Debian Project Leader Andreas Tille says Debian has made no decision on age verification compliance and is still awaiting legal analysis.

Debian Project Leader Andreas Tille has addressed the ongoing debate over age-verification laws and their potential impact on free software operating systems. Long story short: he clarified that Debian has not adopted a position and is awaiting legal analysis.

In his latest “Bits from the DPL” message, Tille stated that the main question is whether operating systems and package distribution mechanisms might be required to provide age-related information to applications.

He noted that Debian and other projects are discussing the issue, and that Software in the Public Interest, a non-profit corporation founded to act as a fiscal sponsor for organizations that develop open-source software and hardware, has begun seeking legal guidance.

  • Onno (VK6FLAB)@lemmy.radio
    0·
    20 days ago

    This is what the DPL actually wrote on the subject:

    Recent discussions have started around new age verification legislation that may affect free software operating systems. In particular, the California Digital Age Assurance Act (AB 1043), expected to take effect in 2027, raises questions about whether operating systems and package distribution mechanisms could be required to provide age-related information to applications. In parallel, a recently adopted law in Brazil appears to introduce similar requirements and is already in force, with initial interpretations suggesting it could apply to components such as package management tools. These developments are currently under discussion within Debian and other projects, and SPI has initiated efforts to obtain legal guidance. At this stage, the situation remains unclear, and further analysis is ongoing.

    From a non-lawyer perspective, it is not yet clear how such regulations apply to a non-commercial, volunteer-driven project like Debian, which does not sell software and provides it in a highly decentralized way. It seems plausible that obligations, if any, may primarily affect redistributors or commercial entities building products on top of Debian. In such cases, Debian would as usual be open to contributions that help downstreams meet their requirements, while keeping such features optional and respecting the needs of users in other jurisdictions. However, this is an area where proper legal analysis is still required.

    Source: https://lists.debian.org/debian-devel-announce/2026/04/msg00001.html

    • ThomasWilliams@lemmy.world
      0·
      19 days ago

      The legislation is clear and unambiguous : an operating system must provide an age verification which is able to accessible by third parties on the internet.

      From a non-lawyer perspective, it is not yet clear how such regulations apply to a non-commercial, volunteer-driven project like Debian, which does not sell software and provides it in a highly decentralized way

      There’s no mention of selling in the law.

      • psud@aussie.zoneEnglish
        1·
        16 days ago

        Which component of Debian is an operating system for this purpose? The desktop environment? The system service? They come from various third party providers