California now requires all operating systems, including Linux, to verify user age
California is moving forward with a law requiring operating system providers to implement some form of age verification during account setup. Assembly Bill No. 1043 was signed by Governor Gavin Newsom back in October and takes effect on January 1, 2027.
According to the bill's text, "an operating system provider shall" provide "an accessible interface at account setup that requires an account holder to indicate the birth date, age, or both, of the user of that device for the purpose of providing a signal regarding the user's age bracket to applications available in a covered application store."
On top of that, the system must be able to send a digital signal through an API to identify the age category of a specific user upon a developer's request. The law breaks users into four groups: under 13, between 13 and 16, between 16 and 18, and 18 or older.
The bill stops short of mandating the most invasive verification methods – no face scans required – but it does obligate providers to collect age data at account creation and share a segmented version of that data with third-party developers on request.
For Windows, this likely isn't a big deal – Microsoft already asks for a date of birth when setting up a Microsoft account. But the requirement applies to all OS providers, and that's what's stirring up frustration across Linux communities.
CatoDomine, a user on the r/linuxmint subreddit, put it bluntly:
"This is basically impossible for California to enforce. Even if Linux Mint decides to add some kind of age verification, to comply with CA law, there's no reason anyone would choose that version."
Their take on the more likely outcome:
"It's more likely they will put a disclaimer on their website: 'not for use in California.'"
Zooming out, mandatory age verification is becoming an increasingly common legislative push. The UK's Online Safety Act has faced sharp backlash over privacy concerns, and Discord drew its own controversy over face-scanning verification – partly due to concerns that partner companies might use the collected data for purposes well beyond simple age checks.
California's law is just one local example, but it reflects a broader push by governments worldwide to enshrine age verification in law. How effectively that can be enforced for open-source operating systems is another question entirely.
