Felicitas Pojtinger 🌅So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function
Absolutely pathetic
If a German citizen gets sanctioned by the US government, once this is implemented (later this year), that means they will no longer be able to be a participating member of German society, e.g. to show their (digital) driver's license to traffic police
mjarteaga@pojntfx This scenario raises two main conflicts:
Availability and Access: The GDPR and EU principles require that access to fundamental rights not depend on third countries. Forcing a citizen to accept the terms and conditions of a private U.S. company in order to use their state-issued identity is viewed by many regulators as coercion that invalidates the “free consent” required by the GDPR. 1/2
Availability and Access: The GDPR and EU principles require that access to fundamental rights not depend on third countries. Forcing a citizen to accept the terms and conditions of a private U.S. company in order to use their state-issued identity is viewed by many regulators as coercion that invalidates the “free consent” required by the GDPR. 1/2
refraction 
@mjarteaga @pojntfx and who's gonna enforce the law of the state decides they won't? GDPR enforcement is already bad.
The Vampire Fish Queen@pojntfx Mitigation Measures in Germany and the EU 1/3
To prevent this technological “lock-in,” several measures are being implemented:
Alternatives Outside Official Stores: The EU is exerting pressure through the Digital Markets Act (DMA) to compel Apple and Google to allow the installation of apps from alternative sources (“sideloading”) and open access to their security chips without going through their accounts.
@pojntfx Mitigation Measures in Germany and the EU 2/3
Interoperability between Member States: According to the regulation, if the German wallet fails due to a lockout, citizens should be able to legally use any other certified wallet from another EU country to identify themselves for German services.
Richard Wonka@mjarteaga id be e interested in a list of those alternatives - and their details
@richardwonka Interoperability is at the heart of the new eIDAS 2.0 Regulation (EU 2024/1183). Its aim is to ensure that any citizen of the European Union can use their national digital wallet to identify themselves and carry out administrative procedures in any other Member State without difficulty...1/4
@richardwonka Pillars of Interoperability
Mandatory Mutual Recognition: Unlike previous regulations, where recognition was voluntary in many cases, the new framework requires all Member States to accept electronic identification means issued by other countries that meet "substantial" or "high" assurance levels. 2/4
@richardwonka Pillars of Interoperability
Architecture Reference Framework (ARF): To prevent each country from creating an incompatible system, the European Commission has established a set of common technical specifications (ARF) that all e-wallets, including the German one, must follow. 3/4
@richardwonka Pillars of Interoperability
eIDAS Nodes: These are technological infrastructures that act as “bridges” between countries. If a German citizen wishes to access a public service in Spain (such as the Tax Agency), the Spanish eIDAS node communicates with the German one to validate the identity without Spain needing direct access to Germany’s databases. 4/4
@pojntfx Mitigation Measures in Germany and the EU 3/3
Physical media as a backup: Germany maintains the physical ID card with a chip (nPA) as the primary “source of truth.” The wallet is only a digital representation; if the phone fails or is locked, the citizen can always use their physical card and a standard NFC reader to identify themselves. https://ec.europa.eu/commission/presscorner/detail/en/ip_24_3433
https://www.vzbv.de/en/digital-markets-act-apple-and-google-fail-comply-certain-regulations
https://www.reddit.com/r/europrivacy/s/mgTR3gEoAr