California spares open source, but pushes age checks toward the web
AB 1856 fixes the open source carve-out while extending age checks toward the web.📷 AI-generated image / TECH&SPACE
- ★AB 1856 would improve the treatment of open source operating systems under California’s age-bracketing regime.
- ★EFF warns the bill would still require browsers and websites to request and collect users’ ages.
- ★The fight now moves to the Senate, where speech, privacy, and security limits will be tested.
California’s AB 1856 is being framed as a repair job for one of the most visible problems in last year’s Digital Age Assurance Act, AB 1043: its treatment of open source operating systems. After public criticism, lawmakers are moving toward an exemption for open source OS projects. That matters, because volunteer-driven and publicly distributed systems do not operate like locked-down commercial platforms with centralized account controls, app distribution, and compliance teams.
But the Electronic Frontier Foundation says the fix comes with a larger problem. In EFF’s reading, AB 1856 does not merely carve open source out of part of the regime. It also extends age-checking obligations to web browsers and websites, requiring them to request and collect users’ ages. That shifts the burden from operating systems and app stores into the basic layer through which most people reach the internet.
EFF warns that the new amendments fix one AB 1043 problem while pushing browsers and websites deeper into age collection.
EFF warns that browser age prompts create a new layer of data collection.📷 AI-generated image / TECH&SPACE
AB 1043’s original model required operating systems and app stores to create age-bracketing systems that segment users by age. EFF argues that this kind of regime threatens speech, privacy, and security because age assurance is not just a harmless setting. For the system to work, a service has to ask for age information, connect it to access decisions, and retain enough data to enforce those decisions. That creates new databases, new compliance pressure, and new points where lawful speech can be filtered before a user ever sees it.
AB 1856 therefore cuts in two directions. The open source exemption recognizes that a law written around centralized platform control can damage projects that are public, decentralized, and not built around a single commercial gatekeeper. At the same time, pushing age requests into browsers and websites expands the reach of the same architecture. A browser is not just another app. It is the everyday tool for reading, publishing, research, organizing, education, and political speech.
EFF says it will keep pressing for amendments as AB 1856 moves to the Senate. That is the decisive venue now, because California’s internet safety laws often become templates elsewhere even when their technical assumptions are shaky. If age-bracketing becomes a normal condition of web access, the debate will no longer be only about protecting minors. It will also be about who may demand age or identity-linked data, how long that data can be kept, and which forms of online speech become conditional on verification.
