Get Ready for a Kid Friendly Internet

The California legislature just passed the Age-Appropriate Design Code Act. Conceptually, the goal is to try to make sure that web sites kids visit are appropriate for kids.

The problem is, how do you know who is a kid?

Once Governor Newsom signs the bill, the code will require sites and apps – BOTH – that serve users under 18 “consider the best interests of children when designing, developing and providing” their products.

This could work out well, but I anticipate that the law of unintended consequences will preveil.

I think the first thing that will happen is that sites that do not CATER to kids but for may be appropriate for kids will say that they don’t want to meet the requirements for people under 18 will just put a sign on the front door of the site “NO ONE UNDER 18 ALLOWED. IF YOU PROCEED, YOU CERTIFY THAT YOU ARE OVER 18”. Of course, people will lie, but the web site owners will have cover.

THE FIRST GROUP OF SITES TO PUT A LOCK ON THE FRONT DOOR WILL BE SITES THAT DISPENSE INFORMATION.

For sites that do attract kids and teens, how will they identify them? Most kids and young teens don’t have government IDs. Does that mean that any site that might attract young people will need to card everyone at the door?

Does this mean that a company that attracts young people has to have two versions of their web site? Two privacy practices?

No such thing as anonymous surfing any more.

In fairness, companies that make money selling your data, they make it hard for you to control your data. If this changes that, this will be a win.

If signed, the law would impose stricter rules around what companies can and cannot do with kids personal information (assuming sites can figure out who a kid is). No kid ever borrowed their parent’s ID and used it. Ever.

They would also have to complete a Data Protection Impact Assessment.

It would also require sites to disclose if the product use addictive design mechanisms.

Most notably, the bill would apply to sites and apps that aren’t specifically directed at children, but are “likely to be accessed by” them. That means the regulatory controls will extend beyond the usual suspects of mobile games or teen social media hubs. The rules could apply to, among other sites, Google Search, retail sites, and news websites. Does this mean that every Google search you do will be even more identified with you?

Does this mean that every news site in the world has to meet this requirement? Good luck enforcing that.

The bill requires that companies estimate the age of a child with a reasonable level of certainty. HOW? Oh, right, the bill doesn’t specify that.

Oh, and since the site doesn’t want to have to get a drivers license from the kids (parents) every time, that means that you need to, inherently, track every user. Forever.

It says the age estimation cannot be kept longer than necessary. Whatever the hell that means. Necessary means, say, 5-10 years maybe longer. How does a web site know when or if you are coming back. Since they have to keep track of who you are, they will know what you do when you are there. They might not be able to sell it, but they will collect it. They will come up with an excuse as to why.

The bill creates a new bureaucracy to oversee the law, which goes into effect in July 2024.

Lets assume there a few million apps and a billion web sites out there. How many do you think the state will be able deal with?

What a cluster.

Credit: Wired

Source: Wired

by