shaicolemanMeta Platforms: Lobbying, dark money, and the App Store Accountability Act
https://old.reddit.com/r/linux/comments/1rshc1f/i_traced_2_b...
https://github.com/upper-up/meta-lobbying-and-other-findings
Anyone reading this purely as a child safety or campaign finance story might miss the broader architectural war happening here. If you zoom out a little, this is the inevitable, scorched-earth retaliation for Apple's ATT rollout from a few years back.
Apple cost Meta billions by cutting off their data pipeline at the OS level, justifying it with a unilateral privacy moral high ground. Now, Meta is returning the favor. By astroturfing the App Store Accountability Act through digital childhood alliance, Meta is forcing Apple to build, maintain and also bear the legal liability for a wildly complex state-by-state identity verification API.
Gotta give it to Zuck. Standing up a fully-fledged advocacy website 24 hours after domain registration and pushing a bill from a godaddy registration to a signed Utah law in just 77 days is terrifyingly efficient lobbying.
>Gotta give it to Zuck.
if "it" is the middle finger, for sure. "terrifying" is a great choice of word for it.
I was equally impressed/terrified by Apple's marketing blitz around client-side-scanning. So many people got paid to advocate for that, and the community barely convinced them it was a bad idea. There's not much hope left for any of FAANG deliberately resisting surveillance.
Why would they resist surveillance? They're making massive profits from it.
Well, I certainly prefer if big tech fight each other instead of the user as sometimes there might even come something good out of it - like elevated privacy in Apple's ATT case.
Overall, that's the reason anti-trust laws must be applied rigorously, otherwise the normal population has no chance.
Sometimes something good (ATT). Sometimes something bad (this terrible age-verification thing that is a huge barrier to entry for small entrants and comes with massive state surveillance risk).
In the end, all the little people are just collateral damage or occasionally they get some collateral benefits from wherever the munitions land.
Personally I've lived in the world of "small entrants" and can see that but I think the average voter doesn't really understand that "just anybody" could have created an online service. That is, they think you have to have VC money, be based in Silicon Valley, have to have connections at tha pp store, that it's a right for "them" and not for "us".
All they had to do was exempt free and open source software from the requirements, which are unworkable in the FOSS context anyway, and they would have gotten away scot-free with their tech company pillow fight.
But no, they had to let collateral damage frag the free software crowd, which is inconsequential to their aims anyway, but 100% a huge concern for those suffering the collateral damage.
It's the US, all you have to do is drive a truckload of cash into Mar-A-Lago and you'll get whatever you want.
I'm incredibly dubious of the conclusions of this researcher. Claude Opus was used to gather and analyze all of the data.
I am not skeptical of any of the research, the sources seem to be cited properly. I am skeptical that this researcher has thought through or verified their conclusions in a systematic and reliable fashion. This part gives it away: "Research period: 2026-03-11 to present." This individual dropped his investigative report two days after beginning research!
Yes, AI is an incredibly good research assistant and can help speed up the tasks of finding sources and indexing sources. The person behind this investigation has not actually done their due diligence to grok and analyze this data on their own, and therefore I can't trust that the AI analysis isn't poisoned by the prompters implicit biases.
I agree. I tried reading some of the documents and they're full of this:
> LIMITATION: Direct PDF downloads returned 403 errors. ProPublica Schedule I viewer loads data dynamically (JavaScript), preventing extraction via WebFetch. The 2024 public disclosure copy on sixteenthirtyfund.org was also blocked.
> Tech Transparency Project report: The article "Inside Meta's Spin Machine on Kids and Social Media" at techtransparencyproject.org likely contains detailed ConnectSafely/Meta funding analysis but was blocked (403)
The least they could have done is read their own reports and then provided the documents to the LLM. Instead they just let it run and propose connections, asked it to generate some graphs, and then hit publish.
Some of these are also just like really weak? One of them for example seems to be some random employee at FB donating ~$1k to a politician and calling that a link. The entire "Proven Findings" is all over the place and provides no coherence. I don't think it's a particular secret that Meta would prefer age verification be done at the OS level so I'm not really sure what the added claim here is.
> A Meta employee (Jake Levine, Product Manager) contributed $1,175 to ASAA sponsor Matt Ball's campaign apparatus on June 2, 2025. Source: Colorado TRACER bulk data.
> No direct Meta PAC contributions to any ASAA sponsor across Utah, Louisiana, Texas, or Colorado. Source: FollowTheMoney.org multi-state search.
While it is true that Meta has funded groups that advocate for age verification, a lot of them also appear to have other actors so it's not like this is some pure Meta thing as some of the other commenters are suggesting.
I came here to say that this is pretty much my view having poked around a little bit as well.
This file does not exactly fill me with confidence: https://github.com/upper-up/meta-lobbying-and-other-findings...
In one part of the report, there seems to be this implicit assumption that Linux and Horizon OS (Meta's VR OS) are somehow comparable and that Meta will be better equipped than Linux if age verification is required.
It doesn't explicitly say "This will allow Horizon OS to become the defacto OS and Linux will die out" but that seems to be the impression I'm getting which uhh... would make zero sense.
More broadly, this entire report (and others like it) are extremely annoying in that I've seen some Reddit comments either taking "lots of text" as a signal of quality or asking "Does anyone have proof that these claims are inaccurate" which is
a) Of course entirely backwards as far as burden of proof
b) Not even the right rubick because it's not facts versus lies, it's manufactured intent/correlations versus real life intent/correlations (ie; bullshit versus not)
All of this could be factually true without Meta being smart enough to play 5D chess
>taking "lots of text" as a signal of quality
Or of authority, when they're not equipped to evaluate the data first-hand.
The Gish gallop technique in debate overwhelms opponents with so many arguments that they're unable to address them all before the time limit. Reports presented like this are functionally that, but against reader comprehension and attention.
Similarly, being the first, loudest, or only voice claim is unreasonably effective at establishing perception of authority, where being unchallenged is tantamount to correctness. This also goes both ways; censorship in media, for instance, can be used to promote narratives by silencing competing views, like platforms selectively amplifying certain topics to frame them as more proven and widely supported than they might actually be.
It's unfortunate that inexpert execution often positions well-meaning and potentially correct arguments to be discredited and derided by prepared opponents before their merits can be established. In this case, it may be true that Meta may have organized a well-coordinated shadow campaign for legislation using technically legal channels, but I'm sure they've anticipated this at some point, or are relying on the inertia of the system and initial buy-in to force the course.
This is a fascinating report, not because of the content or even quality of the report, but because of the way it was generated. It is an AI generated report dumped into GitHub and has made it onto the front page of Hacker News with over 1,000 upvotes and many comments.
This type of GitHub-based open-source research project will become more common as more people use tools like Claude Code or Codex for research.
Hmmm.
_GPT, prioritize truth over comfort, challenge assumptions, and avoid flattery. And analyze the patterns of biases in my prompts, and then don’t do that… or something_
Give it time, we’ll come up with something.
Concur. The data is not independent of the conclusions reached, and feels very Reddit research like - (à la Boston bombing).
In this case they have named individuals and firms as well, without the degree of diligence that such call outs should warrant.
In its current state, I would count it as a prelude to witch hunts.
I know most of this affects only the US, but I'm wondering where this will go in the EU if the Age Verification Tech goes ahead in America. There's been lots of efforts to increase surveillance disguised as protection for kids in the EU and UK.
The Swiss implementation of eID may be hint that governments may/will take the responsibility to implement and maintain the tech, but the multiple intrusions and lobbying by Palantir and friends in the EU gives me the ick.
The EU, unfortunately, has shown to be very susceptible to this kind of lobbying in the past. We regularly see legislation that is being rammed and rushed through in spite of vocal opposition. I would be very, very worried. (EU citizen)
What examples of this do you have in recent years (post 2016)? The clearest example of lobbying (chat control) has repeatedly been struck down.
"repeatedly struck down" means somebody keeps bringing it back
They're proposals by a minority. I'd like to see it go to see chat control go to grave permanently, but I'd also rather not that the democratic system allows for the permanent barring an impossible to define class of proposals from even being proposed. Or do you have other solutions?
I'm definitely for creating EU directives that enhances digital privacy rights and sovereignty to block whole classes of privacy-endangering surveillance proposals in the future. That seems like the best solution to me. It's much better than allowing those proposals to be made again and again until they are passed in some shady package deal. Even if such a proposal is struck down by local laws, constitutions, or the ECHR, once they have the foot in the door, they will only be modified minimally to comply with the constitution.
> The clearest example of lobbying (chat control) has repeatedly been struck down.
So far. But they’ll keep lobbying and we’ll need to keep fighting.
> What examples of this do you have in recent years (post 2016)?
Digital Omnibus is another.
https://noyb.eu/en/gdpr-omnibus-eu-simplification-far-remove...
https://www.business-humanrights.org/en/latest-news/eu-digit...
> We regularly see legislation that is being rammed and rushed through in spite of vocal opposition.
This implies that regulation is codified. The clear pattern of EU digital regulation doomerism is generally pointing at shitty proposals which aren't approved and codified in law.
Digital omnibus is another proposal.
If "rammed and rushed laws" is legitimately a widespread issue, you should be able to find a good example of something codified which is not just a proposal?
I'm not saying we don't have to fight. But vocal opposition to proposals which ultimately don't make it into law is the system working exactly as intended.
> The clearest example of lobbying (chat control) has repeatedly been struck down.
They can try as often as they want and they only have to win once. We - as in those who don't want this Orwellian monster to be written into law - have to win all the time.
Right but thats just the system working as intended? Gay marriage would still be illegal if unpopular ideas couldn't be reraised. Democracy is a balance, unfortunately you have to put up with fighting against the shit ideas as well as for the good ones.
> Right but thats just the system working as intended?
No, it is a one way street and thus creates an imbalance. EU regimes never push new legislation that gives more rights to their citizens, only try to limit them again and again.
> Gay marriage would still be illegal if unpopular ideas couldn't be reraised.
Gay marriage is a good example. It got passed despite being unpopular. In many countries where it was pushed by force from above, from the EU to the national level, it is still unpopular.
> Democracy is a balance, unfortunately you have to put up with fighting against the shit ideas as well as for the good ones.
The issue with democracy as we have it in the EU is the imbalance of power and responsibility. Given the EU regime's decisions in the last few decades, I consider it just a shell to push unpopular and undemocratic decisions to their member states, so lobbyists don't have to bribe everyone, just the EU regime.
I don't think any EU directive on gay marriage exist, and directives (accompanied by fines) is the main way for the EU to try to push laws on states (the other way if having a citizen go the the EUCJ against his own state, but that almost never ends in law changes).
> I consider it just a shell to push unpopular and undemocratic decisions to their member states, so lobbyists don't have to bribe everyone, just the EU regime.
Which decisions? GDPR? DMA?
> I don't think any EU directive on gay marriage exist
Not an EU directive. This was more a comment about various EU member states, which pushed it against the will of own citizens.
> Which decisions? GDPR? DMA?
Every directive. There was no single directive that had popular support from all member state populations. But the EU regime decides something and boxes it through the EU Commission and then uses the EuGH to force it upon all members.
Examples?
At least some EU regimes and people are against Russian sanctions and Ukraine support, they get bullied until they yield.
Illegal migration: there's no single EU country where the population supports it, yet they all got bullied to accept and support criminal migrants.
Electric cars, CO2, maybe not the majority but many country populations are against it, yet decisions get forced upon every single state.
Now, for every single topic you may say it's an exception, that it must have been like that, but in the end, if the wish of population is ignored on so many levels on so many topics, EU can be seen only as an illegitimate, corrupt regime trying to mess up everything. To the point, that even the Chinese regime feels less invasive, at least they care about the basic needs of the majority of their people.
> At least some EU regimes and people are against Russian sanctions and Ukraine support, they get bullied until they yield.
No? The only country where you can argue the government disagree with the population on the subject is Slovakia, but their government didn't get bullied. Hungary has kept its economic ties to Russia, and even lobbied the EU to remove a few oligarchs from the sanctions list. It is currently vetoing a EU aid package to Ukraine. I don't see it tbh.
If the country refuses to follow a directive, it can. Sometimes the country get fined for it, if a citizen if the country goes to court and the ECJ judge him correct, and often the fine is directed towards improving the issue (France fine on Brittany rivers water quality was directed towards the fund that pay for water treatment plants across Europe). Also the EU let the country the decision on how to implement the directive, and let _a lot_ of leeway (just look at Spain and Portugal energy market)
https://noyb.eu/en/project/dpa/dpc-ireland
GDPR is entirely unenforced, it's not worth the paper it's written on, and this is due to lobbying. The situation continues to this day. The DPAs simply throw reports of violations into the trash bin.
It's hilariously transparent - Ireland recently (less than 6 months ago) added a former _Meta lobbyist_ to their DPA board [0].
US Big Tech is now spending a record €151 million per year on lobbying the EU [1], and it's completely implausible to believe they're doing that with 0 RoI. "The number of digital lobbyists has risen from 699 to 890 full-time equivalents (FTEs), surpassing the 720 Members of the European Parliament (MEPs). A total of 437 lobbyists now have continuous access to the European Parliament.
Three meetings per day: Big Tech held an average of three lobbying meetings a day in the first half of 2025, which speaks volumes about their level of access to EU policymakers." It's impossible that this doesn't influence things.
[0] https://noyb.eu/en/former-meta-lobbyist-named-dpc-commission...
[1] https://corporateeurope.org/en/2025/10/revealed-tech-industr...
The fact that it has to be repeatedly fended off and that the EU regime still tries to push it is a prime example of lobbying^H corruption. They won't give up until they pass. What more do you need?
> that the EU regime still tries to push it
Sorry, what is this "EU regime"? I'm not understanding the logic in your post. The people pushing it are certain elected officials of member nations.
I use the same terminology for EU officials that they themselves use when they describe corrupt regimes with low legitimacy they don't control.
The EU puts a nice shine on things, but there are systemic and fundamental characteristics of the EU that not only make it more susceptible to "lobbying" and ignoring the electorate; which are also far more difficult to change by that electorate than in the USA where we still have direct elections of individuals not party lists (in most cases) that cause total loyalty to the party, not the constituency.
But the EU also doesn't have the same level of power as the US federal government. It's a loosely federated coalition of seperate nations, not one entity.
That was the idea of what the EU would be ... now it dictates what people can eat and do even though it is not actually a legitimate or sovereign government, while national/local elections are effectively meaningless exercises as even and especially in Europe, the local elected officials generally will be loyal to the party that can and will protect and bequeath benefits upon them over any local constituents. The EU was and is a con job. Unfortunately, you still believe the old promise of "massive returns with zero risk", until you want to withdraw your earnings.
"A loosely federated coalition of separate nations, not one entity" is actually a very good description of what the USA was before the Civil War and would technically need to abide by in order to be Constitutionally valid and legitimate; but alas, we have whatever this world dominating empire is that wraps itself in the branding and stolen identity of the United States of America, a literal antithesis of what the founders created. It is why there has always been such an intense and relentless propaganda effort to demonize "states' rights", the equivalent of which legitimate European sovereign countries and people will likely also face if the plans to the powers that are seeking to conquer the whole planet succeed. You will be told, your "loosely federated coalition of separate nations" have no right to claim sovereignty or what we call "state nullification", i.e., "states' rights" to simply nullify and invalidate any federal law that is a violation of the 10th Amendment of the Constitution, i.e., the right of states to anything not explicitly conferred upon the Federal government.
Actually, you don't even have to wait, there have been several examples already that proved without a shadow of a doubt that EU countries are not only no longer sovereign, i.e., "loosely federated coalition of separate states" when certain states disagree or do not wish to go along/vote for what the unelected body of the EU Commission conjures as legislation. You are just visiting the dungeon until you want to leave and the gate has been shut on you.
Without even needing to engage with your argument it falls apart because nations can leave the EU at will. Without getting into the Brexit weeds its proof, we did it. Can't be a tyrant if people can just say no.
The Swiss eID is designed the way it is to comply with the EUs digital ID proposal so I wouldn't doom this early.
(this one: https://digital-strategy.ec.europa.eu/en/policies/eudi-regul...)
This is because it's not an EU/Canada/US thing as much as some would like to make it. It's a "losing that one election" thing. "What about the Children" always sells. What the EU/Canada have is that the US got hit with this wave first so they can see the results. That's a data point the American Voter only had in theory, not in example form. The recent uptick of nationalism has people thinking there's some essentialism between states and there really isn't - anyone who's travelled in more places than the city knows it.
I think age verification laws are good in principle - there's a lot of stuff on the internet that people should be protected from. But it's the manner of age verification that is the issue.
The EU has zero knowledge proof age verification systems, e.g. through your bank, which are secure and don't involve sending a copy of your ID and / or face scan to a dodgy US based 3rd party.
I disagree. What if, hear me out, parents actually parent, instead of relegating the parenting to companies, and ruining the internet for the rest of us?
agree, also they should take into account that their children will be eventually an adult and will be living in such system. Goverments should only focus on educating parents (available tools, recommendations) and maybe provide some open source tooling for parents.
> agree, also they should take into account that their children will be eventually an adult and will be living in such system
We also have to consider that "children" covers anywhere from birth to approximately 18 years old.
It is reasonable to expect a parent or their proxy (e.g. caregivers and teachers) to moderate access to the Internet in the early years. Yet older children and teenagers gradually gain more independence. For example: they are able to go places on their own, get their own phone, etc.. In the physical world, we have laws that recognize this, things like forbidding the sale of alcohol and tobacco to minors. Responsibility is placed on the vendor to check identification when selling such products and the customer's age is suspect. It would be absurd to place responsibility on parents in this case since the most a parent can do is educate their child.
Now I understand the Internet poses problems when it comes to similar transactions. For face to face transactions, appearing old enough is often sufficient (perhaps with a buffer to avoid liability) for access without presenting identification. While it isn't truly anonymous, there are cases where it can be reasonably anonymous. Unfortunately, transactions are mediated by machines on the Internet. You cannot make any assumptions about the other person. Making matters worse: it is extraordinarily difficult to do age verification without disclosing identify information, and to do so in a manner that is easily recorded. Whether that information is provided directly or through a third party is a moot point. It is still being provided.
I don't know how we go about solving this problem, but I do know two things:
- Placing all responsibility into the hands of parents is absurd, and would ultimately prove harmful to adolescents. It is creating a nanny-state where the nanny is the parent. The youth would be unable to gradually gain independence, nor develop an identity independent of their parents' whims.
- We live in a world which is eager to age-gate things that should not be. Sometimes this is for semi-legitimate reasons due to how the Internet is structured. For example: there is no good reasons why children and youth cannot participate in things like discussion forums, but those forums definitely cannot look like the "social media" we have today. Other times it is for despicable reasons, such as making value based judgements based upon ideology. (The left and right are both guilty of this.)
> Placing all responsibility into the hands of parents is absurd, and would ultimately prove harmful to adolescents. It is creating a nanny-state where the nanny is the parent. The youth would be unable to gradually gain independence, nor develop an identity independent of their parents' whims.
Nonsense. What kind of nanny state? Of course parent is a nanny because they growing and taking care of their own children. This has been for this way for centuries. Nanny state is the oppposite when state is reponsible for growing your kids.
You didn't explain how "Placing all responsibility into the hands of parents is absurd," or how "would ultimately prove harmful to adolescents".
> It is reasonable to expect a parent or their proxy (e.g. caregivers and teachers) to moderate access to the Internet in the early years. Yet older children and teenagers gradually gain more independence.
its easy to moderate or at least limit access to internet for kids.
- less than 5 years then have no own phone
- less than 10 years most likely also don't have own phone if have don't need sim but only wifi (parent control wifi and router)
- more than 15 years -> no control anyway and this age limitation trying not to limit above 15 years in most countries anyway
- between 10-15 you can just not sell simcards for those ages less than 15. Parents decide if will buy such simcard for their kids. Allow buy kid like simcard that restrict access to social media. You need unrestricted simcard that you can get only if you are >15 years old or your parent will buy for you. Sure it wont restrict everything but will limit access significantly
Other solutios are treating flu with HIV.
This is a common argument, but the problem is the kids who have deadbeat parents
Or even kids whose parents don't have the technical knowledge needed
Yes I do agree the responsibility is with the parents, but it's these kids who are majoritarily affected by (bad internet actors) AND (bad offline actors)
I'm concerned about these laws and their implications for privacy, but as a parent, I'm not sure what you mean to say parents should parent. How? What should the parent do? How would you recommend a parent protect a 13 year old who spends their time in their room and out with their friends on their phones?
You should censor the Internet of your child, instead of having the government censor the Internet of everybody.