You may soon need to verify your identity on every website you visit if two California lawmakers pass. A new bill called the California Age-Appropriate Design Code Act was introduced in the California Senate this week, with the goal of protecting children online through age verification.
A number of privacy advocates and groups have thrown their weight behind the bill, including Frances Haugen, best known as the former Facebook employee who leaked 20,000 internal documents last year. Haugen compares the bill to a “safety belt” for children using social media.
If it becomes law, the bill could dismantle some of the central tenets we know and love about the internet – the most important being the ability to browse anonymously.
Not like the UK — Bill AB2273 is not just about social media. It is inspired by the UK’s Age Appropriate Design Code, which became law last year. As Eric Goldman, a professor at the Santa Clarita University of Law, points out, the American counterpart takes a rules-based approach that would go far beyond children’s privacy.
The bill would effectively require every website to verify a viewer’s age before allowing them access to its services. This would include companies that provide “an online service, product or feature that is likely to be accessed by a child”, i.e. anything.
How this process would be maintained is not specified; the bill simply requires companies to use top-notch privacy for all stored personal data. Just ambiguous enough to place massive liability on every business with a website – and broad enough to provide no guidance to actually help those businesses track.
We need shades – AB2273 supporters see it as protection for children, to keep them away from the worst parts of the internet. What they don’t recognize – and Haugen’s public opinion on the matter certainly falls into this trap – is that this kind of drastic action would have far-reaching consequences than just protecting children. Adults should be comfortable providing age verification to countless companies. We simply don’t have the data privacy infrastructure to secure this process on every account.
It’s refreshing that lawmakers are taking the time to come up with data privacy bills. However, for these bills to be effective, we will need much more comprehensive data policy reform from the top and much more nuanced takes from the bottom.