If you want to argue for client side controls, I’m on your side. I’ve expressed this opinion elsewhere in this thread.

I’m well educastes on what remote attestation means, and I know it’s the status quo. But it is not required by law. And I’d very much like for it to continue being optional indefinitely, and not bundled with a different “save the children” law.

More specifically, I don’t want to have to prove to the OEM that I’m an adult to unlock my bootloader or disable SecureBoot. Or, more realistically, I don’t want OEMs deciding it’s cheaper to stop offering that choice because they don’t want to risk unlocking the bootloader on a child’s device.