systemd / birthdate field / age verification

Marco d'Itri, a Debian maintainer, debunks claims that systemd is introducing age verification or collecting PII for identity checks. He explains a recent change added an optional "date of birth" field to the systemd users database that desktop environments may choose to use for local features like parental controls or birthday reminders; no identity verification or mandatory data collection is involved, and any data would remain accessible only to authorized local applications. D'Itri also rebuts accusations that systemd is accepting AI-generated contributions, clarifying that a documentation file for coding agents was added but contributions still require full human review, matching the Linux kernel's stance. This defuses a targeted trolling campaign.

A Senior DevOps engineer, Dylan M. Taylor, independently submitted pull requests to systemd, Arch Linux's archinstall, and Ubuntu desktop provisioning to add a birthDate field so OS user accounts can meet new age-verification laws effective January 2027. systemd merged the change after an intense community backlash—945 comments and a rejected revert—while Arch locked the PR pending legal guidance; the systemd merge was performed by maintainer Luca Boccassi, who works for Microsoft. Taylor admitted the field is “hilariously pointless and ineffective” at preventing age fraud but argued OS-level controls are necessary for regulatory compliance and user protection. The episode spotlights tensions between legal compliance, open-source governance, platform power, and privacy.

Systemd has merged a new userdb field to store users' birth dates (pull request #40954), intended to support age verification required by recent laws in jurisdictions such as California, Colorado and Brazil. The DOB field will be write-protected except for root and is expected to ship in systemd 261. The change is motivated in part by draft parental controls in Flatpak and follows wider legislative pressure to bake age checks into OSs and app platforms. The move has sparked controversy in Linux communities and vendors—Garuda Linux vows not to implement age checks where not legally required, System76 has pushed back, and privacy-focused projects like GrapheneOS emphasize resisting mandatory personal data collection. Critics point to lobbying ties from big platforms as influencing the laws.

systemd maintainers reverted a commit that added a birthDate field to the userdb JSON user records after heated community debate, legal review, and privacy concerns. The rollback cites risks of normalizing OS-level age data, conflicts with open-source distribution philosophies that avoid centralized identity or mandatory accounts, enforcement impracticalities without invasive verification, and jurisdictional legal complexity (e.g., California AB 1043, Colorado SB 26-051). Major downstream projects and freedesktop.org saw pushback or non-adoption, and several distros paused or rejected the change. The revert leaves the system free of age metadata for now, but maintainers may revisit if privacy-preserving age-proof standards, clearer legal guidance, or community consensus emerge.

systemd maintainers reverted a recent change that added a birthDate field to JSON user records after heated community debate, legal review and privacy concerns. The revert argues that storing birth dates creates sensitive OS-level data, risks normalizing permission checks, conflicts with open-source distro philosophies that avoid identity authorities, and raises enforcement and jurisdictional legal problems. Major distributions and freedesktop.org expressed pushback or non-commitment, and volunteer projects may simply opt out rather than implement half-measures. The maintainers said they may reconsider only if privacy-preserving cryptographic age proofs, clearer legal guidance, or a strong opt‑in community consensus emerges; for now systemd will not include age-related metadata or APIs.