European Digital identity
looks inside:
Hosted on GitHub in the US 👏
Why is the EU licking america’s asshole?
'Cos it’s been turning (far-)right as well in the last few years.
Which is why Europeans shouldn’t be too eager to laugh about the US being a fascist hellhole. It could happen there again if they’re not vigilant.
What’s going on with Europe lately? You all really want GOOGLE of all mega corps in control of your identity?
You’re going the opposite way, it should be your right to install an alternate OS on your phone. If anything they should be banning Google licensed Android.
Its not the populace, our politicians just like in the US have gone rogue. People are voting for the nutters due to anti immigration propaganda and so increasingly getting far right. Its happening across the entire western world and its bad news for everyone.
had a hope for europe to actually be socialists, at least no one ever confuses america for being left
They get their tech advice for laws from big tech.
I just wanted the EU to fork lineageOS and provide it as an alternative in major chains.
Fwiw there’s fairphone with eOS
I miss LineageOS so much, my last couple of phones haven’t had a build of it and my asshole banking apps wont work on it now.
For my next phone i’m just not going to buy one unless it’s already supported and if I have to skip online banking I’ll do it.
I use the banks webpage. Still works on LineageOS even when the app doesn’t
one advantage of cards over banking apps
I use cards, I don’t even have NFC on my phone, but it is nice to be able to check my bank account, lock/unlock the card, deposit checks, etc.
I may be able to do most of that on the website, idk. Guess I’m probably going to find out :)
I can just text bal to my bank to get my balance
Use the old phone w generic android for banking apps. Most banking websites will still have app functionality too
to hear it from any non-Americans on lemmy they’re better than America.
looks like they’re just as susceptible to this fascist bullshit to me though…
We invented this bullshit, of course we’re susceptible.
Still better than America, though ;P XD
Hey Google, where was the origin of fascism?
Well, I hope they’ll pay for my “EU age verification” phone, since my own won’t work. I’ll gladly buy one and not use it either.
so if I use graphene os then I can’t look at porn in the eu
Just use a VPN then.
Wait till they put up a EU Great Firewall and ban VPNs
While this will happen eventually, and circumvention takes skills, it is fundamentally possible, for motivated individuals.
What is it with everyone being obsessed with porn censorship suddenly? Why is this a trend?
At first I thought it’s about control and data gathering, but this seems like too much of a genuine attempt at such a system. Why is the government so obsessed with parenting and nannying the citizens?
- Govt. want to control access to everything
- People are not too happy about this
- Govt. say “to protect children, you have to install this app, under these conditions”
- You want to protect childrens, so you do so
- Govt. say “to protect this or that, we have to impose approved gates on many websites, based on the app you installed before”
- You want to protect this or that, so you accept it
- Govt. say “fuck you, you whatever is not in line with the fucking biggot at the helm of your country/federation/whatever, now we know what you do, we control what’s allowed, and anything to get around the blocks is illegal and will land you in jail. Fuck you again, fucker.”
- You’re a happy little plant in a pot.
Basically, it’s not about porn. It’s not about protecting kids. It’s not about helping “victims of abuse”. If anything, it’s putting all these in more danger, along with everyone else.
In addition to the other answers, I want to add that the anti-porn stuff gives them the reason they need to force you into a more monitored environment. In which, everything you do is tracked. Your instinct is right imo. They want Google monitoring your mobile device as the primary piece. It’s legislative market capture and fascism at the same time. No one company has to have all the info on you, but in forcing you to confirm yourself they make it so half a dozen can report on you if your habits trigger something. Half the technology is already in place as it’s been built under the guise of better ad targeting.
The legal precedent for gaining the ability to ban content under the guise of preventing the dissemination of “obscenity” allows the future banning of “obscene” political opinions and “obscene” dissent.
Once the “obscene” political content is banned, the language will change to “offensive”.
After “offensive” content is banned, then the language will change to “inappropriate”.
After “inappropriate”, the language will change to “oppositional”.
If you believe this is a “slippery slope” fallacy, then as a counterpoint, I would refer to the actual history of the term “politically correct”:
In the early-to-mid 20th century, the phrase politically correct was used to describe strict adherence to a range of ideological orthodoxies within politics. In 1934, The New York Times reported that Nazi Germany was granting reporting permits “only to pure ‘Aryans’ whose opinions are politically correct”.[5]
The term political correctness first appeared in Marxist–Leninist vocabulary following the Russian Revolution of 1917. At that time, it was used to describe strict adherence to the policies and principles of the Communist Party of the Soviet Union, that is, the party line.[24] Later in the United States, the phrase came to be associated with accusations of dogmatism in debates between communists and socialists. According to American educator Herbert Kohl, writing about debates in New York in the late 1940s and early 1950s.
The term “politically correct” was used disparagingly, to refer to someone whose loyalty to the CP line overrode compassion, and led to bad politics. It was used by Socialists against Communists, and was meant to separate out Socialists who believed in egalitarian moral ideas from dogmatic Communists who would advocate and defend party positions regardless of their moral substance.
— “Uncommon Differences”, The Lion and the Unicorn[4]
Fascism is making a comeback, and everyone’s dumb enough to believe it’s an America problem, instead of a global oligarchy, class war, problem.
FYI: Most of the world actually restricts, and some outright bans, porn.
Its only western countries that have unrestricted access to porn.
Been wondering myself. It’s certainly part of the general right-ward trend. Societies are becoming more illiberal. It’s not just the right that is moving to the right.
Obscenity laws have always been about enforcing the “correct” sexuality. Protecting minors meant preventing them from becoming “confused”; ie becoming LGBTQ.
You also have growing nationalism. In Europe, people are saying we should enforce “our laws” and “our values” against meddling foreigners (ie Big Tech). It often sounds a lot like the rants against the “globalists” that have been a staple among the US far right for decades. Age verification is part of that.
For example, Germany has long enforced age verification within its borders. It’s part of the whole over-regulation thing that makes competitive tech companies almost impossible in Europe. For some reason, Europeans have trouble accepting that. You can see it here on Lemmy. The solution must be to enshittify everything to level the playing field.
Why is the government so obsessed with parenting and nannying the citizens?
I think it’s because people from outside the traditional political families are getting popular votes.
For the established politicians, blaming “the internet” and building a supressing censorship machine is easier than looking in the mirror and seeing where the discontent comes from.
This is just my speculation, so take it as you will. The EU has been pushing for digital ID cards for quite a while, and this is just another attempt. The last serious attempt was the Covid vaccination passport, but so many people still opted for paper certs, and the rest deleted the app when vaccination was no longer mandatory, that it failed again. So, now the authorities are becoming smart and trying to go through the vector that has a proven record of driving technological change: porn.
Gonna guess it’s outside influence with money pushing their ideology. Just like the crap with Visa and steam, itch.io, etc.
This has been discussed a while back, at least here in NL as far as I know it started because of legalising online gambling for which you need to be identified. Also, due to GDPR, businesses aren’t allowed to make copies of ID’s/passports/driving licences any more which is required for certain businesses (notaries, accountants, etc). In my office we currently use some kind of identification software, but it isn’t anonyms because well we wouldn’t be able to do our job.
This sounds like a misunderstanding of gdpr to me?
There is a bit of a conflict between the laws requiring certain companies to identify their clients and GDPR in basis, but there is something in GDPR that allows these companies to still collect the relevant data and use it or to verify the data and not store it depending on the use case.
The whole use case thing is even the reason why companies are allowed to collect data from you. You couldn’t get anything delivered if this exception wasn’t there, because they wouldn’t be allowed to progress your address.
At least that’s what I gathered from the Dutch implementation the AVG, when I last read it a couple years ago.
Too many bots online :D I’d like to know if I’m talking to a real sockpuppet when I’m online :D…but just for that and only share data from my “wallet id” on a strict need to know basis.
Please don’t link to Reddit. Context below:
The EU is currently developing a whitelabel app to perform privacy-preserving (at least in theory) age verification to be adopted and personalized in the coming months by member states. The app is open source and available here: https://github.com/eu-digital-identity-wallet/av-app-android-wallet-ui.
Problem is, the app is planning to include remote attestation feature to verify the integrity of the app: https://github.com/eu-digital-identity-wallet/av-app-android-wallet-ui?tab=readme-ov-file#disclaimer. This is supposed to provide assurance to the age verification service that the app being used is authentic and running on a genuine operating system. Genuine in the case of Android means:
-
The operating system was licensed by Google
-
The app was downloaded from the Play Store (thus requiring a Google account)
-
Device security checks have passed
While there is value to verify device security, this strongly ties the app to many Google properties and services, because those checks won’t pass on an aftermarket Android OS, even those which increase security significantly like GrapheneOS, because the app plans to use Google “Play Integrity”, which only allows Google licensed systems instead of the standard Android attestation feature to verify systems.
This also means that even though you can compile the app, you won’t be able to use it, because it won’t come from the Play Store and thus the age verification service will reject it.
The issue has been raised here https://github.com/eu-digital-identity-wallet/av-app-android-wallet-ui/issues/10 but no response from team members as of now.
So is there a way to apply pressure on the EU to think this through first? Surely they could have different ways that doesn’t lock them in to google services.
According to the users in that issue, the mere application of the API is illegal, as is the dependency. Sooo I dunno what kind of PACs there are in the EU but I would be leaning on and contributing to those.
I do feel like that’s a precarious state to leave this in, especially if they’re developing the backend for it.
Is there even enough momentum for a SKG-style wave of coverage? It would need to be justified properly by citing things like the Tea app data leak, to make a strong case (to political pencil pushers) for the danger of tying personal information to profiles or even to platforms. Otherwise the only thing they’ll see is “gamers want to make porn accessible to children”.
I don’t know. This whole situation boils my blood because I really care about online anonymity, and this is kind of nightmare scenario shit for me. I’m not even in the UK or EU.
I’m not even in the UK or EU.
We’ve had this shit in the US for a while now.
To avoid people from simply copying the “age proof” and having others reuse it, a nonce/private key combo is needed. To protect that key a DRM style locked down device is necessary. Conveniently removing your ability to know what your device is doing, just a “trust us”.
Seeing the EU doesn’t make any popular hardware, their plan will always rely on either Asian or US manufacturers implementing the black-box “safety” chip.
If it is about hiding some data handled by the app, that will be instantly extracted.
There are plenty of people with full integrity on rooted phones. It’s really annoying to set up and keep going, and requiring that would fuck over most rooted phone/custom os users, but someone to fully inspect and leak everything about the app will always be popping up.The key doesn’t have to be on your phone. You can just send it to some service to sign it, identifying yourself to that service in whatever way.
Wouldnt it be enough to verify through IMEI to make sure the OS isnt emulated?
IMEI is PII
Is it tied to my real identity?
If not it seems to me that it should be sufficient as to serve as a security this phone is legit and not emulated/compromised.In the eu, phone numbers by law are tied to state identities.
And the phone provider can naturally resolve their sim IDs down to the phone number they are assigned to.
Anything related to celltower interactions is PII.Yes it’s tied to your identity. That’s what PII is. It’s also not tied at all to your OS.
-
Yeah no. Requiring anything Google for something as basic as this violates the GDPR. If they go through with this, it’s one legal case until they have to revise it.
Edit: German eID works on any Android btw., flawless actually. I sure hope I can use that for verification
violates the GDPR.
I wouldn’t be too sure. Data protection mainly binds private actors. Any data processing demanded by law is legal. You’d really have to know the finer points of the law to judge if this is ok.
Edit: German eID works on any Android btw., flawless actually. I sure hope I can use that for verification
Same in Italy… I mean, I can pay taxes with that application but I cannot be verified for my age ? Seriously EU ?
deleted by creator
Yes and the PC app you connect the Android app to also works on Linux. It’s even on flathub. Pretty nice, can’t complain.
That Flathub app is unofficial afaik, which is why I don’t use it. Normally I wouldn’t care, but this seems important enough to not use a repackaged version
EID and equivalents are great for a lot of things, but do you want your porn site to know who you are? The new app is supposed to verify your age but not give out your PII. Not sure eID can do that?
EID can be used for anonymous age verification. It doesn’t even need to give out your birthday and can attest to any “over the age of X” requirement.
Ah, better than what we have in Estonia then
“Government issued app can be used for anonymous age verification.”
Doesn’t sound like the most trustworthy statement…
They killed the old net and are in the middle of murdering the new one too.
Fuck the play integrity API, Play Store and Google play services
And the EU for their stupid fucking censorship
Sure, but it has some good sides as well
It’s just a shame that they aren’t just made of the good sides
The US might have shot itself in the foot by electing Trump, but the EU is really going to shoot itself in the head if that continue in the same trajectory.
deleted by creator
Sorry to horrify you but we are definitely worse.
You should read more international news if you think either the EU or US is “the worst place”. Somalia for example has been in civil war since the 1980s.
So, darkweb sites it is.
So VPN on the router permanently set to Singapore it is.
Apparently this is illegal to implement as of right now, but it’s not helping the feeling of technological doomerism I get whenever I think about this whole identity verification situation.
Sorry, do you have any sources for this? I was just thinking about getting a VPS in Switzerland today.
Some other commenter mentioned that this is brought up in issues tracker in the repo. Sorry, I didn’t actually check for it.
I’m not in the EU, I didn’t dig into it. FWIW I am also moving my own connections to exit from Switzerland sooner or later.
Wut?!?!
It hurt itself in its confusion!
Google Pain Services
