Comment on Three questions about California AB1043 C. 675
DomeGuy@lemmy.world 1 day ago
Not a lawyer, answers based on legiscan.com/CA/text/AB1043/2025
- Under section 1798.501. (b) 4A, wouldn’t this make collection of almost any system information illegal?
No. Because the terms are defined in 1798.500. They can ask your system directly whatever they want; they just can’t ask Microsofg, Apple, or Google for correlating specifics.
- Since 1798.501. (b) 2A seems to require that developers that receive this age flag treat assume it is true, this would at least apply to CCPA, and California Civil Code, right?
Yes, but only insomuch as laws that protect minors impose additional constraints on those who have “actual knowledge” that a user is actually a child.
It doesn’t mean they need to trust the OS flag if they have suoerior knowledge as to someone’s actual age. If I ask a child to contact Imgur to delete my account they’d block out my porn stash but otherwise treat the request as any other “delete an adult’s account” request.
- Would 1798.501. (b) 2A also apply to COPPA? I know this is state versus federal law, but…
Statr law can expand upon federal law but not contradict. And it smells like AB1043 is more “add a more explicit signal of user age” than anything affecting data retention relating to children.
What part do you think is contradictory?
PlzGivHugs@sh.itjust.works 1 day ago
So, if I understand right, basically they assume its correct unless given significant evidence otherwise? So like, if this flag is enabled and I visit a website and don’t directly provide personal information, then they have to assume I am a child under CCPA and thus can’t share my data. Right?
I was wondering more if they could just argue that it isn’t an reliable metric and thus was ignored for COPPA if it ever came up in Federal court - esspecially if adults end up using the flag for CCPA or Civil Code protections.
DomeGuy@lemmy.world 17 hours ago
That’s how it reads to me this morning. Assuming by “given” you meant “they have at all”.
Based on the CA AG’s page at www.oag.ca.gov/privacy/ccpa , I don’t see how “the browser reports the user as a child” gives a substantial additional burden on website developers. Presumably, the most they’d have to do to comply is use the flag to change “do you agree for yourself” to “PARENT OR GUARDIAN: Do you agree for the user of this account…”
I’m missing the part where an adult setting their age category incorrectly for themselves would do more than get a stronger porn block and a bunch of “go get your parent” pop-ups instead of “click here if you’re over 18.”
Presumably, if Microsoft and Google and Apple don’t get the Digital Age Assurance Act blocked in court, we could see a broad adoption of it as a way to skip paying for third-party age validation for sites like Reddit, BlueSky, and Lemmy, and all of the porn sites on the internet would just ask for the flag in lieu of their current “do we have a cookie where this user clicked that they’re at least 18” code.
PlzGivHugs@sh.itjust.works 9 hours ago
Thank you for the help understanding this.