alt Hacker NewsYou'd need to closely read the law and have a lawyer advise you, but a neat attempt might be to just ask for the date of birth, send that "in real time" to the App Store program, and then have that program simply discard it?
I don't think current iterations of the law require that this be sent off-device in any way.
The second requirement of the California law is that there be an API available to all apps that returns the age band a user is in -- one of:
age < 13
age >= 13 && age < 16
age >= 16 && age < 18
age >= 18
A non-maliciously compliant implementation would need to retain a date of birth or equivalent until the user was over 18.
A maliciously compliant API could just wait 18 years after account creation before yielding an answer. (remember folks: "real time" does not mean "fast").
One of the oddities about the way the law is phrased is that it requires the age band information about the user be provided to "the developer" rather than to the application.