Recent discussions around Brazil Law No. 15.211/2025 have raised concerns about age-assurance obligations for operating systems and app distribution environments. Our reading of the matter is guided by a simple principle: proportionality matters.
Article 12 of Law No. 15.211/2025 states that providers of app stores and terminal operating systems must adopt measures for age assessment. The key wording is not unlimited or absolute: the law itself uses the language of proportionality.
Art. 12. Os provedores de lojas de aplicações de internet e de sistemas operacionais de terminais deverão:
I - tomar medidas proporcionais, auditáveis e tecnicamente seguras para aferir a idade ou a faixa etária dos usuários, observados os princípios previstos no art. 6º da Lei nº 13.709, de 14 de agosto de 2018 (Lei Geral de Proteção de Dados Pessoais);
Art. 12. Providers of internet application stores and terminal operating systems shall:
I - take proportionate, auditable, and technically secure measures to assess the age or age range of users, observing the principles set out in Article 6 of Law No. 13.709 of August 14, 2018 (Brazil’s General Data Protection Law).
We do not read proportionality as a mere stylistic word. We read it as a legal limit. A proportional obligation must take into account the nature, scale, structure, and practical capacity of the provider subject to the rule.
Não é proporcional exigir de um projeto comunitário de software livre os mesmos mecanismos de verificação, auditoria e conformidade que podem ser esperados de grandes plataformas comerciais.
It is not proportionate to require a community-run free software project to implement the same verification, audit, and compliance mechanisms that may reasonably be expected from large commercial platforms.
Free and Open Source Software projects are often decentralized, volunteer-driven, publicly auditable, and operated without the financial, legal, or bureaucratic infrastructure available to large technology companies. Treating both as if they were institutionally identical would not be a serious application of proportionality; it would be the opposite.
We are not restricting access.
Not because child protection is unimportant. Not because regulation should be ignored. And not because compliance does not matter.
We are keeping access available because we do not believe it is proportionate to expect a community-run open source project to maintain the same compliance apparatus that may be required from a Big Tech platform.
Open source infrastructure is part of the public digital commons. Imposing enterprise-grade identity and compliance machinery on volunteer-driven software ecosystems as if they were equivalent to the largest commercial gatekeepers would risk excluding exactly the kind of open, transparent, and community-based technology that the broader digital environment needs.
Proportionality should not be used as decoration. It should be applied as a real standard. That means recognizing that obligations may exist, but that they cannot be interpreted without regard to context.
In short: this project does not block access from Brazil because we do not believe the law’s own language of proportionality supports treating a community FOSS project as though it were a global commercial platform with vast compliance resources.
This notice reflects an interpretive position grounded in proportionality and technical reality. It is not legal advice.