Age verification laws have been spreading fast, and we have been keeping tabs on them for a while now.
- California’s Digital Age Assurance Act (AB 1043) was the first to land, signed in October 2025, with Colorado following with its own version (SB26-051).
- Neither made any concessions for open source software in the original language, which left Linux distributions and other community-run projects in a very uncomfortable dilemma.
- Both have since moved to fix that, with Colorado having wrapped it up earlier this month and California heading for a full Assembly vote.
- What’s California doing? Look at the blue bits.
- AB 1043 required OS providers to collect a user’s age or birth date at account setup and share it with apps through a real-time API, starting January 1, 2027 .
- Open Source projects got no special treatment in the original text, which is something we wrote about when the bills started drawing attention.
- Assembly Member Buffy Wicks , who authored AB 1043 herself, introduced AB 1856 in February to address that.
- After four rounds of revisions, the bill has rewritten the definition of ” operating system provider ” to exclude anyone distributing an OS under terms that let recipients copy, redistribute, and modify the software .
- Most Linux distributions under permissive or copyleft licenses fall cleanly within that.
- In tandem, another change covers the application side, where software that is not offered as a standalone executable through a covered app store is no longer treated as an ” application ” under the law.
- The bill passed the Appropriations Committee 11-0 on May 14. It was ordered to third reading on May 19 and is awaiting an assembly vote.
- Interestingly, Buffy is the chair of that committee.
What about Colorado?
- The formatting of this bill document could be better. ☠️
- Colorado’s path here involved some direct community legwork.
- Carl Richell , the founder of System76, spent some considerable time working with Senator Matt Ball, one of SB26-051 ‘s co-authors, to get open source exclusions written into the bill.
- The bill exempts OS providers and developers distributing software under terms that permit copying, redistribution, and modification .
- It also adds a requirement that exempt software have no platform-imposed technical or contractual restrictions on installing modified versions.
- The extra clause is aimed at tivoization , where manufacturers lock down hardware to block modified software from running even when the source code is freely available.
- Beyond that, code repository providers, containerized software distributions, and applications from free, publicly available code repositories are explicitly excluded too.
- The law also has a narrower scope , only applying to OS providers that operate a covered app store or ship one pre-installed.
- An OS provider with no app store involvement does not come into scope at all. Besides that, SB26-051 is now set to take effect on July 1, 2028 .
Some closing words…
Neither state got here automatically.
- The open source exemptions did not exist in either bill to start with, and it took sustained community pressure and direct legislative outreach to get them added.
- This is something that can be applied to many other issues , of course.
- Though, when the representatives are more interested in serving certain interests ( say due to pressure from certain lobbies ) than their constituents, disruption tends to be the only way out.
—
Source: [feed.itsfoss.com](https://feed.itsfoss.com/link/24361/17348668/age-verification-open-source-exemptions)
**Feed ID:** 2
About The Author
