European "age verification" "app" forcing everyone to use Android or iOS (github.com)
344 points by roundabout-host 10 hours ago
skrebbel 10 hours ago
I agree wholeheartedly with the argument raised in this github issue, but I think people are wrong to be skeptical about the concept of a government-issued age verification app.
Thing is, the status quo is absolutely worse. My 13yo son likes making Roblox games. Suddenly, some months ago, Roblox made a change where you’re not allowed to share your games with friends unless you do “age verification”, apparently in some misguided bid to beat the pedos. In Roblox’ case, this means sharing your 3D likeness with some sketchy American business who pinky promises to delete said data after. I don’t want random American tech companies to have my kids’ biometric info like that, able to sell it to whoever asks. Nor my passport or anything like that.
I’d much prefer a government supplied app, that’s guaranteed to protect my privacy, and has no business incentive to sell my data, where I can see what data about me (or my son) is shared with Roblox or whichever sleazy business wants it.
Obviously this only makes sense if the government is less sleazy than the average American tech business, but for all its faults, I think that currently holds for the EU (and most of its member countries). There’s plenty precedent of EU governments doing privacy-conscious apps right (the Dutch covid tracking app comes to mind).
I hope they see reason and fix this here issue.
zh3 3 hours ago
As a purely tactical measure, we use the same older person (me) for age verification for all family members - zero failures so far and it poisons the well.
a2128 2 hours ago
In the case of Roblox they have a horrible system where they estimate your age and only allow you to interact with people of a similar age, meaning if you verified your kid with your face then they'd only be able to interact with adults and not other kids. At least that's the theory. It doesn't take a lot of effort to figure out how a predator could misuse this system to their advantage (which is why I call it horrible)
Reference: https://en.help.roblox.com/hc/en-us/articles/39143693116052-...
creaturemachine 2 hours ago
throw0101d an hour ago
> As a purely tactical measure, we use the same older person (me) for age verification for all family members - zero failures so far and it poisons the well.
Is there a 'break glass' workflow in case you are not available (e.g., health incident)?
em500 9 hours ago
Government issued versus corporate issued age verification is a false dichotomy. There are other options, such as refusing games that require them. (Yes, we do have a teen, and yes we did exactly that with Roblox.)
jstummbillig 9 hours ago
Pretending that those options are equal is a false dichotomy. Not participating is an option up to a point, and then it is increasingly limiting all other options.
skrebbel 5 hours ago
Fwiw we did that with Roblox too, but I hate it because Roblox Studio was a pretty damn fun collaborative gamedev experience.
I mean his classmates argue with their parents about whether they can install TikTok (and most parents lose). Meanwhile I’m denying my son the right to make a game together with a friend. It’s so creative and so educative and I’m saying no to it. It sucks and I hate Roblox for making something so cool and then taking it away for such stupid reasons.
I’d happily pay a license fee or sth. But I’m not gonna let them scan my son’s face.
Pfhortune 2 hours ago
wonderwonder 3 hours ago
Thats obviously fine to do but it is very much going to have consequences for some kids. My kids spend hours a week playing roblox with their IRL friends. 10 - 15 kids on a group call on speaker phone all logged into the same code laughing and yelling for a couple hours a night. If I was to suddenly tell them that they can't play those games with their friends it would have very real effects on their social life. My kids spend a ton of time outside with friends but to ignore that they also spend time gaming with them is not an option.
capitainenemo 2 hours ago
joe_mamba 9 hours ago
>There are other options, such as refusing games that require them.
How about the option of the state not being so tyrannical in meddling about what people anonymously do online in their free time?
zeta0134 8 hours ago
sva_ 2 hours ago
I guess that is one way to manufacture consent.
vrganj an hour ago
As another European, I agree with GP.
I don't fully trust my government. But I definitely trust it more than any American tech company.
I can also vote out my government. I can't do that for Big Tech.
Ajedi32 an hour ago
pluralmonad an hour ago
skybrian 24 minutes ago
joe_mamba an hour ago
Eduard an hour ago
clickety_clack an hour ago
I hear you on the overall privacy issues related to age verification with US Corps. My concern with government registries of personal information is related to things like:
- Netherlands, WWII: The Dutch civil registry meticulously recorded religion. It’s a major reason ~75% of Dutch Jews were killed, the highest rate in occupied Western Europe (vs ~25% in France, where records were poorer).
- US, Japanese internment: The Census Bureau provided block-level data on Japanese Americans in 1942 despite confidentiality guarantees; 2007 research showed individual names and addresses were shared too.
- Rwanda, 1994: Belgian colonial administrators had put ethnicity (Hutu/Tutsi) on national ID cards in the 1930s. Sixty years later those cards were the primary tool at genocide checkpoints.
There’s loads more. Europe may be safe now so it feels safe to give government this information. However, as shown in all the instances above, the information was collected for one reason and used for a wholly different reason when times changed.
Who knows what kinds of ethnicities, beliefs, behaviors or personal histories will be the focus of future regimes? It could be Roblox users, HN commenters, people who religiously repost x.com links as xcancel.com ones, anything. Whatever it is, they will have access to all the data on any system we allow them to record. This isn’t even a totally made up hypothetical from far away places, multiple governments in Europe were doing this kind of thing just decades ago. Historically speaking, we are all currently living in an unusually peaceful era, that will likely be temporary for many of us.
choo-t 9 hours ago
You can (and should) be mad at the government and at Roblox at the same time.
Also, don't use Roblox, you can freely share games made with PICO-8, Löve, Godot, Rpgmaker, Game maker and the like, no need to go to the hell scape that is Roblox and its dark patern and locked down ecosystem.
skrebbel 5 hours ago
My kid does Godot and TIC-80 (a bit like PICO-8 but more forgiving) as well. Those are great but they don’t beat Roblox on distribution nor multiplayer by a long shot.
I agree that Roblox is a hellscape when you want to make serious games, eg make money from it or sth, but if you just want to mess around making a “supermarket horror tower defense” game full of in-jokes and then have all five of your friends join it, and It Just Works, sorry but nothing comes close to Roblox.
Until they required age verification for that ofc.
Also, just don't ever buy any Robux and kids will auto steer away from the shitty games that need it. That filters out 95% of the badness of Roblox right out the gate.
choo-t 2 hours ago
pibaker 9 hours ago
None of the engines you mentioned are nearly as approachable as roblox when it comes to making a 3D game with little programming or art skills.
Don't get me wrong. I agree roblox is a very shady operation, but that does not erase the fact that their platform is unmatched when it comes to letting kids make games.
amelius 8 hours ago
choo-t 9 hours ago
inigyou 3 hours ago
When I was a kid I loved this obscure multiplayer game engine called BYOND. In fact it's so obscure that even mentioning it provides several bits of fingerprinting. It technically still exists today, but it's been on life support for 15 years. We should make something like that again.
Besides the game engine, it provided central identity (optional - you could allow players to sign in as Guest), a website to browse games and servers, a forum to discuss games and programming, and an IDE with a built-in sprite editor (it was 2D), map editor and object browser.
monksy 34 minutes ago
It's isreali as well: https://www.404media.co/id-verification-service-for-tiktok-u...
photios an hour ago
> Roblox made a change where you’re not allowed to share your games with friends unless you do “age verification”
My son had a similar "making games" interests and I just showed him the Godot engine. Roblox bosses are doing you a favor. Act now :D
sajithdilshan 2 hours ago
What you’re proposing works only if the government is always trustworthy and abiding by the rules. But there has been cases that ICE agents in US was able to track down people from their social media posts and in the past Nazis used the address registration lists to track down Jews for deportation to concentration camps.
We don’t know what EU would become in 5 to 10 years in the future, and I would rather not have any identification information about me or family being stored by a government body or any other party that can track/link me or my family members
wsng an hour ago
They have this information anyway if you have an EU passport or an identity card. The government app allows you to share selected properties of these documents with third parties.
pjc50 9 hours ago
> a government supplied app, that’s guaranteed to protect my privacy
This is a bit of a 64,000 euro question, though. Look very closely at what the government exemptions for GDPR are.
mnky9800n 9 hours ago
What are they?
pjc50 9 hours ago
SoftTalker 3 hours ago
We have had the need to prove age for hundreds of years. To buy alcohol. To drive a car. To vote. We depend on government-issued documents to do this. Not sure why anyone would really expect this to change just because it's online now.
saltwatercowboy 3 hours ago
Very obviously because privacy advocates are concerned by the effects of mass deanonymization. I find it doubtful that you don't grasp that.
athrowaway3z 2 hours ago
SoftTalker an hour ago
intended 2 hours ago
wat10000 3 minutes ago
Maybe hundred of years, singular. And reading/watching stuff in our own homes has never required any proof of age.
leonvoss an hour ago
Hundreds? 200 years ago most people did not even have birth certificates. I can think of multiple famous examples of people who lived in Europe 500 to 800 years ago where we don't know their real age. In existing countries with poor state capacity, a lot of people don't have legitimate birth certificates and there is some evidence that they make up their age to some degree. For example on surveys in such countries there are too many people reporting round number ages. My experience in such countries is that you can find very young looking males riding motorcycles late at night around the city and anybody can buy alcohol. That's how it was in the United States "hundreds" of years ago. Please read a book.
elevation 2 hours ago
Older systems were imperfect and were understood to be. I've meet veterans who joined the Navy at 14 or 16. I've met many College students who can pass as old enough to buy alcohol, especially with a fake id. Dead people are sometimes registered to vote. We know this and have systems to try to catch these exceptions.
But cellphone access is different; it's assumed to be perfect, but it's increasingly being moderated by machine learning heuristics that serve as judge, jury, and executioner, severing your services if a couple of your actions trigger a fuzzy approximation to some of the training data.
AI moderation helps suppress spammers, but it's also punishing false positives, and there is just no recourse. Any ID system that piggybacks on "Apple | Google" is effectively shunning some non trivial portion of society. Governments of the people need to provision their own tech systems that are accessible to all citizens, even those who have run afoul of an AI moderation system.
elevation 2 hours ago
generalizations an hour ago
> a government supplied app, that’s guaranteed to protect my privacy
[citation needed]
mindslight an hour ago
It doesn't have to be an either or dichotomy. For example, you could pass laws that make it illegal for an online game to demand age verification, identification, biometrics, etc. The main reason for any of this are some corporate attorneys justifying their own salaries based on "what if" and scaremongering. Regardless of how much personal information they succeed at demanding at this stage, or how [in]effective it is at addressing their claimed problems, they will be back again pushing for even more until they're actually told a hard "no".
lifestyleguru an hour ago
> this means sharing your 3D likeness with some sketchy American business who pinky promises to delete said data after. I don’t want random American tech companies to have my kids’ biometric info like that, able to sell it to whoever asks. Nor my passport or anything like that.
Actually the market leader app for scanning faces and documents is an Israeli company. They encourage to use mobile for scanning, for your convenience. They promise they delete the data. Yeah, if they're lying you can sue them in Israel.
knorker 10 hours ago
Funny you use Netherlands as a good example, considering that famously, their existing unusually thorough registry was super helpful for the Nazis rounding up jews later.
I don't think it's Godwin's Law when you are so spot on, exactly describing the worst case.
trashb 9 hours ago
Additionally there was a leak of the personal information of covid patients, the official tracking app was not affected as far as I can tell.
However even if the app is secure the storage and handling of the information is a different matter and it has been shown that care is not always taken.
tikkabhuna 9 hours ago
Why would an age verification app need to know your ethnicity/religion?
Governments likely already know your name, age, place of birth, so having an app with a standard API for verifying users isn't giving the government additional data.
snottynose 9 hours ago
lstodd 9 hours ago
snottynose 9 hours ago
Not necessary to hearken back so far in history. In our present age the intelligence services consistently do not respect privacy rights of citizens, even when they are legally bound to.
https://www-bitsoffreedom-nl.translate.goog/2026/07/06/aivd-...
knorker 4 hours ago
skrebbel 5 hours ago
I don’t follow. The Dutch tax office has substantially more complete records right now. Even if they don’t track race or religion as explicitly as they did in the 40s, your hypothetical invading Nazis can run some local AI over people’s last names and get close enough.
How is, of all things, an age verification app going to make that worse?
I mean I understand your argument in principle but it seems you’re arguing against ~every present-day functional government and not against an age verification app.
knorker 4 hours ago
casey2 2 hours ago
Then get your kid off Roblox. I promise you that Roblox exploits more children in a single day than all sex offenders put together do in a year.
Why is pedophilia such a problem on Roblox? It's because they heavily advertise towards children and one of the fastest ways for children to make money is asking their parents, then next is prostitution. Roblox is uniquely bad because they heavily advertise both products and the "self-made entrepreneur" image to children.
Putting the blame on nebulous "predators" when the system itself is clearly to blame is the very tacit Roblox relies on. Look at vehicular manslaughter are drunk and distracted drivers solely to blame for deaths? Clearly not since there are just as many drunks and phones in Europe as in the US. When the system creates more predators than exist otherwise then you know it needs to change.
If your son likes making games keep him on Godot. Your job as a parent is to find or build a good distribution system. you can see if he is generally interested or if he was pressured by an exploitative system grooming him into pumping out slop for the trough. Age verification is going to make the platform more exploitative in the business sense. Both in that it legitimizes bad practices and lets Roblox target their exploitative practices more effectively.
roundabout-host 9 hours ago
The "app" could be a good solution, if it didn't require attested Android or iOS. It could, for example, have me plug my ID chip into my GNU/Linux system and expose it with a standard protocol. That would be no problem. The problem is that they do not want such a way.
In any case, I think that age gating would not be needed if the platforms were regulated to remove addictive recommendation algorithms.
alistairSH 3 hours ago
ID chip? Is that something everybody in the EU (or whatever region) has? Is it just embedded in your driver license or passport?
[I'm in the US, we're very ID-averse here, weird, but is what it is]
arrrg 2 hours ago
Fargren an hour ago
yorwba 6 hours ago
Using an ID card reader is already possible. See here for a list of Linux repos supporting German IDs: https://www.ausweisapp.bund.de/en/open-source Finding a working hardware/software combination for your ID card is up to you.
The app is an alternative for people who don't want to buy or carry around a card reader, but who already have a smartphone.
roundabout-host 6 hours ago
blop 10 hours ago
This is the elephant in the room regarding the big "digital sovereignty" talks in the EU. For the moment in the EU institutions the focus is mostly at the post-acceptance stage that everything must eventually migrate off US clouds. There is still some denial and hope that things will go back to "before" because it's going to be extremely costly to migrate, but at least high level EU civil servants start to see the strategic value of moving out.
However there is ZERO talk about mobile platforms... No alternative solution like linux for the desktop, no money or care given to the few alternative that tentatively exist, and zero talk about forcing companies (at least for the ones shipping android phones) to open up their firmwares and allow users to install alternative OS if they want to sell in the EU.
So whilst the backend guys more or less got the memo about sovereignty, I think there is still a lot of educational work to do regarding end user devices and what kind of digital slavery hole we're digging ourselves in...
omnimus 8 hours ago
This is not entirely true. I don't have much details but I know people who started to work on two separate free software projects aiming to make supported mobile OS. These projects couldn't get funding before but they do now. Afaik it's still a battle with AI companies lobbying that soverign AI is much more important than mobile OS but there is some growing interest. Imho i don't even think some linux based alternative to Android would be that hard to pull off but it's the hw companies that will be skeptical to build hw for such OS. I would have to be some govs puahing it as secure gov devices first.
mghackerlady an hour ago
They could try and put money into funding Jolla/sailfish/whatever
mytailorisrich 9 hours ago
Because this is all a political move. This so-called "EU sovereignty" drive is in fact aimed at further reducing sovereignty of the member states via further transfer of power and control to the EU.
These digital ID wallets do exactly that. Member states lose control of the ID infrastructure, which will now be controlled by the EU. There isn't much sovereignty left at national level...
reloadtak 2 hours ago
Each member state has to implement the system themselves. Where is the loss of control?
joe_mamba 9 hours ago
This is totally not the EU version of China's social credit score system and WeChat SSO system.
It will totally not be used to sanction you the moment you become a nuisance to the EU elites by saying "wrong speech" that goes against their mandated doctrine or pointing out their acts of corruption or dismantling of democracy.
The EU building in Brussels even has the word "DEMOCRACY" plastered on the front in large bold letters[1], in case you forgot.
[1] https://audiovisual.ec.europa.eu/en/media/photo/P-069521
cbg0 10 hours ago
Isn't AOSP a thing?
jchw 9 hours ago
This app requires Google Play. AOSP alone won't cut it.
roundabout-host 9 hours ago
notabotiswear 10 hours ago
Writings on the wall can’t be clearer on AOSP’s future…
snottynose 9 hours ago
spwa4 10 hours ago
You mean giving China control over it?
(because you still need the hardware made, and it's not like the EU commission is even prepared to fix BSPs for that hardware)
The EU has endlessly sold critical infrastructure to US, India and China while actively sabotaging efforts to rebuild it and now want it back - for free. This is criticized as having a low chance of success, as well as being a pretty unreasonable demand.
inigyou 2 hours ago
gobip 10 hours ago
Don't fall for the trap. The question isn't how we should technically force age verification on anybody. The question is why they're pushing it onto everyone. I did not consent to this, neither did you.
jck86 9 hours ago
But it is needed to protect the children. The politicians say so, so it has to be true. Being against this is very dangerous to our children and democracy. There is no alternative.
Seriously, there is something tremendously wrong with governance when politicians keep changing the whole world around us, without us having any say in it at all. The threat this measure poses to the internet and society is significant, yet it is being pushed through without any substantial debate or push back. This just is not how decent and actual democracies should function. What messed up timeline is this?
inigyou 2 hours ago
Maybe we should protect the children and then they couldn't use the excuse
leonvoss an hour ago
anal_reactor 9 hours ago
> Seriously, there is something tremendously wrong with governance when politicians keep changing the whole world around us, without us having any say in it at all.
That's where you're wrong. Most people actually do agree with age verification. Just because a decision is stupid it doesn't mean it's undemocratic. Trump was elected democratically, twice. Brexit passed through a referendum.
jck86 3 hours ago
roundabout-host 7 hours ago
spwa4 7 hours ago
roundabout-host 9 hours ago
Children die from wrongly-prepared food, thus we should only allow people to eat at McDonald's from now on! /s
leonvoss an hour ago
toasty228 3 hours ago
> The question is why they're pushing it onto everyone. I did not consent to this, neither did you.
The representatives elected by Europeans did though: 483 votes in favor, 92 against
afandian 2 hours ago
I doubt those representatives gathered a sufficient mandate from their public given the huge consequence.
I’m no conspiracy theorist, but it does seem that there’s an international influence outweighing democracy.
Cui bono?
pluralmonad 43 minutes ago
I know this sounds bad, but when has consent mattered before? I agree with you wholeheartedly, but consent is simply not something these power structures value.
afandian 2 hours ago
There’s a huge amount of stuff that the EU does that no one consented to, or had a realistic democratic avenue to influence.
I’m in the UK and very anti Brexit. But were we still in, I would have no idea how to influence what happens behind those closed doors at the European Commision.
Granted the current UK Labour/ Conservative pact on these issues show they’re completely out of control. But I still theoretically know how I could influence policy.
ilumanty 10 hours ago
Yes, I said it before and I will say it again: We should invest our energy in the discussion whether to implement it and not already wonder how to implement it.
Shifting this question benefits only those who want to force this upon us.
toasty228 3 hours ago
And what do "they" want? It's not like they don't already know your age, name, ID number or your browsing history
ilumanty an hour ago
tikkabhuna 9 hours ago
Doesn't the "how to implement" determine whether to implement it? A poor implementation shouldn't be done, but a good implementation could make it simpler for companies to verify the ages of users, limit information passed to companies, offer a quality of life improvement for users.
lstodd 9 hours ago
singingtoday 11 minutes ago
I would never do this verification with my real face, and neither should anybody else. Kids get around this using video game character creators. You can too.
As a netizen it's your duty to avoid, oppose, and circumvent anything that forces you to use your real identity.
HelloUsername 9 hours ago
Related:
"EU age verification app to ban any Android system not licensed by Google" 27-jul-2025 https://www.reddit.com/r/BuyFromEU/comments/1mah79o/eu_age_v...
and
"EU age verification app not planning desktop support" 24-sep-2025 https://news.ycombinator.com/item?id=45359074
spaqin 10 hours ago
Funny how the worry of "digital exclusion" of the elders who would never be able to use a smartphone has been thrown out of the window in recent years.
mghackerlady an hour ago
And the youths who just... don't like smartphones. We exist
trashb 9 hours ago
Don't worry the focus is on the youth with this legislation. I have the suspicion it's about indoctrination of surveillance as normal.
Additionally the amount of elderly that don't have or can't use a phone or don't have anyone that can help them with it will decrease rapidly anyway. In my experience it's mostly the same generation as the people that remember WWII.
roundabout-host 9 hours ago
They probably think that they do not use "social media" either, so it does not affect them. But elders are not the only category. In any case, it is fundamentally wrong to be forced to use a specific platform, American or European, mobile or desktop, for Internet service access.
perching_aix 7 hours ago
I don't think this is relevant for them by definition, so that's an odd point to raise. It's hard to be encumbered by having to manage a digital identity, when you don't do anything digitally in the first place.
shevy-java 10 hours ago
That's because they are lying to the people here. Just look at the "we must protect the children" lobbyists. It has never been about the children in the first place, that is just the convenient lie to force an authoritarian system in place.
roundabout-host 10 hours ago
Regardless of whether you personally use Android or iOS, I think that we can all agree that it is not right to be forced to use a specific platform in order to access almost any Internet services.
perching_aix 9 hours ago
A certified Real Opinion (tm). The only thing missing is the checkmark.
Aaargh20318 10 hours ago
This is only an issue if it's the only way of verifying your age. If it's still accessible to everyone and this makes it significantly easier for 99.9999999% of people then why not?
choo-t 9 hours ago
Easier than… not using age verification ?
It's not like it's a feature for you the end user, it doesn't solve any of your problems, on the contrary, it creates new ones.
Aaargh20318 9 hours ago
roundabout-host 9 hours ago
Well, the plan is for it to be the only one. And even if it isn't, what's the alternative? Persona again? No thanks. They could have helped and made an alternative version of this system which used the ID chip plugged into a desktop PC, but they intentionally won't do so.
kubo6472 10 hours ago
Yeah, I am leaning towards never to use anything that is forced to implement any kind of age verification.
dheera 3 hours ago
You won't be able to see a doctor when you're sick.
You won't be able to open a bank account to receive your salary.
You won't be able to buy train or plane tickets.
My point is I am most worried that these kind of "digital verification" type things most impact actual necessities. The social media I couldn't care less about. "I just won't use it" isn't really a solution.
toasty228 3 hours ago
You already can't do any of these things without some kind of governmental issued ID which already has your birthdate on it.
idk why people are so scared of it, do you really believe they don't know what you do on your personal internet connection linked to your name and payment data ?
Like yeah sure if you pay everything in cash and never use internet OK that's a big problem, but for the average HN shitposter who's already terminally online it really doesn't change much
rcbdev an hour ago
fsflover 2 hours ago
shevy-java 10 hours ago
Well, they could change the laws to force people into slavery here, e. g. by forcing them to use US corporations ("if you do not have an app from Google store, you are excluded from society"). In that case they see age sniffing as ultimate tool of spying on everyone, so this is probably the real goal. What we all can see is that this has never been about children - they are just abused as the red hering here.
trashb 9 hours ago
> "if you do not have an app from Google store, you are excluded from society"
It would be a difficult choice but would it really be so bad to be excluded from such a society? Don't a lot of people from silicon valley dream to be farmers in the wildlands?
snottynose 9 hours ago
butz 2 hours ago
Your app should've been a website.
sschueller 10 hours ago
Two platforms that are not owned by companies in the EU. Effectively handing the keys to your state ID to private foreign enterprise.
What will you do when Apple/Google or the US Government effective immediately delete/block your app? The impact initially may be small but after a few years if widely used, you can break a country.
Scaled 10 hours ago
Another juicy threat vector is forcing the app stores to stealthily ship a modified version of the app that sends copies of the IDs and/or tracking data to US intelligence services.
(Reminder: we know Persona's verification software already shares verification data with the federal government. It's a leap to modifying other apps, but within the realm of possibility of US government power. There is absolutely desire from them to gather blackmail material on politically important people, and age verification systems connected to adult sites/apps are a great way to do it)
roundabout-host 9 hours ago
This is a problem, but not the only one. The biggest one is that the phones in question are locked and deny user freedom. I would not be content with an European "alternative", but which is as locked as iOS.
amelius 10 hours ago
Isn't there a niche platform that can sue the hell out of the EU here?
fsflover 4 hours ago
Perhaps https://fsfe.org or https://edri.org can do that.
Erikun 9 hours ago
Im confused, the github discussion says that the README says
App and device verification based on Google Play Integrity API and Apple App Attestation
But I can't find that anywhere. Am I missing something?
trashb 9 hours ago
From what I can gather from the linked discussion it was started as a pull request or a issue and was transferred to a discussion later. Perhaps some data was lost there? If you expand the comments fully there is also mention of a nuked merge request, I assume it was related to this text.
Edit it was not visible from the discussion link but it is visible from the issue link below. Also it seems to be transferred over from a totally different repo?
https://github.com/eu-digital-identity-wallet/av-doc-technic...
roundabout-host 9 hours ago
It used to say that, it was removed as a PR measure, while in practice the national implementations (as you do not use this app, but a national one) require it, because the specification only mandates Android/iOS versions to be provided (it allows others, but no government will do so), and it does not mandate them not to have "attestation".
perching_aix 9 hours ago
> Am I missing something?
Yes, that this post is propaganda.
ozlikethewizard 8 hours ago
This is even more than just android, I'm sure there are plenty of us using AOSP forks that do not have google services installed. I think the EU will overturn this with enough noise though. Hopefully the UK doesn't do the same, I've avoided having to root my phone so far and would like to keep it that way if possible.
g-b-r 10 hours ago
It should be stressed that Play Integrity also requires having a Google account and logging in to it on the phone.
sebastianconcpt 9 hours ago
The issue is not the issue, the issue is what their "solution" enables for expanding the surface that governments have for controlling details of how you live your life in the future once accepted.
trallnag 2 hours ago
The EU skipped "having kids" and jumped directly to "protecting kids"
nullbio 41 minutes ago
Fuck the globalists.
perching_aix 10 hours ago
I guess it's that time of the week again. Do we have a sockpuppet account to welcome in you by any chance?
The (actual) complaint of the thread appears to be resolved already (which would make sense given this is old news):
> In the README, the following is listed:
>> App and device verification based on Google Play Integrity API and Apple App Attestation
The README.md does not appear to feature such a section (nor any of the other files for that matter).
Separately, the title is editorializing, and falsely suggests there's some big bad EU app, even though the app that does exist is merely a reference implementation, not for end user usage. There's a reason the repository you're linking a discussion thread from only holds specs.
Edit:
> the specification does not prohibit it
My account has been rate-limited, so I'm not able to reply directly. Nevertheless, I'm sure you can appreciate that your title is still quite the lie then. "Not prohibiting it" is very different from "forcing", after all.
roundabout-host 9 hours ago
In the thread you will find many examples of national implementations which do require attestation. It was removed from the README as a PR measure, but in practice the specification does not prohibit it, so national implementations will still use it.
iLoveOncall 10 hours ago
I agree with the sentiment but is there even any phone that doesn't run Android (or derivatives) or iOS and that can install modern "apps"?
sebtron 10 hours ago
Why does it have to be a phone? Some people still use tablets, laptops and, believe it or not, desktop PCs.
xienze 9 hours ago
Smartphones are much more ubiquitous than any of those devices. Across all demographics.
marginalia_nu 9 hours ago
iLoveOncall 9 hours ago
Tablets would be compatible, and there's absolutely no indication that there won't be a separate system for computers.
It's actually disingenuous to think there won't be. This is a repository for a mobile app only.
roundabout-host 9 hours ago
_factor 10 hours ago
This will ensure there never is.
lexlambda 10 hours ago
You must realize, age verification is for more then just Googles Android apps.
Such a strong new legal framework must consider consumer hardware actually in use:
- Android variations Like GrapheneOS, Huawei's HarmonyOS, older phones running custom ROMs - Linux phones, which are sold in the EU and by EU companies
- Desktop operating systems
All of them can run Web Apps, and thus need age verification
pluralmonad 15 minutes ago
Well, none of them _need_ age verification.
zzril 9 hours ago
My PinePhone runs postmarketOS and can technically run every modern Linux desktop "app".
asadotzler 42 minutes ago
Windows and Mac have billions of users.
mrsssnake 3 hours ago
Even on the Android or iOS phone the EU app won't run if the device owner made even a tiniest change of the operating system without Google or Apple approval.
The EU developed system excludes the 1% of people for which the popular mobile solutions do not work and also make the rest 99% totally dependent on the selected corporations.
roundabout-host 8 hours ago
Android derivatives are not considered enough, because they will not be Google-attested, so the app will refuse them.
hahahaa 10 hours ago
Run linux?
roundabout-host 7 hours ago
I don't understand. Even if you run GNU/Linux, when you access a restricted website on it, you will have to scan a QR code with the Android or iOS app. <https://cinema.ageverification.dev> is a demo which shows that.
iLoveOncall 2 hours ago
zombot 7 hours ago
Doesn't that mean that Apple and Google are getting all that data about every single affected user?
roundabout-host 7 hours ago
They are.
g-b-r 9 hours ago
What would this be applied to? Let's check the freshly printed report by the "Special Panel on child safety online and potential age restrictions for social media" (https://commission.europa.eu/document/download/d833504d-5ec3...).
We have a definition at the beginning, for "Social media and other digital services (in short, social media+)":
“Within the scope of this report, the terms ‘social media+’ and ‘social media and other digital services’, are used to broadly define services that may be available to minors and contain age-inappropriate and/or risky features (for example, addictive and harmful features, among which infinite scroll, autoplay, recommendation algorithms and persistent notifications) and/or content. Social media and other digital services providers include online platforms serving as intermediaries of content from third parties, such as social media, as well as app stores. AI systems posing risks to minors’ safety and development, including AI companions, video games exposing children to harmful commercial practices or dangerous contacts, and video-sharing platforms enabling age-inappropriate access to minors are also included.”
So, let's see, services that may contain age-inappropriate and/or risky content, "online platforms serving as intermediaries of content from third parties".
How quickly can you come up with something that wouldn't fall in that definition?
It seems that anything that allows user-contributed content (such as plain old forums) or communication among users would be comprised in it.
And, yes, to be sure we explicitly include app stores (I guess including e.g. F-Droid, and what about software repositories?) and video games with intercommunication features.
What is this definition used for?
Recommendation 1 of chapter 3: “A harmonised EU-wide access restriction to *social media and other digital services*, including AI companions, for children under 13 is necessary.”
This is a report, not law, but it was commissioned by Ursula von der Leyen and “The report is intended to inform future actions to be proposed by the European Commission and EU Member States to reinforce child safety online.”
cynicalsecurity 9 hours ago
Why the hell EU even needs an age verification app? Who's genius idea is this and what for?
christkv 3 hours ago
Step one in the "EU Firewall" and future credit system. Step out of line and get debanked or other things they will come up with to keep you inline.
shevy-java 10 hours ago
What baffles me the most is how the EU commission constantly works in favour of US corporations in the long run. This is really strange. Something does not work in the explanations given by the EU commission. To me it looks like US lobbyists run the EU here.
xienze 9 hours ago
Well, they really, really, really want the end game of tying (real) identity to digital identity. And they want it now, not 10+ years in the future when _theoretically_ there _might_ be some EU-friendly mobile operating system that everyone uses. Right now, Google and Apple are basically the entire smartphone market, so they gotta work with what they've got if they want these plans to come to fruition.
christkv 3 hours ago
Tells us the us is some sort of failed democracy then implements China like access control for the population because they want to ensure they can prosecute you for wrong think in the future. Yeah Im loving this "liberal order" that looks more like good old facism dressed up to look "nice". Even how the passing of chat control was done has ensured I´m voting for any party that will dismantle the EU. EU Parliament is not a democratic of representative institution. Its about as legitimate and democratic as the Duma in Russia.
Beijinger 10 hours ago
I am not a fan of such an "app". But the app is, as far as I understand, for things like Facebook, TikTok etc.
Are there any other Operating Systems than iOS, Android or Android flavors?
WebOS was nice but who is still using this? Symbian? Can you even use Social Media Apps with another phone OS?
uniq7 10 hours ago
> Are there any other Operating Systems than iOS, Android or Android flavors
Yes, there are many more: GNU/Linux, Windows, macOS, *BSD, etc.
This will prevent people who only own a computer and not a modern iOS/Android smartphone from accessing services and platforms.
This also sets a very strong anti-competition pressure. Which company will try now to invest on developing a new OS for smartphones if we already know users will not be able to access the most popular services & platforms with it?
anthk 10 hours ago
Well, that would boost up torrent and sites and places like Usenet and IRC with no age verification at all. English speakers can just use overseas servers (or non-UE services such as the ones in Switzerland). And maybe Usenet servers outside the US too.
Spanish speakers in Spain will just register services in Latinamerica sites with a VPN. Despite the dialect differences, non-jargon Spanish it's understood everywhere and once they got their user registered they can switch the country anytime.
Distros like Trisquel will just set their sites and mirrors outside the EU. And, well, if they provide a portable torrent client for Windows among the torrent the law would be utterly broken.
joe_mamba 9 hours ago
hogwasher 9 hours ago
Yes. LineageOS, GrapheneOS, Arch, Sailfish, various other open distros, Windows Phone, and a surprising number of random proprietary options (these are sometimes based on Android, and have some social media apps, but can't run regular Android apps that weren't specifically designed or altered for it) including for modern dumbphones. There are always more over time, too.
There's also old versions of iOS and Android. We don't want to end up in a situation where people are locked into one of only two vendors and can be forced to keep buying the newest model to use an ID app that only supports the most recent software. That'd be even worse for the environment than the current disposable smartphone culture.
Everything to do with the age verification push is corrupt and stupid to begin with. There isn't even a legitimate cause behind all this for forcing ANY app, even if it didn't also force people to buy a specific, expensive, privacy-invading American product.
lexlambda 10 hours ago
as far as I'm aware, Adroid is not the same as the requirement here, which requires specific Google attestation.
There is GrapheneOS, HarmonyOS by Huawei, LineageOS for older phones and many more Android ROMs.
Additionally, Linux phones exist and are already sold in the EU to consumers, not just a prototype.
There's really no justification around limiting the OS selection.
There is also Linux, Windows, MacOS and many more operatint system not limited to phones.
mghackerlady an hour ago
SailfishOS, various incompatible blends of AOSP, KaiOS, and the Mocor based OSs run on various UNISOC based dumb phones
sebtron 10 hours ago
> Are there any other Operating Systems than iOS, Android or Android flavors?
Like Windows, MacOS and Linux?
mrsssnake 3 hours ago
Even in a world where Android and iOS have 100% of market share, the law (including indirect but obvious consequences of the law) should not force using them.
ThatMedicIsASpy 10 hours ago
I'm on SailfishOS since a couple of years
troupo 10 hours ago
> Are there any other Operating Systems than iOS, Android or Android flavors?
I remember a gov.uk team presentation. They had a usecase of someone using a PS Vita to access a government assistance program because that was the only device they had access to.
Among 450 million people in the EU there are definitely more OSes than just latest versions of iOS and Android.