What do people think the chance is that someone from the OSI, FSF, or Linux Foundation WROTE this bill? Curious where people's mental models are at.

This Illinois law seems to be based on the California one, which is the completely unintrusive one with no mass surveillance or anything like that. It says every operating system must have a parental controls feature, to be enabled or disabled by the device owner, and every app must respect it.

In addition, unlike the California one, the Illinois one specifies certain specific things that must be parentally controlled, such as financial transactions, and addictive feeds. All of it can be overridden by the device owner without providing ID or anything. It also clearly specifies the penalty for a violation: it's to be treated as consumer fraud/unfair trading practices.

I'm watching, whoever you are. You can't hide forever. Your ego will eventually betray you.

When my dad told me to stop doing something, I stopped doing it. Because the consequences were guaranteed, and not fun.

It seems to me that giving young kids devices is a bad idea in general?

I'm not sure what the age is when not having one becomes a greater liability for them than having one but I really feel strongly that creating laws around this is clumsy and the issue is still generally poorly understood.

Let's not create laws around stuff we don't really understand well yet?

I'm not a parent so I wish I didn't have a dog in this fight but legislation like this forces me too.

Which is IMHO my take on what should be done.

1. require functioning parent controls (here its also worth considering the abuse of parent controls). A problem here is the absence of a proper competing market of (phone) operating systems...

2. use parent controls to "anchor"/set the age/age category. I.e. NOT age verification, just age indication.

3. propagate them similar but not the same as with the Californian law, where possible do the decision before starting a program/fully loading the website etc. (1)

4. allow exception to be set (incl. per "origin" i.e. app, but also sub app e.g. browser:<domain>), it's a parenting tool not a state enforced

5. make it explicitly a non goal for this to be "hard to hack" or anything like that, it's a parenting tool not a banking tool. Proper trust management in a parent child relationship still matters and replacing it with "technology" is unlikely to end up well.

6. where possible leave the decision to the parent controls

7. Age categories are geographically/standard/age scoped, for most apps/site they only have one age gate and can just list them, potentially with content group hints, e.g. `us:pg:13,horror;de:fsk:12,horror` if the the user is in idk. uk the parent controls can make the decision, which might involve parent settings. E.g. a German parent probably wants to treat `us:pg:13,violence` as 14+ and very conservative people in the US want to treat `de:fsk:12,non-erotic-nudity` as 16+. For apps which serve content on a feed it's more shitty as they really want to be given the age gate instead of providing the contents age on access. This doesn't mean that they can't check the age gate for every peace of content "when serving it" (pitching back control to the parents controls) but still need a general age category, which will leak parent controls country, most times that will happen anyway by IP country of origin. So should work?

8. IP country of origin != age gate law which should apply. While legally not fully wrong to treat the same parents would be very surprised if their parent control allow/forbid things when they are on a holiday trip or because their child connected to a VPN tunneled hot spot... This loops back to 6. to give the decisions to the parent controls instead of the app/site/service.

9. criminal liability for intentional miss-classification of age gates (the "intentional" part matter a lot here).