Prof. Paul Timmers (KU Leuven) believes that sales are a direct threat to the digital identity of citizens (DigiD)
The Digital Infrastructure Netherlands Foundation (DINL) wants stricter requirements for the government procurement of critical IT infrastructure. In addition, sensitive government data and critical services must be placed with Dutch or European providers. Prof. Paul Timmers, researcher in geopolitics and technology at KU Leuven, also warns against the sale of Solvinity.
DINL, the coalition of ‘non-for-profit organisations’, states this in a position paper in preparation for today’s roundtable discussion in the House of Representatives. Central to that catch-up session is the intended sale of Solvinity to the American Kyndryl and its consequences for DigiD. The House is afraid that the Netherlands will run a great risk if Solvinity, as the supplier of the platform on which DigiD rests, falls into American hands. This is at odds with the pursuit of more digital autonomy in Europe.
Unanimous
DINL previously advocated the transfer of sensitive government data, essential government services and critical physical infrastructure to Dutch or European parties. A parliamentary motion on this subject was passed unanimously.
The interest group is now arguing for tightening the Abro (General Security Requirements for Government Public Procurement). The same applies to the Abdo (General Security Requirements for Defence Assignments). To both procurement frameworks, the requirement must be added that only Dutch and European companies can compete for tenders for critical IT infrastructure.
DINL fears that without targeted investments and policy, Europe risks becoming structurally dependent on non-European digital players. This leads to the risk of geopolitical pressure and loss of economic and social autonomy.
Threat
Prof. Paul Timmers, researcher in geopolitics and technology at KU Leuven, also warns against the sale of Solvinity. Such a takeover poses a direct threat to the digital identity of citizens (DigiD) and thus to the democratic legitimacy of the Dutch state.
If DigID ends up in the hands of an American company that can be pressured by President Trump without an ultimate opportunity to defend itself, it sends the signal that the digital relationship between government and citizen cannot be guaranteed. This harms democracy, because DigiD is the cornerstone of the relationship between citizens and government. A takeover by an American parent company creates a ‘man in the middle’ who does not fall under Dutch democratic control.
In addition, there is an economic risk. Selling our knowledge and capacity in digital identity to a foreign (non-EU) party should be rejected, Timmers believes. Because this means a loss of strategic capacity and goes against the goal of economic and technological autonomy.
Thirdly, there is a risk of legitimacy. According to Timmers, who as director at the European Commission was responsible for cybersecurity, electronic and digital identity, among other things, the reputation of the Netherlands is at stake. ‘With the intended American takeover, the Netherlands will most likely be seen as a less reliable partner for cooperation in Europe.’ Especially now that the European digital wallet is just around the corner, trust and joint knowledge in digital identity technology are essential.
The Solvinity/DigiD file grew in size this week with contributions from NLdigital. Incidentally, the current sovereignty issue may be resolved, because the contract with Solvinity for providing the platform under DigiD expires this year.
