Don’t get me wrong, I’m all for privacy. But between setting up the birthdate when creating my children’s local account on their computers, and having to send a copy of their ID to every platform under the sun, I’d easily chose the former.
I’d even agree to a simple protocol (HTTP X-Over-18 / X-Over-21 headers?) to that.
The effort from a Linux team here would amount to little more than a “are you 18 yes/no” and there’s no way that would be considered good enough down the line if not now.
Yet, with the way the California bill is written, so long as that data was collected at account creation, it would be adaquate.
Sure. For now. But in any case, aren’t they legally viable if someone complains?