If passed, the bill would apply across the U.S., unlike the state-level laws already around.

The U.S. has been quietly building up a set of state-level laws that push operating system providers into the age verification plague.

California’s AB 1043, signed in October 2025, requires OS providers to collect age data at account setup and pipe it to apps through a real-time API. It kicks in on January 1, 2027.

Colorado is working on something nearly identical. SB26-051 (which we covered when it was still a proposal) passed the state Senate 28-7 on March 3, 2026, and is now waiting on a House vote to become law there too.

However, these are just state-level laws. A new federal bill, H.R.8250, introduced on April 13, 2026, by Rep. Josh Gottheimer, with Rep. Elise M. Stefanik signing on as cosponsor, has us intrigued.

  • IllNess@infosec.pub
    121·
    7 hours ago

    This basically makes using VPNs for privacy useless. Now they will have a record of every IP address you ever used. They can also use local laws internationally. Like if your state has age verification or bans certain sites, they can just use your ID to ban those websites or apps even if you aren’t in the country.

    This is horribly bad…

      • t3rmit3@beehaw.org
        5·
        4 hours ago

        State-level bills have heretofore only required OSes to ask a user if they are of majority age. A federal bill is likely (based on the groups backing and who proposed it) to require OSes to validate (i.e. have users prove, not just assert) their ages.

        Depending on what mechanisms are mandated, and who they target punishment at, it could lock 99% of users (who are not willing or capable to use means to bypass this) into tying all their actions online to a government-run database.

        It’s not enough that means to bypass it exist; the government shouldn’t be able to mandate this kind of control, and shouldn’t be propagating the expectation that this behavior and level of control is normal or acceptable.

      • IllNess@infosec.pub
        7·
        6 hours ago

        This bill, if passed, will force operating systems to verify the age of the user. This means the verification uses a government issued ID.

        • Mothra@mander.xyz
          3·
          5 hours ago

          It’s the mechanism apparently being impossible to be cheated on what I don’t understand. Or maybe I’m just hopelessly confused.

          I should have replied under the post instead of under your comment, but it was your comment the one triggering the oh wait what moment for me, sorry. Don’t feel like you have to give me an answer if I’m not making any sense