this post was submitted on 02 Nov 2025
310 points (94.0% liked)
Privacy
4136 readers
94 users here now
Welcome! This is a community for all those who are interested in protecting their privacy.
Rules
PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!
- Be civil and no prejudice
- Don't promote big-tech software
- No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
- No reposting of news that was already posted
- No crypto, blockchain, NFTs
- No Xitter links (if absolutely necessary, use xcancel)
Related communities:
Some of these are only vaguely related, but great communities.
- !opensource@programming.dev
- !selfhosting@slrpnk.net / !selfhosted@lemmy.world
- !piracy@lemmy.dbzer0.com
- !drm@lemmy.dbzer0.com
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
So a developer of a FOSS application that gets installed on a device on California via a 3rd party app store (maybe F-droid) must have implemented a query to the OS for this data. Even if the app does not actually provide any inappropriate content or actually any content.
Nor does it matter if he is involved in the distribution of the app to California, a FOSS app redistributed via a 3rd party (F-droid maybe) would make the developer subject to this.
According to (f), the user is officially the developer of a FOSS application:
In some cases (such as the Arch User Repository or the Gentoo distribution), the developer does not even give the user an application but merely source code. The user creates the application.
There is no mention of binaries in either f or c. Possession of binaries does not constitute ownership of an application, ownership of software means holding the copyrights.
But even if we abuse this definition we simply make whoever installs the application liable. In a lot of cases that would be a parent. It could also be the user since the law doesn't state they can't be the same person.
The word 'application' means the binary. The source code is not the application.
That's your opinion. It's wrong. There even are applications that do not have binaries at all. There is no reason to believe the legislators would not want them covered by this law, it certainly does not say so.
It also does not make a difference, owner of the copyright of a binary is the owner of the copyright of the source code. Compiling does not remove the copyright of the source code author as the binary is clearly derived from the source code. The person who compiles the source code does not even get any copyright since it's not a creative process.
You are not helping FOSS by trying to portray the law as FOSS friendly when it isn't. Unfortunately the law rarely is FOSS friendly if not due to hostility due to indifference/ignorance on the part of the legislators.
That’s your opinion. It’s wrong.
Only facts can be right or wrong.
Anyway, I know there are applications that don't have binaries, but most do. I am not a lawyer, but if I'm not mistaken, source code is under U.S. law protected by the first amendment while binaries are not.
Also, it doesn't matter who owns the copyright. The laws specifies "a person that owns, maintains, or controls an application".
I am not saying that the law is FOSS friendly. I am saying that the law does not cover all FOSS software despite it being the clear intend of the lawmakers to cover all software. In such cases it will have to be decided by courts (I believe courts still have this function for state laws), whether it also applies to FOSS software.
What I am saying is that the lawmakers clearly do not understand the topic they are trying to regulate.
Opinions (such as that the Earth is flat) can obviously be wrong. Facts cannot. Look up the definition of fact.
You admit applications are not necessarily binary, the law does not mention binary or source code or anything like that where it defines applications. You are just grasping at straws to justify an indefensible position, that whoever possesses a binary is it's owner.
Which is obviously untrue. Ownership of software means ownership of it's copyright. It's been made very clear in the last decades that you (legally) don't even own software that you pay for. You own a license to use the software.
You cannot argue, in good faith at least, that this is what is intended by the law. First it would be spelled out and secondly it would mean that for all applications, not just FOSS ones, the people paying the fines would be the users, $2500 for each app they install that's in violation. Which is obviously not what's intended.
Unfortunately it does since it does not discriminate. If anybody that can be effectively prosecuted (i.e. US/California resident) takes your advice and takes it to court, he is getting fucked.
No shit. That does not mean FOSS software is not affected. You also do not understand the topic or choose to not understand it because it's spells trouble for FOSS. But pretending everything is ok does not make it so. FOSS projects either need to implement it or make sure they isolate themselves from US/California jurisdiction.
And they're going to do what exactly to a developer that doesn't live in California? I won't add any kind of age verification to my bioinformatics projects and I'll keep issuing releases. Are they going to nuke Brazil? Block GitHub in California?
Since it's a civil case I doubt they could enforce payment on people outside the US. I am not sure if they can collect from people in the rest of the US but they probably can.
I suppose not complying with a court order could result in criminal charges. Brazil will not extradite you but you will not be able to visit the US.
That's fantastic news, so I win and keep winning in that case. Great, no age verification on my software.