Tag: digital id

Minnesota Law Requires Platforms to Monitor and Age-Estimate All Users

Governor Tim Walz signed House File 4138 on Tuesday, turning Minnesota into the latest state to demand that social media platforms profile every user who logs on.

The law, which takes effect in July 2027, forces platforms with at least 10,000 account holders or $1 billion in annual revenue to estimate the age of all Minnesota users, obtain parental consent before anyone under 16 can hold an account, and disable a list of features the legislature has labeled “addictive.” It passed the state House 132-2 and the Senate 66-0.

We obtained a copy of the bill for you here.

The bipartisan consensus is remarkable given what the bill actually requires. Buried beneath the child protection language is a surveillance apparatus that applies to every user, not just minors.

When you create an account on a covered platform, the law demands you declare your month and year of birth. That’s just the beginning. Once you’ve spent 25 hours on the platform within six months, the company has 14 days to estimate your age using “reasonable efforts, taking into consideration available technology and the data in the possession of the covered social media platform.”

If the platform can’t reach 80% confidence that you’re 16 or older, you get classified as a child and locked into restricted mode.

Hit 50 hours, and the confidence threshold rises to 90%. Still not verified? The age estimation repeats every six months for the first seven years your account exists, or more often if the platform runs any demographic analytics on your profile.

That means platforms are legally required to continuously analyze how you behave, what content you engage with, and who you communicate with for the better part of a decade. The law creates an obligation to surveil that didn’t exist before.

The mechanisms available for “verifiable parental consent” come from the COPPA 1.0 framework which speaks volumes about the privacy costs this law is willing to impose.

Parents can sign a consent form, hand over credit card information, submit a copy of a government-issued ID alongside a face scan, or verify their identity through video conferencing.

Keep reading

Texas Sues Discord, Seeks Mandatory Age Verification

Texas Attorney General Ken Paxton sued Discord on Friday. The lawsuit alleges the platform enabled child predators, deceived parents, and violated the state’s Deceptive Trade Practices Act.

But the remedy Texas is asking the court to impose goes far beyond fixing Discord’s broken safety systems. Paxton wants a judge to order mandatory age verification for every user on the platform under the Securing Children Online through Parental Empowerment Act, Texas’ SCOPE law.

That means before you can type a message, join a server, or talk to anyone on Discord, you would need to prove your identity to the state’s satisfaction. Government ID uploads. Biometric face scans. Third-party verification services that cross-reference your private records.

The SCOPE Act doesn’t specify which method, just that the platform must use a “commercially reasonable” one. All of that requires surrendering personal data that goes well beyond confirming you’re over 18.

This is the pattern now. Age verification laws are the vehicle through which governments are dismantling anonymous access to the internet and they’re doing it one platform at a time, one state at a time, always framed as protecting children.

More than 25 US states now require age checks to access some form of online content. The Supreme Court upheld Texas’s age verification law for adult websites last year.

The EU is rolling out its Digital Identity Wallet by the end of 2026. Australia banned under-16s from social media entirely. Discord is just the latest target.

“Discord has allowed and invited all kinds of nihilistic violence and evil,” Paxton said. “We live in a time where the dangers children face online have never been greater, and every parent in Texas deserves to know their child is protected.”

Paxton filed the lawsuit in Collin County state district court, part of a burst of tech company litigation from his office ahead of his US Senate GOP runoff against John Cornyn, which he won yesterday.

We obtained a copy of the lawsuit for you here.

Earlier this year and last, his office has gone after Snapchat, TikTok, and Roblox on similar grounds. Texas joins Nevada, Indiana, and New Jersey in suing Discord specifically, with Florida investigating separately.

Keep reading

California’s New Age-Verification Bill Frees Linux But Expands Age Tracking to the Open Web

California Assembly Bill 1856 is getting friendly press coverage because it now exempts Linux from the state’s age-tracking mandate. The part nobody’s talking about is that it simultaneously expands the surveillance to your web browser.

AB 1856, authored by the same lawmaker who wrote the original Digital Age Assurance Act, amends the law to exclude open-source operating systems from its definition of “operating system provider.”

Any software distributed under a license that lets users “copy, redistribute, and modify the software” would no longer be covered. Debian, Ubuntu, Fedora, Arch Linux, and Mint all walk free. That sounds like a win and tech outlets are reporting it as one. It’s also a distraction from what the bill adds.

The original law, AB 1043, required operating systems to harvest users’ ages during device setup and feed that data to app stores and app developers through a real-time API.

AB 1856 keeps all of that and extends the data pipeline to browser providers and website operators. Browsers would now be required to collect age signal data from the OS and pass it along to any website subject to online age verification laws.

We obtained a copy of the amended bill for you here.

Those websites, in turn, would have to request the age signal when you visit them. Your age bracket, declared once during OS setup, would follow you from app to app and now from site to site, broadcast to every developer and website operator who asks.

This is how a law originally limited to apps and app stores becomes an age-tracking system for the entire internet.

The Expanding Universe of “Covered” Websites

The category of websites subject to age verification laws started narrow as the earliest mandates targeted pornography sites. It has since expanded to social media platforms and a growing list of sites legislators consider likely to “harm” children in loosely defined ways. That list keeps getting longer and AB 1856 doesn’t define its own boundary. It piggybacks on whatever other laws exist, meaning every future expansion of age verification requirements automatically expands the reach of AB 1856’s browser-based data pipeline, too.

California has actually built an age-tracking infrastructure that scales itself.

Keep reading

Massachusetts House Passes Social Media Age Verification Digital ID Bill

Massachusetts just voted to force every social media user in the state to prove their age to a tech company. 

The bill passed the House 129-25 on Wednesday, banning children under 14 from social media entirely, requiring parental consent for 14- and 15-year-olds, and mandating that platforms build age verification systems to enforce all of it. If it becomes law, the policy takes effect on October 1.

We obtained a copy of the bill for you here.

House Speaker Ron Mariano and Ways and Means Chair Aaron Michlewitz framed the legislation as protection. “This ban would be among the most restrictive in the entire country, helping to protect young people from harmful content and addictive algorithms that have a proven negative impact on their mental health,” they said in a joint statement. 

They also described the broader goal: “The simple reality is that Massachusetts must do more to ensure that our laws keep pace with modern challenges – especially when it comes to protecting our children, and to setting students up for success in the classroom and beyond.”

The bill doesn’t say how companies should verify ages. It leaves that to Attorney General Andrea Campbell, who would have until September 1 to write the implementing regulations. 

That vagueness is deliberate, according to Michlewitz, who said it gives the AG flexibility in a changing industry. 

But the practical reality of age verification is that someone has to prove who they are. 

That means government IDs, facial scans, or behavioral tracking, and those requirements don’t just apply to kids. Every user on the platform has to go through the system, because you can’t filter minors without checking adults, too.

Keep reading

Big Tech Backs Colorado OS-Level Age Data Bill

Chamber of Progress, a lobbying group bankrolled by Amazon, Apple, Google, Meta, and OpenAI, is pushing Colorado Governor Jared Polis to sign SB 26-051 into law.

The bill would force operating system providers to harvest users’ dates of birth and pipe that data to app developers through an API every time you download or open an app. If Polis signs it, your phone’s operating system becomes more of an identity checkpoint, not just for children, but for everyone.

The bill landed on the Governor’s desk on May 12 after clearing both chambers of the Colorado legislature, passing the House 40-23 and the Senate 26-9.

We obtained a copy of the latest version of the bill for you here.

Sponsored by Democratic Senator Matt Ball and Representative Amy Paschal, the legislation mirrors California’s AB 1043, signed into law in October 2025. Colorado’s version would start applying to new users on July 1, 2028, with existing users folded in by January 1, 2029.

When you set up a device account, the OS asks for a date of birth. That data gets translated into one of four age brackets (under 13, 13 to 15, 16 to 17, and 18-plus) and stored as an “age signal.”

Developers are required to request that signal at first launch or account creation through a real-time API. Every app you open gets to ask your operating system how old you are.

Chamber of Progress told Colorado lawmakers that the bill “reflects an important effort to protect children online while minimizing risks to privacy and lawful speech.”

That framing collapses under the weight of what the bill constructs. It calls age-bracket data “nonpersonally identifiable,” but an age bracket combined with a device ID, app usage patterns and an IP address makes re-identification trivial. When that signal flows to dozens of apps at launch, the aggregate profile becomes far richer than any single data point suggests.

The bill also makes anonymous device use functionally harder. If account setup requires an age attestation that follows you into every app, you lose the ability to use the software without disclosing something about your identity. That has consequences for journalists, activists, domestic violence survivors, and anyone who treats privacy as a default.

The bill never specifies how age data is verified. Account holders just “indicate” a birth date. It may not have an ID check or a biometric scan, at least for now. But a 12-year-old can type in 1988 and the system accepts it.

As a mechanism for protecting children, this is useless, and everyone involved in writing it knows that. What it does accomplish is something else entirely. It builds the architecture: the API, the data pipeline, the legal obligation for developers to query an age signal at every app launch. Once that plumbing exists, the only question left is what gets poured through it.

Keep reading

Amid UK Turmoil, Push For Digital ID and Cellphone Surveillance Continues

The floundering left-wing Labour Party government in Britain appears intent on imposing as much authoritarianism as possible on the public while it still remains in power, with Prime Minister Sir Keir Starmer using the King’s Speech on Wednesday to confirm plans to introduce a Digital ID system while plans for deep surveillance of private digital devices are revealed.

When in doubt, break glass for more Blairism appears to be the order of the day. Fighting for his political life following a disastrous performance in last week’s local elections, Prime Minister Starmer has not only turned to major figures from the previous Labour government, tapping Blairite veterans former PM Gordon Brown and Deputy leader Harriet Harman to come on board as advisors, he now seems intent on fulfilling his predecessor’s unfulfilled aims, introducing a Digital ID.

Although the Brown government began to introduce such a system, it was eventually scrapped following the 2010 general election, which the Conservative Party made a referendum on the idea. While long classified as fundamentally un-British — with the UK abandoning national identity cards following the Second World War in contrast to many other European nations — the project of a Digital ID has remained a key goal of the scheme’s architect, Former PM Tony Blair, who remains a key power broker in the background of the Labour Party.

On Wednesday, amid ongoing rumours of potential leadership challenges, Starmer’s government outlined its plans for the upcoming parliament in the King’s Speech, in which the Monarch reads a list of priorities written for him by Downing Street.

“My Ministers will also proceed with the introduction of Digital ID that will modernise how citizens interact with public services [Digital Access to Services Bill],” King Charles III told the State Opening of Parliament.

The government has previously pitched the concept as a cure-all for illegal immigration, saying it could be used to ensure that anyone seeking a job or renting a flat has their citizenship or immigration status instantly verified. Other potential uses put forward include accessing government services and collecting health records.

However, opponents have long raised concerns about Digital IDs, particularly regarding privacy and creeping state intervention. The British government has not showered itself in glory in recent years in terms of keeping digital secrets safe, with it recently accidentally leaking a list of thousands of spies, soldiers, and allies on the ground in Afghanistan to the Taliban, undercutting the notion that it would protect the much less sensitive data of average Britons.

Keep reading

King’s Speech 2026: Britain’s Monarchy Reads a Doomed Agenda as Starmer Clings to Power

For many years, it was called the Queen’s Speech and delivered year after year by Queen Elizabeth II. Now it’s the King’s Speech — the traditional State Opening of Parliament where King Charles reads out the government’s planned laws. The Prime Minister’s team writes the whole thing, so it’s really their agenda, not the King’s personal views. Think of it like a presidential address to Congress, but with all the robes, crowns, and centuries of tradition.

This year’s speech, delivered on May 13, 2026, felt particularly awkward. Just six days earlier Labour had been hammered in the local elections — losing over 1,000 council seats while Nigel Farage’s Reform UK stormed ahead with more than 1,100 gains and took control of several councils. Keir Starmer is clearly fighting for his job. Dozens of Labour MPs are already calling for him to go, four ministers have resigned, and the party looks in open revolt. Yet there was the King in full ceremonial dress, reading out Starmer’s wishlist as if everything was business as usual.

The optics aren’t great. Critics are right to worry that the monarchy is getting dragged into Labour’s internal mess at a time when trust in institutions is already low. When the head of state appears to back the government’s plans just days after voters delivered a clear rejection, it raises serious questions about whether the Crown is staying truly neutral.

Conservatives on both sides of the Atlantic should pay close attention to the six main priorities. Far from listening to last week’s verdict at the ballot box, Starmer’s team looks completely tone-deaf to the issues that drove so many people toward Reform UK.

Keep reading

Shapiro’s AI Chatbot Plan Opens the Door to ID-Gated, Surveilled Conversations

Pennsylvania Governor Josh Shapiro is suing Character Technologies for letting its AI chatbot impersonate a psychiatrist.

Shapiro then proposed ideas that would require a digital ID to use an AI companion bot, force companies to surveil every conversation children have with chatbots, and automatically report flagged messages to authorities.

The proposals first appeared in Shapiro’s February 2026 budget address. The May 5 lawsuit press release recycles them for a second round of coverage, using a real legal action as a vehicle for something far broader.

We obtained a copy of the lawsuit for you here.

Shapiro wants to “require age verification and parental consent to utilize AI companion bots.” Age verification that can’t be bypassed by typing a fake birthday means government-issued ID uploads, facial scans, credit card checks, or third-party identity services. There is no version of enforceable age verification that doesn’t harvest and store sensitive personal data. The proposal would turn chatbot access into an identity-checked activity, requiring you to prove who you are with documents before a bot will talk to you.

This mirrors Senator Josh Hawley’s federal GUARD Act, which the Senate Judiciary Committee advanced 22-0 on April 30. The GUARD Act explicitly states that a “reasonable age verification measure” cannot be a checkbox or a self-entered birth date. What it can be is a government ID, a biometric scan, or a financial record tied to your legal name.

Shapiro’s proposal doesn’t spell out its methods yet but if the goal is real enforcement rather than theater, it lands in the same place. Between Harrisburg and Washington, showing papers to chat is becoming a bipartisan consensus.

Keep reading

The FCC Wants Your ID Before You Get a Phone Number

The era of the anonymous phone number could be ending. On April 30, the Federal Communications Commission unanimously approved a proposal requiring telecom providers to verify customers’ identities before activating service.

Government-issued ID, physical address, legal name, and existing phone numbers would all be included. The stated goal is stopping robocalls. The result would be an identity-verification regime covering one of the last semi-anonymous communication tools available to ordinary Americans.

The proposal applies to nearly every voice provider in the country, from traditional carriers and mobile operators to VoIP services. The FCC is seeking public comment on specifics, but the direction is clear.

FCC Chairman Brendan Carr framed it around negligent carriers. “As we have continued to investigate the problem of illegal robocalls over the last year, it has become clear that some originating providers are not doing enough to vet their customers, allowing bad actors to infiltrate our U.S. phone networks,” he said. Some providers, he added, “do the bare minimum (or worse) and have become complicit in illegal robocalling schemes.”

That language targets telecom companies and the surveillance targets everyone else.

The framework borrows from banking’s anti-money-laundering rules. The FCC is also asking whether carriers should retain identity documentation for at least four years after a customer leaves and whether they should check customers against law enforcement watchlists. Penalties would shift to a per-call basis, meaning fines of $1,000 to $15,000 for every illegal call a poorly verified customer places.

The real privacy stakes sit in the proposal’s section on prepaid service. Right now, you can pay cash for a prepaid phone and SIM card without showing identification. Journalists use prepaid phones to protect sources, domestic violence survivors use them to avoid being traced, and whistleblowers, activists, or anyone with a reason to separate phone activity from legal identity relies on this.

Keep reading

Age Verification Psyop? Kids Bypass Government Tech With FAKE MOUSTACHES

The UK government’s much-hyped age verification system for social media has been reduced to a joke overnight – and the punchline is being delivered by schoolkids armed with makeup pencils and fake facial hair.

A damning new report from Internet Matters reveals that more than a third of UK children have already figured out how to dodge the latest “safeguards” imposed under the draconian Online Safety Act.

Methods include entering fake birthdays, borrowing logins, and – most hilariously – drawing on fake moustaches to fool facial age estimation tech. One parent admitted catching her son using an eyebrow pencil; the system promptly verified him.

This comes as ministers double down on plans to restrict or outright ban social media access for under-16s. Just days ago, Education Secretary Bridget Phillipson and junior minister Olivia Bailey confirmed the government will impose “some form of age or functionality restrictions” regardless of whether a full ban is enacted.

A national consultation on the policy closes later this month, with pilots already running in hundreds of homes testing bans, time limits, and digital curfews.

But the farce unfolding in real time shows exactly why these measures were always doomed to fail – or, more cynically, why they were designed to fail.

Keep reading