World, Mar 3: In a move that could reshape how Americans interact with their devices, California has approved a new law requiring operating systems to verify users’ ages during account setup — a first-of-its-kind measure in the United States.The Digital Age Assurance Act (AB 1043), signed in 2025 by Governor Gavin Newsom, will take effect on January 1, 2027. The legislation requires operating systems — including Windows, macOS, Android, iOS, Linux distributions and even gaming-focused systems like SteamOS — to request a user’s date of birth or age when creating an account.The system must then classify users into one of four age brackets: under 13, 13 to under 16, 16 to under 18, and 18 and older.
A Shift in ResponsibilityUnlike recent regulations in other countries that focus on individual apps or websites, California’s law targets the operating system itself — the foundational software that powers devices.Once a user’s age bracket is established, the operating system will be required to share that classification with apps installed on the device. The aim is to help platforms tailor experiences appropriately for minors without requiring more invasive forms of identification, such as government ID uploads or biometric scans.Supporters say the measure could simplify compliance for app developers while enhancing protections for children online.“This approach builds safety into the infrastructure,” one child safety advocate said. “It’s about creating guardrails before harm happens.”International ContextOther countries have recently tightened age-related rules for online services, though through different mechanisms.
In Australia, regulators now require social media platforms to prevent users under 16 from accessing certain services unless age is verified through more reliable methods than simply entering a birthdate.Meanwhile, in the United Kingdom, the Online Safety Act and the Age-Appropriate Design Code require platforms to assess users’ ages and adjust content moderation and data handling practices accordingly — especially when minors are involved.
California’s approach goes a step further by embedding age classification at the operating system level.Privacy Concerns and Compliance RisksNot everyone is convinced the change is benign.Privacy advocates warn that creating an OS-level “age flag” could normalize deeper tracking of users. While the current law does not mandate identity verification or biometric data collection, critics fear that infrastructure designed for age classification could evolve into stricter verification systems in the future.“There’s always a risk of mission creep,” one digital privacy expert noted. “Once the framework is there, it can be expanded.”App developers may also face new compliance challenges. Under the law, companies operating in California could face penalties if they ignore age data provided by the operating system or fail to handle minors’ accounts properly.
A New Digital Baseline?California has often set the tone for technology regulation in the U.S., with other states — and sometimes federal agencies — following its lead.If major technology companies adjust their systems to comply with AB 1043 nationwide rather than only within California, the law could effectively establish a new digital baseline across the country.For parents concerned about online safety, the measure may offer reassurance that age-appropriate protections will be built into devices from the moment accounts are created.For the tech industry, however, the countdown to 2027 has begun — and with it, a complex balancing act between child safety, user privacy and regulatory compliance.
