GoKawiilCalifornia lawmakers may be backing away from a controversial age-verification requirement bill that alarmed Linux and open-source developers earlier this year, after a new amendment bill proposed exempting most open-source operating systems from the state’s upcoming Digital Age Assurance Act. In practice, that would likely exempt most mainstream Linux distributions — including Debian, Fedora, Ubuntu, Arch Linux, and Mint — from compliance requirements scheduled to take effect on January 1, 2027.
Assembly Bill 1856 (AB 1856), currently moving through California’s legislature ahead of committee reviews in June, would amend the state’s earlier age-assurance law by excluding software distributed under licenses that allow users to “copy, redistribute, and modify the software.”
The proposed amendment specifically states: “Operating system provider” does not mean a person or entity that distributes an operating system or application under license terms that permit a recipient to copy, redistribute, and modify the software.
Latest Videos From
The amendment follows months of backlash after California passed the original Assembly Bill 1043 (AB 1043), formally known as the Digital Age Assurance Act, in late 2025. The law sought to shift online age verification away from individual websites and apps and down to the operating-system level instead.
Under the original law, operating systems would be required to request a user’s age or birth date during device setup, then expose an “age bracket signal” to apps and app stores. The law, which defined brackets such as “under 13,” “13–15,” “16–17,” and “18+,” immediately raised questions about how such requirements would apply to decentralized, open-source software ecosystems.
Unlike Apple’s iOS or Google’s Android, most Linux distributions are not centrally controlled commercial platforms. Many are community-run projects maintained by volunteers, often without user accounts, telemetry systems, or even formal corporate ownership structures. Critics argued the law’s wording was so broad that it could technically force open-source operating systems to become age-verification platforms.
Privacy advocates, including the Electronic Frontier Foundation, criticized the legislation as invasive and warned it could create infrastructure for broader identity tracking online. Linux developers also questioned how California could realistically enforce such requirements on infinitely forkable open-source software projects.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter Get Tom's Hardware's best news and in-depth reviews, straight to your inbox. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors
The controversy became particularly heated after reports suggested platforms like SteamOS could still fall under the law due to their ties to proprietary application ecosystems. Valve’s Linux-based gaming platform ships with the proprietary Steam storefront and client, potentially placing it closer to Apple’s App Store or Google Play from a regulatory standpoint.
... continue reading