few states already have age gate laws that work the way you're describing (at the sit

      • Re: This should not be acceptble... (Score:4, Insightful)

        by ArmoredDragon ( 3450605 ) on Tuesday May 26, 2026 @01:47PM (#66161086)

        Either the age check is very weak, or you have to provide your identity to the OS in a way that's verifiable by somebody other than you, and completely disregards privacy. This is truly the dichotomy you're dealing with here -- pick one or the other. If it's the former, then what's the point of all of this?

        I don't see any way at all that this is workable. And assuming this happens anyways, does this mean your browser going to tell every website you visit what your age is upon request?

        • Re: (Score:2)

          by taustin ( 171655 )

          Since when does the real world ability to enforce something matter in California law? It's virtue signaling, and nothing more.

      • Re: (Score:3)

        by unrtst ( 777550 )

        This is just large media companies like Meta, Tiktok, and Youtube pushing responsibility for verifying their users are old enough onto someone else to dodge liability for the addictive garbage they produce.

        Because having to verify your age with multiple different companies is clearly superior to just doing it once and being done with it?

        Look, I get it when some people say they don't want any age checks. That's how the internet used to work, ...

        For me, it's the "requirement" to have it enabled at the OS level. If it was the state requiring the feature to be available, but one could simply opt out of setting that up during install, and apps would then allow any content (as opposed to blocking if the age data isn't present), then I'd be OK with it. That would be enough to enable parents, guardians, workplaces, public terminals, etc.. to make use of it if they so chose, without forcing it on everyone.

        As-is, this simply means that apps used from a Lin

      • Because having to verify your age with multiple different companies is clearly superior to just doing it once and being done with it?

        It can be, depending on the context. For someone who does not interact with companies that require an age check, the former is clearly superior to the latter. So yes, if you provide a service that requires an age check, the burden of the age check can be on you, that's not unreasonable. And let us be clear, social media companies deserve zero sympathy, they are not owed the technical means to maintain their addictive business model.

    • Re:This should not be acceptble... (Score:4, Interesting)

      by dgatwood ( 11270 ) on Tuesday May 26, 2026 @02:01PM (#66161110) Homepage Journal

      This should not be acceptable. Carve-outs are always temporary. Always. Do not give them an inch.

      Wait 'til they realize that Android is distributed under a license that allows people to copy, redistribute, and modify it.

      As usual, a law created by people who didn't think of the consequences then got modified to fix some of the worst consequences, but because they still did not think of the consequences, the modification created different consequences. And this is why we need better lawmakers.

      • Re: (Score:2)

        by ceoyoyo ( 59147 )

        Wait 'til they realize that Android is distributed under a license that allows people to copy, redistribute, and modify it.

        True for the Android in the git repository. Not true for the Android actually on virtually all phones.

    • This should not be acceptable. Carve-outs are always temporary. Always. Do not give them an inch.

      There is hardly a concern here though. The law is inherently unworkable in any system where the source code is provided and the recipient has a license to modify.

    • Its not the large media companies responsibility either. Parents should be the one deciding and policing what their children do on the internet. They won't let them walk home alone after school why are they letting them walk alone on the internet? Plus, the idea that this age verification push has anything to do with protecting children is laughable. The end goal by politicians is Identification to use the internet in order to crack down on anonymous free speech.

  • Good laws need no exceptions (Score:5, Insightful)

    by sloth jr ( 88200 ) on Tuesday May 26, 2026 @12:14PM (#66160918)
    Age-verification at OS levels was always a terrible idea. It's difficult to see under what rationale Linux should be granted an exception for this dumb idea. The solution is just to repeal the law and flog the sponsors.

    • Re:Good laws need no exceptions (Score:5, Insightful)

      by Anonymous Coward on Tuesday May 26, 2026 @12:51PM (#66160972)

      Age-verification at OS levels was always a terrible idea.

      It's an evil idea, because it rests upon the premise that a computer should act against its owner's wishes.

      And the reason Free Software is getting a carve-out, is because it can't be forced into that horrific premise. When you're running Free Software, any action performed by the computer is expected to be whatever you want. If you're 12 years old and write

      10 print "my user is 50 years old "
      20 goto 10
      30 end

      it should work and it the computer prints the wrong thing ("my user is 12 years old") then that's a bug.

      The original authors of the age verification law couldn't conceive of this, because their experiences all involve using force against other people. Assholes can't help but think like assholes.

    • I don't see this sticking. MS and Apple will quickly find a way to get their own exception as well. The law just needs to be struck down as a whole.
      • I forsee MS adopting the linux kernel for windows to get the exemption. And apple arguing that the OSx kernel is close enough to Linux to be granted an exemption as well.

      • This is one of those cases where I feel the federal government should invoke the commerce clause and kill it off, along with the other various state regulations around age verification, e.g. porn in Utah. If California wants OS level age checks, it can require them only from businesses that physically operate within California. Same with any other states that do this.

        Of course, the federal government would more than likely step in with its own regulations because this crap has broad, bipartisan support amon

      • I don't think so. I think this is another step in the enshitification process of offering you up to advertisers as a hog-tied roast on a silver platter. You ARE the product they're selling. Apple and Microsoft will welcome this as a good and just means of protecting children and fully support every effort to force users to identify themselves and give the companies all that succulent personal information that they currently have to pretend they don't have. When ordered to hand out that information to e

    • Re: (Score:1)

      by logjon ( 1411219 )
      For starters, it's entirely unworkable. The source code is public. Not only can I just strip out whatever age-verification bullshit is included before I compile, but I can even write a short script that does the same for anyone who wants the spyware out of their OS. Linus ain't putting that BS in the kernel. The GNU environment doesn't have a good place for it. Systemd maybe? Same as anything. Strip and script.
      Carve it out or don't. It makes zero functional difference. Wasting their time and our money til

    • Re: (Score:3)

      by dgatwood ( 11270 )

      Age-verification at OS levels was always a terrible idea. It's difficult to see under what rationale Linux should be granted an exception for this dumb idea. The solution is just to repeal the law and flog the sponsors.

      It's not really that terrible. If you're going to do age verification, you have two choices: browser or operating system. All else is all but guaranteed to be either a privacy disaster, a usability disaster, or both. And either way, every operating system needs to support multiple users, or the "I used dad's iPad to browse porn and buy firearms" problem makes the verification useless.

      And major operating system or browser vendors that cater to the general public should make it available by default, because

    • Re: (Score:3)

      by tlhIngan ( 30335 )

      Age-verification at OS levels was always a terrible idea. It's difficult to see under what rationale Linux should be granted an exception for this dumb idea. The solution is just to repeal the law and flog the sponsors.

      Well, the problem is age verification to begin with. But since we have some states wanting age verification, it's a privacy nightmare. OS based age verification seems to solve the largest problem of all - needing to submit to a third party your ID information to confirm your age. Because they

  • Age Verification for any OS is insane (Score:5, Insightful)

    by SmaryJerry ( 2759091 ) on Tuesday May 26, 2026 @12:31PM (#66160936)
    This would be like requiring every single restaurant and fast food place to check photo ID because somewhere in the entire state a bar exists where you have to be 21.

  • If they have written this badly enough... (Score:3)

    by usedtobestine ( 7476084 ) on Tuesday May 26, 2026 @12:40PM (#66160958)

    If they have written this badly enough, then no device running a Linux kernel will have to support this. This includes phones, tvs, and tablets, which is probably 99% of streaming video use.

    • Firstly this only covers general purpose computing, so TVs are excluded, but it does apply to mobiles and tablets. Secondly this only permits the elimination of an OS level API check. It does nothing for any device that needs an active account to operate (everything except a Mac these days) as the existing law already requires service providers to perform age verification. So yay, your OS providers Samsung will sell you an Android phone without an OS level API, but unfortunately your device may still be res

  • It's a trap law (Score:2, Flamebait)

    by rsilvergun ( 571051 )
    It was meant to make Gavin newsom look bad. If he signed it he pissed off the entire tech sector, of he didn't he gets hammered by think of the children attack adds. As an added bonus Facebook, Twitter and Planitir want this.

    I'm not surprised their quietly gutting the law. It's what I predicted.

    • Newsome doesn't care all that much. Because he can't run a third term for governor. And the kind of political friends that lead to power in California are subtly different from the kind that are necessary to win in a Presidential primary. He is playing a very different game, and frankly does not need to make nice with tech industry to do it. Those buffoons will donate to both parties anyways.

    • Re: (Score:2)

      by taustin ( 171655 )

      Newsom doesn't give a shit. He's termed out this year, it is no longer even possible to set up a recall election in time to shorten his term by a single day.

      And nothing anyone does will alter his being the next Democratic candidate for President, except, possibly, Kamala Harris deciding that the Democrats need to lose again by running (and somehow bribing or blackmailing her way back into the good graces of party leadership, which isn't likely at this point).

      Plus, anybody who know their ass from a hole in t

  • AB-1856 (https://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=202520260AB1856) is titled "Age verification signals: software applications and online services", but that's primarily for show. The key part of the proposed law says:

    There is no verification of age. It's self-report of age at OS setup. There is no verification required by this code. The OS then provides age bracket range upon request.

    • It's not age verification yet. The obvious next step is to institute verification because people lie. But first they will spend a bunch of our money proving that people lie, because nothing says representative government like handouts to contractors.

    • I mean, really, we should all be calling this what it is: The initial steps to forcing your OS to dox you. The "dox-yourself" laws. Internet ID. Anyone that ever pretended any of these laws were ever intended to to anything to "protect children" is selling you and obvious lie or has fallen for an obvious lie.

  • Kids will now become Linux savvy. (Score:3)

    by infosinger ( 769408 ) on Tuesday May 26, 2026 @01:12PM (#66161006)

    Windows 11 is already getting plenty of bad vibes. Now add the "age check" defect and there will be widespread moving over to Linux. Also, this will encourage SteamOS to support more than their own store to get around this.

    • Most of the devices kids use these days have locked bootloaders. You're not installing Linux on a current gen iPhone or iPad, and Samsung locks their stuff down too.

      If some kid really wants to fap to porn on his desktop rig that he installed Linux on, that's something only the clutchiest of pearl clutchers is worrying about.

    • Finally the year of the linux desktop. But seriously stupid to do the age check. Last I checked my car doesn't ask my age. An officer might, but not the car. Or liquor bottles don't have a thumbprint reader and cell connection that I have to get authenticated before I can open the bottle/can. Cigs same thing, ... I suppose we could put an age verification on the sale of the computer, phone, etc like we do with cars, booze and cigs. But the backlash from that would be revolution level.
  • Guess that's not a problem now.

  • linux (Score:3)

    by gary s ( 5206985 ) on Tuesday May 26, 2026 @02:05PM (#66161118)
    So now everything moves to linux to skip this stupid law.
    • No, because the problem remains.

      How do you protect kids

      "Prenatal problem" ? then explain to me how you teaching your kids about the internet stops them from being a victim of someone nudifying them and sharing it around at school. Or being bullied / targeted
      Who picks up the mess ? that anonymous person you can not track down ?, social media ?, AI ?, government ?. It will be the parents of the victim.

      What happens when kids self delete because of this, was it the victim fault, parents fault, because

  • Redhat and Systemd already implemented it in proactive compliance. Will they remove their age verification integration now?

    • They didn't implement age verification. They just added a place to put the date in systemd. If nothing enters or reads the date, it doesn't do anything.

      • Re: (Score:2)

        by allo ( 1728082 )

        They are enabling it. The rest are semantics. "We only provide the API, the other software needs to handle it" Yeah ... and the next law can just demand the "other software" pointing at the existing API that just needs to implement Google Age Check (tm) or Facebook real person verification (tm). Just one API key, sending the identify provider a selfie and a short API call on each login ... fail to implement it and your distribution is banned.
        Let's say: Thank you California for considering that this is no go

  • Someone come up with a solution then.
    what we have is not working and everyone is avoiding responsibility

    Would you feel the same if it was your daughter who go nudified by kids at school ?
    You saying "Parental responsibility" protected you daughter exactly how ?
    Its anonymous, so who are you going to sue
    "Parental responsibility" is no better than :"houghts and prayers" after every school shooting, 100% worthless and is used instead of finding an actual solution.
    That information wants to be free...

  • The biggest issue is trusting the collector of this personal information with the information.

    Most do not trust big tech. How will this information be used to exploit me in the future.
    Few trust the government with my personal information and app / internet usage.

    The general thought that drove the bill is that if the os holds the personal information the informatikn can then be seperated from big tech/gov from the appli ation owners. This should i theory protect the leakage of personal information.

    This fal

Slashdot Top Deals

There can be no twisted thought without a twisted molecule. -- R. W. Gerard

Close