Per the very first reply on their thread discussing it in their forums, which I linked directly to for the post title:
We’ll NEVER require any verification or identification from the user.
However, what’s gonna happen should the attempts to age-gate the XDG portal screw over alt-init distros like Artix too? My guess is maybe they start blocking regions which force age gating like Arch Linux 32 is doing.
Most of what systemd does isn’t based on an obligation, it’s based on creating a system that fulfills the needs of the users of the software.
xdg-desktop-portal was adding age verification and the logical place to store that information is in the user’s records. systemd is the project which xdg-desktop-portal looks to for storing user records and so systemd added a field to support xdg-desktop-portal’s requirements.
Like I’ve said elsewhere, I don’t agree with the age verification laws… but they do exist. The software developers in the various projects are attempting to comply with them (or not, as in the OP) in their own ways. Nothing that systemd is doing here will affect you unless you want it to. The field is optional and not verified by systemd in any way (other than ensuring that it’s an ISO 8601-compatible date).
The contention was that the field would only work for complying with a single state’s law and the data wouldn’t be useful to comply with other laws. For example, if a state defined an adult as 18 and another state defined an adult as 16 then simply storing ‘Adult: [True|False]’ would require individual fields for each legal jurisdiction. So it doesn’t meet the specifications globally.
To fix this, the PR that was merged stores a birthdate and leaves it to the application to determine how to use that information for compliance. Here’s the merged PR:
https://github.com/systemd/systemd/pull/40954
I totally get what you are saying, and I don’t think we are really in disagreement about anything here. This is just my personal point of contention.
Its opening a can of worms for xdg-desktop-portal and systemd for something that they don’t need to or shouldn’t need to act on. If they make this change then: If the Afghani govt issues a request for gender, they should include that in userDB as well then. If Colorado’s new law requires age data to be held differently or different format, they will need to include that as well then. COPPA already exists, so do they need to further change how they store this data? If a new federal law is passed for age verification, they will need to support that on top of the existing state laws. Should it be jurisdiction specific? EU laws might state you can’t arbitrarily store this data, so now you need to check operating geo. Which jurisdictions do you honor? Which do you ignore?
Its optional until made so convoluted that its required. I think what’s so interesting to me is how this all goes back to a 30+ year old debate on the UNIX philosophy.
Oh yeah, this is totally a can of worms that I don’t think we should be opening.
I just channel that into yelling at politicians, the FOSS devs are on our team they just have to make the best of a dumb situation.