53 comments

[ 2.6 ms ] story [ 56.1 ms ] thread
Finally!

The entire country has been clamouring for this for weeks, and the government has been completely silent about it. A couple of weeks ago, the entire parliament (with only a single party dissenting) voted for a motion to end the contract with Solvinity, but the government extended it anyway, leaving blocking the takeover as the only option, and there wasn't a lot of confidence that the government would do that.

The whole reason for this is that Solvinity host DigiD, the Dutch e-ID system that handles authentication to all government and many other sensitive systems (healthcare). With the US law that the US government should be able to get access to any data held by a US company, regardless of where it's hosted, this system clearly should be kept out of American hands.

Of course there's still plenty of sensitive data in the hands of Microsoft, Amazon and other US companies. No idea when they're going to do something about that.

lets be frank, these are changes caused by the downgrading of the American administration to a subscription services behind a paywall that requires DLC, root based encryption bypasses and a Clippy popup that instead of trying to be helpful is indistinguishable from a mafia racket.
For some of functionality, DigiD itself requires an iOS or Android app (for which you need to enter a contractual agreement with either Apple or Google and they decide whether you are allowed to install and use the app).

I understand that this particular path doesn't allow them to access further sensitive data, but it does give these corporations the power to block any individual for accessing the DigiD app.

You don't need the app for most functionality, but for a few healthcare related tasks, it's the only option, with no fallback.

> With the US law that the US government should be able to get access to any data held by a US company

Er, what law is this, exactly?

Good on the Dutch government for actually doing something.
At the same time they're allowing the tax office to migrate completely from a self hosted solution to office 365 do there's that.

They had to be dragged kicking and screaming into doing this. Several attempts were made to force them to block the takeover. Not sure what caused their latest turnaround.

Solvinity is a pretty terrible company name.
Never heard of 'Kyndryl' before.

https://en.wikipedia.org/wiki/Kyndryl

> Officially formed in late 2021, Kyndryl was created from the spin-off of IBM's infrastructure services

> Kyndryl operated in 63 countries in November 2021

Good for them, but I doubt this will be the last we hear about this especially with the current US government. ASML was only permitted to acquire US company Cymer (the actually valuable EUV light source technology) back in 2013 under a strict technology sharing and export control agreement.

The Netherlands blocking a US acquisition due to technology control concerns is sure to ruffle some feathers in Washington.

>the actually valuable EUV light source technology

ASML brought Cymer in house because it couldn't make the tech they needed and they needed to dump resources and engineers on the project of a supplier to make what they needed actually happen. Cymber could only accomplish 10W EUV lights, while ASML needed 250W sources, so they bought the company to actually execute on what they needed. And there were other sources that ASML could have flipped to.

They literally bought it because it failed to do what they needed. Somehow loads of Americans, in that fun American exceptionalism way, want to rewrite the world where really ASML is just some magical US tech in a trench coat, because everything somehow owes its existence to Americans.

>especially with the current US government

The US government has forced every American company to cease work with any judge or employee of the ICC, all in defence of America's boss Israel. This alone should see every American company ousted from every foreign nation. The idea of giving an American domiciled firm control over domestic infrastructure tech is insane (like, treasonous level), and anyone pushing this needs to be fully investigated. Similarly, the fact that the UK keeps implementing garbage from Palantir is clear evidence that the country is utterly busted and needs a massive civil service overhaul.

This is all quite aside from the various tantrums, grotesque levels of corruption, and openly threatening allies.

I'm sure it will "ruffle some features", but it turns out the US blew its load already. Absolutely no one cares what that idiocracy's cabal of pedos, halfwits and self-dealing criminals throw a tantrum about anymore. At this point the US should be punted from NATO, every base closed, and everyone should just nuke up.

This is a huge detail that further complicates the picture, ASML's lithography technology heavily benefitted from United States DOE research:

> In 1997, ASML began studying a shift to using extreme ultraviolet. Two years later, it joined a consortium, which included Intel and two other U.S. chipmakers, in order to exploit fundamental research conducted by the US Department of Energy. Because the Cooperative Research and Development Agreement (CRADA) it operates under is funded by the US government, licensing must be approved by Congress.

Great news. Would have been devastating to have such an integral part of our society at the whims of not just another nation, but an unstable and downright hostile one.
Unfortunately, they're still heavily dependent on Microsoft products and OS
"US Takeover"
(comment deleted)
The Dutch should be aware that if Netherland has some information-sharing agreements with Five Eyes or Fourteen Eyes, all this data will still be available to the US (and other allies) (hopefully, presumably, with your government acting as the gatekeeper).
It's not only about the data, it's about the risk that the US would basically turn off things like tax collection and doctors' visits in the Netherlands as part of (say) a first strike on Greenland.

Sure, the chance is low. But in the current climate people are nervous and it's best not to risk it. The current government has already embarked on a long-term strategy to bring more of critical software infrastructure back in-country, selling the core identity provider software abroad would go directly against current policy.

It's not about privacy, it's about control.
> if Netherland has some information-sharing agreements with … Fourteen Eyes

Probably a safe assumption, since the Netherlands is a member of the Fourteen Eyes

> (hopefully, presumably, with your government acting as the gatekeeper)

Exactly, that gatekeeper role is what's the difference here. Do you give all data to another country and ask them for pieces back as needed (whenever someone wants to use DigiD, the country can block it), or do you host it yourself and only share the parts that are relevant for this other country's investigations?

If it's such a vital piece of Dutch infrastructure, why is it in private hands at all?
Because very powerful private VCs and investment bankers want to ensure that governments stay impotent when compared to their capital. Welcome to the Western world.
(comment deleted)
How come the Dutch people aren't offering more than the US investors to purchase this company, since this seems to be so close at heart?
This kind of attitude is exactly why American-style capitalism is not wanted. As if money is the only thing that matters? Maybe there aren’t enough Dutch investors with deep enough pockets to match the American offer because the US prints the worlds reserve currency with no fiscal balance whatsoever. American investors are playing with monopoly money propped up by an army to bully anyone who doesn’t take it.
I keep seeing variations of “okay but this will be temporary” or “this is a one off” or “they’ll relent eventually, they have no choice” in response to the EU’s (and to a lesser extent, global) divorce from US tech stacks.

You cannot unring this bell, however, nor can you put the genie back in the bottle, close Pandora’s Box, etc, pick your own metaphor. The US burned through the trust thermocline very suddenly these past few years, snapping the tension that had been brewing over several decades from US hegemony and the abusive diplomacy it created.

Now that the US regime is openly hostile to everyone else and US firms have dropped the pretense of being anything less than a global surveillance state, there’s nothing to go back to. These sorts of rejections and blocks will continue to escalate until a new norm is agreed upon by cooler heads, which I don’t see happening in the current climate.

Make no mistake, power everywhere wants more surveillance capabilities; the EU wants it as much as China or the USA. The difference is that with the leading empire in decline, everyone realizes that owning their own surveillance state is an advantage over outsourcing it to a potential enemy.

Should be simple matter to escalate this up to the President, who will put the squeeze on the Dutch government, and then secure his 10% fee for rescuing the take over deal
The subtitle “Across Europe, there have been increased concerns about the bloc’s reliance on American tech.” is false and really an economic chamber.

The author has no basis for this claim, factually or otherwise .. maybe a small tiny group would love to see this happen, but EU is happy like rest of the world minus China to enjoy the products made by great American software companies.

Are you serious? You did notice that there was even a EU digital sovereignty summit recently?
Two thirds of Europeans want this - https://www.techpolicy.press/almost-two-thirds-of-europeans-...

> The figures were almost universal across all categories: 62 percent of those surveyed across the five European countries said they favored or had considered replacing US data storage and payment services, while 59 percent of respondents said they would back a change from American video-conferencing companies like Zoom.

(Technically only five countries in the EU in this survey, but the five most populous countries, and presumably other countries generally agree)

This is a direct result of Trump being in power. Before his regime, we (The Netherlands) trusted USA 1000%, this takeover would not even have been news.

This stance has shifted completely. And you can thank one guy for it.

As a Dutch citizen, I don't understand why we can't self-host an open source identity solution for 20M users with 30K requests an hour. How hard can it be?
> Vital digital supplier.

They make the login-screen. And now for businesses there are like 5 providers of the login screen (that you HAVE to use in order to use govt websites): you have to choose one and pay like 40EUR/y in order to log in.

Calling a login screen vital is, yes, the truth.

Out-sourcing --and creating a market for-- the login screen is, to me, one of the most bizarre thing I've seen the Dutch govt do in recent years.

From the article:

> Kyndryl said in a statement it was "extremely disappointed" about the decision. "The politicization of this process has overshadowed the clear and important benefits this transaction would have brought to Solvinity's customers and Dutch citizens."

Are these guys so tone-death to the point they even try to gaslight the world? They are trying to take over a nation's ID system. Who in their right mind sees this as anything other than a national security issue?

The concerning thing for the EU should be that this valuable firm had no European capital trying to buy it. The Dutch have protected their sovereignty today while decreasing the incentive for the next entrepreneur to make something on European shores. Probably the best choice but doesn't change the structural problem.
> "The politicization of this process has overshadowed the clear and important benefits this transaction would have brought to Solvinity's customers and Dutch citizens."

That is unbelievably rich. It's politicians job to protect the privacy and interests of its citizens. Must be a strange idea for the US these days.

(comment deleted)
Can someone tell me what actual technical issue do identification providers solve that couldn't be solved with a public key cryptography or even a password and 2FA? The whole sector seems like it was created out of corruption and shortsightedness.