Senate Bill 26-051 reflects that pattern. The bill does not directly regulate individual websites that publish adult or otherwise restricted content. Instead, it shifts responsibility to operating system providers and app distribution infrastructure.
Under the bill, an operating system provider would be required to collect a user’s date of birth or age information when an account is established. The provider would then generate an age bracket signal and make that signal available to developers through an application programming interface when an app is downloaded or accessed through a covered application store.
App developers, in turn, would be required to request and use that age bracket signal.
Rather than mandating that every website perform its own age verification check, the bill attempts to embed age attestation within the operating system account layer and have that classification flow through app store ecosystems.
The measure represents the latest iteration in a series of Colorado efforts that have struggled to balance child safety, privacy, feasibility and constitutional limits.
I actually disagree, because hardware-level verification is basically the most privacy-conscious method of accurately verifying a user’s age. Rather than fighting age verification entirely, I think it’s more productive to start assuming users are under 18 until proven otherwise… Age verification is inevitable, (if you don’t like it, tor is always an option), so we should at least figure out secure and private ways of doing so. Rather than resisting it outright, present them with secure and safe ways to do it. The internet is a dark place full of a lot of creeps, and services like Roblox have proven that they will enthusiastically become nesting grounds for predators unless they’re forced to add safeguards.
Sure, it’s easy to say “just monitor your kids” but no parent can be present 24/7. And in fact, oftentimes parents end up using screen time so they can do other things like chores, without needing to watch their kid. So the “just watch your kids” argument is diametrically opposed to the reality of why parents tend to rely on screens. Sometimes you just need 15 minutes to wash the dishes, without a kid demanding your constant attention. Even I, a child-free person, can understand that. And it becomes increasingly difficult to monitor them as they grow into teens and (reasonably) start expecting their own privacy.
I’ve been saying for a while now that we need to shift to hardware verification. Your device (or for shared devices like desktops, your user account) verifies your age once. And then it doesn’t need to do so again. All of the various sites and apps can simply ask your device “hey, is this user over {age}?” And the device responds with a simple true/false. You’re not needing to give your PII to every single site you visit, and the device isn’t needing to report back to the government every time an age verification check happens. It’s all done locally. The handshake could even be cryptographically secured, to prevent tech-savvy kids from MITM’ing the age check. And then protecting kids online is as simple as not age-verifying their device (and protecting your own password on shared devices). Hell, devices like cell phones could even have the age bracket set by the parent directly, since the phone would be on the parent’s phone bill. Similarly, parents could create child accounts on their shared devices, so kids can access age-appropriate content. It won’t stop kids from getting a prepaid phone, but it’ll at least prevent them from easily verifying that phone.
And it’s also the most elegant for the user experience. As far as the adult user is concerned, they never even see an “are you over 18” verification when they visit a porn site. They simply get access to the site. And kids simply get redirected back to Google’s home page (or more realistically, a page on the porn site saying “hey you failed the age check. If you’re over 18, be sure you do that with your device before trying again, because this is the only page you’ll be able to access until then. Or if you’re under 18, click here to return to where you were before” explanation) as soon as the age check fails.
Hardware age verification is basically the best of every world. You don’t rely on a third-party service to verify your PII (which will inevitably leak it, like Discord did). You don’t need to verify with every single individual site and service. The government doesn’t get a record of every site that asks for verification. And kids are automatically prevented from stumbling across adult content.
I agree that Colorado democrats are typically the “if we cozy up to the right they might stop being mean to us” candidates. I think this bill is a poor implementation, but it’s at least done under the right premise. If we could force hardware manufacturers and/or OSes to support native age verification, it would solve a lot of the current issues that we have.
You make some good points. If what you say is true, then most countries and states won’t adopt this style of verification because compromising everyone is the point. But they could probably set it up so it does compromise everyone at the hardware level.
Is it unrealistic to expect no age checks? We’ve lived through an entire internet without age checks, why is it different now? There aren’t more creeps, the only thing that’s different is our politicians feel emboldened to surrender us to tech. To use age checks as a trojan horse, to get AI behind the walls, to make us all social scores to be used secretly against us.
So I don’t see it as inevitable at all, especially not in the US, with the first amendment. Not in blue states, Colorodo is the only blue state doing any of this as far as I’ve heard either. Because they are conservative sell outs.
So I am on the side or rejecting age checks, and calling them out for what they are, surrendering us to tech for total surveillance, and replacing every politician that has supported it.
I think the big difference is ease of access. For millennials growing up, accessing the internet basically required being at the family desktop in the middle of the living room. Phones weren’t connected to the internet, and cell phones weren’t even common yet.
And kids still got groomed, even when their only access to the internet was in a shared family space. And that began to get more prevalent as devices became smarter and more portable. Now, any 8 year old can get groomed in their own bedroom, while simply playing a video game.
It’s not more common at all, we are being played by the media for this very purpose, and there is no reason we should let them win, there’s no reason they should win, they are using dishonest arguments and a majority agree with us in an honest conversation. Let’s’ call them on their bullshit and stop them, then we can keep your less worse option for when something has to be done, and keep it to show how compromising us is the reason, as they refuse the methods that wouldn’t compromise us.