Meta being behind all of these efforts makes it incredibly suspicious, especially given the New York law is ridiculously more invasive than the California one. It sure makes it seem like there's likely a larger plan here that this is merely facilitating.
So I don't think I can still buy it at face value that California's version is a good-faith attempt to balance privacy and child safety, even if that's what it is in the eyes of the legislature, given who's actually behind it and what else they've been pushing for.
Having age verification in every operating system? I think it is onerous. Imagine you need to update every embedded system because your wise lawmakers made it a crime to run any code that does not include age verification API.
Just because Facebook supports it doesn't mean it's bad. They may not support it for the same reasons, they probably just don't want the cost and liability of doing identify verification themselves and so want to make sure all of the cost and liability is on the OS vendor.
Yes, the New York proposed law is far worse, and we absolutely should be pushing back against that. And Facebook doesn't care, because they only care about moving the liability onto the OS vendor, not on actual privacy.
But still, just because this was supported by Facebook doesn't make it bad. Sure, Facebook doesn't care about privacy, but they do care about not being liable for this, and in this case, they're right, it is actually much more efficient to centralize this function in the OS, and it happens that that way it can be done in a privacy preserving way as California's law shows.
It doesn't make sense to move this function to the OS because so long as the OS remains under the user's control, any signal from the OS has no value because the OS reports whatever the user wants it to report.
At any rate, why legislate operating systems when all of the harm comes not from computers themselves but rather from certain websites? And there are already mature solutions for controlling access to specific websites. Client-side parental controls for internet access have existed for decades, dating back to Surfwatch from the Win95 era. A credit card requirement would also effectively impose an age filter.
The law acknowledges that. It doesn't require actual verification. That's why people are saying it's just a parental controls law and not an ID verification law.
Meta being behind all of these efforts makes it incredibly suspicious, especially given the New York law is ridiculously more invasive than the California one. It sure makes it seem like there's likely a larger plan here that this is merely facilitating.
So I don't think I can still buy it at face value that California's version is a good-faith attempt to balance privacy and child safety, even if that's what it is in the eyes of the legislature, given who's actually behind it and what else they've been pushing for.