Hundreds of millions? That might be exaggerating a bit.

Saw a journalist whining about “dependency on China” because they sell infrastructure for renewables… you can’t make this up

Top irony is watching a journalist whining about how this “makes us dependent on China” because they sell infrastructure for renewables, as if it was not plainly our fault for having failed to, and obstinately continue to refuse investing in it, despite it being an obvious way to go for Europe.

Yeah, it is indeed external influence which somewhat competes with democracy. What’s really bad is the reaching of consensus within the government via mostly trust in designated experts, instead of the voters individually studying the topic.

Ok makes sense, we then have basically indirect influence of the majority via trust in smaller groups of designated specialists.

Ok and they still need majority vote… often, at least? In which case there seem to be a lot of politicians who are just misinformed (if the lobbying has negative consequences), which doesn’t relate to lobbying specifically but their general decision making.

So mostly not a consequence specifically of lobbying, if the majority votes due to actual conviction. Rather of disinformation/laziness, which will affect non-lobby initiated proposals too.

The part with the smaller committees sounds anti-democratic. The later is a different problem (politicians being misinformed/lazy is not specific to lobbying)

So the lobbying is, in each particular instance, of potentially 100+ people (in the case of EU parliament 300 or so +), likely across parties? That seems difficult to organize, at first sight.

But why do individual politicians or groups have the power to get these things through? Is it not subjected to a majority vote or something?

The reality of the situation is more or less clear, but it helps to understand how things are supposed to work. They make their case and then what? does the audience decide on its own? Otherwise it seems difficult to buy the entire… voting majority?

That “ready” is just typical political advertising speech. Could have been worded more carefully, but it’s forgivable. As long as the git repo and website correctly identify it as a demo/prototype, it seems fine to me. E.g. not using the security enclave is totally fine for a demo. It doesn’t affect the general protocol design. There’s a lot of hostility both to these initiatives as well as to the EU (often by different actors, there’s e.g other countries pushing for less privacy respecting mechanisms), so the clever criticism tends towards nitpicking. There’s actually merit in releasing such an ambitious project as open source and so early, which even with the nitpicking and negativity, is a good thing.

What’s the official stage of it? was it already intended to be released? If not it might be less of an issue.

Anyway it’s good that it’s open source. At the very least it encourages public discussion and in this case noticing the flaws.

Why is this specific to games? Seems to apply to any software?

I keep reading about lobbying. I don’t fully understand how it works. Are there requirements for disclosure, approval and public transparency, or is this just something individual politicians or groups can do just like that?

And what about online-only services (which is the majority)? Seems a partial and error prone solution not worth the effort over no verification at all.

And how does that process guarantee that your token identifies only you? It seems that an adult can go to the store at different times and get n tokens, which they can then give to minors.

To your edits, indeed, the server handling is what I was alluding at previously with possible issues, specifically in the verification part. But that’s the good part that there’s an open source project, where these questions can be raised. It seems more complicated, but maybe not impossible to guarantee privacy on a trustless way also there.

As to the use, I imagine that it can be extended to other things such as proving that you’re a human, which is becoming pretty much impossible. It might be the most effective solution for “dead internet”.

The government derives the token from the id, which it created and knows, so there’s no privacy loss there.

Nothing is distributed to third parties, the third party just verifies the token with the government service and gets ok / not ok. It never sees any id data.

In your example, how do you know that the third party is not storing the data when scanning it? And how do you deal with online services?

The issues described in the article are serious, but not fundamental design flaws of the protocol, and it depends on how they’ve presented the app: did they say it can be used already? if it’s just a prototype it’s ok to e.g not store the token/pin in the security enclave yet. And the issues being easily found is facilitated by the project being released as open source, which is good. Not saying that everything is perfect, and there might be actual issues with the protocol, but this isn’t it. It’s in any case better than having to share your id with N third parties.

But now you’re giving your id to third parties. Why do you trust them more than your government, which has that data anyway?

The verification making sense and trust in government are 2 separate problems. Not defending here one or the other, just saying that the mixing up doesn’t help.