Right, there’s a wide variety of data requirements and age verification these days — I think under GDPR ideally the birthdate would be used to verify compliance with age requirements, and then no longer be stored.
In the US the requirement to verify age can sometimes be a higher priority, because regulations like COPPA restrict the processing of children’s data.
Either way, if you’re capturing this information it should be treated as personal information, you should only store what’s necessary (this is where a lot of the variance is), and it should be protected appropriately.
Anyone that’s unsure should consult a lawyer in their area!
Would it be possible to make it so the DOB userfield is only available to admin and not mods / only available with a button click (the way email and IP are handled in core), or would something like that require a plugin rather than a theme component?
That is outside of the scope for this theme component (and it would indeed require a plugin).
The only thing it does is add a validation on an already existing user field, and as a consequence it will prevent account creation / storing the associated data for minors. It does not manipulate the user field in any way.
Richard i want to say this is really helpful something i have been wanting for my forum for some time now! Despite the user’s being able to get around it do you think if a user puts a birthday not old enough then changes it to use the forum admins are notified oh user first put X date then changed it so staff can be aware?