Not such a bad idea [LWN.net]

Not such a bad idea

Posted Mar 12, 2026 14:26 UTC (Thu) by marcH (subscriber, #57642)
In reply to: Not such a bad idea by dskoll
Parent article: California's Digital Age Assurance Act and Linux distributions

> Every new piece of information that can be deduced is yet one more widening of the attack surface for (eg) identity theft.

Identity theft is a real issue but it's a couple orders of magnitude worse in (at least) the US because of the incredibly stupid belief that immutable personal information 1. can be kept forever secret 2. can be used as a password!? This is especially stupid considering all that basic personal information is _already_ out of the bag and is already being marketed on more or less legal platforms. The sooner people in the US abandon those complete privacy illusions and get back to reality, the better.

There used to be a smarter time when people in the US didn't try to keep their social security number secret - just like in many other countries. I don't know what happened then.

> Nope. Read the law. Every single application is required to ask for an age bracket signal.

Not my understanding.

to post comments

Not such a bad idea

Posted Mar 12, 2026 14:40 UTC (Thu) by dskoll (subscriber, #1630) [Link] (3 responses)

> Nope. Read the law. Every single application is required to ask for an age bracket signal.

Not my understanding.

Did you read the text of the law? Particularly 1798.501 (b) 1.

Not such a bad idea

Posted Mar 12, 2026 16:06 UTC (Thu) by kleptog (subscriber, #1183) [Link]

This language is terrible:

> 1798.501. (b) (1) A developer shall request a signal with respect to a particular user from an operating system provider or a covered application store when the application is downloaded and launched.

So the Developer is a little daemon living inside your machine that has to do something ("request a signal") when you as a user do something ("download an application").

In all likelihood the Developer is actually asleep or busy doing actual useful work. Terry Pratchett makes jokes about machines being run by daemons, but that's not the real world. Which branch of government is tasked with ensuring legislation is actually sensible? The above is grammatically correct, but meaningless.

Not such a bad idea

Posted Mar 12, 2026 16:17 UTC (Thu) by marcH (subscriber, #57642) [Link] (1 responses)

The text of the law has plenty of issues, especially the somewhat fictional line between "operating system" and "application". Would "curl" be part of the former or latter? Probably both...

On the other hand, the _intent_ of the law is pretty clear and stated in the first paragraph: make sure service providers grant children the "protections afforded to children". As the LWN article notes:

> One might wonder why the state of California wouldn't extend such courtesies to all users.

Obviously not a lawyer but if "applications" and online services don't want to be bothered by this new law, then easy enough: make your entire service "child-friendly" and don't spy on adults more than you're allowed to spy on children. Problem solved: if you assume the lowest age bracket then you don't need to ask for the actual age bracket. That's just basic logic and common sense but I agree it would be better to clarify it in the law.

Not such a bad idea

Posted Mar 16, 2026 18:14 UTC (Mon) by zhaan (guest, #177139) [Link]

> The text of the law has plenty of issues, especially the somewhat fictional line between "operating system" and "application". Would "curl" be part of the former or latter? Probably both...

"curl" is very much an application. It's separately developed, is cross platform, etc. It does not provide additional access to applications/services on top of it and doesn't even have HTML/CSS/JS support.

In terms of an example for "both", Emacs is a better example. Or Firefox/Chromium.