Structural Frictions: Global Age Verification Mandates vs. Fully Free OS Autonomy
- Login o registrati per inviare commenti
Hello everyone.
Recent legislative movements enforce structural changes to how operating systems and platforms handle user identity and access. In Brazil, the newly passed Lei 15.211/2025 mandates strict age assurance protocols and obligatory parental supervision APIs for users under 16. Similar frameworks are advancing in the US, such as KOSA and various state-level verification laws.
These legal frameworks operate on a premise of centralized control. They demand persistent identity verification, OS-level or browser-level restrictions, and the elimination of practical anonymity under the justification of protecting minors. Managing the digital infrastructure for a 7-year-old and an 11-year-old under these regulations reveals an immediate systemic conflict. The state requires a level of surveillance and hierarchical control that the free software philosophy structurally rejects.
I have a few technical and structural questions regarding how the Trisquel project views this shift:
The Attestation Bottleneck: When commercial web platforms inevitably require hardware-level identity attestation or proprietary DRM modules to comply with age verification laws, how does a fully free distribution plan to address the structural exclusion of its users from the mainstream web?
Libre Compliance: Is there any active discussion on developing decentralized, locally managed compliance tools? We need mechanisms that might satisfy the legal requirement for local access control without transmitting telemetry or biometric data to corporate or state entities.
Scope of Action: Does the community view these global legislative frameworks as a systemic threat requiring a coordinated technical countermeasure, or strictly as a platform-layer issue outside the scope of the operating system itself?
I look forward to an objective discussion on the technical implications of maintaining community autonomy against state-mandated surveillance.
>"Libre Compliance: Is there any active discussion on developing decentralized, locally managed compliance tools? We need mechanisms that might satisfy the legal requirement for local access control without transmitting telemetry or biometric data to corporate or state entities."
I haven't released any distro ISO's myself for a few years, but if I were doing that now I would just say, "Any use of this distribution in geographic regions where biometric tracking/reporting is mandated by law is unauthorized, as this distribution does not contain any such biometric tracking/reporting mechanisms."
Leave it up to the users to decide if they want to take on the liability themselves.
Or, might have to look at what MidnightBSD is doing:
>"Until we have a better plan, we modified our license to exclude residents of California from using MidnightBSD for desktop use, effective January 1, 2027." https://twitter.com/midnightbsd/status/2027101491211718765?ref_src=twsrc%5Etfw
I don't know if that would still be considered a free license with that "no-Californians" clause, I'd have to look at how the FSF views it.
I believe it would not, for not fully satisfying freedom 0:
The freedom to run the program means the freedom for any kind of person or organization to use it on any kind of computer system, for any kind of overall job and purpose, without being required to communicate about it with the developer or any other specific entity.
https://www.gnu.org/philosophy/free-sw.html#run-the-program
We can't be forced to write free software that tracks and snoops on its users. And I don't think we can be forced to not write free software because our software does not track and snoop on its users.
I recall a similar debate came up in the early stages of the various government reactions to Covid-19. Some nations wanted to track everyone and also track all the people that each person came in contact with, and wanted to try to force people to keep Covid tracking apps on their phones. There was some debate at that time about the role that libre software should or should not play in such an effort. I don't recall where that discussion ended up.
I am a translator!
https://github.com/c3d/db48x/commit/7819972b641ac808d46c54d3f5d1df70d706d286 was brought to my attention.
The licence is LGPLv3 but a "LEGAL-NOTICE.md" file was added to inform about the legal restriction. The license is not forbidding anyone to use the software, the legal notice informs users that the software does not comply with a law, then it is the law that forbids user from using the software, not the license.
I have not checked those laws in detail. I wonder whether adding a "birth date" to the "adduser" command and allowing programs to get that date when running would comply with such laws. At least, the Colorado bill seems to refer to good faith, and not requiring any evidence such as a photo ID.
>"https://github.com/c3d/db48x/commit/7819972b641ac808d46c54d3f5d1df70d706d286 was brought to my attention."
Yes, this seems like a good choice of wording, although I don't know how the FSF will view it:
Important notice to residents of California and Colorado
As a consequence of recent legislative activity in California and Colororado:
California residents may no longer use DB48x after Jan 1st, 2027.
Colorado residents may no longer use DB48x after Jan 1st, 2028.
DB48x is probably an operating system under these laws. However, it does not, cannot and will not implement age verification.
It doesn't actually stop residents of California and Colorado from using it, but the language would seem to try to move the legal liability for use in those states from the developer to the user.
> The state requires a level of surveillance and hierarchical control that the free software philosophy structurally rejects.
This goes well beyond free software structural philosophical rejections. Everybody's freedom is at stake and I do not see how a single instance of an operating system could escape such centralized control without unplugging from the network altogether.
If new laws empowered the state to track our footsteps, should we be asking our libre shoemakers to make us magical boots that defy gravity and never leave tracks? Or should we instead join the larger movement resisting the totalitarian footstep tracking laws? Or, more generally, resisting the totalitarian state. This is of course a tad more of a challenge than downloading a ready-made iso and installing it in a few clicks (for users), or adding a disclaimer on a licence (for developers).
Anyway, the General Free Software Talk section would probably be more appropriate for a philosophical topic that does not specifically apply to Trisquel. Respecting other users, forum rules and shared resources is no luxury for communities seeking "autonomy".
Jesus Christ, did you use AI to compose this post?
I see age verification as an issue for websites, not for operating systems.
That's not what recently happened with SystemD. Or Midnight BSD becoming even more propietary.