A new California law could soon change how you set up your PC or smartphone. The Digital Age Assurance Act, signed into law last October, may begin affecting device software as early as July—even though formal enforcement starts in 2027.
The law requires operating systems to provide a way for devices to “understand” the age of their users. The goal is to ensure that other regulations, such as the federal Children’s Online Privacy Protection Rule (COPPA), can be automatically applied based on age categories: under 13, 13–15, 16–17, or 18 and older.
In practical terms, this means that when setting up a new Windows PC, Android phone, or iPhone, users may be prompted not only to sign in with their account—but also to provide their age. Devices tied to Microsoft accounts, Google accounts, or Apple IDs could incorporate this age information at the operating system level.
There are notable quirks. Age reporting under the law is self-declared, meaning users are not required to submit identification or proof. How systems will handle users aging into new categories—for example, when a 17-year-old turns 18—remains unclear. Another complication is that the requirement applies broadly to operating systems, including decentralized platforms like Linux, which do not rely on a single mandatory account structure.
The law also places obligations on app developers. Applications distributed through digital storefronts such as Steam or the Microsoft Store must request age information from the operating system to determine appropriate content access. In theory, this could prevent minors from accessing mature-rated games or apps without relying solely on parental oversight.
An accessible interface for collecting age data must be available by July 1, even though the broader provisions take effect January 1, 2027. Companies that fail to comply face potential fines of $2,500 per child for negligent violations and $7,500 per child for intentional violations.
While the legislation applies specifically to California, the state’s market size raises the possibility that companies may implement age verification systems nationwide rather than maintain separate versions of their operating systems. Whether that shift enhances child safety or introduces new privacy and usability concerns will likely depend on how the system is implemented—and how broadly it spreads.