P
Your post is very misleading.
E.g., Garuda Linux has stated on March 9th they »will continue to comply with local regulations in Finland and Germany (where the servers are hosted and the donation funds are held)«, so their "resistance" is strictly limited to Californian law, not to OS-level age verification, per se.
MidnighBSD has already announced on March 9th »We've implemented about 1/3 of the california/colorado/illinois law.«
Please verify your statements, and retract this post.
Really useful survey, thanks!
Suggestion: use terms like Allowlist / Banned list, instead of "blacklist" or "whitelist".
Wrt #PII, It might be a good idea to avoid entering easily identifiable trash data, and use generators instead. E.g.:
It's a division of labor: the governments state their intrusive wishes vaguely as a "law". At best, some government agency provides an API specification, but it's mostly static and focused on the exchange of data, not on any due process for requests and responses.
"Implementation issues" are then left to corporations, that "promise" to comply with regulations. That shallow promise is what governments are after, to abdicate from their responsibilities. Problem solved.
The result is a public-private partnership in crime, where citizens deprived of their right are sent through the deserts of legal action, for years, to die of thirst.
It is hard to get governments to distrust predatory corporations as long as such corporations are a vehicle to help governments wash their hands in innocence.
