As of today, about half of all U.S. states have some form of age verification law around. Nine of those were passed in 2025 alone, covering everything from adult content sites to social media platforms to app stores.
Right now, California’s Digital Age Assurance Act (AB 1043) is all the rage right now, which targets not only websites and apps but also operating systems. Come January 1, 2027, every OS provider must collect a user’s age at account setup and provide that data to app developers via a real-time API.
Colorado is also working on a near-identical bill, which we covered earlier.
The EFF’s year-end review put it more bluntly: 2025 was “the year states chose surveillance over safety.” The foundation’s concern, which I concur with, is, where does this stop? Self-reported birthday today, government ID tomorrow? There appears to be no limit to these laws’ overreach.
The thing is, this shouldn’t really be a problem.
I am still against where all this age verification crap is coming from, and I’m against what specifically “age verification” entails; but here’s the thing: We keep saying, “It should be the parent’s responsibility to secure their kids”—and while that’s true, you can do all the talking and educating you want, but the fact is that the internet is now nigh-fully integrated with our lives, and unless you are surveilling your kid at every moment they are on the internet (don’t recommend), not every parent has the time, resources, or know-how to keep their children safe on the internet without help.
So to play naive for a moment and ignore the well-understood reality that “child safety” is an atom-thick veil for mass surveillance: Why did we give up so fast on device parental controls? The info being stored on the OS / user settings actually isn’t so bad of an idea if the implementation valued both safety and privacy. Upon setting up the device or account, it is the parent’s responsibility to create a password or biometric or whatever to activate/deactivate the safety mode. No personal information required. It should be pretty easy. Are there technically ways for the kid to get around this? Yes, but that’d be breaking the trust. In the same way you’d deal with your kid sneaking out of the house, you deal with that separately. The existence of websites that don’t perform the check is inevitable no matter what you do.
And if you don’t believe your kid needs a safety lock on the internet, then that’s your prerogative.
It’s apparent that many parents need a more convenient tool available to them, but privacy doesn’t need to be compromised in order to achieve a safer internet. I got lazy while writing this, and I’m sure that’s clear in some spots, but I’m just gonna post it. There’s possibly something huge that I’m overlooking, so I’ll just let someone else point it out.
It’s a bit crazy to think about how things have changed. When I was a kid, the only computer in the house that was online was in the office/living room, so my parents could walk past at any time and see what I was up to. This was in the MSN beta days, and I was usually in teen chat, which, given the beta, meant that we were all teens whose parents had gotten prerelease Win95 discs (actually, in my case, it was the head of my high school math department who “loaned” me his CD).
As a result, it was pretty chill. Having your phone at all hours and no oversight seems an absurd situation.
You’re not overlooking anything. You hit the nail on the head, these laws are about surveillance and censorship and that’s why they’re being implemented in the worst and least privacy respecting way possible. The next step is to make sure it’s impossible to circumvent by enforcing locked bootloaders and secure boot. Phones are 90% of the way there already and it probably wouldn’t be too hard for them to fuck up the desktop/laptop side of things either.
The issue still remains that with a check like this, who is to say what content need be age-restricted now lies with the state. They could (and will) restrict content and information that I think my kid should have access to, and it will be a bit all-or-nothing.
Provided the above, I’d say the centralizing of information is the chief concern @SnotFlickerman@lemmy.blahaj.zone.
I don’t know what a satisfying and achievable solution looks like here with that considered.