Since a lot of miscellaneous online accounts are reacting glibly to the idea that states like California and Colorado could force Linux to bake forced age verification into the kernel, my instinctual response is to a) disregard the opinions of smug computer guys because they're usually libertarians and b) consider which vectors these laws will actually be enforced through. There is a clear sweeping effort to implement these policies, so I assume the effect will be somehow tangible.
Since I'm doing self-study for IT certs at the moment, I’ll list out all the ways I can think of off the top of my head, though some, if not most, will be overcomplicated/inefficient. Disclaimer that I am only doing some investigating here and relying on my prior experience/knowledge otherwise (reason: eepy) so do not take this as anything definitive/inherently correct. I'll try to skip over the ones that have the same vector of implementation/execution (I.E. where are they enforced through?)
- Client-side:
- via hardware/manufacturers - controls on boot loaders via boot-restriction mandates, so that commercial laptops and desktops sold in the US are required to ship with UEFI firmware that refuses to boot un-American operating systems.
- via OS distributors - operating systems/distributions made by companies operating in the US are required to integrate age verification protocols into their onboarding experience in order to continue operating/doing business in the US, or in order to avoid fines. Microsoft, Apple and Google would probably already be on board with this from the jump, so what's a few rankled Linux distro maintainers going to do? Not comply? Time to pack your shit and move, then! Now you can't access the consumption core as a market anymore. Sucks to suck!
- via browsers - Browser controls. This is how it could transmit your information reliably to web servers. Google is based in the US, Mozilla is based in the US, Apple is based in the US. Chrome (plus all US-based Chromium forks), Firefox and Safari now ship with a process that verifies you have a digital ID registered on your device, prompts you to register one if you don't, and locks you out until you do.
- Server-side:
- via websites/applications - All social media (or even all sites/apps) operating out of the US are legally required to validate against a digital ID protocol baked into your operating system, routed in via your Freedom-Compliant Browser as a mandatory fingerprint that you can't not expose. If the digital ID is determined to be not present, either through subversion or non-compliant software, you cannot access the site. This would probably be selectively enforced w/ regards to penalizing the sites themselves, because otherwise Silicon Valley throws a tantrum, but it would force your browser to expose your age at best and your identification hash (or however they would decide to implement the protocol such that you are a traceable entity) at worst.
- Social enforcement:
- on an individual level - Even if it's not 'truly enforceable' if you find a hack that lets you bypass it because you know how your device works, it could be used as a charge-stacking/pinning vector for dissidents, call it Digital Identity Fraud.
- on a corporate level - Most of them will pre-comply, but if they don't, just declare their products non-compliant with the law and treat them accordingly, killing their legitimate revenue and forcing all non-compliant systems underground so laymen decide it's not worth the trouble of navigating even if it's better for them, like piracy
Ultimately this is just me theorizing with my limited half-finished A+ cert study knowledge and general tech understanding, but I tried to engage the thought experiment on how this could be turned into something tangible as best I can.
I'd like to turn this over to people who might know more than me here. Is my idea of how this might be implemented (if done competently) consistent with the underlying tech, or am I misunderstanding some things? What other vectors might be used here? If these new bills pass, does anything change for us? What could our approach be individually/as a site/as a movement? What behavioral changes should we implement with regard to our internet usage as precaution? Would appreciate answers to any of these bits, even individually. Thus far the only approach that I can think of on 5 hours of sleep is the correct approach and has always been the correct approach and that is to 
but I'm curious if and how we can struggle against the furthering of the panopticon as targets of it.
Be ready to cease all illegal/incriminating activities on the internet. No more fedposting, anything illegal in your jurisdiction which could include posting/reading about trans healthcare and womens healthcare.
Be ready to delete your social media accounts, and ones that you might not care about (especially corpo social media) you should probably delete soon if you haven't already. Especially if you are engaged in the above sorts of activities.
Get ready to print and share physical media for agitation, education, and propaganda. Do such activities off a computer that is not connected to the internet.
Organize now.