For the non-government/private business however, it is indeed a matter of privacy. France rolled out a while ago the requirement to establish the user's age when accessing porn sites. I refuse to do that.

Logius outsourced the hosting and infrastructure to Solvinity.

American Federal Systems also have European and Indian operators but it gets more restricted depending on what part of the system you're dealing with. Even then, the operators get it wrong.

Many "American" firms are being served by Irish, Bulgarian, and Dutch operators for example. When you get to Fedpod, the restrictions are usually tiered, not all or nothing. It's why US firms got caught with Chinese handling data.

The question isn't should Europe and even America clean it up - it's how much is legitimate national soverignty and how much is going to be straight mercantilism in the Cloud/SaaS sector.

“Huh. Israel hardly got any votes this year.”

I hate it, but what can you do, this is sadly what people here keep voting for.

Some European countries right now have their currency printing and their passport printing outsourced to foreign nations.

These things aren't too unusual.

France is a lot more socialist luckily.

Thank you for raising this issue. We are aware that our current implementation does not yet work on GrapheneOS. This is a temporary situation we plan to resolve before this app goes public.

https://github.com/MinBZK/nl-wallet/issues/34#issuecomment-4...

Until then, I'd recommend every Dutch person (or probably every EU person, since this could also influence other wallets) to upvote/heart the initial request in that issue to show that there is serious demand for this.

To say the least, he made some pretty serious compromises in life. He was a tattoo artist with no shop and effectively homeless when I knew him, if you were curious.

Anyway, sometimes the world moves on without you.

Add to this hard digital sovereignty requirements: continuity of service must be guaranteed for decades. All this requires quite a special setup in which commercial entities are rather tolerated than welcomed, but they may still make more sense than a government agency so constrained by budget process that they cannot hire any decent engineer.

Why did they not mandate national (or at least EU-based) hosting and infra ?

It feels a bit insane in retrospect for such a critical digital service ?

One could say globalists and free marketeers 'embraced' governments.

None of the sharks ultimately ever managed to agree who gets to eat it- because whoever did would upset the balance between the sharks.

But China and America are mega sharks who don't care about balance and want to eat everything or die trying.

Developing new software? Universities! Maintaining/migrating old software? Universities! IT counseling and advise? You won't believe it ... Unive okey i stop here you got the point

Sadly, I don’t know of a way to influence how our government practices IT. Except maybe to work for Logius. And even then there will be the topic of funding.

I do kinda get the China customs system example though, only because if corruption is bad enough that it's a greater concern than opsec, then you're kinda hosed anyways.

The company in question only provides cloud services, and has no access to any data.

> I just don't understand why the government won't consider funding it. It's a public infrastructure service at this point.

It has been 9 years since the last centrist ("purple") government in the Netherlands. 24 years since the last left-wing led government. Nothing more to it.

It's just decades of Neoliberal "outsource government tasks to the free market" policy. There really isn't any other reason; The Dutch government has multiple divisions which are quite good at IT. It could choose to do so at any moment, it just doesn't.

Voters just didn't care. The system worked fairly reliably. So they just kept voting for a very charismatic politician, regardless of the long term consequences.

The very simple economic problem with this is that autarky does not increase aggregate output. Saying "I will do this myself", always requires the qualification "at the expense of what else that I'm not doing?"

The adaption to a reality of a balkanized world for small countries is, like Singapore does successfully, triangulate between large countries, specialize what you're good at, be pragmatic and flexible and strategically neutral which makes big powers compete for you without drawing hostility, rather than trying to become 'sovereign', which makes you poor and a target.

Because they're a government and they are therefore going to fuck it up.

They did, and they moved to block the acquisition of the local company handling it. What's unclear in the article?

The people who pointed out that none of the moving parts of DigiD should have been outsourced were ignored until the tide shifted this year.

I'm honestly surprised the government decided to intervene. The usual method is to keep on believing in the signed piece of paper until the shit hits the fan (like with the Fyra high speed trains) — never mind that the US (where the buyer is from) is not likely to give a toss about those pieces of paper if they need something from our data.

IT sovereignty may not have been a topic during elections, but it should be clear to anyone now that the VVD (political party that has been in most governments in the past decades) is a revolving door. When given a choice, they will always prefer letting the market do it/deregulate. This is not limited to IT. Banks, insurance companies, gas companies (Shell), etc. is where they work before they go into politics and/or work after they leave politics.

You're seeing people wake up to the threat now, with the opposition against Kyndryl and the Nexperia thing.

Somewhat more controversially, I'm also worried about the French government owning large parts of the Dutch defense industry through Thales and Airbus. (And, to a lesser extent, German and Spanish governments.)

Very little of the Dutch defense industry is still Dutch-owned. Only Damen comes to mind.

The public servant benefits in vacations, work hours, health support, plus an above average salary as highly educated technician.

What I find strange is that the Dutch government does have its own datacenters, e.g. ODC-Noord (1), but they're still looking to outsource the hosting even after the current contract ends in 2027.

(1) https://www.odc-noord.nl/

> Currently, DigiD is partially managed by Solvinity, a company owned by a British investor

Britain is neither local nor in the EU

So you have to weigh the risks of outsourcing to the risk of the whole thing becoming very late and very expensive. The risks around outsourcing are something further down the line, the risks of everything becoming expensive and late are something that will give the responsible politician a headache now.

It's always better to be able to blame a supplier for something going wrong if you're a senior leader or politician. For some reason, if it does happen no one has to resign.

There is loads of UK Critical National Infrastructure on AWS, probably Azure too. And the Home Office put up £10 million tender to shut down an old data centre not that long ago without a confirmed replacement - https://www.find-tender.service.gov.uk/Notice/018193-2024

Not big on evidence-based thinking, are you?

IT is hardly something we need to do occasionally, so build up a department that can do it (not just write up huge reports about what it should do and outsource, like Logius) and invest in the people that will work there (retaining them as much as possible). Give a big middle finger to consultants, and listen to the tech experts. Build boring stuff that works instead of a new app every month.

It's not impossible in theory, and cheaper in the long run. It's impossible because asshats who would actually benefit from left and centre politics keep voting right-wing parties in to power.

I don't see why they should bother with who invests in it, when they have the power to do what they just did and block the acquisition.

If the private company is granted a defacto monopoly, it doesn’t matter that they’re a “private” company, they will have the same incentive and accountability problem.

What we know for certain though: Government taking over something is definitionally a monopoly and 99.99% of government employees are not subject to the accountability mechanism of elections.

Historically, the largest boondoggles of waste have always come from government, given they can legally hold a gun to your head and take 50% of everyones money to fund their “projects.” Private companies can’t take your money by force, unless being given those contracts by government. So again, the the incentive issue fundamentally arises from an entity being entitled to gather assets using violence rather than voluntary exchange.

Post and trains already had to be privatised since them being government owned was deemed anti competitive by EU standards