Open source need not apply

Open source values are just different. Our operating systems and apps don’t collect personal information, profile children, inject targeted ads, or create addictive design patterns. The kinds of behaviors these children’s safety laws regulate are antithetical to open source values. For software that does not engage in these behaviors, mandatory age attestation creates privacy costs without corresponding safety benefits.

We’re naturally resistant to this kind of activity. If an open source project attempted these behaviors, it would be relegated to the heap of random software rotting on the internet. Or forked without those properties. systemd, a common init+more system recently added a birthdate field to users accounts. That’s okay. We simply ignore the field. We don’t want to know the user's birthday because a username and birthday could identify an individual. Personal privacy is central to our philosophy.

The process

The nature of open source is not well understood by many of our representatives, or many people for that matter. Don’t be too surprised. For most of the world, modern technology means seeing an ad for something they were just talking about with their friends. It’s creepy and feels invasive. It’s up to us to articulate how open source differs from that experience. And that’s what we did.

In Colorado, we had the opportunity to meet with our representatives along with other members of the local open source community. Our concerns were heard and shared by our reps. A collaborative process followed where every participant exchanged suggestions and language to protect privacy while exempting open source software, code repositories, and container registries. Constructive engagement got results.

I had help

Brainstorming discussions internally at System76 and with folks in the community and Red Hat helped identify potential improvements to the legislation. We found holes in proposed language and explored issues that could arise. We drafted and exchanged numerous changes and played devil’s advocate, understanding that we will have to defend language we propose to our representatives and perhaps in committee hearings.

We also coordinated with community members and lobbyists in California, exchanging notes and language that ultimately made it into the California legislation.

Our strategy was to establish an example in Colorado that could influence amendments in California. While I’m a bit in shock, it worked. The goal was to set an open source exemption standard in Colorado and California that other legislatures could adopt. But for that to succeed, California had to be on board.

On the merits

Age attestation, and in some locations full age verification, is the current legislative soup du jour. It’s spreading not only throughout the United States, but throughout the world, from Australia to Brazil to Europe. There’s more work to be done.

I’m sharing this story because I see the cynicism. I understand it too. If we can move beyond cynicism and talk about the merit of open source, we can make a difference for the open source community.

iOS and Android have distorted the view of computing into platforms for consuming apps. We must illustrate the contrast with the world we live in: a world of computing centered on creation, where people build and share free software, collaborate openly, and drive innovation that ultimately benefits everyone.

Write your legislatures with constructive, educational feedback. Engage as deeply as you can. The altruism inherent in open source, its privacy-oriented values, and importance for education and innovation are not widely understood. Let’s change that.

Carl Richell
CEO
System76

—

Pop!_OS and the COSMIC Desktop Environment will not include Age Verification or Age Attestation.