Also affects application developers

This was also something I saw from the bill after a close reading of the text. It has garnered little discussion online.

This requirement is arguably much more contentious as it exposes developers of any application to legal liability. I surmise that this requirement alone from the law is unconstitutional.

First, the law burdens the right to receive information (through applications). The U.S. Supreme Court has recognized that the First Amendment protects not only the right to speak but also the right to receive ideas and information, such as in Stanley v. Georgia and Lamont v. Postmaster General. A requirement to present identification before entering a bookstore could deter people from accessing controversial or sensitive material. Courts often treat such “chilling effects” on reading as constitutionally significant.

This law, because it requires developers to distribute their applications and operating systems with a feature to request age bracket data from their users, is compelled speech. This compelled speech is agnostic to the type of application or it's purpose, meaning that it is content-neutral.

Content neutral restrictions on speech typically fall under intermediate scrutiny, as opposed to content-based restrictions which typically fall under strict scrutiny.

To pass intermediate scrutiny, the challenged law must:

1) further an important government interest (lower burden than compelling state interest required by strict scrutiny test)
2) and must do so by means that are substantially related to that interest.

[1]

I would argue that the state has an important government interest to protect children online. However, it's unclear that the state has an interest in ensuring every single program on the operating system requests the users age.

Moreover, this law fails to achieve this by means that are substantially related to this interest as required by law. Let's look at US West, Inc. v. United States [2]. This ruling concerned a law passed preventing telephone providers from providing video services, and was subject to the same intermediate scrutiny.

The court ruled that the state "must demonstrate that the recited harms are real, not merely conjectural, and that the regulation will in fact alleviate these harms in a direct and material way".

It is unclear how the government can demonstrate that the particular harms to children are alleviated by this bill. Requiring every single application to verify the age of the user, regardless of the contents need for age verification, opens up the user to profiling and data collection that place the child at risk. Moreover, it is clear that these measures do not *effectively* mitigate the problem, as the child can (and will!) very simply bypass these measures.

(A child can simply misrepresent their age by setting their age during installation or after the effect. They may also install an operating system without age bracketing APIs in place. Or they can simply install a virtual machine where they control the operating system.)

I don't think these laws are constitutional as written, and the state would have an uphill battle in enforcing them. I expect many more court challenges to arise.

[1]: https://www.law.cornell.edu/wex/intermediate_scrutiny
[2]: https://law.justia.com/cases/federal/district-courts/FSup...