So Italy's IO app https://github.com/pagopa/io-app (wallet, documents, age verification) continuously refuses the users' request for GrapheneOS support and requires google.
Nothing will change until the lawsuits start coming in.
The only hope is the motorola/grapheneOS collaboration and consumer associations, that might sue for anticompetitive behavior.
Make noise on any channel for the apps that require play services, it will help in the future if the lawsuits start, since it will show user support for the initiative.
It's also the fact that it forces each citizen to pay a few hundred Euros to companies which then campaign against their very rights.
Citizens get no support of any kind in case of issues, and has to enter a contractual agreement which is ridiculously asymmetrical, where the company has little to no responsibility of any kind, but has very ample rights to track the other party in extremely creepy ways.
But ... the alternative is that the government actually pays a bit of money to fix the situation! To support their solutions. To actually develop them for enough devices. To secure them ... Plus the services the government made are way more invasive than the Google/Apple ones.
In addition to the money, actually using them would be hundreds of times more complex, and they don't have the provisions Google has, for example accessibility and security services (like actually stopping people stealing accounts on a large scale). All of this can be done, easily even, but it isn't. Politicians don't want to.
Special-casing support for GrapheneOS would be a band-aid, they should find a way to avoid requiring remote attestation in the first place, so anyone can use whatever OS they like.
The lawsuits, sadly, won't matter. "Security" (or, rather, totalitarian control!) is more important than the 1% of nerds who care enough to tinker with their phone.
It's not 1% here though... Graphene has 300k users worldwide. There's 8 million absolutely illiterate and 150 million functionally illiterate people in Europe for comparison on scale here.
"functionally illiterate" means that while you can read your native language, you will not correctly understand what you have just read.
Rates seem to vary state by state, from as low as 8% (denmark) to 43% (romania).
It's also not a clearly defined target, since it would be better to have rates based on the reading comprehension of the average school at year X or something similar.
I'm curious about this definition, just because it's not something I've ever considered before and googling seems to muddy the water even more.
Is it "functionally illiterate" if you can read the language aloud and not understand it, if you also wouldn't have understood the same thing spoken to you? That seems like it's about comprehension ability, not literacy.
Although one thing that just occurred to me is that if your reading level is low, you might be using all your cognition on reading so that you don't have spare capacity to understand as well - that's frequently the case for me with e.g. Chinese where I can read an entire passage out and then the teacher asks what the passage was about and I'm just thinking "I dunno, I wasn't thinking about that but I think I understood everything".
And that's definitely a different problem to being able to sound out the words, but just having no idea what those words mean, whether you read them or heard them.
And does it have to be your native language, or in any language? Not trying to nitpick, it just feels like the phrase can be usefully applied to a foreign language too.
> Guidance tells us the average reading age in the North East is lower than the national average at between 9 to 11 years. To put that into context The Guardian Newspaper has a reading age of 14 and the Sun Newspaper has a reading age of 8.
Health literacy specifically is a major problem in healthcare
> 1 in 4 (26.7% / 931,000 people) adults in Scotland experience challenges due to their lack of literacy skills.
I find that page somewhat ironic as they claim 18% is one in six, but 17.4% is one in five. Seems numeracy is as big a challenge.
The US is no better according to wikipedia
> In 2023, 28% of adults scored at or below Level 1, 29% at Level 2, and 44% at Level 3 or above
> Adults scoring below Level 1 can comprehend simple sentences and short paragraphs with minimal structure but will struggle with multi-step instructions or complex sentences
> Adults scoring at Level 3 or above are considered "proficient at working with information and ideas in texts
Why are you surprised? Europe has 700 million people. Think of the average construction worker you know, do you think they could read and correctly summarize any moderately complex article? Think an article about inflation or evolution or heat pumps or investment funds, etc.
Fairly sure that in most countries the average person reads less than 1 book per year, so half of the population reads less than that. I know people who haven't read a book since highschool, when they were forced to.
There is too much corruption, nothing can be done at this point.
Atleast CIE app works on graphene for now so I can do everything else on the web.
If they block that idk what I would even do.
I do occasionally suspect corruption, but neither Google nor Apple have any incentive to pay off officials to get this passed. They can't beat each other, and the rest of the mobile OS'es is no threat to their revenue.
Google and Apple's odds of being caught are too high to expect they would risk it. They have more to lose if caught than they have to gain.
Obviously some companies do despite the risks, I wouldn't expect this of any individual company, but as a whole some company will once in a while anyway. So stay vigilant.
Honestly, as long as the architectures is fatally flawed (Even if convenient) it's just bandaids over a larger issue.
These mobile id's are too powerful, signing contracts, transfering all your funds or taking loans, regulation is also papering it over a bit by requiring high-stakes lenders,etc to do additional checks.
Germany was going in the right direction imho, they NFC enabled their ID cards (Sweden has info on them but no enablement procedures) that is then paired with the app, so the card acts as a 2nd factor that makes the app itself less of a security issue since a user will be required to physically enable it (sadly the NFC pairings are kinda fiddly.. but I'd take that as a security option for all non-trivial transfers).
> These mobile id's are too powerful, signing contracts, transfering all your funds or taking loans, regulation is also papering it over a bit by requiring high-stakes lenders,etc to do additional checks.
Many countries in the EU already have all of that just done though some national equilevant system (for example here in Finland mainly with bank credentials).
And in fact additonal checks are done when enough money is moving. For example when I signed my bank loan for an apartment I had to sign it again after 24 hours just to be really really sure that I wanted to sign it.
For smaller (but still big enough) stuff a second "second factor" usually kicks in usually in the form of a sms verification after the actual proper login with bank credentials (which has a proper 2 factor auth in itself too)
Even relying on Android's hardware attestation API instead of Play Integrity is an attack on digital autonomy in my opinion. Any security feature which relies on remote attestation of the users entire platform is government overreach as it ultimately gives the government the power to choose what operating systems are acceptable. It is only a matter of time before this power will be misused to put pressure on OS developers to install backdoors for the intelligence agencies. And no, asking people to own two smartphones is not a solution to this problem.
Anonymous digital age verification based on a suitable ZKP scheme and/or blind signatures does not require a general purpose operating system, it just requires a few cryptographic primitives and a set of device-bound keys. It is not too much to ask that the EU develops a specialized hardware token with these exact capabilities and offer them for free to all citizens as an alternative to the app. This also gives the citizens of EU the freedom to choose not to own a smartphone without having their access to digital services severely restricted.
Exactly, I'm not sure what benefits hardware attestation offers to the government. Sure, it's potentially useful for the customer that they can trust their keys are secure on their device, but it kind of misses the point.
It should really be an open-source specification that defines a standard protocol, but where the device just signs a request that it knows has come from a trusted source (so maybe signed by the government's key) with a key that the government's API knows that represents you.
So, I'd envisage something like government portal lets you add a bunch of public keys, one for each device, and shares a public key of its own that can be used to verify any requests. Something that wants to verify your identity can request your public key, and ask the government API for a challenge token which it passed back to you. You can verify the challenge token is signed by the key you trust, you can sign the challenge and return it to the app, which can pass it back to the government API which can then grant access to whatever subset of information they requested (and the challenge key can include enough information for the signing app to present a meaningful request).
Very simple in terms of protocol. Only the government needs to store any of your private data. If an application just needs to know if you are of a sufficient age or not, that's all the information it gets. If you lose your device you can easily revoke your keys and add new ones.
Sure, a specific implementation on a phone might want to use hardware attestation in order to keep its keys safe, but there's no reason that it has to be mandated. A well designed public key system should be sufficient leaving the implementation to safeguard its keys, while providing a simple way to replace keys if needed.
There seems to be no awareness from EU govenments about how much power we're handing over to two large outside companies. This incompetence in the leadership will cause a lot of harm over the years. This has been going on for a long time.
I'm sorry but clearly the introduction of these apps with these requirements in the near past and near future represent regression over time rather than improvement.
I think it was last year that there was a good presentation from them about how they were going to use ZKP and it was indeed very trust inspiring. But do you think the latest digital wallet solution from eg Danish government uses ZKP? Of course not!
I have to say that the tune they play at FOSDEM and what we see put into production are just two different things.
Not really. EU is actually trying to decouple. But in many cases there are not any homegrown alternatives to support. There is not a single company in EU that could replace, even a considerable part, of software stack provided by Google and Apple.
And, unless the regulatory environment changes., there probably never will be.
Thr answer to US tech giants are not homegrown EU tech giants, but international free software (Free as in Freedom). We already have free operating systems: Linux, BSD. Office software: LibreOffice, etc.
EU regulators have stop listening to tech company lobbyists.
> But in many cases there are not any homegrown alternatives to support
There shouldn't need to be. Realistically for something like this an EU backed highly-audited non-profit should be in place for permanent highly controlled services like this that do not rely on any non-EU entities for it to function.
I'll believe it when I'll see it, for now I haven't seen any of the Android forks (LineageOS, EOS, GrapheneOS...) or Linux OS (Phosh, Plasma mobile, Ubports, ...) get any funds from the EU.
The US can call Austria in 5 minutes and with no burden of proof get the airspace permit for a head of sovereign state revoked and the plane swatted instantly upon landing, because someone might have been on board (he wasn’t) whose only real crime was embarrassing the USA by exposing their fundamentally unconstitutional lawbreaking.
Same goes with the prosecutors in Sweden; a phone call and the US got, not charges (as that would actually be official misconduct in Sweden), but enough of an official statement from a prosecutor to get the words “Assange” and “rape” in headlines together around the world by that evening.
European countries are, by and large, lapdogs of the USA. It’s sad. And then the US president turns around and stabs them in the back by threatening invasion and annexation, or complete disregard for the fundamental obligations of NATO members.
I really don’t know what the fuck the Europeans are thinking by playing the US’s stupid games. As we see time and time again, it won’t be repaid in kind.
Unfortunately the big game is opaque it's close to impossible to understand for the common folk. So many questions, so tough to grasp answers. Sickening. The enemy is hiding. One could say that paying the taxes in some form is a path toward a destruction. Phrases like "war economy" are lunatic. It all starts in your mind, and that's why it's the most important to protect your children from the propaganda. Take care!
Obviously, on both side (and beyond) they are nice people trying to plan good things without being too naive. But bragging all day through and destroy all that is in your power is both easier and more attention grabbing than discrete hard work at building better future for everybody.
Europe will never have digital sovereignty from the US.
It will take 100 years and an extremely expensive, government-mandated reimplementation of every critical US tech service and company.
No EU country is putting up budget for this, and no private enterprise is going to do it because building a worse version of AWS just so that it is "European" makes no financial sense and would most likely just fail anyway.
Hopefully not. This hate towards good technology and innovation because you don’t like the current president is ridiculous. He’ll be gone in two years or so and then we’ll get back to normal.
> This hate towards good technology and innovation
Mine is to a collective people that vote in these people. I get that people can change, grow, evolve etc but I didnt trust a german for 60 years, I wont trust an american for at least a generation.
I agree with the premise but have the feeling that it’s less about the money. People here in Germany use WhatsApp and Instagram and Gmail and MS Office and Windows not because there are no alternatives but because they either don’t know or don’t care to switch. People are notoriously difficult to convince to switch platforms even if they‘d get more benefits on the other side. My mom does not want to touch any email client besides outlook and she does nothing but read and very occasionally reply to singular emails and she requires only the barest functionality of an email client. Half of my family gets a panic attack when the windows interface changes again. The idea of switching messengers recently in my rather tech sawy circle of friends has resulted in a multi day discussion with no real outcome mainly because some just don’t want to deal with two messengers while their friends and family remain unconvinced. We already have social media, hosting, email, operating systems, messengers and the likes from European providers. People just don’t want to switch.
If there is a higher level mandate or incentive to switch, people absolutely will - for example, if a government decides en masse to switch away from one OS or platform. [0]. This will likely be hugely influential, as then everyone who wants to communicate effectively with that government needs to make sure that they are compatible - which will likely drive adoption of the alternate technologies over time.
However, IMO the big challenge is MS Office - as much as people like to mention the FOSS Office alternatives, there's still a huge gap to cross before mainstream companies will adopt them. (To paraphrase, no-one gets fired for choosing Microsoft Office.)
Beyond this, on the more 'personal' level you discuss, the picture is more varied than you describe. Some people's elderly parents absolutely can and do switch to different email clients or browsers. Some groups of friends can and do switch messenger platforms - my personal comms are now split roughly 80:20 between Whatsapp (the default) and Signal. (It just took a determined minority deciding to switch, and the others followed.)
> We already have social media, hosting, email, operating systems, messengers and the likes from European providers.
Yes, but they aren't really competitive, as they currently aren't the easy/free/well-marketed/popular options that everyone defaults to when they first get a computer, or that their friends are already using. It's just network effect and inertia.
This can and will change if the need for a reduced dependence on the US continues to be front and center of people's minds. (Note this is mostly driven by the Trump administration's behaviour; the next president could probably heal many of these wounds and our European politicians will move one to caring about something else.)
Regulations create monopolies. Even when regulations are aimed at curbing the control of giants, smaller players usually can't afford them and lose market share. This is actually taught as a competitive advantage strategy in business school. Corporations lobby the government to implement laws that seem to hurt them but in actuality create an uneven playing field where marketshare becomes available due to the higher implementation cost.
> Aren't monopolies is what we end up by default if have no regulation at all?
No. Monopolies are only inevitable if the goods aren't elastic, if there is a large cost of entry into the market, or if its a market you can create a moat that is unsurmountable.
Many markets don't have that even with 0 regulation, but might have second order problems like firms creating unsafe products for example.
But in general regulations almost always even unindentedly raise the cost to enter the market. If you make a new regulation that food needs to be safe, then the company needs to pay a safety inspection that a small home-made recipe might not be able to afford (to give a simple example).
At the same time, we now have uber large corporations due to non elastic parts of supply chain (like land) or moats that are insurmountable (like access to US capital). In which case, the FCC should break up monopolies as the current market is not catering to end users and consumers but to owners, which is why the Stock market has been in a never ending bull run.
There is always imperfect information, there is no such thing as a perfect market and as a result regulation will always be needed to curb the excesses such as monopoly. Even if we had perfect information, humans remain irrational. This is a simple fact of life and the universe.
The European Steel and Coal Community (precursor of the EU) was also involved in the effort to stop these. In general this has been something the EU has been involved in since its inception and the best action against monopolies is to not let them form in the first place (why there is so few of them in general in most developed countries. Though that is now slowly changing it seems)
The proposed regulations forcing everybody to use google or apple are ridiculous and very much the opposite of the kind of regulations we need though...
> Regulations create monopolies. Even when regulations are aimed at curbing the control of giants, smaller players usually can't afford them and lose market share. This is actually taught as a competitive advantage strategy in business school. Corporations lobby the government to implement laws that seem to hurt them but in actuality create an uneven playing field where marketshare becomes available due to the higher implementation cost.
The only way to guarantee a monopoly is to have a total lack of regulation. It's known that every "free" market will tend towards monopoly due the 1% law. Regulations are the only way to actually guarantee free markets because perfect free markets only exists in abstract, not in reality. Sometimes, a free market is the wrong solution and you need a regulated monopoly instead and with identity that's the best solution. Why? Because identity is unique to the individual. A individual must (in theory) only have one identity and with very extreme and usually well documented exceptions, such identity doesn't change. The state is the one that must provide a good way for identity and if smaller countries doesn't have the resources, then big countries should provide for all. Also, it removes incompatibility inter-countries while keeping private interests out.
The state should have the sole monopoly on attesting to anyone identity. Because they are the only ones that are not affected by market conditions. This is how countries that have advanced in this topic actually work. If individual states can't reach a common solution, then the collective must do so. The collective failed here because it recommended a private solution rather than mandated a european one. Private sector must not dictate what or how identity is attested, because the private sector has it's profit pursuing agenda, state must evaluate solutions but it's up to the states to run them and implement them.
Market solutions are good for several things, this isn't one of them.
Unless regulations explicitely incorporate how to handle incumbents & newcomers. One instance of that is MMTIS (multi modal passenger information), which explicitly states innovation and new players as a goal. There are other similar examples.
> Corporations lobby the government to implement laws that seem to hurt them but in actuality create an uneven playing field where marketshare becomes available due to the higher implementation cost
(nit: I assume you meant "marketshare becomes unavailable")
So you mean that regulations that are created based on lobbying by corporations help them become monopolies? Sure, that makes sense. But thats different from a blanket "Regulations create monopolies".
Because the smaller players can't afford to implement the new regulations they lose their marketshare and it now becomes available for the bigger competitors to absorb.
My intuition is that this is not necessarily true, but probably often true in practice but perhaps someone more educated on the matter can speak on that. It must also depend on the expensiveness of the regulation in question. Since in tons of areas regulations are absolutely vital so that for example our buildings don’t collapse, our food remains non-toxic and the medicine we buy is not the pharmacological equivalent to russian roulette the goal should then be to optimise the cost performance of regulations.
DMA seems explicitly written to only target monopolies, though (and seems like a surrender from the EU, since monopolies should be broken up and not get laws codifying their business models IMHO).
Can you imagine the collective screeching, across the White house, HN and Apple reality distortion field, that'd happen if EU attempted to breakup the American monopolies?
Electing to not do something impossible and framing it as a surrender is strange to me.
Working as intended. EU wants you to use a device and OS they can fully control. Don't comply with some new ridiculous regulation? Your app will be banned.
> EU App Store: Apple Removes Thousands of Apps Due to Digital Services Act Requirements
> Apple’s app removals follow the Digital Services Act, a European law requiring all app traders to display verified contact details, including address, email, and phone number.
There's a relatively simple and much more open and secure solution to this: Make physical EU ID cards the attestation source, and require users to tap them against their phone for critical operations (high-value signatures, login on a new device or after repeated authentication failures etc).
That would solve the open hardware/OS "problem" on the device entirely, as there's no trusted hardware or OS signature required anymore. You could argue that this adds the possibility of a MITM attack on the phone (since you don't know what you sign anymore or who you are providing with your PIN, as the card has no display and no PIN pad), but I wonder if mitigating this is worth all the lock-in concerns that phone attestation goes hand in hand with.
As it is, all EU ID cards already have mandatory strong cryptographic authentication, but in a form that's usable only for in-person ID checks (under the corresponding ICAO biometric identity document standards), not for remote ID attestation. This is frustratingly close, but not what's needed.
Here in Germany we had court rulings saying the german railway (DB) must offer offline tickets that do not require a computer or smartphone to purchase to not discriminate against the elderly. I am pretty sure we will see similar rulings for EUDI wallet requiring Google/Apple.
EU should have mandated a user-facing authentication scheme using a random string as the only authentication factor for everything. Pretty much like the API tokens for contemporary enterprise software, except that they would be used by ordinary people and not by application developers.
And complement it with hardware tokens for highly sensitive applications.
Passkeys could have been that, but they were quickly subverted by the industry.
It captures biometrics and is used across India to easily verify identification using OTP on mobile. Used across almost every sphere - bank accounts, passport, financial services like stocks/mutual funds etc.
You get a unique adhar-id (or can generate virtual IDs if sharing temporarily) to verify your identity across any service.
I really don't like how EUDI (OpenID4VP) works in the first place. IMO it should be scrapped and rebuilt from the ground up
It should be an open standard that's local first. Government issues certificate, user loads it into any supported client app on any platform (official, open-source, Google/Apple Wallet, etc). The user should then be able to selectively share data from the certificate with third-parties, directly between the client-app and the third-party, using an open standardized protocol/format. The important challenge is that we obviously shouldn't have to share the entire certificate (which would include all data in it), there shouldn't be a static subject pubkey which creates linkability between data-shares, and obviously we'd need privacy-focused data fields like {"isover18": true} in addition to full DoB.
Its all lining corporate pockets but what can we do? Europe needs sovereign smartphone infra but even if that existed people would still prefer Iphones.
The corporations have the tech and network effects on their side.
A little off topic, but does anybody else think that all these attacks on personal freedoms across the western world are very coordinated? Suddenly all countries are making social media ban under 16 laws. Same goes for centralized digital currency push.
A few years ago as I was working for a local government, a similar discussion started, but quickly finished after the project owner valiantly displayed her dumbphone.
Only months later did I learn that her husband was investigated for misappropriation of funds, so keeping a minimal digital footprint was important for her.
So, if the majority chose to get microchipped, you believe either we should force the minority to get microchipped against their will, or just exclude them from society?
Is it out of character for the EU to push a half baked solution out that covers most but a tiny fraction of the population only to get sued later on and rule against its own idea?
Sarcastic view: Doesn't matter - the EU wont listen, then pull a surprised pikachu and make laws to force googles play integrity to attest that other devices are genuine, because obviously, the problem is google, not stupid design decisions made while creating the app.
Time to reach out to your MEP's! I would imagine the id could web-based for example which would make it much less dependent on the Google's or Apple's "SAFETY" services.
> Governments are cementing a monopoly they claim to oppose
Duopoly but yea. Because there is no third alternative. Microsoft failed/gave up with Windows Phone. The people trying to fix secure government services can't really tackle that issue, but the systems needs to be built now anyway.
There are viable third alternatives which do not require building a full smartphone stack. The national eID in Denmark, MitID, is an app "protected by" Play Integrity, but at least there are two non-smartphone alternatives available in the form of either a TOTP code generator or a FIDO2 chip which you can get for free if you can't or won't buy a smartphone.
Age verification solutions could also be built on dedicated hardware tokens, even though the tokens required to build a ZKP or blind signature based solution may not be available off the shelf right now.
The problem was always that the government could ban you from society via the banks banning you, and you having no recourse because it was a business exercising its right to not do business with you.
Without the proper laws and proper leaders of law enforcement that protect an individuals’ right to transact, one’s rights were always just a technological advance away from being taken away.
Because Apple has always been a closed platform whereas Android started out being relatively open. For Android there is an alternative to Play Integrity which would enable governments to get remote attestation assurance on non-Google Android based operating systems like GrapheneOS, but that alternative does not even exist in the Apple ecosystem.
The EU reference for wallets strictly required google play services https://github.com/eu-digital-identity-wallet/eudi-app-andro...
So Italy's IO app https://github.com/pagopa/io-app (wallet, documents, age verification) continuously refuses the users' request for GrapheneOS support and requires google.
Nothing will change until the lawsuits start coming in.
The only hope is the motorola/grapheneOS collaboration and consumer associations, that might sue for anticompetitive behavior.
Make noise on any channel for the apps that require play services, it will help in the future if the lawsuits start, since it will show user support for the initiative.
The issue isn't just the technical dependency.
It's also the fact that it forces each citizen to pay a few hundred Euros to companies which then campaign against their very rights.
Citizens get no support of any kind in case of issues, and has to enter a contractual agreement which is ridiculously asymmetrical, where the company has little to no responsibility of any kind, but has very ample rights to track the other party in extremely creepy ways.
But ... the alternative is that the government actually pays a bit of money to fix the situation! To support their solutions. To actually develop them for enough devices. To secure them ... Plus the services the government made are way more invasive than the Google/Apple ones.
In addition to the money, actually using them would be hundreds of times more complex, and they don't have the provisions Google has, for example accessibility and security services (like actually stopping people stealing accounts on a large scale). All of this can be done, easily even, but it isn't. Politicians don't want to.
https://www.itsme-id.com/business/platform/identification
https://france-identite.gouv.fr/
https://english.rekenkamer.nl/latest/news/2023/03/29/digital...
Special-casing support for GrapheneOS would be a band-aid, they should find a way to avoid requiring remote attestation in the first place, so anyone can use whatever OS they like.
The lawsuits, sadly, won't matter. "Security" (or, rather, totalitarian control!) is more important than the 1% of nerds who care enough to tinker with their phone.
It's not 1% here though... Graphene has 300k users worldwide. There's 8 million absolutely illiterate and 150 million functionally illiterate people in Europe for comparison on scale here.
>150 million functionally illiterate people in Europe
1/3 of the population functionally illiterate in Europe seems beyond wild to me.
Are you talking about technical illiteracy? security illiteracy?
Or do you mean they can't read english, which is a very different thing.
Functionally illiterate means that they can read in their own language, but they cannot understand the meaning, a part from very simple things.
And we're heading to giving better quality feedback loops to AI models than people. Put this together with ignorance being the mother of evil and...
How good this can become?
"functionally illiterate" means that while you can read your native language, you will not correctly understand what you have just read.
Rates seem to vary state by state, from as low as 8% (denmark) to 43% (romania).
It's also not a clearly defined target, since it would be better to have rates based on the reading comprehension of the average school at year X or something similar.
I'm curious about this definition, just because it's not something I've ever considered before and googling seems to muddy the water even more.
Is it "functionally illiterate" if you can read the language aloud and not understand it, if you also wouldn't have understood the same thing spoken to you? That seems like it's about comprehension ability, not literacy.
Although one thing that just occurred to me is that if your reading level is low, you might be using all your cognition on reading so that you don't have spare capacity to understand as well - that's frequently the case for me with e.g. Chinese where I can read an entire passage out and then the teacher asks what the passage was about and I'm just thinking "I dunno, I wasn't thinking about that but I think I understood everything".
And that's definitely a different problem to being able to sound out the words, but just having no idea what those words mean, whether you read them or heard them.
And does it have to be your native language, or in any language? Not trying to nitpick, it just feels like the phrase can be usefully applied to a foreign language too.
Dunno what the OP meant, but in the UK
https://www.southtyneside.gov.uk/article/16247/Public-Health...
> Guidance tells us the average reading age in the North East is lower than the national average at between 9 to 11 years. To put that into context The Guardian Newspaper has a reading age of 14 and the Sun Newspaper has a reading age of 8.
Health literacy specifically is a major problem in healthcare
https://literacytrust.org.uk/parents-and-families/adult-lite...
> 1 in 4 (26.7% / 931,000 people) adults in Scotland experience challenges due to their lack of literacy skills.
I find that page somewhat ironic as they claim 18% is one in six, but 17.4% is one in five. Seems numeracy is as big a challenge.
The US is no better according to wikipedia
> In 2023, 28% of adults scored at or below Level 1, 29% at Level 2, and 44% at Level 3 or above
> Adults scoring below Level 1 can comprehend simple sentences and short paragraphs with minimal structure but will struggle with multi-step instructions or complex sentences
> Adults scoring at Level 3 or above are considered "proficient at working with information and ideas in texts
https://en.wikipedia.org/wiki/Literacy_in_the_United_States
150 million functionally illiterate people in Europe? Just how is that defined?
Why are you surprised? Europe has 700 million people. Think of the average construction worker you know, do you think they could read and correctly summarize any moderately complex article? Think an article about inflation or evolution or heat pumps or investment funds, etc.
Fairly sure that in most countries the average person reads less than 1 book per year, so half of the population reads less than that. I know people who haven't read a book since highschool, when they were forced to.
Especially as it's claimed to be only 50 Million in the US hahahahahaha
Whoever believes those statistics I have a strait to sell to
I think it does if enough people try this. I will.
Motorola/GrapheneOS, and FairPhone/e/OS.
Yes
There is too much corruption, nothing can be done at this point. Atleast CIE app works on graphene for now so I can do everything else on the web. If they block that idk what I would even do.
Don't assume corruption for something that can be attributed to not giving a fuck.
I do occasionally suspect corruption, but neither Google nor Apple have any incentive to pay off officials to get this passed. They can't beat each other, and the rest of the mobile OS'es is no threat to their revenue.
Google and Apple's odds of being caught are too high to expect they would risk it. They have more to lose if caught than they have to gain.
Obviously some companies do despite the risks, I wouldn't expect this of any individual company, but as a whole some company will once in a while anyway. So stay vigilant.
I do assume corruption, All this random "compliance laws" are not made to help the people but to preserve corporate interest.
Corruption to push it through, not giving a fuck to keep it that way.
One set of people might not give a fuck.
Other interested parties can still be trying to steer the ship.
Honestly, as long as the architectures is fatally flawed (Even if convenient) it's just bandaids over a larger issue.
These mobile id's are too powerful, signing contracts, transfering all your funds or taking loans, regulation is also papering it over a bit by requiring high-stakes lenders,etc to do additional checks.
Germany was going in the right direction imho, they NFC enabled their ID cards (Sweden has info on them but no enablement procedures) that is then paired with the app, so the card acts as a 2nd factor that makes the app itself less of a security issue since a user will be required to physically enable it (sadly the NFC pairings are kinda fiddly.. but I'd take that as a security option for all non-trivial transfers).
> These mobile id's are too powerful, signing contracts, transfering all your funds or taking loans, regulation is also papering it over a bit by requiring high-stakes lenders,etc to do additional checks.
Many countries in the EU already have all of that just done though some national equilevant system (for example here in Finland mainly with bank credentials).
And in fact additonal checks are done when enough money is moving. For example when I signed my bank loan for an apartment I had to sign it again after 24 hours just to be really really sure that I wanted to sign it.
For smaller (but still big enough) stuff a second "second factor" usually kicks in usually in the form of a sms verification after the actual proper login with bank credentials (which has a proper 2 factor auth in itself too)
Even relying on Android's hardware attestation API instead of Play Integrity is an attack on digital autonomy in my opinion. Any security feature which relies on remote attestation of the users entire platform is government overreach as it ultimately gives the government the power to choose what operating systems are acceptable. It is only a matter of time before this power will be misused to put pressure on OS developers to install backdoors for the intelligence agencies. And no, asking people to own two smartphones is not a solution to this problem.
Anonymous digital age verification based on a suitable ZKP scheme and/or blind signatures does not require a general purpose operating system, it just requires a few cryptographic primitives and a set of device-bound keys. It is not too much to ask that the EU develops a specialized hardware token with these exact capabilities and offer them for free to all citizens as an alternative to the app. This also gives the citizens of EU the freedom to choose not to own a smartphone without having their access to digital services severely restricted.
I'm ok with enforcing hardware security. Both for banks and governments.
But it must not limit the ability of running custom software on a phone. And especially not enforcing every person to get a Google/Apple signed phone.
Like if I get GrapheneOS on my phone. Banking/gov apps should work. But I believe this could be possible with enforcing hardware security as well.
Exactly, I'm not sure what benefits hardware attestation offers to the government. Sure, it's potentially useful for the customer that they can trust their keys are secure on their device, but it kind of misses the point.
It should really be an open-source specification that defines a standard protocol, but where the device just signs a request that it knows has come from a trusted source (so maybe signed by the government's key) with a key that the government's API knows that represents you.
So, I'd envisage something like government portal lets you add a bunch of public keys, one for each device, and shares a public key of its own that can be used to verify any requests. Something that wants to verify your identity can request your public key, and ask the government API for a challenge token which it passed back to you. You can verify the challenge token is signed by the key you trust, you can sign the challenge and return it to the app, which can pass it back to the government API which can then grant access to whatever subset of information they requested (and the challenge key can include enough information for the signing app to present a meaningful request).
Very simple in terms of protocol. Only the government needs to store any of your private data. If an application just needs to know if you are of a sufficient age or not, that's all the information it gets. If you lose your device you can easily revoke your keys and add new ones.
Sure, a specific implementation on a phone might want to use hardware attestation in order to keep its keys safe, but there's no reason that it has to be mandated. A well designed public key system should be sufficient leaving the implementation to safeguard its keys, while providing a simple way to replace keys if needed.
There seems to be no awareness from EU govenments about how much power we're handing over to two large outside companies. This incompetence in the leadership will cause a lot of harm over the years. This has been going on for a long time.
A European digital ID system that is entirely dependent on 2 US companies.
Wasn't there some talk about the pressing need for European digital sovereignty recently? Or was that just performative nonsense?
> Wasn't there some talk about the pressing need for European digital sovereignty recently?
At FOSDEM, we discuss this at great length. There has been some movement, and I am optimistic that it is improving year on year.
I'm sorry but clearly the introduction of these apps with these requirements in the near past and near future represent regression over time rather than improvement.
I think it was last year that there was a good presentation from them about how they were going to use ZKP and it was indeed very trust inspiring. But do you think the latest digital wallet solution from eg Danish government uses ZKP? Of course not!
I have to say that the tune they play at FOSDEM and what we see put into production are just two different things.
Not really. EU is actually trying to decouple. But in many cases there are not any homegrown alternatives to support. There is not a single company in EU that could replace, even a considerable part, of software stack provided by Google and Apple.
And, unless the regulatory environment changes., there probably never will be.
Thr answer to US tech giants are not homegrown EU tech giants, but international free software (Free as in Freedom). We already have free operating systems: Linux, BSD. Office software: LibreOffice, etc.
EU regulators have stop listening to tech company lobbyists.
This is simply untrue. The tech is there, the will (money) isn't.
> But in many cases there are not any homegrown alternatives to support
There shouldn't need to be. Realistically for something like this an EU backed highly-audited non-profit should be in place for permanent highly controlled services like this that do not rely on any non-EU entities for it to function.
How much money did the EU finance towards alternatives last year then?
I hear them complaining but for now, the alternatives are mostly run by hobbyists.
We're starting from so low that even a few dozen millions would help a lot.
> €2 billion over seven years to fund alternatives to proprietary software
I'll believe it when I'll see it, for now I haven't seen any of the Android forks (LineageOS, EOS, GrapheneOS...) or Linux OS (Phosh, Plasma mobile, Ubports, ...) get any funds from the EU.
You will see it when you look.
Jolla?
The US can call Austria in 5 minutes and with no burden of proof get the airspace permit for a head of sovereign state revoked and the plane swatted instantly upon landing, because someone might have been on board (he wasn’t) whose only real crime was embarrassing the USA by exposing their fundamentally unconstitutional lawbreaking.
Same goes with the prosecutors in Sweden; a phone call and the US got, not charges (as that would actually be official misconduct in Sweden), but enough of an official statement from a prosecutor to get the words “Assange” and “rape” in headlines together around the world by that evening.
European countries are, by and large, lapdogs of the USA. It’s sad. And then the US president turns around and stabs them in the back by threatening invasion and annexation, or complete disregard for the fundamental obligations of NATO members.
I really don’t know what the fuck the Europeans are thinking by playing the US’s stupid games. As we see time and time again, it won’t be repaid in kind.
Unfortunately the big game is opaque it's close to impossible to understand for the common folk. So many questions, so tough to grasp answers. Sickening. The enemy is hiding. One could say that paying the taxes in some form is a path toward a destruction. Phrases like "war economy" are lunatic. It all starts in your mind, and that's why it's the most important to protect your children from the propaganda. Take care!
Neither US or EU are monoblocks though.
Obviously, on both side (and beyond) they are nice people trying to plan good things without being too naive. But bragging all day through and destroy all that is in your power is both easier and more attention grabbing than discrete hard work at building better future for everybody.
What they're thinking is that they really don't want to be playing Russia's stupid games.
Europe will never have digital sovereignty from the US.
It will take 100 years and an extremely expensive, government-mandated reimplementation of every critical US tech service and company.
No EU country is putting up budget for this, and no private enterprise is going to do it because building a worse version of AWS just so that it is "European" makes no financial sense and would most likely just fail anyway.
> building a worse version of AWS just so that it is "European" makes no financial sense
Unless it becomes necessary because of EU regulation?
Can you mention a single decent product that came out "because of EU regulation"?
Hopefully not. This hate towards good technology and innovation because you don’t like the current president is ridiculous. He’ll be gone in two years or so and then we’ll get back to normal.
I don't thing things are going back to the previous state of affairs after this.
Wishful thinking at the early days of any autocratic government, until reality kicks in elections are only a ritual to pretend otherwise.
> This hate towards good technology and innovation
Mine is to a collective people that vote in these people. I get that people can change, grow, evolve etc but I didnt trust a german for 60 years, I wont trust an american for at least a generation.
I heard this one a lot 6+ years ago
Has nothing to do with Trump. Trump just made the need more obvious but these talks are not new.
As things are moving, there's currently no garantee that Trump won't hold his promise US citizen will never have to vote again.
And even if the bipartisan system make a small turn over, the issue is systemic.
I agree with the premise but have the feeling that it’s less about the money. People here in Germany use WhatsApp and Instagram and Gmail and MS Office and Windows not because there are no alternatives but because they either don’t know or don’t care to switch. People are notoriously difficult to convince to switch platforms even if they‘d get more benefits on the other side. My mom does not want to touch any email client besides outlook and she does nothing but read and very occasionally reply to singular emails and she requires only the barest functionality of an email client. Half of my family gets a panic attack when the windows interface changes again. The idea of switching messengers recently in my rather tech sawy circle of friends has resulted in a multi day discussion with no real outcome mainly because some just don’t want to deal with two messengers while their friends and family remain unconvinced. We already have social media, hosting, email, operating systems, messengers and the likes from European providers. People just don’t want to switch.
Eh, it's less fixed than you describe.
If there is a higher level mandate or incentive to switch, people absolutely will - for example, if a government decides en masse to switch away from one OS or platform. [0]. This will likely be hugely influential, as then everyone who wants to communicate effectively with that government needs to make sure that they are compatible - which will likely drive adoption of the alternate technologies over time.
However, IMO the big challenge is MS Office - as much as people like to mention the FOSS Office alternatives, there's still a huge gap to cross before mainstream companies will adopt them. (To paraphrase, no-one gets fired for choosing Microsoft Office.)
Beyond this, on the more 'personal' level you discuss, the picture is more varied than you describe. Some people's elderly parents absolutely can and do switch to different email clients or browsers. Some groups of friends can and do switch messenger platforms - my personal comms are now split roughly 80:20 between Whatsapp (the default) and Signal. (It just took a determined minority deciding to switch, and the others followed.)
> We already have social media, hosting, email, operating systems, messengers and the likes from European providers.
Yes, but they aren't really competitive, as they currently aren't the easy/free/well-marketed/popular options that everyone defaults to when they first get a computer, or that their friends are already using. It's just network effect and inertia.
This can and will change if the need for a reduced dependence on the US continues to be front and center of people's minds. (Note this is mostly driven by the Trump administration's behaviour; the next president could probably heal many of these wounds and our European politicians will move one to caring about something else.)
[0] https://www.rfi.fr/en/france/20260417-france-to-remove-windo...
Mostly true, until reality forces otherwise, e.g. Huawei.
Regulations create monopolies. Even when regulations are aimed at curbing the control of giants, smaller players usually can't afford them and lose market share. This is actually taught as a competitive advantage strategy in business school. Corporations lobby the government to implement laws that seem to hurt them but in actuality create an uneven playing field where marketshare becomes available due to the higher implementation cost.
Aren't monopolies is what we end up by default if have no regulation at all?
And yes, not every regulation destroys monopoly, but regulation is the only thing that could break one.
> Aren't monopolies is what we end up by default if have no regulation at all?
No. Monopolies are only inevitable if the goods aren't elastic, if there is a large cost of entry into the market, or if its a market you can create a moat that is unsurmountable.
Many markets don't have that even with 0 regulation, but might have second order problems like firms creating unsafe products for example.
But in general regulations almost always even unindentedly raise the cost to enter the market. If you make a new regulation that food needs to be safe, then the company needs to pay a safety inspection that a small home-made recipe might not be able to afford (to give a simple example).
At the same time, we now have uber large corporations due to non elastic parts of supply chain (like land) or moats that are insurmountable (like access to US capital). In which case, the FCC should break up monopolies as the current market is not catering to end users and consumers but to owners, which is why the Stock market has been in a never ending bull run.
There is always imperfect information, there is no such thing as a perfect market and as a result regulation will always be needed to curb the excesses such as monopoly. Even if we had perfect information, humans remain irrational. This is a simple fact of life and the universe.
Are there any examples of monopolies being (successfully) broken up in Europe? Or do you posit that regulation stop them from forming?
Pre WW2 Europe was full of (state backed) cartels and monopolies. These were dismantled for the most part.
A lot of these were international. Just read up on "Cartel capitalism".
https://www.cambridge.org/core/journals/enterprise-and-socie...
The European Steel and Coal Community (precursor of the EU) was also involved in the effort to stop these. In general this has been something the EU has been involved in since its inception and the best action against monopolies is to not let them form in the first place (why there is so few of them in general in most developed countries. Though that is now slowly changing it seems)
Look into the mechanisms being worked on to create competition in rail operators (which has been opening the markets to competitor rail operators)
> Aren't monopolies is what we end up by default if have no regulation at all?
No.
19th century begs to differ.
A better answer would be 'not always'.
The proposed regulations forcing everybody to use google or apple are ridiculous and very much the opposite of the kind of regulations we need though...
or “sometimes not, until more data arrives”.
> Regulations create monopolies. Even when regulations are aimed at curbing the control of giants, smaller players usually can't afford them and lose market share. This is actually taught as a competitive advantage strategy in business school. Corporations lobby the government to implement laws that seem to hurt them but in actuality create an uneven playing field where marketshare becomes available due to the higher implementation cost.
The only way to guarantee a monopoly is to have a total lack of regulation. It's known that every "free" market will tend towards monopoly due the 1% law. Regulations are the only way to actually guarantee free markets because perfect free markets only exists in abstract, not in reality. Sometimes, a free market is the wrong solution and you need a regulated monopoly instead and with identity that's the best solution. Why? Because identity is unique to the individual. A individual must (in theory) only have one identity and with very extreme and usually well documented exceptions, such identity doesn't change. The state is the one that must provide a good way for identity and if smaller countries doesn't have the resources, then big countries should provide for all. Also, it removes incompatibility inter-countries while keeping private interests out.
The state should have the sole monopoly on attesting to anyone identity. Because they are the only ones that are not affected by market conditions. This is how countries that have advanced in this topic actually work. If individual states can't reach a common solution, then the collective must do so. The collective failed here because it recommended a private solution rather than mandated a european one. Private sector must not dictate what or how identity is attested, because the private sector has it's profit pursuing agenda, state must evaluate solutions but it's up to the states to run them and implement them.
Market solutions are good for several things, this isn't one of them.
Unless regulations explicitely incorporate how to handle incumbents & newcomers. One instance of that is MMTIS (multi modal passenger information), which explicitly states innovation and new players as a goal. There are other similar examples.
> Corporations lobby the government to implement laws that seem to hurt them but in actuality create an uneven playing field where marketshare becomes available due to the higher implementation cost
(nit: I assume you meant "marketshare becomes unavailable")
So you mean that regulations that are created based on lobbying by corporations help them become monopolies? Sure, that makes sense. But thats different from a blanket "Regulations create monopolies".
Because the smaller players can't afford to implement the new regulations they lose their marketshare and it now becomes available for the bigger competitors to absorb.
My intuition is that this is not necessarily true, but probably often true in practice but perhaps someone more educated on the matter can speak on that. It must also depend on the expensiveness of the regulation in question. Since in tons of areas regulations are absolutely vital so that for example our buildings don’t collapse, our food remains non-toxic and the medicine we buy is not the pharmacological equivalent to russian roulette the goal should then be to optimise the cost performance of regulations.
Regulations __can__ create monopolies. DMA is a regulation, but it does not have the shortcomings you mentioned.
DMA seems explicitly written to only target monopolies, though (and seems like a surrender from the EU, since monopolies should be broken up and not get laws codifying their business models IMHO).
Can you imagine the collective screeching, across the White house, HN and Apple reality distortion field, that'd happen if EU attempted to breakup the American monopolies?
Electing to not do something impossible and framing it as a surrender is strange to me.
The countries that let Donald Trump's screeching dictate their policies don't fare any better than those who ignore it.
Working as intended. EU wants you to use a device and OS they can fully control. Don't comply with some new ridiculous regulation? Your app will be banned.
> EU App Store: Apple Removes Thousands of Apps Due to Digital Services Act Requirements
> Apple’s app removals follow the Digital Services Act, a European law requiring all app traders to display verified contact details, including address, email, and phone number.
https://www.techrepublic.com/article/eu-app-store-apple-digi...
You think apps which wouldn't want to implement Chat Control will remain on the app store?
EU to legislate about Chat Control behind closed doors (https://news.ycombinator.com/item?id=48707719)
The only problem is, EU does not control these devices, Google and Apple and by extension the US government does.
Oh they sure do, because Google/Apple have to bend over backwards for the EU as they are not stupid enough to suddenly lose 500 million users.
There's a relatively simple and much more open and secure solution to this: Make physical EU ID cards the attestation source, and require users to tap them against their phone for critical operations (high-value signatures, login on a new device or after repeated authentication failures etc).
That would solve the open hardware/OS "problem" on the device entirely, as there's no trusted hardware or OS signature required anymore. You could argue that this adds the possibility of a MITM attack on the phone (since you don't know what you sign anymore or who you are providing with your PIN, as the card has no display and no PIN pad), but I wonder if mitigating this is worth all the lock-in concerns that phone attestation goes hand in hand with.
As it is, all EU ID cards already have mandatory strong cryptographic authentication, but in a form that's usable only for in-person ID checks (under the corresponding ICAO biometric identity document standards), not for remote ID attestation. This is frustratingly close, but not what's needed.
Here in Germany we had court rulings saying the german railway (DB) must offer offline tickets that do not require a computer or smartphone to purchase to not discriminate against the elderly. I am pretty sure we will see similar rulings for EUDI wallet requiring Google/Apple.
EU should have mandated a user-facing authentication scheme using a random string as the only authentication factor for everything. Pretty much like the API tokens for contemporary enterprise software, except that they would be used by ordinary people and not by application developers.
And complement it with hardware tokens for highly sensitive applications.
Passkeys could have been that, but they were quickly subverted by the industry.
But this does not allow tracking nor marketing, so why would they do that?
Because of Digital Sovereignty concerns?
...how does that align with what the EU government is doing? The whole point is for you NOT to be sovereign!!!
You don't think anyone in EU bureaucracy has any concerns regarding Digital Sovereignty, do you?
If this can win elections, then why not?
Why cant EU have something like Adhar (ID-verification for Indians) https://uidai.gov.in/en/
It captures biometrics and is used across India to easily verify identification using OTP on mobile. Used across almost every sphere - bank accounts, passport, financial services like stocks/mutual funds etc.
You get a unique adhar-id (or can generate virtual IDs if sharing temporarily) to verify your identity across any service.
To paraphrase Napoleon - because India has the will to do it, and the EU does not.
I really don't like how EUDI (OpenID4VP) works in the first place. IMO it should be scrapped and rebuilt from the ground up
It should be an open standard that's local first. Government issues certificate, user loads it into any supported client app on any platform (official, open-source, Google/Apple Wallet, etc). The user should then be able to selectively share data from the certificate with third-parties, directly between the client-app and the third-party, using an open standardized protocol/format. The important challenge is that we obviously shouldn't have to share the entire certificate (which would include all data in it), there shouldn't be a static subject pubkey which creates linkability between data-shares, and obviously we'd need privacy-focused data fields like {"isover18": true} in addition to full DoB.
Its all lining corporate pockets but what can we do? Europe needs sovereign smartphone infra but even if that existed people would still prefer Iphones.
The corporations have the tech and network effects on their side.
A little off topic, but does anybody else think that all these attacks on personal freedoms across the western world are very coordinated? Suddenly all countries are making social media ban under 16 laws. Same goes for centralized digital currency push.
They should not make it mandatory for or expect people to have a smartphone.
A few years ago as I was working for a local government, a similar discussion started, but quickly finished after the project owner valiantly displayed her dumbphone.
Only months later did I learn that her husband was investigated for misappropriation of funds, so keeping a minimal digital footprint was important for her.
Moral of the story: everyone has a smartphone.
So, if the majority chose to get microchipped, you believe either we should force the minority to get microchipped against their will, or just exclude them from society?
"Your papers, please"
Is it out of character for the EU to push a half baked solution out that covers most but a tiny fraction of the population only to get sued later on and rule against its own idea?
Digital single market, digital sovereignty and all those nice words...
Sarcastic view: Doesn't matter - the EU wont listen, then pull a surprised pikachu and make laws to force googles play integrity to attest that other devices are genuine, because obviously, the problem is google, not stupid design decisions made while creating the app.
I think EU is warming up to the possibility that relying on US tech is has strategic consequences.
Previous discussion, related to grapheneos: https://grapheneos.org/articles/attestation-compatibility-gu...
Time to reach out to your MEP's! I would imagine the id could web-based for example which would make it much less dependent on the Google's or Apple's "SAFETY" services.
You can just continue using native apps, just dont include / depend on proprietary attestation APIs such as safetynet
Seif-Sovereign Identity wallets that are cross-device are the way around this, but relies on institutions following this path.
Vendor lock-in is real
> Governments are cementing a monopoly they claim to oppose
Duopoly but yea. Because there is no third alternative. Microsoft failed/gave up with Windows Phone. The people trying to fix secure government services can't really tackle that issue, but the systems needs to be built now anyway.
There are viable third alternatives which do not require building a full smartphone stack. The national eID in Denmark, MitID, is an app "protected by" Play Integrity, but at least there are two non-smartphone alternatives available in the form of either a TOTP code generator or a FIDO2 chip which you can get for free if you can't or won't buy a smartphone.
Age verification solutions could also be built on dedicated hardware tokens, even though the tokens required to build a ZKP or blind signature based solution may not be available off the shelf right now.
> but the systems needs to be built now anyway.
I question that premise.
They can't tackle issue oft establishing a 3rd popular mobile operating system, true. But they could support Desktop Linux or AOSP.
Windows Phone wouldn't be much help here, still an US company.
I use coinpay’s DID it is simple anonymous and works it’s open source too
Yes, but you can't sign the device, that is what Google and Apple do.
From fingerprint/face id to digital id..
Like banking apps are now using play protect/depending on Google.
(Just a matter of time Google/Apple will be a banks themselves, as is the danger with governments)
Ofcourse the world could be a more open place, but constraint, rules and control are too pleasing to not implement, sadly.
The problem was always that the government could ban you from society via the banks banning you, and you having no recourse because it was a business exercising its right to not do business with you.
Without the proper laws and proper leaders of law enforcement that protect an individuals’ right to transact, one’s rights were always just a technological advance away from being taken away.
I don't know who thought that national ids should be vetted by two private companies, not even European!
No thanks, I don't want any of that for obvious security reasons
Huh. This article lumps Apple in with Google when its only qualms seem to be with Google's terrible behavior. The entire article is about Google Play.
Because Apple has always been a closed platform whereas Android started out being relatively open. For Android there is an alternative to Play Integrity which would enable governments to get remote attestation assurance on non-Google Android based operating systems like GrapheneOS, but that alternative does not even exist in the Apple ecosystem.
Yeah, what alternative is there for iOS except the framework that Apple supplies?