Ageless Linux — The Lobby: Who Wrote These Laws

The Pattern

How One Bill Becomes Every Bill

AB 1043 was not written in isolation. It is a template. ICMEC published the model text as a ready-to-introduce statutory draft, and its Global Head of Policy presented it directly to Virginia’s Joint Commission on Technology and Science. The same organizations that drafted the model bill are now deploying it in state legislatures across the country. The companies that benefit from the compliance moat fund the advocacy organizations that draft the bills that create the compliance moat.

CA AB 1043

signed Oct 2025

→

CO SB 26-051

explicit copy

→

MI HB 4429 / SB 284

“model legislation”

→

Next State

Colorado Senator Matt Ball (D) stated publicly that SB 26-051 was “based on California’s bill AB 1043.” Michigan Representative Paquette called HB 4429 and SB 284 “model legislation.” The template is not hidden. It is the strategy.

Authors

The Legislators

Assemblywoman Buffy Wicks

AB 1043 Author

Author of AB 1043, the Digital Age Assurance Act. D-Oakland. Before entering the legislature, served as Campaign Director for Common Sense Kids Action, Common Sense Media’s political advocacy arm, starting in March 2016. Elected in 2018. Then authored the bill that Common Sense Media’s ecosystem advocated for. Received $8,500 in direct campaign donations from Google, with an additional approximately $2,000 from Google employees. Brokered a $250,000,000 deal between Google, the State of California, and news publishers in 2024. Introduced the bill that creates a compliance requirement Google already meets at zero marginal cost.

Senator Tom Umberg

AB 1043 Co-Author

Co-author of AB 1043. D-Santa Ana.

Colorado Sponsors

SB 26-051 Sponsors

Senator Matt Ball (D), Senator Larry Liston (R), Representative Amy Paschal (D, former software engineer), Representative Naquetta Ricks.

Primary Backers

The Companies That Benefit

Every company listed below already collects user age data as part of its existing business operations. For each of them, AB 1043 compliance costs approximately nothing. For the 600+ volunteer Linux distributions, it costs everything.

Meta

Endorsed

Publicly endorsed AB 1043. Engineered the conceptual shift from platform-level to operating-system-level age verification—moving the compliance burden from Meta’s products to every OS distributor. Funded the Digital Childhood Alliance. Also a listed supporter of ICMEC, which drafted the DAAA model bill. Dan Sachs, VP of Safety Policy, issued a formal endorsement on September 9, 2025. Nicole Lopez, Global Director of Youth Safety Policy, testified before state legislatures in 20+ states promoting similar bills.

Google

Endorsed (Reversed)

Filed formal opposition to AB 1043 in April 2025, arguing the bill shielded application developers from liability. Six rounds of amendments later, the final version included a “good faith” liability shield for OS providers under § 1798.502(b)—rewritten to Google’s specifications. By September 2025, Google’s Senior Director of Government Affairs called the bill “thoughtful.” The bill’s author received $8,500 in direct Google campaign donations and brokered a $250M Google-state-publishers deal. Google also supported KOSA at the federal level. Android already collects date of birth during account setup.

Microsoft

Silent Beneficiary

Made no public statement on AB 1043. Explicitly supported KOSA at the federal level. Windows already requires date-of-birth entry during Microsoft Account creation. Xbox has full parental controls. AB 1043 creates near-zero marginal compliance cost for Microsoft while imposing existential burdens on open-source alternatives.

Apple

Silent Beneficiary

Made no public statement endorsing or opposing AB 1043. Already collects user age through Apple ID. Benefits from the “good faith” liability shield under § 1798.502(b). The App Store already implements age-based content restrictions. Compliance cost: zero. No evidence of active lobbying for the bill—but no need to lobby for a law you already comply with.

OpenAI

Co-Sponsor

Merged competing ballot initiatives with Common Sense Media in January 2026 to create the “Parents & Kids Safe AI Act.” Committed at least $10,000,000 to the combined effort.

Internet Works Coalition

Endorsed

Reddit, Pinterest, and Roblox endorsed AB 1043 through the Internet Works coalition. None of these companies are operating system providers. They are platforms—the entities the law is ostensibly designed to regulate. Platforms endorsing an OS-level mandate tells you everything about who this law is designed to protect: not the platforms from liability, but the platforms from competition.

Age Verification Providers Association (AVPA)

Vendor Trade Body

Trade association representing 34 age assurance vendor companies, including Yoti. Filed an amicus brief with the Supreme Court in Free Speech Coalition v. Paxton supporting age verification mandates. Every member company sells age verification tools. Every mandate creates customers.

The NetChoice Paradox

NetChoice—the tech industry trade association—filed a formal veto request opposing AB 1043 on September 29, 2025. NetChoice’s members include Google and Meta, both of which endorsed the bill individually. The trade group filed a veto request opposing the law its own members support. This is not confusion. This is positioning.

The Pipeline

Advocacy Organizations and Their Funders

The organizations that draft and promote age verification legislation receive their funding from the companies that benefit from it.

Common Sense Media

Model-Bill Architect

Founded by James P. Steyer, brother of billionaire Tom Steyer. Annual revenue approximately $24,600,000. Receives approximately $10,000,000 per year from 21 business distribution partners. Foundation funders include the Chan Zuckerberg Initiative (Meta), the Bezos Family Foundation (Amazon), and the Gates Foundation (Microsoft). The companies that benefit from OS-level age verification fund the organization that advocated for OS-level age verification.

5Rights Foundation

International Architect

Led by Baroness Beeban Kidron, a member of the UK House of Lords. Architect of the Age Appropriate Design Code model that inspired California’s AB 2273 and subsequently AB 1043. Co-developed IEEE 2089.1 Standard for online age verification. Inspired similar legislation in Maryland, Vermont, Connecticut, and Minnesota.

International Centre for Missing & Exploited Children (ICMEC)

Model-Bill Author

Drafted the Digital Age Assurance Act as a model bill and published it with a technical whitepaper, constitutional analysis, and FAQ. Bob Cunningham, Global Head of Policy (formerly CEO), presented the model directly to Virginia’s Joint Commission on Technology and Science on November 6, 2024, which led to a request for draft legislation. Annual revenue approximately $3,797,965 (ProPublica 990). Auditors flagged a going concern—substantial doubt about the organization’s ability to meet financial obligations. Corporate supporters include Meta, which also publicly endorsed AB 1043.

The funding flows in a circle. Tech companies fund advocacy organizations. Advocacy organizations draft model bills. Model bills create compliance requirements. The compliance requirements cost nothing for the tech companies that funded the advocacy organizations. The cost falls on everyone else.

The COPPA Trigger

AB 1043 does not merely create a compliance moat. It creates a compliance moat that authorizes more data collection about children.

Under COPPA, the federal children’s privacy law, companies are subject to strict obligations when they have “actual knowledge” that a user is under 13. For two decades, Big Tech exploited a simple loophole: don’t ask, don’t know. If you never collect age data, you never have actual knowledge, and COPPA never triggers.

AB 1043 closes that loophole—but in a way that also works for Big Tech. Once an operating system sends an age bracket signal indicating a user is under 13, every application developer who receives that signal has “deemed actual knowledge” and is locked into full COPPA obligations. The burden of generating the signal falls on OS providers, not on Meta or Google. The platforms get to claim they are “protecting children” while the operating system does the data collection that triggers the legal framework.

In February 2026, the FTC issued a COPPA Policy Statement essentially admitting that age verification and data minimization are in fundamental conflict. The federal regulator acknowledges the contradiction. The California legislature encoded it into law.

The Door That Stays Open

AB 1043 requires only self-declared age—a birthdate field, not government ID or biometrics. Industry analysts have described this as “an initial implementation designed to get the door open.” Self-declaration today. Biometric verification tomorrow. The infrastructure is the same; only the input changes. Once every operating system has an age collection interface and a real-time API for transmitting age data to applications, upgrading from a text field to a face scan is a configuration change, not a new law.

The connection between ICMEC’s model bill and the state legislative pipeline was first documented by /u/aaronsb on r/linux, building on prior bill text comparison research.

The Coalition

Who Is Not at This Table

ALEC—the American Legislative Exchange Council, the organization most commonly associated with model legislation campaigns—is not driving these bills. ALEC favors parental-control solutions over government mandates and has not adopted OS-level age verification as a model policy.

This matters because it preempts the easiest dismissal: that age verification mandates are a right-wing culture war project. They are not. The actual coalition is Big Tech companies and centrist child-safety nonprofits funded by Big Tech, opposed by civil libertarians on both sides. The EFF and the ACLU oppose these laws. So does NetChoice, a tech-industry trade group led by former Google lobbyists. The coalition that wrote AB 1043 is bipartisan, well-funded, and weirder than any simple political narrative can contain.

The Lobby

Who Wrote These Laws