European digital ID wallets are a gift to Google and Apple
3 hours ago
- #Digital Identity
- #Public Infrastructure
- #Tech Regulation
- European digital ID wallets rely on Google Play Integrity API and Apple's Managed Device Attestation, risking societal dependence on private companies.
- Google's Play Integrity API reinforces control over Android by excluding unlicensed alternatives, violating the Digital Markets Act (DMA), and encouraging Google ecosystem use.
- A more open alternative, Android's Hardware Attestation API, exists but is being ignored by governments.
- EU member states like the Netherlands and Italy enforce Google's ecosystem via Play Integrity in wallets, contradicting digital sovereignty and interoperability goals.
- The EU's Architecture Reference Framework recommends but does not mandate Google attestation, leading to inconsistent adoption across countries.
- Digital wallets as public infrastructure should be interoperable and free from vendor lock-in, yet current designs may exclude de-Googled OS users.
- Public accountability and debate are needed, with actions suggested for users, citizens, and journalists to advocate for independence from big tech.