I think if it is just the birthdate that is not even used anywhere and if it were it would be by software that You control isn’t bad at all. Think parental control for example.
Personally, I think this is the best solution, sysadmin controlled birth date. Want your kids to access everything, make their accounts 99. Want your kids protected, limit them to their real age or lower.
The slippery slop argument is a concern, but as long as it’s system admin controlled, that’s a win in my book for privacy and the “save the kids” crowd.
Age needs to be more specific because different countrS have different laws when what is legal to access. Yes, this is done by hand now but could be automated. Locally, I insist.
If it were managed by Kerberos or domain policy I’d be okay with it, but the critical thing is that it’s managed by the system administrator.
That let’s parents do parent things, and the rest of us can safely lie.
I wasn’t aware of other pii?
I think if it is just the birthdate that is not even used anywhere and if it were it would be by software that You control isn’t bad at all. Think parental control for example.
Personally, I think this is the best solution, sysadmin controlled birth date. Want your kids to access everything, make their accounts 99. Want your kids protected, limit them to their real age or lower.
The slippery slop argument is a concern, but as long as it’s system admin controlled, that’s a win in my book for privacy and the “save the kids” crowd.
Realname is already a field in /etc/something
Email is unnecessary, I agree
Age needs to be more specific because different countrS have different laws when what is legal to access. Yes, this is done by hand now but could be automated. Locally, I insist.
If it were managed by Kerberos or domain policy I’d be okay with it, but the critical thing is that it’s managed by the system administrator. That let’s parents do parent things, and the rest of us can safely lie.
I don’t understand your comment
I am agreeing with you mostly, except that I am also happy for the domain controller to store the age info, rather than being strictly local.
The most important thing is that its the device owner doing the verification, not any external third party.