The bill — set to be introduced by Sen. Mike Lee of Utah and Rep. John James of Michigan on Thursday — would require app store operators with at least 5 million users to verify users’ ages when they sign up for an account, according to a draft provided exclusively to CNN.
App stores, including those run by Apple and Google, would be required to inform app developers of a user’s age category — “young child” as under the age of 13; “child” as 13- to 15-years-old; “teenager” as 16- to 17-years-old; or “adult” as 18 or older — while protecting their personal information. Parental consent would be required before minors can download or make purchases through an app.
I’m curious to see whether the “5 million” user requirement will affect app stores beyond Apple and Google. Even if they aren’t considered app stores technically speaking.
For example, would GitHub be considered an “app store” for android users? What happens if for some reason, a parent sues GitHub for allowing their kid to circumvent app store restrictions to install an app? Will a court agree that it is an app store and force age verification requirements?
As a related story, a lot of companies are lobbying for this bill because they are afraid of the costs associated with implementing age requirement themselves.
Meta has joined forces with Spotify, Garmin, Match, and others to form a lobby group to represent their interests, especially as they come into conflict with those of Apple and Google. The group’s first order of business is arguing that age verification should be the responsibility of app stores, and not the apps themselves.
Bloomberg reports that the Coalition for a Competitive Mobile Experience will fight for app makers’ interests on a range of fronts, including ensuring that Apple and Google products work well with rivals’ devices and software, fighting what’s perceived as discrimination from the App Store and Play Store, and aiding the Justice Department in its ongoing antitrust cases against Appleand Google.
“What these founding companies share in common is they rely on the mobile ecosystem in order to serve their customers,” Brandon Kressin, the director of the coalition, told Bloomberg. “They each recognize there’s power in numbers, especially when going up against companies as powerful as the duopoly.”
Right now, the group’s priority is joining Meta’s ongoing efforts to persuade lawmakers that app stores should bear the responsibility for controlling which apps children can download, saving the apps themselves from the brunt of age verification. Google, for its part, says Meta is trying to “offload” its responsibility to keep kids safe. Utah has already passed a law requiring app stores to verify user ages, and the new coalition intends to support similar bills in other states, and efforts to introduce equivalents in the House and Senate.
The new coalition announced itself just hours before Apple suffered a major defeat in its ongoing litigation against Epic. The judge ruled that Apple is no longer allowed to collect fees on purchases made outside apps or restrict how developers can direct users to other payment options.
I think we can look at Utah’s law for some insight.
“App store” means a publicly available website, software application, or electronic
service that allows users to download apps from third-party developers onto a mobile device.
An “app store provider” is defined as “a person that owns, operates, or controls an app store that allows users in [Utah] to download apps onto a mobile device.” A “developer” is defined as “a person that owns or controls an app made available through the app store in the state.”
I think based on that, it is very conceivable GitHub or any site where its possible to download an app to a phone could be considered an app store.
If that’s the case how does age verification work if apps are side loaded from a third party instead of directly installed?
Out of curiosity, is this a solved problem with parental controls on devices?
2 Likes
Only work around I can think of would be preventing direct downloads from Github repos (i.e. using Obtainium), and linking to the developer’s own website or a smaller app store like F-Droid where an APK can be downloaded.
At best, it will be a minor roadblock to download APKs. At worst, this will harm open-source projects
How will they verify?
According to the article
While users wouldn’t have to hand over information to verify their age across multiple platforms, they’d still need to provide personal data — likely a government ID or a scan of their face — to verify their age. And it wouldn’t just apply to children, but to anyone who uses the app store, regardless of what apps they want to access.