ES version is available. Content is displayed in original English for accuracy.
Advertisement
Advertisement
⚡ Community Insights
Discussion Sentiment
63% Positive
Analyzed from 6499 words in the discussion.
Trending Topics
#age#more#system#don#operating#bill#verification#https#user#government
Discussion (223 Comments)Read Original on HackerNews
Why are so many bi-partisan bills so bad?
Ultimately, they seem to have realised that they can't stop adult content from being shared, so the easiest way to get there was to mark anything even vaguely possible of being adult, and require age verification -- which comes with a lot of political cover vs. just deleting it.
Of course, if you stoke up the right people, you end up with lots of support from the puritanical brigades, and label all naysayers as putting children in harm's way.
I guess they figure if they keep trying they'll eventually get it passed - which is probably true.
The collaboration between tech billionaires and state surveillance is also thoroughly documented. Silicon Valley venture capitalists and tech founders—such as Peter Thiel (Palantir) and Palmer Luckey (Anduril)—have aggressively integrated themselves into the military-industrial complex. By leveraging their immense wealth and political access, they have secured billions in taxpayer-funded contracts with the Department of Defense, ICE, and local police departments. Palantir, for example, got its start with seed funding and direct guidance from the CIA’s venture capital arm, In-Q-Tel, and now provides the digital infrastructure that enables federal agents to track and arrest individuals en masse.
Data monetization and the elimination of anonymity are the financial engines of this model. The modern digital economy operates on "surveillance capitalism," offering supposedly free services to harvest user data, craft highly detailed profiles, and monetize every click and interaction while entirely deemphasizing user privacy. In the political sphere, dark money networks have poured millions into their own high-tech data firms (such as i360) to assemble meticulously detailed, de-anonymized profiles on over 190 million active voters and 250 million consumers, enabling precision targeting and psychological manipulation.
Mass surveillance justified by "safety" is precisely how these technologies are deployed against the public. The software systems sold by tech companies to law enforcement agencies explicitly ingest commercial license plate reader (LPR) data, providing authorities with access to over 5 billion data points used to continuously and physically track vehicles and individuals across the country. This geographic tracking is fused with other aggressive domestic surveillance methods like digital dragnets, "Stingray" cell phone interceptors, facial recognition, and fake social media profiles—often using photos of attractive young women—to trick youths as young as twelve into accepting friend requests. Authorities use this access to map out social networks and establish guilt by association, heavily surveilling minority youth without any concrete evidence of criminal behavior.
Ultimately, these technologies fulfill the state's historical obsession with "legibility"—the utopian, often tyrannical desire of authorities to categorize, monitor, map, and standardize every aspect of human life so that the population becomes a closed, predictable, and easily manipulated system. By merging state power with Silicon Valley's data-harvesting capabilities, this infrastructure enforces control by turning human sociality and everyday life into an endless series of trackable, monetizable data points.
There are also state actors at play here who would love if computing without ID became a very niche thing to do. Obviously their top line would be "fighting terrorism" and "saving the children" but in reality we've seen how these organizations (ICE, NSA, etc.) abuse their power and spy on people without warrants.
tl;dr: there is much more at play here than Facebooks interests alone.
One example of this was last year when high-profile apps like Candy Crush Saga and Clash of Clans were found to have privacy policies on their websites restricting users to 13+ so they could track and advertise more while their Android and iOS apps were designated for all ages so they could get more downloads.
It seems like a more lucrative path to go down even if you lose the under-18 crowd gambling / watching ads on your platform.
This is likely because of Zuck's testimony in the very recent court case where he testified exactly that the "best place" to do "age verification" was in the operating system.
This was but a few weeks before all these, largely very identical sounding bills, suddenly started appearing in state houses across the USA.
Because meta will not have to spend real $ to add/support age verification, plus they get to point the finger at someone else for age issues.
This is the real benefit to Meta/FB/etc. that many seem to overlook. Meta/FB/etc. are already staring down a lot of court cases related to "addicting youngsters" to their product (and potentially a lot [i.e. billions of dollars] of payout for settlements or penalties in cases that side against them).
But, if they can get the government to mandate that the operating system is responsible for verifying a user's age, they get to avoid liability (i.e., more billions of dollars) for serving anything from their properties to an underage user if the OS tells them that the user is "old enough" for whatever they served. So long as Meta follows the law and asks the OS "is this user old enough" and if the OS replies "old enough" then the liability for mistakes in the age identification shifts to the OS provider and away from Meta/etc.
The part that is odd here is why Microsoft, Apple and Google (the "OS providers" truly being targeted) are not massively lobbying against this due to the legal liability risk that Meta is trying to shift over to them.
If I do "sudo -l" to my son's account, what is the age of the user performing actions? If my son writes a set-user-ID program and I run it, what is the user's age now?
I'm glad I'm on a source distribution (Gentoo, even though it does require patience) so I could in-theory edit/patch out the nasty bits before they even become binaries if anything like this ever does go ahead! (Seems unlikely to really work for Linux users anyway really though, for many of the reasons you suggested!)
https://news.ycombinator.com/item?id=47530718
Here is some more breakdown
https://x.com/moo9000/status/2037184457069760717?s=20
There are a couple parallel moral panics intersecting on this topic. Again even on HN you'll find people parroting dodgy statistics about child trafficking on social media, proclaiming that short form video is equivalent to highly addictive drugs, or making sweeping claims that under-18s should be banned from having smart phones. It's apparent none of them ever considered that the age restrictions they've been inviting might apply to something they use. It's always assumed to apply only to the kids on the TikTok or something.
- Require operating system developers like Apple and Google to verify users’ ages when setting up a new device, rather than relying on self-reported ages.
- Allow parents to set age-appropriate content controls from the start, including limiting access to social media, apps, and AI platforms. - Ensure that age and parental settings securely flow to apps and AI platforms, so content is tailored appropriately for children. - Prevent children from accessing harmful or explicit content—including inappropriate AI chatbot interactions—by creating a consistent, trusted standard across platforms."
This is the summary [0] from the Benton Institute for Broadband & Society, who seem to be in support of the legislation. I get the feeling the definition of 'operating system' within the legislation isn't how many on HN, or in real life, would define what an OS is, since its implied to be aimed at mobile devices, but we shall see once the actual text is posted.
[0] https://www.benton.org/headlines/rep-gottheimer-announces-bi...
1. Screen time reporting has been 100% broken for decades. Just does not work as advertised. False advertising is indeed illegal.
2. The parental controls are a joke. Can't block apps that were ever downloaded by a member of the household. Don't want the kid to have TikTok? You better not have downloaded it on any device ever.
But you claim that only legislation can force behavior, and I'm pretty sure that if a few senators just relayed their frustration with broken screen time reporting to Tim Cook personally we could get some results.
What is the common denominator? Whose lead are they following, and whose money are they taking?
Or is there another one?
Unless you just want an exhaustive enumeration of every possible human desire.
Criticism of Israel and its agents will be outlawed by all means necessary and anybody who questions it will be black bagged. That is the end goal. This is total war.
Requiring disclosure of my age is effectively a search, without specific probable cause, and there are no means for me to challenge this in court.
Settled law decades ago.
On that note, today is April 15th, tax day. The day where if you don’t provide hard numbers about your life against your will and at your own expense, prison opens as a possibility.
Even if they stack the courts with muppets who ignore the obvious first amendment angle to get this passed, I will never comply with this and I will happily help others defy it.
Committee members can be found here: https://energycommerce.house.gov/representatives
> As of 04/14/2026 text has not been received for H.R.8250 - To require operating system providers to verify the age of any user of an operating system, and for other purposes.
> The Government Publishing Office (GPO) makes the text of legislative measures available to the public and the Library of Congress. GPO makes the text available as soon as possible, but delays can occur when there are many or very large legislative measures for GPO to prepare and print at the same time.
I found that for 2025, on average, it took about 20 days for a bill to be posted before its text was made available via Congress' APIs. Sometimes more, sometimes less, sometimes almost immediate... but 20 days on average last year.
I learned a lot about congressional processes and such through the project, like this[0] really cool flow chart about the legislative steps (recommend viewing the tiff and really zooming in on the details), with the action codes[1], which is data that can come from the APIs[2].
[0] https://www.loc.gov/pictures/resource/ppmsca.33996/
[1] https://www.congress.gov/help/field-values/action-codes
[2] https://api.congress.gov/
edit: formatting
How do we still have no people in government with basic computer literacy?
Source:
https://news.ycombinator.com/item?id=47772459
>"In layperson’s terms, ZKP makes it possible for people to prove that something about them is true without exchanging any other data. So, for example, a person visiting a website can verifiably prove he or she is over 18, without sharing anything else at all."
- https://blog.google/innovation-and-ai/technology/safety-secu...
- https://github.com/google/longfellow-zk
Is that what this bill requires? If it’s just remote attenuation for social media, done by the OS, I think that’s fine.
https://www.congress.gov/bill/119th-congress/house-bill/7270...
Maybe add in automatic voter registration to sweeten the pot?
There's a reason this idea is pushed solely by Republicans with the explicit goal of reducing the number of people who can vote, because fewer people voting is better for Republicans.
Most negative US health outcome factors can be traced to suburbanization, which is also where the vast majority of the gun violence is, and systemic racial wealth disparity. We have a pretty good healthcare system, we just need to subsidize it for people who can't afford it.
Sorry for the sarcasm, but that's how your comment reads.
Do those lucky people have healthcare insurance tied to their employment? Are they afraid to go to a demonstration or advocate a union, because they could lose their job and thus healthcare?
A good healthcare system treats everyone equally, no matter where they live in a country, their income level, being employed/unemployed, etc.
We have a pretty good healthcare system, we just need to subsidize it for people who can't afford it.
No, it is broken. The US healthcare capita costs twice as much per capita as most West European countries and the 'outcomes per capita' are worse. The problem is, similar to the prison system etc., the privatization of the system. It's run by companies that go for profit maximization, which entails rejecting as many claims as possible, driving up medicine prices, etc.
The downside will be riding out the intervening months before the court decision comes through. Stock up on ISOs and full git clones of your favorite OS sources.
Requiring commercial services to adhere to certain guidelines is constitutional, even though the Texas law is a bad one and I think a different court may have slapped down the law. Mandating speech (code is speech) is clearly not, especially for noncommercial projects.
I think the key would be getting the right person to explain how this would be like requiring all authors to include a certain sentence in their novel.
Though this does bring to fore the issue of enforcement. Nobody can stop you from building a custom car which has no airbags. Where enforcement happens is when you try to get it registered (thus making it legal to drive on public roads). That's when the government would stop you.
Curious how such enforcement would work for operating systems. We could all just mod our OS's to remove/bypass age verification. The government doesn't (currently, yet) have a legal nor physical mechanism to prevent this.
> Voting, we might even say, is the next to last refuge of the politically impotent. The last refuge is, of course, giving your opinion to a pollster - Neil Postman
https://www.usa.gov/elected-officials
Too early to discuss much though?
1. Requiring sites in various categories (porn, social media) to make sure they aren't serving children, without specifying how they are to do that.
2. Similar to #1, but specifying specific means the sites must use. They are often pretty bad from a potential privacy perspective because they often specify uploading copies of passports or driver's licenses or other things that could be very harmful to you if they leaked. These laws do at least often require the sites to delete those documents. With #1 sites often ask for the same documents but aren't required to delete them.
3. Like #2 but includes among the allowed means of verification some that don't give the site copies of your sensitive documents.
4. Ones that require operating systems on devices whose primary user is a child to let the parents set the age of the child when the child's account is being set up, and to provide an API that apps can query to find out if the current user is a child.
Whenever any of those are discussed here, or whenever any of the other approaches being developed such as those that allow binding a digital copy of your government ID to a hardware security module you have (such as on a smartphone) and to use that to demonstrate age range without disclosing anything else (Google and Apple have these, and the EU is planning on such a system) is discussed here, 95% of the commenters comment as if it was a #2 type of system.
So might as well discuss this one now. The discussion won't be any different once the text comes out.
So if the legislation leans that way it would be interesting to discuss that part in particular.
It requires that the parent be able to enter an age or birthdate. The API that the OS must provide to apps is required to let apps ask for age ranges, with these ranges required: [0, 13), [13, 16), [16, 18), [18, ∞).
The California bill is mostly fine, and just needs some tweaks. It is way narrower than 99% of the people who comment on it think it is.
From what little that has actually been disclosed about the federal bill it sounds like it too is taking a parental control approach, but it also sounds like it might be requiring the OS to actually verify the age.
The big question is what does that mean? If it just means the OS has to ask the parents for the age it may be similar to the California law and might just take some tweaking. If it means the OS has to be provided actual proof then it is quite different and much more problematic.
But what about all the rest of things you use operating systems for? Will they stop using cars or any kind of transport that have one or several running operating systems inside? Routers or internet connectivity? Finance, clusters, whatever? Have facebook in all the operating systems on their servers for all the platforms an age verification check for whoever logs in, or not?
The binary distribution operating systems provided by so-called "tech" companies all suck anyway
I prefer to compile the operating system from source. I can add or remove any code I want. Will the nonprofit open source projects distributing the source code that I use be "operating system providers" under this legislation. That would seem pointless
2. Are OS "providers" the same as OS "authors"? And - with a GNU/Linux distribution, who would be the providers, really?
2. They haven’t thought about it and don’t care
Lets hope they carve out exemptions for Free Operating Systems based upon revenue. But we know that will not happen.
One of the prongs is requiring ID to go online. Another is to use a combination of media mergers with 'voluntary' government-controlled self-censorship to clamp down on unregulated speech.
So, its blast radius will be centered on LGBTQ issues, but it's designed to cover your comment too.
It also doesn’t make sense a Democrat from New Jersey writing the bill saw it that way at all.
https://en.wikipedia.org/wiki/Clipper_chip
May they meet a similar fate!
I will stop using technology before I compromise on this.
Techbros and politicians, please take note.
Some people refuse to fly, judging security checks at airport dystopian. Business goes on.
Not me individually, no, but I hope that by speaking up I am doing a very small part to encourage others to speak up. If enough of us speak up, it can make a difference. The alternative (keeping my mouth shut) is complying in advance, IMO.
> Some people refuse to fly, judging security checks at airport dystopian. Business goes on.
Funny you should mention that. I fly frequently (at least 3 times, sometimes up to 8-10 times a year), and I have literally never gone through the body scanning machines at a US airport, because I opt out and get groped by the TSA officer every time. I believe in small acts of resistance, and I think at the very least I'm consistent in that.
Not arguing against acts of resistance, however small. Just pointing out the majority of people now turned digital, the few like you and many on HN wouldn't put a dent to the erosion or freedom when it comes to software.
Also interested to see what motivates people to speak up, when they know full well it won't change anything. (I'm one of those too)
Never thought it would end this way.
https://www.phoronix.com/news/Debian-Undecided-Age-Laws
https://linuxiac.com/systemd-creator-lennart-poettering-join...
The cynic in me says the Win 11 "you must have a TPM" push (along with passkey's "big tech owns all your accounts" design) were rammed through specifically to centralize control of the open web.
At this point, if the federal government actually forced OS-level censorship, most literate folks would just download Linux. So, first, they need to close the remaining door.
I'm not exactly holding a candle for debian. SystemD has already started adding support for this, and, in the past, downstream has been able to force unpopular debian votes through.
The latest absurd power grab in the guise of protecting the children.
There are so many issues with how this can work in practice. Best case it just asks how old you are like a website that shows mature content, and the user lies. So from a liability perspective that shifts it to the user who gave false information. Beyond that there’s no practical way to actually verify someone’s age at the OS level.
KYC for windows, MacOS, iOS, Android, and internet players like Google and Cloudflare being forced to block unverified devices.
There probably would still be a way around it, but it would be a headache for most people.
That is a _very_ dangerous assumption.
He seems to also support H.R. 7540.
I think the Democrats in his district need to seriously consider primarying him and replace him with someone that doesn't bend to foreign or corporate whims.
But yes, Gottenheimer is a conservative democrat.
there is your answer, mate. lotta private interests swaying NY and NJ elections
AIPAC money, PAC money, and gold bar bribe takers are definitely corrupt and need to be in prison.