R Street Institute
Testimony

Testimony in OPPOSITION to New Mexico House Bill 44: “Digital Age Verification Act”

by Steven Greenhut
March 14, 2025
Print
issues: Online Content Policy, State Policy, Technology and Innovation, Western

Testimony from:
Steven Greenhut, Western Region Director, R Street Institute

Testimony in OPPOSITION to House Bill 44: “Digital Age Verification Act” March 14, 2025

New Mexico House Commerce and Economic Development Committee 

Dear Chair Gallegos and members of the committee,

My name is Steven Greenhut. I am Western region director for the R Street Institute, a free market think tank that works on a variety of issues including tech-related ones. I am writing to oppose New Mexico House Bill 44, which would create a requirement for age-verification and parental-consent for app stores.

I am writing to comment specifically on this substitute measure, which incorporates provisions of House Bill 313 – a bill R Street had previously opposed. For instance, this legislation expands the digital signal requirement by mandating end-to-end encrypted transmissions of age verification data. It specifically requires app stores to connect the parent with an app developer to provide the verification.

Instead of just giving app stores 90 days to comply with the law for older devices, it clarifies that this must be done through system and app-store updates. It also exempts devices used by educational institutions. The clarifications add more specificity to the measure, but they do not  address the concerns we had with HB 313.

HB 44 and similar bills in other states are well-intentioned, but they suppose that the government is best able to manage how people use online and app-based services. At R Street, we believe that individuals – not government regulators – are best-suited to manage their own lives and raise their families. We also are concerned about issues of privacy and about the burdens placed on app developers and stores.

The legislation requires all app users to share sensitive age-related data. This mandate is more intrusive than the systems already employed by Apple and Google, which limit the amount of personal data they require. Apple’s system verifies an age range without requiring personal data to guard against security breaches.

Under HB 44, a device manufacturer must take “commercially reasonable and technically feasible steps” to “equip each device to determine or estimate the age of the device’s user or users upon initial activation.” It also requires them to “provide websites, applications and online services with a digital signal” indicating whether they fit into four different age groups.

It also requires a device, operating system or app store manufacturer to gain the consent of a parent or guardian of children 16 years old or younger before downloading an application from an app store – or connect the parent with an app developer to do so. Supporters believe these provisions are necessary to ensure that social-media companies are protecting children from online abuse and human trafficking.

We don’t believe that requiring age verification will do anything substantive to combat this serious problem. These essentially require everyone to provide personal information to the manufacturer before having access to an app. These provisions are unnecessary. For instance, Apple already provides an “ask to buy” system, which allows parents to review apps before the child downloads them. Google offers something similar.

Tech companies would essentially become the gatekeeper and would be required to collect and verify personal information for everybody. In a brick-and-mortar equivalent, it would be like requiring the operators of a shopping center to collect everyone’s data upon entry – rather than requiring individual tobacco or liquor stores to “card” the buyer of restricted products.

Anyone can lie on age-verification questions, so HB 44’s approach is to require tech companies to gather enormous amounts of personal information. Children are already facing serious harm with identity theft. Having to offer their Social Security numbers or other identifying information is a further risk. The top age and identity verifier for the biggest tech companies was already breached for over a year.

The industry is rightly concerned that the 90-day retroactive provision offers an unrealistic timeline given the technical challenges in updating such software on millions of older devices. Some of those devices no longer are capable of receiving updates.

The measure also seems likely to get tied up in the courts on constitutional grounds. That’s been the case with multiple age-verification laws across the country. The U.S. Supreme Court addressed that same basic issue regarding the 1996 Communications Decency Act. The unanimous court’s finding was the law’s “burden on adult speech is unacceptable if less restrictive alternatives would be at least as effective in achieving the act’s legitimate purposes.”  

Yet this bill burdens all adults by providing device filters and forcing buyers to verify their age. Basically, it imposes a burden on all adults if they want to have uncensored internet access on their own devices. In a 2023 U.S. District Court decision placing an injunction on a similar law in California, the judge found that the law is “actually likely to exacerbate the problem by inducing covered businesses to require consumers, including children, to divulge additional personal information.” The case is still winding its way through the courts, but that statement echoes our concerns about these types of legislative efforts. 

Practically speaking, parental consent also requires app stores to verify that the parent is the correct parent of the specific child. Government identification doesn’t provide this information. When parents and children do not share the same last name, it would essentially require the use of birth certificates or other very sensitive documents. Otherwise app stores would be liable for getting it wrong.

App stores sell their products nationwide, so it imposes a burden if they must conform to a variety of different regulations in every state. The bill will provide parents with a false sense of security. There’s no substitute for parental supervision and involvement. No technology can automatically do that for them.

The bill would still allow several workarounds. For instance, minors could access such content via web browsers, gaming consoles or Smart TVs. App stores cannot regulate those platforms, despite the legislation’s requirement for providing a digital signal. Minors could still create fake parental accounts or use shared devices.

Another such consequence is that government mandates on tech products always reduce market innovation by imposing a one-size-fits-all approach. I’ve found an extensive list of readily available tools that parents can use to manage their kids’ devices. Passing laws that require systems to provide options that they largely already provide isn’t effective. Encouraging parents to use these tools is better than making government the gatekeeper.

Thank you for your time.

Best regards,

Steven Greenhut

Steven Greenhut
Western Region Director
R Street Institute
(909) 260-9836
sgreenhut@rstreet.org