A note on intent and scope
This page documents corporate filings, financial disclosures, and governance structures. It is not a call to action against any individual. Do not harass, threaten, or target the people named here. They are named in their professional capacity as corporate officers, open source maintainers, or employees of public companies, in the context of decisions made in those roles.
The birthDate field is an optional JSON key in systemd's user record schema. It is not a tracking system, not a surveillance tool, and not an age verification engine. Poettering stated when closing the revert: "We just define the field, so that it's standardized iff people want to store the date there, but it's entirely optional. [...] It enforces zero policy, it leaves that up for other parts of the system." (PR #41179)
What this investigation documents is not the field itself but the governance process that produced it: undisclosed financial interests, absent conflict-of-interest policies, and corporate structures that connect the decision-makers to entities with commercial stakes in the outcome. The facts presented here come from public records. Readers should draw their own conclusions.
What the Corporate Paper Trail Shows
On March 18, 2026, a first-time contributor submitted a pull request adding a birthDate field to systemd's user record schema. A Microsoft employee merged it against 37 thumbs-down and 1 thumbs-up. The community submitted a revert. Lennart Poettering - who had incorporated a commercial Linux startup called Amutable seven months earlier - closed the revert without merging and locked the discussion. The entire sequence took 48 hours.
This investigation pulled Amutable's founding documents from the German Handelsregister. The corporate filings show three equal shareholders, no outside investors, and self-dealing exemptions that let any founder sign contracts between the company and their own personal entities. All three founders were employed at Microsoft when they signed the founding deed. A hidden shareholders' agreement - referenced three times in the Articles of Association but never filed publicly - governs economic rights, IP assignment, and vesting terms the public cannot see.
Three decisions put the birthDate field into systemd. Each was made by someone with a direct financial interest in the outcome. No one disclosed those interests. systemd has no conflict-of-interest policy, no steering committee, no community veto, and no disclosure requirements. The project that boots every major Linux distribution has less formal governance than a typical mid-size open source project.
Amutable GmbH - HRB 278404 B
Handelsregister filings retrieved March 23, 2026 from Amtsgericht Charlottenburg, Berlin. Public records under the DiRUG reform.
Ownership Structure
| Shareholder | Shares | Stake | Type |
|---|---|---|---|
| Christopher Wilson Kühl | 8,400 | 33.33% | Natural person (direct) |
| LPLLC Holding UG (HRB 277482 B) | 8,400 | 33.33% | Poettering's holding vehicle |
| CBLLC Holding UG (HRB 277363 B) | 8,400 | 33.33% | Brauner's holding vehicle |
Total share capital: EUR 25,200 divided into 25,200 shares at EUR 1.00 each. Fully paid in cash at formation.
Formation Timeline
Self-Dealing Provisions
All three founders serve as managing directors. Each can represent the company alone. Each is exempt from Section 181 of the German Civil Code, which normally prohibits self-dealing. Any founder can sign a contract between Amutable and their own personal entity without co-director approval at the representation level.
The Articles require 75% shareholder approval for related-party transactions. With three equal shareholders, that threshold requires all three to agree. But the self-dealing exemption operates at the external validity level - a director could execute a transaction that binds the company externally even without internal authorization.
Hidden Shareholders' Agreement
The Articles reference a separate shareholders' agreement in three places. Sections 4.1 and 4.2 allow non-proportional profit and liquidation distributions "if and to the extent provided in any shareholders' agreement which might be in place." Section 6.4 says management authority is governed by the Articles and "the shareholders' agreements."
The SHA is not filed with the Handelsregister. It is not available through the Bundesanzeiger. It is a private contract. In a German startup context, the SHA typically contains vesting schedules, drag-along and tag-along rights, non-compete clauses, and IP assignment provisions. If the founders assigned systemd-related intellectual property to Amutable, that would represent a transfer of community-developed open source infrastructure to a private company.
48 Hours from Submission to Permanent Merge
PR #40954 generated 945 comments and a 37:1 opposition ratio before maintainers locked it.
The 48-Hour Sequence
Three Decisions, Three Conflicts
Luca Boccassi
Employed at Microsoft. Microsoft spent $10.35M lobbying on KOSA and COPPA 2.0, already collects birth dates in Windows, and faces near-zero compliance cost from AB-1043. Open source competitors face an existential implementation burden. Boccassi made no statement about whether Microsoft had any position on the field or whether his decision was reviewed internally.
Lennart Poettering
Co-founded Amutable seven months earlier. Amutable's stated mission is "cryptographically verifiable integrity for Linux workloads." Every new identity field in systemd strengthens the market case for commercial integrity tooling. Poettering made no disclosure of his commercial interest.
"It's an optional field in the userdb JSON object. It's not a policy engine, not an API for apps. We just define the field, so that it's standardized iff people want to store the date there, but it's entirely optional. Hence, please move your discussion elsewhere, you are misunderstanding what systemd does here. It enforces zero policy, it leaves that up for other parts of the system." - PR #41179, March 19
systemd Has No Safeguards
No conflict-of-interest policy. No community veto mechanism. No steering committee. No disclosure requirements. No cool-down period for contested decisions. Two individuals permanently altered the identity infrastructure of every major Linux distribution.
Corporate Lobbying and Financial Interests
Federal lobbying disclosures, FTC settlements, and nonprofit grant chains.
Microsoft
Federal lobbying (2024) on KOSA, COPPA 2.0, and child safety bills. Brad Smith publicly endorsed KOSA in January 2024.
- Entra Verified ID already supports ageOver claims with selective disclosure
- Windows already collects birth dates at account creation
- Xbox paid $20M FTC fine for collecting data from 218,000 children (June 2023)
- Xbox UK deployed Yoti-powered age verification in July 2025
- Near-zero compliance cost for AB-1043
- Stayed silent on AB-1043 while Gates Foundation funded the advocacy chain
Meta
Federal lobbying (2024). Both competing model legislative frameworks Meta funded shift age verification burden off social media platforms.
- DAAA (became AB-1043): shifts burden to OS providers
- ASAA: shifts burden to app stores
- Daan de Meyer worked at Meta as systemd maintainer, joined Amutable
- Meta employee contributed to both systemd and ParticleOS
- Digital Childhood Alliance (DCA) - Meta's advocacy group
The Gates Foundation Chain
The Gates Foundation funds Common Sense Media. Common Sense Media's political arm, Common Sense Kids Action, was a primary advocate for AB-1043 and KOSA. Assemblymember Buffy Wicks - who authored AB-1043 - previously served as Campaign Director at Common Sense Kids Action starting in 2016. Bill Gates chairs the Gates Foundation board.
Microsoft did not publicly support AB-1043. Google and Meta did. But Windows already collects birth dates at account creation. The company that benefits the most from the law stayed silent while funding flowed through the foundation to the organization that employed the legislator who wrote it.
Kinvolk to Microsoft to Amutable
Same people, same address, same technology lineage.
Same Address, Same Director
Amutable GmbH and Assembled Parts UG are both registered at the same address in Berlin. Both list Kühl as managing director. Assembled Parts organizes All Systems Go! - the annual systemd developer conference. The systemd conference and the systemd startup share a building and a director. In 2019 the conference sponsors included Facebook (Meta) and Kinvolk. The speakers and attendees at that conference now populate Amutable's team.
The UAPI Group
The UAPI Group sets Linux userspace API standards. It was founded by Poettering, Boccassi, and Brauner. The same individuals who controlled the birthDate merge also control the standards body that could formalize it.
Every UAPI Group summit (2022, 2023, 2024) and every FOSDEM devroom session (2023, 2025) was audited. Identity, age verification, user metadata, and birth dates were never discussed in any venue. The birthDate field was added entirely outside the standards process.
ParticleOS
ParticleOS is an image-based Linux distribution built on systemd-homed. It inherits the full user record schema, including birthDate. Daan de Meyer presented it at FOSDEM 2025 while at Meta. He now works at Amutable. ParticleOS is the reference implementation for what Amutable commercializes. The same group sets the standards, implements them in systemd, and profits from them through Amutable.
Elected Under False Affiliation?
Wayback Machine snapshots show a developer's public profiles listed Red Hat as his employer throughout the FESCo election period. They changed to Amutable after the election closed.
Zbigniew Jedrzejewski-Szmek - Disclosure Timeline
Red Hat's upstream systemd developer and Fedora systemd maintainer for years. Third most active systemd committer historically. His GitHub bio listed Red Hat throughout the FESCo election. It changed to Amutable after the vote closed. The exact date he left Red Hat is not publicly confirmed.
| Date | GitHub Bio | Event |
|---|---|---|
| Aug 22, 2025 | "Working on open source stuff at Red Hat" | Amutable incorporated Aug 21 |
| Dec 4, 2025 | "Working on open source stuff at Red Hat" | FESCo nominations open |
| Dec 17, 2025 | (interview published, zero employer disclosure) | FESCo interview: "What else should community members know?" Answer: "n/a" |
| Jan 6, 2026 | "Working on open source stuff at Red Hat" | Voting still open (closes Jan 7) |
| Jan 8, 2026 | Elected to FESCo (842 votes, 2nd highest) | |
| Jan 27, 2026 | "Working on open source stuff at Red Hat" | Amutable publicly announced same day |
| Feb 6, 2026 | "Working on open source stuff at Amutable" | First snapshot showing Amutable |
| Mar 23, 2026 | Amutable on GitHub | Fedora wiki still says "I work for Red Hat" |
214 Fedora voters participated in the election. The word "Amutable" has never appeared on Fedora Discussion forums. No community member raised the question of his affiliation during or after the election. Whether this reflects deliberate concealment or a delayed profile update is not established by the available evidence.
PR #40954 Corporate Affiliation Map
60 people have systemd commit access. Here is who participated and who stayed silent.
| Person | Affiliation | Role in PR #40954 / #41179 |
|---|---|---|
| Luca Boccassi | Microsoft | Approved + merged |
| Mike Yuan | Independent / KIT | Approved |
| Lennart Poettering | Amutable | Review discussion; blocked revert |
| Zbigniew | Amutable (ex-Red Hat) | Advocated for birthDate |
Silent on both PRs: Yu Watanabe (Red Hat), Frantisek Sumsal (Red Hat), Lukas Nykryn (Red Hat), Peter Lemenkov (Red Hat), Daan de Meyer (Amutable, ex-Meta). Red Hat has four org members with merge access. None left a public trace on either PR.
Sources
- Wayback Machine SnapshotsDec 4, 2025 · Jan 6, 2026 · Jan 27, 2026 · Feb 6, 2026
- FESCo Election Interviewcommunityblog.fedoraproject.org
- Fedora Wiki (still says Red Hat)fedoraproject.org/wiki/User:Zbyszek
€854,840 in German Government Grants - Contractor Undisclosed
The Sovereign Tech Agency invested nearly one million euros in systemd across two rounds. The identity of the contractor is not public.
2023-2024 Grant
Scope not fully described on public page. Active while Poettering, Zbigniew, and Brauner were at Microsoft. Contractor of record: not publicly disclosed.
2025-2026 Grant
"Extending the Linux OS core infrastructure to improve security, integrity, and robustness for multi-user systems." Announced October 2025 - two months after Amutable's incorporation, three months before its public announcement. Contractor of record: not publicly disclosed.
The Same Address
Implisense lists exactly two companies at Bornholmer Straße 80 A, 10439 Berlin: Amutable GmbH and Assembled Parts UG. Both list Kühl as managing director. Assembled Parts organizes All Systems Go! - systemd's primary developer conference. The STF requires exactly one "contractor of record" per project but does not publish that name.
What Poettering Said About the Money
At FOSDEM 2025, Poettering stated systemd has "a little bit of funding" through SPI donations and STF grants, and that the project used STF money "for things that don't interest the core developers, for example reworking the systemd web site."
Conference Funding Shift
All Systems Go! had corporate sponsors including Meta and Red Hat in 2018-2019. The 2025 edition switched to "100% funded by attendees" - no corporate sponsors. This shift coincides with the STF funding period.
Funding Chain
The Company That Built systemd Said Nothing
Red Hat incubated systemd for 14 years. IBM acquired Red Hat for $34 billion. Neither said a word about the most contested merge in systemd's history.
The Silence
IBM / Red Hat
Federal lobbying (2024). AI policy, intellectual property, cloud, quantum, cybersecurity, federal IT modernization. Zero LD-2 filings naming KOSA, COPPA 2.0, AB-1043, ASAA, or any child safety legislation. (OpenSecrets)
- RHEL is a commercial OS - plainly covered by AB-1043's "operating system provider" definition
- January 2027 compliance deadline - 9 months away
- Zero public compliance planning
- Zero statements on the birthDate merge
- Four Red Hat org members with systemd merge access - all silent on both PRs
CCIA Membership
Red Hat is a CCIA member. CCIA is the most aggressive litigator against age verification in the US - suing states "on behalf of its members."
- CCIA v. Paxton (W.D. Tex.) - injunction granted Dec 2025
- CCIA v. Brown (D. Utah) - enforcement blocked Feb 2026
- Additional filings in Kansas, Alabama, Michigan, Florida
- IBM does not disclose Red Hat's CCIA membership on its Positions and Associations page
- Chevedden shareholder proposal for lobbying transparency received 48% support at IBM's April 2025 annual meeting - IBM opposed it
The Brain Drain
Red Hat built systemd, then lost control of it. IBM's acquisition (2019) and subsequent layoffs (8,000-10,000 positions in 2024) pushed key developers out. Merge power migrated from Red Hat (2010-2022) to Microsoft (2022-2026) to Amutable (2026-present). Red Hat now depends on a project governed by a commercial competitor.
| Person | Red Hat Role | Current | Significance |
|---|---|---|---|
| Lennart Poettering | Senior Principal Engineer (14 years) | Amutable | systemd creator, blocked revert |
| Zbigniew Jedrzejewski-Szmek | Plumbers Team, upstream systemd | Amutable | 3rd most active contributor, FESCo member |
| Kay Sievers | systemd co-creator | Inactive | Banned from kernel by Torvalds (2014) |
| Yu Watanabe | Senior Software Engineer | Still at Red Hat | #1 committer since 2021 - silent on both PRs |
The Project That Boots Every Major Distribution Has No Safeguards
What the Governance Model Allowed
A first-time contributor submitted identity infrastructure changes to the most critical Linux subsystem. A Microsoft employee merged them against 37:1 community opposition. The founder of a commercial startup blocked the revert and locked discussion. A Meta employee who maintains systemd held maintainership throughout. An Amutable team member advocated for the implementation during review. Zero disclosure of any commercial interest at any step.
Comparison to Other Projects
| Project | Governance | COI Policy |
|---|---|---|
| Linux kernel | BDFL + subsystem maintainers, public mailing list review, revert culture | Informal but norm-enforced; DCO sign-off required |
| Python | Elected Steering Council | Formal PSF COI policy |
| Rust | Foundation + teams with defined authority | Formal governance charter |
| Node.js | Elected TSC with consensus model | OpenJS Foundation COI policy |
| systemd | BDFL + informal maintainer group | None |
How Linux Distributions Are Responding
Distributions face four options: implement, refuse, exclude jurisdictions, or wait for legal challenges. Most are waiting. A few have taken public positions. Tracker: agelesslinux.org/distros.html
Refused or Opposed
System76 / Pop!_OS
Opposed
CEO opposes mandates as technically ineffective. Actively lobbying Colorado legislators to exclude open source from SB26-051.
Artix Linux
Refused
"We'll NEVER require any verification or identification from the user." systemd-free (uses OpenRC/runit/s6). (source)
GrapheneOS
Refused
Remaining usable without personal information or accounts.
Geo-Blocking
Arch Linux 32
Geo-Blocked
Blocked access from Brazilian and California IPs. Modified COPYRIGHT to exclude affected jurisdictions.
MidnightBSD
Geo-Blocked
Blocking California IP addresses. Modified copyright to exclude affected jurisdictions.
Watching or Exploring
Ubuntu / Canonical
Watching
"Reviewing internally with legal counsel." VP Jon Seager: "no concrete plans." Taylor's PRs to ubuntu-desktop-provision remain draft.
Fedora / Red Hat
Exploring
Proposed: local config file, local D-Bus API, no telemetry. Nothing shipped. No FESCo vote. (discussion)
Silent
Debian
No Position
Active mailing list discussion. No official stance. Debian's decision cascades to Ubuntu, Mint, Pop!_OS.
NixOS
Silent
No official response. Dylan Taylor is a NixOS org member.
SteamOS / Valve
Silent
No public position.
Primary Sources and References
All information comes from public records. No private data, leaked documents, or non-public communications were accessed.
- Full Investigation Repository tboteproject.com/git/hekate/microsoft-systemd-findings-public
- German Commercial Registry HRB 278404 B (Amutable GmbH), HRB 277482 B (LPLLC Holding UG), HRB 277363 B (CBLLC Holding UG) - handelsregister.de
- systemd Pull Requests PR #40954 (birthDate) · PR #41179 (revert)
- Microsoft Lobbying opensecrets.org/orgs/microsoft-corp/lobbying
- FTC Xbox Settlement ftc.gov - $20M settlement (June 2023)
- Gates Foundation Grant gatesfoundation.org - Common Sense Media (INV-031206)
- Microsoft Acquires Kinvolk azure.microsoft.com - Kinvolk acquisition (April 2021)
- Lobbying Analysis agelesslinux.org/lobbyists.html
- US Trademark Justia - AMUTABLE Serial 99430458
- Sovereign Tech Fund - systemd sovereign.tech/tech/systemd · sovereign.tech/tech/systemd-2025
- FOSDEM 2025 - 14 Years of systemd lwn.net/Articles/1008721
- IBM Lobbying opensecrets.org/orgs/ibm-corp/lobbying
- CCIA Litigation CCIA v. Paxton · CCIA v. Brown
- Wayback Machine - Zbigniew GitHub Dec 2025 · Feb 2026
- EFF on AB-1043 eff.org - AB-1043 age gates
- Distribution Responses Tracker agelesslinux.org/distros.html
- Distribution Coverage itsfoss.com - distro responses · 9to5linux.com - Ubuntu/Fedora/Mint
This investigation runs on donations, not ads or sponsors. Every dollar funds infrastructure, security, and new investigations.