For now it’s just an age API with self declaration by users and four age brackets, and IMHO if that is all the bullshit that operating systems had to comply with it wouldn’t be a disaster. However that is naive. I think the rulers are just introducing benign laws first. Complying with this, combined with the prior age verification compliance, would set the momentum for further compliance with more authoritarian laws in the future, not stopping until the rulers have control over everyone’s digital lives.
I naively imagine each OS project or part thereof could respond in one of the ways below. Not necessarily mutually exclusive.
- Comply exactly as the rulers demand.
- Ban people in affected jurisdictions from using the software and hope that people will find a way to circumvent the ban.
- Claim no need to comply because they don’t operate in affected jurisdictions. This assumes the premise is true. If the premise is false, make it true by shifting operations away from affected jurisdictions.
- Do nothing. Pretend the new laws don’t exist.
- Shift to anonymous and decentralized methods of development and distribution to evade the new laws.
System76 disagrees with the new laws but has chosen to comply, and there is discussion in the Debian community to comply (approach 1). MidnightBSD is taking approach 2 for now. GrapheneOS has floated approach 3 but AFAICT have not yet decided anything. One post from GrapheneOS is this.
We’re under no more obligation to filter the internet for California than we are to do it for China. Neither blocks access to the GrapheneOS website or services. If California wants to block access to those then they’re welcome to pass a law implementing their own Great Firewall. The most action they could get from us is replacing Los Angeles and San Jose servers with Las Vegas or Seattle.