That privacy setting is not shown in the Graph API.
Also, in the context of the login process, the data returned is for "me". So if the privacy setting is "Only Me" it being returned by the API is expected.
But, still, as I said, the actual privacy setting is not provided during the process. I've had a cursory glance at the Graph API and, as far as I can tell, Facebook don't provide an end point to view these permissions either.
I think it's also fair to say that by default user registration requires the date of birth, if it isn't, the user can remove the date of birth and its actual visibility and full age details is controlled by the admin based on these settings:
I can't personally reproduce that. I suspect that you've already given your app birthday permissions (from before), so it's already available and we do use it if provided. In that regard, it is already fixed, while still using the birthday if it's available (which simplifies the registration). Since we don't ask for it, it will likely only be provided if it's public (though not even with that in my local tests).
As such, I don't think there are any changes to be made to this now.