Stores the user's birth date for age verification, as required by recent laws
in California (AB-1043), Colorado (SB26-051), Brazil (Lei 15.211/2025), etc.
The xdg-desktop-portal project is addi...
Fork time? Maybe all the anti-systemd zealots were right all along…
Y’all are making a mountain out of nothing. Adding a data field alone has absolutely no effect unless:
Entering it is forced
That entry is somehow verified (which would be the invasive part)
The systems accessing userdb actually use it for anything (which would require it to be filled out and verified to be anything but performative)
As it stands, it’s a performative gesture to avoid law enforcement crackdown, which I think is perfectly reasonable for a private person with limited funds to fight a legal battle with. That doesn’t mean they can’t also fight that battle privately, but expecting volunteers to put their necks on the line over adding data field seems rather entitled to me.
If Gnome decided to implement age verification (beyond just “enter your date and please don’t lie”), using that field, the blame for that would fall on Gnome.
This is more like adding a field in the cookie of an adult website to store whether the user has clicked “Yes, of course I’m 18”, without even implementing the disclaimer for the user to click that button, let alone actual age verification.
Nope. I’m John Doe, living in Nice Try, Atlantis, and my email is “who@car.es”. But I draw the line at being asked for my birthday (which is 1970-01-01).
The userdb already has fields for other information. Nobody enforces putting anything there, nor verifies the contents. Why should DoB be different? And why should that be on the userdb?
is perfectly reasonable for a private person with limited funds to fight a legal battle with
Are you saying corporations like Red Hat sponsoring the development of systemd are thinking of “poor private devs” of whatever distro when taking such a decision than impacts the majority of distros?
Red Hat probably could afford to go to court over those laws. Maybe should, too. Maybe just passively ignore them until someone drags them to court for it. But all of that would be independent of this change.
impacts the majority of distros?
And just what is that impact?
“Here, you have a space to write stuff down.” So what? If I’ll never read it or verify the contents, what difference does it make?
That every distro will inherit a field containing a birth date, whether they want it or not.
“Here, you have a space to write stuff down.” So what?
That “stuff” is a personal information that not everyone is legally equipped to deal with. In EU there are specific laws protecting storage and usage of personal information.
Your "stuff"can potentially create more problems than the ones it tries to solve, assuming good intentions.
That “stuff” is a personal information that not everyone is legally equipped to deal with.
You mean like email address, real name, location? Because those fields exist already. I’m not aware that they have ever caused any issues, even though real name and location should be more critical in a doxxing or surveillance context than “just” the date of birth.
I assure you, I don’t have my email, real name or location stored in my userdb. Nobody makes me enter them. Nobody cares. Nobody would verify if I did. What’s stopping me from entering 1970-01-01 as my DoB, if I enter anything at all?
If I’m the one storing, transmitting, querying and processing PII, I’m responsible for it. If my distro were to require email verification, proof of identity for the real name, records of my place of residence or employment to ensure the location is accurate, that would be an issue, and that would make the vendor liable for handling that data.
That is what the GDPR and related laws are actually concerned with, not the exact format or place they’re stored. Otherwise, you’d have to ban me from creating text files: I might store someone’s phone numbers in there.
I’ve been using Linux for many years and not even once I’ve seen those info being requested by the operating system.
Otherwise, you’d have to ban me from creating text files
There’s a huge difference between YOU putting your info by your own accord wherever you want (look at what people do on Facebook) and an operating system requesting those.
In case you didn’t notice, this whole ordeal is pushed by Meta to avoid being accountable for the shit they do on their platforms, they’re trying to shift the responsibility to operating systems of all things, and that’s not acceptable.
Is it though? As best as I could tell, this PR is literally just adding the field next to the others, not requesting shit.
In case you didn’t notice, this whole ordeal is pushed by Meta to avoid being accountable for the shit they do on their platforms, they’re trying to shift the responsibility to operating systems of all things, and that’s not acceptable.
Absolutely. I just disagree that this particular addition (particularly considering all the fuss about making sure it doesn’t show up in logs and dumps and what not) is a problem. I don’t think this is the hill that battle should be fought on. Adding or not adding it to systemd doesn’t make the OS / distro built on top of it any less responsible for their handling of that data.
It does provide a standard and (somewhat) central place to implement the security aspects of it though.
Y’all are making a mountain out of nothing. Adding a data field alone has absolutely no effect unless:
As it stands, it’s a performative gesture to avoid law enforcement crackdown, which I think is perfectly reasonable for a private person with limited funds to fight a legal battle with. That doesn’t mean they can’t also fight that battle privately, but expecting volunteers to put their necks on the line over adding data field seems rather entitled to me.
If Gnome decided to implement age verification (beyond just “enter your date and please don’t lie”), using that field, the blame for that would fall on Gnome.
This is more like adding a field in the cookie of an adult website to store whether the user has clicked “Yes, of course I’m 18”, without even implementing the disclaimer for the user to click that button, let alone actual age verification.
dude, can you send me a picture of your government ID? I just wanna see?
Nope. I’m John Doe, living in Nice Try, Atlantis, and my email is “who@car.es”. But I draw the line at being asked for my birthday (which is 1970-01-01).
The userdb already has fields for other information. Nobody enforces putting anything there, nor verifies the contents. Why should DoB be different? And why should that be on the userdb?
Because this design does not come from the project, it is bowing down to a fascist funded movement.
Are you saying corporations like Red Hat sponsoring the development of systemd are thinking of “poor private devs” of whatever distro when taking such a decision than impacts the majority of distros?
Red Hat probably could afford to go to court over those laws. Maybe should, too. Maybe just passively ignore them until someone drags them to court for it. But all of that would be independent of this change.
And just what is that impact?
“Here, you have a space to write stuff down.” So what? If I’ll never read it or verify the contents, what difference does it make?
That every distro will inherit a field containing a birth date, whether they want it or not.
That “stuff” is a personal information that not everyone is legally equipped to deal with. In EU there are specific laws protecting storage and usage of personal information.
Your "stuff"can potentially create more problems than the ones it tries to solve, assuming good intentions.
You mean like email address, real name, location? Because those fields exist already. I’m not aware that they have ever caused any issues, even though real name and location should be more critical in a doxxing or surveillance context than “just” the date of birth.
I assure you, I don’t have my email, real name or location stored in my userdb. Nobody makes me enter them. Nobody cares. Nobody would verify if I did. What’s stopping me from entering 1970-01-01 as my DoB, if I enter anything at all?
If I’m the one storing, transmitting, querying and processing PII, I’m responsible for it. If my distro were to require email verification, proof of identity for the real name, records of my place of residence or employment to ensure the location is accurate, that would be an issue, and that would make the vendor liable for handling that data.
That is what the GDPR and related laws are actually concerned with, not the exact format or place they’re stored. Otherwise, you’d have to ban me from creating text files: I might store someone’s phone numbers in there.
I’ve been using Linux for many years and not even once I’ve seen those info being requested by the operating system.
There’s a huge difference between YOU putting your info by your own accord wherever you want (look at what people do on Facebook) and an operating system requesting those.
In case you didn’t notice, this whole ordeal is pushed by Meta to avoid being accountable for the shit they do on their platforms, they’re trying to shift the responsibility to operating systems of all things, and that’s not acceptable.
Is it though? As best as I could tell, this PR is literally just adding the field next to the others, not requesting shit.
Absolutely. I just disagree that this particular addition (particularly considering all the fuss about making sure it doesn’t show up in logs and dumps and what not) is a problem. I don’t think this is the hill that battle should be fought on. Adding or not adding it to systemd doesn’t make the OS / distro built on top of it any less responsible for their handling of that data.
It does provide a standard and (somewhat) central place to implement the security aspects of it though.
Everbody look at bro, he’s glowing!
?
CW: racism
https://en.wiktionary.org/wiki/glowie