Colorado bill would require devices to signal when users are minors

By Shaina Cole | Contributing Writer, Rocky Mountain Voice

Across the country, lawmakers are trying to figure out how — or whether — government should step in when it comes to kids and the internet.

Some proposals focus on social media platforms. Others target app stores. A few states have gone a step further, looking at the devices themselves.

Colorado is now testing that approach.

The proposal, Senate Bill 26-051, is titled “Age Attestation on Computing Devices.” The idea behind it is fairly straightforward: certain devices would send apps a signal indicating whether the person using them is a minor.

Supporters say the goal is to give apps a way to recognize when younger users are trying to sign in.

Not everyone who testified during the hearing was convinced.

Several witnesses questioned whether teenagers would simply find ways around the system. Another stated the technology needed to run it at scale may not yet exist.

Those differences came up repeatedly during the committee discussion as lawmakers tried to sort through what the bill might actually accomplish.

What the bill would do

The proposal centers on what lawmakers call age attestation.

Under the bill, when a user sets up a smartphone, tablet, or computer, the operating system would require account setup to indicate a birth date, age, or age bracket and convert that information into an age category. Applications could then request that age signal from the device to determine whether the user is a minor.

Supporters say the system avoids a more intrusive alternative that some states have explored — requiring users to upload identification documents or submit biometric scans.

During the committee hearing, Sen. Matt Ball argued lawmakers can no longer simply ignore the problem.

“I do think that what we have learned from the rise of social media is that the status quo, which is doing nothing, is not productive and not good for kids,” Ball told the committee.

Ball described the bill as a modest attempt to introduce guardrails into children’s online experiences.

“I think this bill represents a very responsible pro-privacy step towards doing something to ensure that when you bring your kid to the Internet, there are at least some guardrails over what she or he will see,” he said.

Co-sponsor Sen. Larry Liston acknowledged during the hearing that the legislation has drawn criticism from multiple directions. Some witnesses argued it does not go far enough. Others said it goes too far.

But Liston argued lawmakers must start somewhere.

“The journey starts with the first step, and this piece of legislation is the first step in protecting our children and our grandchildren,” he said.

Doing nothing, he suggested, is not a solution.

“We could simply do nothing, and nothing would happen, but we’re attempting to bring within reasonable guidelines some guidance,” Liston said.

Witness testimony highlights concerns and criticism

Lawmakers also heard from parents during the hearing.

Kim Osterman spoke about her son Max, who passed away after buying a fentanyl-laced pill from a Snapchat dealer.

“I raised two teenagers in this wild west of social media… but like so many parents, I learned that our teens are always 10 steps ahead of us online.”

“The dangers they face online are real, and I live with that reality each and every day.”

Such testimonies, as the one given by Osterman, have contributed to the growing legislative interest in policies to minimize the risks for younger users.

This problem is increasingly being noted by parents, educators, as well as legislators due to the growing time spent by teenagers on social media platforms as well as messaging applications.

Studies on the mental health of teenagers have also looked at the contribution of social media to the anxiety, depression, as well as the harassment of teenagers.

Critics question whether the system will work

Still, several witnesses told lawmakers the proposed solution may not work as intended.

A major criticism centers on the bill’s reliance on self-reported birthdates during device setup.

Antonia Merzon of Blue Rising warned the approach may be easy to bypass.

“Self-attestation is essentially an honor system and can obviously be easily manipulated. Anyone can enter a fake age,” she told the committee.

Research into youth online behavior has raised similar concerns. The U.K. communications regulator Ofcom reported that “a third of children aged between 8 and 17 with a social media profile have an adult user age after signing up with a false date of birth.”

That finding suggests many minors already bypass age restrictions by simply entering a different birthday when creating an account.

Julie Dawson of the Age Verification Providers Association told lawmakers the proposal does not create a true age-verification system.

“This bill is about age attestation or self-declaration and not verification,” Dawson said.

That distinction came up as lawmakers discussed how the system would actually affect minors’ day-to-day use of apps and online platforms.

Many social media platforms already allow users as young as 13. Even if a device signals that someone is under 18, the apps themselves would still determine what restrictions — if any — apply.

That dynamic surfaced earlier in the hearing when Osterman described losing her son after he purchased a fentanyl-laced pill from a dealer he met on Snapchat — a platform widely used by teenagers.

Osterman said the proposal relies too heavily on users honestly reporting their age.

“If you raise teenagers like I have, you know that they are digital geniuses. They will find a way to maneuver around these digital signals, or they will enter the wrong date themselves. My kids did.”

Other witnesses also raised the issue of how the system would work if the device was shared. In many households, parents and kids use the same phone or tablet. In that situation, the device wouldn’t necessarily reflect the age of the person actually using it.

Cybersecurity expert Andrew Brandt also questioned whether the system would be feasible.

“The technology envisioned by the bill’s authors does not currently exist and creates significant problems if it were to be created,” Brandt warned.

Some witnesses suggested teenagers may still find ways around the system even if it becomes law.

Another complication lawmakers discussed is how rules like this would interact with technology companies that operate across the entire country.

Most phones and operating systems aren’t built for individual states. For instance, Apple, Google, or other companies usually develop software that behaves the same everywhere. This means that a change that is needed in a particular state can sometimes extend far beyond the state.

Courts occasionally get pulled into that question. When a state law requires companies to change how nationwide services operate, courts sometimes review whether the rule conflicts with interstate commerce protections.

Supporters told the committee the proposal could give apps a clearer signal when a user is under 18.

Not everyone who testified agreed the approach would work.

Colorado joins a growing national debate

Colorado’s bill arrives as lawmakers across the country try to figure out how far government should go in regulating kids’ access to social media. Laws across several states have already passed, including Utah, where parental consent for teen accounts is now required. And Florida recently approved limits for younger users. 

Colorado’s Senate-approved bill now heads to the House, as lawmakers in Washington continue to argue over the Kids Online Safety Act and what new protections for minors online should look like.

RMV contacted the House sponsors of the bill to ask for comment. There was no reply as of publication.