Mastodawn

I didn’t think this needed to be said, but don’t make up conspiracy theories about Linux projects complying with the age verification laws. You’re frustrated like we all are, but you’re directing it at the party that has little power other than to implement it as minimally as possible.

Instead, contact the lawmakers that passed this without listening to groups such as the EFF, who warned them about how it affects platforms other than Apple and Google’s. There’s still time before the laws come into effect.

https://www.eff.org/deeplinks/2026/03/ab-1043s-internet-age-gates-hurt-everyone

A.B. 1043’s Internet Age Gates Hurt Everyone

EFF has long warned against age-gating the internet. Such mandates strike at the foundation of the free and open internet. They create unnecessary and unconstitutional barriers for adults and young people to access information and express themselves online. They hurt small and open-source...

Electronic Frontier Foundation

JKN Tech 2d ago

@kirb Also, Linux organizations should prepare to just GTFO of pariah states like the USA.

@kirb there was literally no need to implement anything.

@oblomov of course there was. How do you think it helps to pretend otherwise?

@benjamineskola @kirb no, there was not.

@oblomov how not? do you imagine that the law simply goes away if you wish hard enough, or do you think that people in (e.g.) california should simply be forced to use windows or macos instead?

@benjamineskola @kirb LOL

@benjamineskola @oblomov @kirb Who is an Operating System Provider in case of Linux system? To cite the definition from the California bill itself:

“Operating system provider” means a person or entity that develops, licenses, or controls the operating system software on a computer, mobile device, or any other general purpose computing device.

Linux OSs are made up multiple parts made by multiple different parties, the bill does not have clear enough definition to distinguish who should be responsible with implementation of that bill in my opinion. This is rather clear with Microsoft and Apple, but not with Linux.

@Frisk Good luck arguing that in court!

The problem is that it’s very easy to think up theories like this, but there’s every chance that a judge will decide that there’s a clear meaning that _does_ included FOSS projects — and I don’t think such an interpretation is completely unreasonable. We clearly think of Debian (for example) as an operating system distributed by the Debian project, etc, even if we know that its components come from elsewhere.

The other problem here I think is that it doesn’t seem fair to expect others to bear the risk. I am not one of the people who might be sued as a result of this; so what right do I have to tell the people who *are* at risk of being sued that they should do nothing to protect themselves, and just wait to get sued? I think civil disobedience is a great idea but it’s something that people need to choose for themselves, not to do armchair activism over the internet.

@benjamineskola Not sure what I did to deserve such a tone in your response (first sentence being an exclamation, calling what I suppose is asking a question "armchair activism"), to me I've asked a genuine practical question, because I really don't know the answer to it and I don't think law has one either.

The bill was clearly made in mind with proprietary operating systems, if it was otherwise I believe it would have been more thorough with its definition.

I do agree that the judge would probably rule in one way or another against FOSS community, that's a real risk, though I really do question enforceability of such a bill in real scenarios for Linux (and therefore your statement that it's very obvious a specific project has to implement it) because it's unclear who is responsible for implementation and if anything it *should* be the legislative branch at fault.

It is especially problematic, because newer bills are going one step further and requiring OSs to age assure users[1] (which is no longer a request to provide age by the user, but rather require OSs to verify age using a method). How is FOSS going to respond to that? Is every Linux distribution going to be equipped with spy tech? Where does this madness end?

[1]: https://www.theregister.com/2026/03/06/os_age_verification/

US state laws push age checks into the operating system

: Bad legislation, but an especially big headache for FOSS

The Register

@benjamineskola I'm not an US citizen, I do not live in US and honestly I don't want anything to do with US. I resist age verification laws in ways I can in my country currently. I consider myself a FOSS developer and therefore part of the community and I want to express my displeasure with compliance to something that affects creatures globally.

Those functions have real world consequences, and I believe FOSS community should have a serious discussion on how to abide to draconian legislation like this one.

@Frisk This is not directed personally at you, but I think a lot of tech people have a certain belief about the way they think the law 'should' behave. Laws should be written rationally and logically and if the law leaves something for interpretation then it's a bad law.

But in practice laws are written in a somewhat abstract way, and it is up to the courts to decide whether they apply to a certain situation, and they will often try to understand what could 'reasonably' be meant by the text of the law and so on.

That means it's not safe to rely on trying to find 'technicalities'. If you think 'well, technically Debian doesn't "produce, licence, or control" the software so it's safe'. It's quite reasonable to decide that Debian has some 'control' over the system (by selecting software for distribution and controlling the infrastructure by which it is distributed).

So I think projects like Debian need to assume for their own safety that this applies to them until it's proven otherwise.

(Btw: I am also not in the US and would love US problems not to affect the rest of the world.)

@Frisk Also to add: I think the very nature of a free operating system makes it impossible to make these checks mandatory in practice. Any user will always be able to bypass them.

All systemd has done is to make it *possible* to *record* the age of the user, in order to build an age verification feature. And even if a distribution did enable an age verification feature based on this, it would always be possible for the user to bypass it.

So I have very little patience for people who behave like systemd developers are some malicious cult taking over the Linux world by deception.

@benjamineskola I see, thank you for clarification regarding who armchair activists was directed at, I'm glad my assumption was false.

I agree with you in full. I personally don't want FOSS devs to be liable for this, I love FOSS devs for what they do, it's a thankless job.

I do believe there is more FOSS devs could have done. I think that's my main issue with all of this. Opening ceremony of 38C3 comes to my mind when I think of it all. We as hackers have a lot of power, and I do think that there is plenty of space for resistance or malicious compliance that many developers just don't use because they personally may even agree with actions taken by the governments.

Unfortunately tech world is very US centric, I don't think that if for example Uzbekistan decided to pass legislation such as the one California adopted, but in 2016, OS maintainers would run to comply as fast as they do now for Californian law. If African country required LGBT content blocks on OS level I don't think OS maintainers would care about compliance either (I hope I'm not wrong).

For the record, I don't believe systemd developers is malicious cult or anything like that. I do believe however that it is a mistake to accept those changes with little question as I saw in those PRs (though I probably don't take into consideration potential discussion beforehand in other channels).

@benjamineskola

We are all frustrated by what's going on. I wish it was different. Thank you for engaging in respectful conversation and sorry if I seemed too aggressive.

@benjamineskola @oblomov @kirb

Let them try to enforce it

@benjamineskola @oblomov @kirb

We will need to get used to questioning the legitimacy of 'the law' including the possibility that compliance might be unethical. Not just in the US context, but definitely in the US.

@einsiedlerspiel I seem to keep making this point elsewhere, and so I’ll be blunt: if you are not the person against whom the law will be enforced, I don’t think it’s your place to say ‘let them try to enforce it’. You are demanding that others face the consequences on your behalf.

@benjamineskola

right, at some point it starts being my problem because I'm sitting downstream of this code. People are responsible for the code they write and the harm it does. This is how you talk yourself into 'just following orders'. You're free to act out of self preservation. I'm free to withhold my sympathy.

And we're talking here about laws that are not even yet in effect, and compliance implemented by someone who isn't in the position to be held responsible in the end either. The stakes could not be lower. How am I supposed to trust that there is a point at which I downstream won't be thrown under the bus by these projects, when the stakes inevitably will be higher?

@einsiedlerspiel Be serious. How are you going to be 'thrown under the bus' by this? It's an optional feature of an optional piece of software.

@benjamineskola

It's part and parcel with similar pushes for 'trusted environments' on end user devices. It's building infrastructure.

And yeah in its current iteration it is almost minuscule, that's why it's so alarming that compliance is so eager.

@einsiedlerspiel I have zero sympathy for hysteria about this.

It's a bad law, yes. But the people affected by it do not have the luxury of simply ignoring it and hoping it'll go away.

@benjamineskola

well it won't go away if there's no resistance and the infrastructure for enforcing it exists that's for sure.

@einsiedlerspiel I'm not sure there's much that could be done to resist it from Europe anyway, so I don't know what you're making a fuss about.

@benjamineskola

Laws that I don't have direct influence on, not even the bit of voting power i might have had in the us, affecting what kinda control mechanisms are normalized in software i rely on? How could that be upsetting. The US exports these policies.

@einsiedlerspiel you do realise that literally nobody is forcing you to run this software, right?

@benjamineskola

a) we're talking about systemd and related projects that are infrastructure for basically every non microsoft/apple desktop I could recommend to newbs.

b) Again the current iteration is almost minuscule, but it's the general trend towards locked down devices. The impetus of these laws is a push in the direction of the situation of mobile devices at which point you might as well say 'noone forces you to use a computer' (Also the mobile space already provides the model for how the "noone forces you" always has a 'yet' implied. Evenn without laws there is software that I *need* to access existentially important services which I could not use without a 'trusted' device; see banking software, app-only ticketing etc.).

But we don't need to continue this. All I'm saying is this no big deal attitude will backfire and we absolutely need software projects asserting their opposition. (And I'm not willing to cede this field to fucking lunduke).

No I don't expect everyone to take the bullet, but I expect the acknowledgement that there is indeed a choice.

@einsiedlerspiel Look, I think it’s a good thing if people refuse to comply. But I don’t think that’s going to be a reasonable choice for everyone. Not everybody can afford to risk getting sued, and it’s not my place to tell them to get sued anyway.

Given that, I think it’s necessary for the means to comply with the law to exist.

In which case I don’t understand why so many people are throwing tantrums about someone implementing such means.

ClickyMcTicker 1d ago

@benjamineskola @einsiedlerspiel You do realize that literally nobody forced you to respond to someone like that, right?

Nor did anyone force you to use any operating system other than the one you wrote single-handedly from scratch. Nobody forces you to drive on public roads or use a cell phone. There’s a lot of things nobody forces you to do that you choose to do anyways, because we live lives and exist in a society.

FOSS software exists across borders. I’m not going to make the claim that the modern American Republican Party is a Nazi party, but “just follow the law” equates to “just following orders” and had the business community followed one man’s orders in the 1930s we may not have certain groups of people to defend the rights of today.

If the majority of the FOSS stakeholders decide that age verification should not move forward for ethical reasons, the real answer is to cut California off. Developers in that jurisdiction will have to find a way to comply with the law should they stick with the wider community’s tools, but it’s ultimately *their* responsibility to follow *their* laws.

@ClickyMcTicker Okay, you’ve written a lot of words but have also completely missed my point.

You can just continue to use the software and disable/ignore that feature. It’s that simple.

@benjamineskola @einsiedlerspiel Europe could refuse to do the same thing that enabled DMCA into the menace it is. This time they could say no to enforcing America’s bad laws on their citizenry. In that case, you don’t like California law, don’t go to California. Before you say that’s impossible, please note that lots of countries refused to enforce Soviet laws against black markets. Of course, if Britain and Europe are passing their own age gating laws, that doesn’t work.

@su_liam I think you’re missing my point, which is that people in Europe refusing to follow a Californian law does precisely nothing.

@benjamineskola If the local government, unless they want to consider themselves an inferior subsidiary to California, should be protecting their citizenry from California law. I guarantee you, no one in California is tying themselves into knots to follow EU law. For that matter, lots of people in California are breaking Texas law. Thankfully. This is a failure at least as much by your government as by anybody else.

@benjamineskola People in Canada refused to obey things like fugitive slave laws, and it didn’t do nothing. It gave people an option. Countries that refused to implement Germany’s Nuremberg laws gave safe harbor to people running from murderous genocide(of course, some of those countries had their own xenophobic laws, Germany didn’t model their racism on the US by accident). If everybody kowtows to the most draconian laws, then the whole world is as bad as the worst dictatorships.

@su_liam I don’t know where you got the impression that anyone in Europe cares about following US law anyway. Nobody gives a shit. So what’s your point exactly?

@benjamineskola Yeah, we’ll see. Right now, it looks like they’re falling over themselves to implement California kiddie gates, but sure. Maybe they’re just getting ready for AfD and all the other Le Pens to tell them what to do.

@su_liam yanks think the world revolves around them, that’s all.

@benjamineskola I mean, that was the subject under discussion, but sure… yanks suck. Whoo… At least those Brits are saints, right? Mm?

@su_liam yanks think the world revolves around them in the sense that they are convinced that the rest of the world obeys their laws.

which is precisely the subject under discussion: i don’t know why you seem to believe anyone outside the US cares about following this Californian law?

@benjamineskola Another weenie decides blocking is easier than talking. I retract any tone of respect I might have wasted on this… individual.🖕

@benjamineskola @benjamineskola Okay. I’m not the one saying developers in say Sweden should obey California law, but whatever. Let Ben do Ben in his own little bubble.

@benjamineskola @einsiedlerspiel We’re all free(those of us who already have free* software) to refuse to install the latest security update that includes kiddie restrictions. If that makes us typhoid mary to the rest of the internet, so be it.

@einsiedlerspiel @benjamineskola It doesn’t just exist, if Europe, Canada and the rest all rush to comply, there is no alternative. We could place all our hopes for free(like speech used to be) software behind the Great Firewall. I’m sure that’ll work out well…

@benjamineskola @einsiedlerspiel If they’re looking to enforce their draconian little law against the people who don’t write the software implementing it, then: I am Spartacus. And I intend to remain so. Next time I go into California, I will take my laptop, that will remain illegally free of any such implementation. The belly of the beast. And yeah, I will continue to criticize people safe outside of the belly of the beast who chose to build the tools of repression.

@su_liam lol ok

HeliosPi 1d ago

@su_liam
@benjamineskola @einsiedlerspiel
Check out Ageless Linux's example of defiance. This is the spirit of revolt which improves the world. Do not comply with fascism in advance. Shaming those who do is fair play also, because of what is at stake.
https://agelesslinux.org/

Ageless Linux — Software for Humans of Indeterminate Age

⊥ᵒᵚ Cᵸᵎᶺᵋᶫ∸ᵒᵘ ☑️1d ago

@oblomov @kirb exactly. Do not comply in advance. Esp. for FOSS.

@kirb Compliance is an enabling act. Non-compliance would be sufficient resistance; Linux becoming unlawful in California, which would create an interesting situation. The force thought irresistable breaks against the immovable object.

There is a choice, and people own the consequences of their choices.

AdventureTense 1d ago

@js @kirb Excellent comment.