Table of Contents
Is the EU’s New Age Verification App Creating a Risky Privacy Problem?
The European Union is building something new. An age verification app. The goal sounds good. Help people prove they’re old enough to visit certain websites. Keep kids safe online. But there’s a big problem that has privacy experts worried.
This app only works on phones Google says are okay. If you use a different kind of Android phone, you’re out of luck.
What’s Really Happening Here
The EU started this project as part of their digital identity work. They wanted to create something each country could customize. Something that would keep user data safe. They even made it open source, which usually means more freedom for users.
But here’s where things get messy. The developers decided to use Google’s Play Integrity system. This system checks if your app is “real” and running on a “real” operating system. Google’s idea of real means your Android has to be licensed by them. Downloaded from their Play Store. And pass their security checks.
So even if you’re using GrapheneOS (which is actually more secure than regular Android), it gets rejected because it doesn’t have Google’s approval. You could even build the app yourself from the source code. But the verification service would still say no because it didn’t come through Google’s official channels.
The Big Problem
Think about this for a minute. The EU keeps talking about reducing dependence on American tech companies. They want to protect user privacy. Then they build a system that basically forces everyone to have a Google account and use Google-approved software just to interact with government services.
People have been complaining about this on the project’s GitHub page. But the development team hasn’t said much in response. Some folks think this isn’t just an oversight. It shows how hard it is for European officials to actually build stuff without relying on Big Tech infrastructure.
There Are Better Ways
It’s not like there aren’t alternatives. Android has its own attestation features that could do the same job without tying everything to Google’s ecosystem. It would take more work to implement, but it’s totally doable.
There’s even a working example. The Dutch identity app Yivi does age verification without any dependency on Google or Apple. It’s available on open source app stores like F-Droid. This proves the EU could build something similar.
Why This Matters More Than You Think
Age verification is just the beginning. These kinds of digital identity systems will probably expand to other government services down the road. If accessing basic civic functions means submitting to Google’s rules, that’s a problem for anyone who values digital freedom.
The EU just passed the Digital Markets Act to break up tech monopolies. But now they’re building critical infrastructure that reinforces those same monopolies. You can’t really claim you want digital independence while requiring citizens to sign Google’s terms of service.
Recent issues with Meta’s content policies and Google’s helpful content update show exactly why having real alternatives to Big Tech platforms matters. The EU had a chance to build one here. But they seem to be missing the opportunity.
What Happens Next
The app is still in development, so there’s time to fix this. But it’ll require EU officials to actually follow through on their promises about digital sovereignty instead of just talking about it.
Right now, users shouldn’t have to choose between their privacy and participating in digital society. Privacy-conscious people who use custom Android systems like GrapheneOS or LineageOS would be locked out of government services. That doesn’t sound like the digital freedom the EU claims to support.
The backlash is growing. Hundreds of people have commented on GitHub and Reddit about this issue. Whether this forces a change remains to be seen. Or if the developers will stick to Google despite the criticism.
This whole situation shows a basic truth. It’s easy to talk about digital independence. It’s much harder to actually build it.