Here's the law: https://leginfo.legislature.ca.gov/faces/billTextClient.xhtm...

It requires that operating systems provide a way, at account setup, to specify the age or birthdate of a user, and provides an API for indicating which age range the user falls in (under 13, 13 to 16, 16 to 18, or over 18) to an application, so the application can use that information to comply with any laws or regulations relating to the age of the user.

It doesn't make any requirement that the parent actually truthfully put that information in. It doesn't require that anyone verify the information. It doesnt provide for any requirement that a child not set up a user themselves. It explicitly calls out that there is no liability on any of the parties if one user uses a computer under another user's account.

So all it's doing is saying that there must be a reasonably accessible mechanism for a parent to indicate a child's age so that rough information about which age range the child is in can be provided.

Now, is it perfect? No.

It does seem a bit over broad as there are lots of things which be classified as computers uner this, like routers, smart TVs, graphing calculators, cars, etc. Having to provide account setup with age and an API to accesss it in all of these environments could be a bit of a lift in the time frame given. And it doesn't leave a lot of time for something like standardization of Unix APIs between operatings systems, so for systems not running graphical environments I'm sure we're going to get a bunch of different solutions from different OSes as everyone sticks it in a different place and provides a different way to access it. And this would need to be a new feature added into long-term supported maintenance releases operating systems.

So yeah, could it have been done better? Yes. Is it likely that they are actually going to fine OpenWRT developers if they don't implement this? I doubt it; it's pretty clear that the legislative intent is desktop and phone OSes, and other mass market consumer oriented devices that might offer app stores.

So yeah, I see some issues, but overall this seems like the right way to do things; just provide a way for parents to set an age on their children's account, and then provide that to any apps that might need to do age verification. That's it.