So with a single flip of the switch, the president of the USA can shut down our EU Digital Identity Wallet.

Why was this decision ever made?

I wrote to the EU contact about this, got a patronising reply about how good it is, app being open source and what not.

Clearly tailored to the regular normie without technical skills.

Came here with roughly the same thought. Given the stated importance to many of sovereignty and not being dependent on the US, why isn’t there more opposition? I assume it’s just ignorance?

One of the major problems with on-device identifiers is that they must by tied tightly to devices, due to the risks of cloning. This is particularly true for privacy-preserving identifiers. That's why device attestation is so important, because you can't ensure that identity (keys) are locked to a device unless you can verify that the hardware prevents users from extracting keys. The worst part of this is that motivated criminals will certainly figure out how to extract those keys and use them for fraud; it's open-source and open computing that will be destroyed by this.

You want a secure identity? ISO7816 exists and is completely independent of Big Tech. The question of who should be required to show ID is different (and I'd argue the answer is "no" in most online-only situations), but there's already a solution that's been trusted by the financial sector for decades.

The EU problem here is they are simply reactive, and slow at it. By ceding the active part of commercialized innovation to the US (because paying the people that do such things what they're worth is simply incomprehensible) they allow them to dictate the terms of engagement. The utter dependence on WhatsApp being a shining example, as well as cloud services in general.

If anyone wants to assert control they have to be where the puck is going instead.

Protecting the children is their favorite reason for ramping up authoritarian measures.

>To reduce platform dependencies, we also evaluate additional platform independent signal sources. In this context, we evaluate signals from runtime application self-protection (RASP) systems, for example. We also might revisit later whether there are comparable security mechanisms for other platforms.

They're basically saying they have no choice but will evaluate better options.

So the follow up question is: Are you going to push the EU & Governments to do the logical thing and start developing, with your tax dollars, the necessary software & hardware to make it into the public domain so they arn't reliant.

Mostly it seems like few people see the need for brining government into software, no matter how much software & hardware are becoming essential utilities.

> Apparently protecting the children trumps sovereignity.

Capital remains sovereign in Europe.

"protecting" the "children"