https://bmi.usercontent.opencode.de/eudi-wallet/wallet-development-documentation-public/latest/architecture-concept/06-mobile-devices/02-mdvm/
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
Hallo Bundesamt für Sicherheit in der Informationstechnik.
Möchten Sie zu dem hier gerade Wellen schlagenden Thema Stellung beziehen oder Aufklärung leisten?
Dass eine deutsche digitale ID an ausländischer Infrastruktur hängt, darf doch wohl nicht sein, oder?
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx that's unfortunately very predictable. German leaders are happy to sell us out to US interests. the chancellor casually begged Trump to be allowed to help him destroy Europe
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx Same for the Italian IT Wallet app. People asked on GitHub to drop Play Integrity but they refused to do it.
-
If a German citizen gets sanctioned by the US government, once this is implemented (later this year), that means they will no longer be able to be a participating member of German society, e.g. to show their (digital) driver's license to traffic police
@pojntfx
It seems like *compatibility* with Apple or Google services for the German electronic ID wallet would be fine, but *dependence* on them is a *huge* mistake. -
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx this is so dumb. What the fuck?
-
@pojntfx This scenario raises two main conflicts:
Availability and Access: The GDPR and EU principles require that access to fundamental rights not depend on third countries. Forcing a citizen to accept the terms and conditions of a private U.S. company in order to use their state-issued identity is viewed by many regulators as coercion that invalidates the “free consent” required by the GDPR. 1/2@mjarteaga @pojntfx and who's gonna enforce the law of the state decides they won't? GDPR enforcement is already bad.
-
-
@pojntfx @sstendahl not sure if this is what you meant, but in the Netherlands the municipality of Nijmegen introduced initial support for Yivi, also available on F-Droid. That seems close, or am I missing something? See: https://docs.yivi.app/
@david @pojntfx I was mostly thinking of NLWallet, which is actually government backed/owned. As far as I know it’s ZKP, and it’s even open-ish (not GPL, but at least source-available). You can build it from source yourself.
But I’m not as knowledgeable on the matter as @pojntfx, so I could absolutely be missing something here on the implementation of zero knowledge here.
See their GitHub page here: https://github.com/MinBZK/nl-wallet
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx so, that means selling more data to big tech.
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx EXTREMELY pathetic and disappointing, for real???? in 2026??? they should be reducing dependency on USA not making things worse
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx At the moment, I cannot fully understand the document you shared, so I used an AI assistant (sorry in advance) to try to understand it.
I want to install #CalyxOS on my #Fairphone soon:
"On CalyxOS specifically: CalyxOS uses microG, which implements partial Play Integrity support — but it typically only reaches MEETS_BASIC_INTEGRITY, not MEETS_STRONG_INTEGRITY. The wallet as architected would reject it outright."
That is really problematic. Where is the #DigitalSovereignty here?
Cc @sovtechfund
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx this is unacceptable and incompatible with the idea of digital sovereignty and independence. Beside all the other reasons making it a stupid idea and a danger to our basic rights.
-
If a German citizen gets sanctioned by the US government, once this is implemented (later this year), that means they will no longer be able to be a participating member of German society, e.g. to show their (digital) driver's license to traffic police
@pojntfx the idea to show your unlocked phone for identification is flawed anyway. Anyone that ever had bad experience with cops would never do that.
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx Why can they be so stupid? Sounds like the consulted ai first to make a solution
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx
Just posted the following to the EU. No idea if they're the right recipient, but feel better for writing:I am very concerned about the Commission's plans for secure digital ID (https://bmi.usercontent.opencode.de/eudi-wallet/wallet-development-documentation-public/latest/architecture-concept/06-mobile-devices/02-mdvm/)
Where it seems that the specifications are doubling down on using US proprietary corporations to ensure the veracity of the digital ID. This is problematic on at least two counts.1. These are not EU sovereign entities (Google & Apple) and under the US' CLOUD act can be compelled to silently divulge access, data, or tap connections.
2. It is an unfair and disproportionate imposition for the EU (or even just Germany) to force citizens and visitors to get an account with companies that are proven to be untrustworthy surveillers of their customers, just to be able to participate in an EU wide digital ID scheme.Personally, I have an Android phone but have removed or disabled all unnecessary Google apps, including PlayServices & PlayStore and I use mostly Open Source apps from FDroid. With the imposition of Google's Developer Registration scheme, which will remove many of the safe and surveillance-free apps I currently rely on, I am planning to move to a custom ROM (probably Grapheme or possibly Lineage), which seem to be explicitly excluded.
Given the EU's move to recover sovereignty in office software, this move to consolidate corporate US hegemony in digital ID is a big shock.
I would expect some recognition of freedom of choice to use an EU native secure app and have a path for the likes of FDroid, Grapheme or Lineage to gain the EU's trust as a certificate issuer. I'd not participate in a digital ID, if gated on Google or Apple accounts, so I'd be interested to know the alternatives that are compatible with requesting (& getting) a visa?
I'm a big fan of Europe and a strong proponent of the UK's return to its natural place amongst its allies & friends. Please reassure me that saner heads will prevail here.
Best wishes
-
So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
@pojntfx wow. 5 years ago, this would have been naive and shortsighted. but now that we have had ample demonstration of exactly why it would have been shortsighted, i din't see how anyone in their right mind could think this acceptable.
I quite like the proposed swiss eID approach. You have verification done by the governemt and granular access to data, e.g. only "at least 16" or "at least 65" (retirement age) without having to reaveal your full identity to the server needing to verify. -
I've said it before an I'll say it again: This entire project of identity verification with Apple/Google-account bound mobile devices is going to lead the continent down a dark, dark path into full technological submission to the US
-
@hannorein @unnon89 @EloPup @pojntfx @tdelmas never attribute malice to that which can be adequately explained by stupidity.
-
@hannorein @unnon89 @EloPup @pojntfx @tdelmas There were several comments from the public to the EU about requiring google "phone home" APIs when the EU Commission published a reference implementation for digital wallets. Met with shoulder shrugs about "it's only a reference implementation, no state is forced to use it". Which is an astoundingly strange comment about a _reference_ implementation. So they knew and were told repeatedly. Either they are criminally incompetent, corrupt, or both.
-
@arjen SafetyNet checks only pass on devices with unchanged, factory-sealed, non-unlockable firmware. Google has an allowlist of devices that pass that test. The same remote attestation mechanism is also used to block downloading the app through anything other than the Google Play Store, which you need a Google Account for. And you can't use Google if you're on the US sanction list (see e.g. the ICC prosecuter case). Using any open source OS of any type is also completely impossible.
