If you'd humor me, or just read the last paragraph for a tldr...

So let's say a PC builder(an individual; not a company) were to donate a PC to charity. Let's say it's built with a fairly recent MSI motherboard(https://www.amazon.com/dp/B0BRQSWSFQ/) 'MSI PRO B760-P' if you'd prefer to avoid amazon.

I remove all my internal SSDs and NVME drives but buy a new 1tb SSD for whoever receives the PC. I also install a Linux OS, as well as sign the secure boot keys via sbctl myself, setup ukify, efibootmgr, etc. Everything the recipient would need to switch over to another OS if they so choose.

But oh no, the donated PC landed in the hands of Johnny, a 17-year old in California.

So who's at fault here, MSI for creating a BIOS that allows for non-windows EFI images to be installed? The PC Builder(donator) for knowingly installing Linux(though not knowing where it would end up)?

This is kind of what confuses me and I'm curious what this means for future hardware sold in the US and those who build PCs for their own use or others. Most modern motherboards are "locked down" by default, but can easily be unlocked by the end-user, it may take a few extra steps or be a bit harder to find but still pretty simple for someone moderately tech-savvy.