On the need for a censorship API for legal compliance reasons in some countries and U.S. states
From: FloofyWolf <debian-devel-list@floofywolf.net>
Date: Tue, 3 Mar 2026 20:38:08 -0800
To: debian-devel@lists.debian.org
Cc: xdg@lists.freedesktop.org, ubuntu-devel@lists.ubuntu.com, debian-legal@lists.debian.org, legal@lists.fedoraproject.org, devel@lists.fedoraproject.org
Subject: On the need for a censorship API for legal compliance reasons in some countries and U.S. statesRecently, a proposal has been made to implement an API for a new California censorship regulation, "On the unfortunate need for an "age verification" API for legal compliance reasons in some U.S. states" by Aaron Rainbolt. I believe the approach outlined to be very short-sighted, in that creating a bespoke API for each of the hundreds of government censorship requirements that debian will presumably now be following will result in much duplication of effort and an unreliable user experience in which important censorship restrictions may be missed and not implemented. As such, with people now supporting the idea that debian should implement government censorship requests, even creating new standards if needed, I propose the creation of a censorship framework to speed implementation of current and future censorship regulations. [...]
Systemd units will be created for every desired censorship function, and will be started based on the user's location. For example, a unit for Kazakhstan will implement the government-required backdoor, a unit for China will implement keyword scans and web access blocks (more on this later), a unit for Florida will ban all packages with "trans" in the name (201 packages in current stable distribution), a unit for Oklahoma will ensure all educational software is compliant with the Christian Holy Bible, a unit for the entire United States will prevent installation of any program capable of decoding DVD or BluRay media, and a unit for California will provide the user's age to all applications and all web sites from which applications may be downloaded. As can be seen, multiple units may be started for a given location. [...]
To prevent users from bypassing censorship requirements, debian will need to switch to being a binary-only distribution with signed binaries, signed kernel, and signed kernel modules, with mandatory secureboot, and controls to prevent any non-signed software from being installed, written, or compiled, as any foreign sources of software may fail to query systemd-censord or may fail to respect the permissions it returns.