The news item says the Dutch government will only allow a European company to operate the DigiD platform, the login system citizens use to access taxes, health services, and other government functions. DigiD itself is not being handed to a private firm. Logius, a government entity, owns and runs the system. The outsourced piece is hosting and infrastructure, and the immediate trigger was a planned U.S. acquisition of Solvinity, the supplier involved in that layer.
What people locked onto was not the narrow procurement move but the bigger reversal behind it. For years, Dutch governments were described as reflexively outsourcing core public tech, trusting tenders, contracts, and market incentives to handle the risk. The consensus here is that this worked politically because delays and overruns are easier to pin on vendors than on ministers, even though outsourcing often costs more and leaves the state with less technical judgment. Several commenters stressed that DigiD is critical infrastructure already. Treating it like ordinary IT purchasing now looks reckless, especially when the owner could fall under U.S. jurisdiction.
The conversation broadened into European
digital sovereignty. The mood was that the Netherlands is finally reacting to a world where American control over key systems no longer feels benign by default. That did not produce a clean nationalist line. Some people pushed for full in-house operation and stronger domestic capacity. Others argued that small countries cannot realistically localize every layer and should focus on owning the sensitive
control plane, regulating suppliers hard, and building the expertise to evaluate risk instead of pretending total self-sufficiency is possible. A smaller but persistent privacy camp rejected digital ID on principle, saying convenience is not worth creating a more centralized and easily revocable identity layer.