I wonder if I can detect when parental controls are engaged like that.
As of this ruling, all sites within striking distance of South Dakota must take “reasonable efforts” to age-verify, or be certain that no content could ever be politically harmful to the hypothetical minor.
Reasonable efforts in this case would be to send the RTA header. That's it. Done and dusted. If the client is able to browse your site that would mean that either parental controls are not enabled or they are enabled and your site was approve-listed in the client. This of course depends on changing the laws anywhere that require using a third party data-leakage site to verify ID.
As of this ruling, all sites within striking distance of South Dakota must take “reasonable efforts” to age-verify, or be certain that no content could ever be politically harmful to the hypothetical minor.