The entire country has been clamouring for this for weeks, and the government has been completely silent about it. A couple of weeks ago, the entire parliament (with only a single party dissenting) voted for a motion to end the contract with Solvinity, but the government extended it anyway, leaving blocking the takeover as the only option, and there wasn't a lot of confidence that the government would do that.
The whole reason for this is that Solvinity host DigiD, the Dutch e-ID system that handles authentication to all government and many other sensitive systems (healthcare). With the US law that the US government should be able to get access to any data held by a US company, regardless of where it's hosted, this system clearly should be kept out of American hands.
Of course there's still plenty of sensitive data in the hands of Microsoft, Amazon and other US companies. No idea when they're going to do something about that.
jorvi 56 minutes ago [-]
It is a bit more complex tham that.
Logius is the company that actually owns and manages the DigiD stack, it's just that they hired Solvinity for their expertise. AFAIK Solvinity can't access the data.
I can't find it right now, but on Tweakers there was a long comment by someone on the inside that explained Logius basically had almost no know-how of how the current stack works, and there's lots of bespoke stuff. Basically classic vendor lock-in. The government (rather, Logius) now really wants to transition away from Solvinity, but that will likely be a 5+ year process.
I also feel like this is another thing that the "fast ring" of the EU should do together. Take Estonia's stack as a base, and then countries like Sweden, Denmark, Finland, The Netherlands adopt it and co- develop it. Make it extensible for the bespoke things the countries need, and every few years check which bespoke extensions can actually be generalized and modularized. Would lead to a much better product. A man can dream :)
mcv 23 minutes ago [-]
How can you be sure that Solvinity can't access the data if Logius doesn't know how the current stack works? 5+ years to migrate sounds really bad.
NoahZuniga 33 minutes ago [-]
Logius is actually not a company but a part of the dutch (national) goverment.
shiandow 24 minutes ago [-]
In that case we can indeed safely assume they have no technical knowledge.
tcp_handshaker 50 minutes ago [-]
>> Finally!
You are behind the curve. You read here first. Lets revisit this comment in 2 years...
This will be overturned by both Dutch and European courts after the company appeals, and specially after Mark Rutte Daddy calls. The only purpose of this action is for the Dutch government to save face, and its for internal consumption. They already have the internal legal advice stating this, hidden away in some closet. But then they will say: You see, we wanted to do it but a court blocked us.
>>Of course there's still plenty of sensitive data in the hands of Microsoft, Amazon and other US companies.
The WHOLE Dutch diplomatic and broader civil service, including the Ministry of Foreign Affairs, runs extensively on Microsoft infrastructure for its daily operations, cloud services, and email. And they leak....
This will also be the core legal argument by the appealing company. They will argue that the decision was politicized, insufficiently reasoned, or disproportionate because binding technical/legal safeguards would have solved the risks...
And they will use as example, the diplomatic service extensive use of Microsoft :-)
So is nothing more than another Polder hypocritical take, by the Dutch government.
mcv 20 minutes ago [-]
> This will also be the core legal argument by the appealing company. They will argue that the decision was politicized, insufficiently reasoned, or disproportionate because binding technical/legal safeguards would have solved the risks... And they will use as example, the diplomatic service extensive use of Microsoft
How would that argument support a sale to the US? It sounds like the perfect argument against it. Those technical/legal safeguards clearly didn't work for Microsoft either.
tcp_handshaker 16 minutes ago [-]
You are using logic to argue for the best and most correct outcome, I am using logic, to state how and why, this will play the way it will...
j_maffe 39 minutes ago [-]
> Mark Rutte Daddy calls
Mark Rutte, the chief of NATO and ex-PM, that has nothing to do with civilian tech?
Can we please leave unfounded conspiracy theories to Reddit?
hvb2 31 minutes ago [-]
Does that sound outlandish to you? It doesn't to me...
It's probably something he would use as 'change' to resolve something unrelated with NATO. Then he can sell how well he's keeping NATO together
tcp_handshaker 34 minutes ago [-]
[1]- NATO Secretary General responsibilities:
"...Above and beyond the role of chair, the Secretary General has the authority to propose items for discussion and use their good offices in case of disputes between member states....
...In order to facilitate this process, the Secretary General maintains direct contact with Heads of State and Government, and Foreign and Defence Ministers in NATO and partner countries...."
And Mark Rutte has been shaping the domestic fiscal debate inside the Netherlands [2]: "...Mark Rutte said the Netherlands must significantly boost defence spending and pointed to Dutch spending on pensions, healthcare and social security, saying only a small fraction of those allocations would strengthen defence..."
Their sentiment is that Trump intervenes by whining to Mark Rutte, who seems to be the only European Trump is actually willing to listen to, at the expense of course of giving up all his dignity in calling Trump, literally, Daddy [1].
And I would not put it past Trump to do that... I mean, that's what he already did regarding Tiktok.
With Trump nothing is impossible any more, especially if he or someone in his circle stands to make or lose money. And that's the greatest danger in the US turning into a full blown banana republic.
> A couple of weeks ago, the entire parliament (with only a single party dissenting) voted for a motion to end the contract with Solvinity, but the government extended it anyway, leaving blocking the takeover as the only option,
Given what we know now, this seems perfectly logical. It's just that we don't know what else is going on behind the scenes.
I'm sure there was some negotiations on how to keep the data separate or something, with the threat of blocking it altogether as a final solution.
But agreed, this is a good outcome
monegator 1 hours ago [-]
> I'm sure there was some negotiations
which i'm sure the current administration would honour
There should be grave consequences alone for the fact that the goverment acted against the parliament
hvb2 1 hours ago [-]
> which i'm sure the current administration would honour
It would've been the same administration as the one doing the negotiations, so I would assume yes.
> There should be grave consequences alone for the fact that the goverment acted against the parliament
In general I think there's a pretty good understanding between the legislative branch and the executive branch. The Netherlands has always had coalitions. Also, every single government will talk to the other parties.
I'm not sure what country you're referring to but the Netherlands has a properly functioning democracy. The only problem it has is splintering into too many small factions making coalitions super hard
mcv 15 minutes ago [-]
There are certainly countries that have it worse, but Netherland has some weird political games being played sometimes.
kleiba2 45 minutes ago [-]
If it's such a vital piece of Dutch infrastructure, why is it in private hands at all?
Nevermark 4 minutes ago [-]
Apologies in advance for wasting anyone's time with a light hearted tangent. But as I scrolled past your comment I read:
> If it's such a vital piece of infrastructure, why is it in Dutch hands at all?
It was the funniest thing I have misread in a while.
danslo 36 minutes ago [-]
DigiD itself is government-owned, but it's managed by Solvinity (a private company). Not really different from the US gov running half its stack on AWS.
kleiba2 31 minutes ago [-]
Okay, maybe let's not take the US as a point of comparison.
danslo 27 minutes ago [-]
Fine. Not really different from most governments relying on private suppliers to manage their infrastructure.
> Officially formed in late 2021, Kyndryl was created from the spin-off of IBM's infrastructure services
> Kyndryl operated in 63 countries in November 2021
stego-tech 5 minutes ago [-]
I keep seeing variations of “okay but this will be temporary” or “this is a one off” or “they’ll relent eventually, they have no choice” in response to the EU’s (and to a lesser extent, global) divorce from US tech stacks.
You cannot unring this bell, however, nor can you put the genie back in the bottle, close Pandora’s Box, etc, pick your own metaphor. The US burned through the trust thermocline very suddenly these past few years, snapping the tension that had been brewing over several decades from US hegemony and the abusive diplomacy it created.
Now that the US regime is openly hostile to everyone else and US firms have dropped the pretense of being anything less than a global surveillance state, there’s nothing to go back to. These sorts of rejections and blocks will continue to escalate until a new norm is agreed upon by cooler heads, which I don’t see happening in the current climate.
Make no mistake, power everywhere wants more surveillance capabilities; the EU wants it as much as China or the USA. The difference is that with the leading empire in decline, everyone realizes that owning their own surveillance state is an advantage over outsourcing it to a potential enemy.
petcat 1 hours ago [-]
Good for them, but I doubt this will be the last we hear about this especially with the current US government. ASML was only permitted to acquire US company Cymer (the actually valuable EUV light source technology) back in 2013 under a strict technology sharing and export control agreement.
The Netherlands blocking a US acquisition due to technology control concerns is sure to ruffle some feathers in Washington.
NietTim 1 hours ago [-]
This is not some sort of company making unique tech, it's a company handling some of the most the vital infrastructure for our government, you can imagine the privacy concerns. Completely different case
petcat 1 hours ago [-]
Sure, but the point is that it's tit-for-tat. This US administration is petty.
Epskampie 24 minutes ago [-]
All the more reason to block vital stuff going to the US. They cannot be trusted anymore.
wongarsu 1 hours ago [-]
In 2013, the same deal would likely have gone through. US-Dutch relations looked very different in 2013 under Obama than they look now under second-term Trump. Any reciprocity today based on things Obama did back then falls flat because we all know Trump opposes nearly everything Obama ever did
gpvos 1 hours ago [-]
Absolutely, no one would have batted an eyelid.
thisislife2 54 minutes ago [-]
The Dutch should be aware that if Netherland has some information-sharing agreements with Five Eyes or Fourteen Eyes, all this data will still be available to the US (and other allies) (hopefully, presumably, with your government acting as the gatekeeper).
Deukhoofd 19 minutes ago [-]
The issue was less privacy concerns, and more "hey lets not hand over one of the most critical pieces of infrastructure to a potentially hostile state". DigID is the user authentication platform for basically every government site in The Netherlands. A foreign government could use sanctions to pressure Dutch individuals to comply by limiting access to it.
applfanboysbgon 2 hours ago [-]
Good on the Dutch government for actually doing something.
spwa4 1 hours ago [-]
All governments are "doing something". It just isn't at all effective and mostly because they're unwilling to invest even marginal amounts.
Like in this case. The technology here utterly depends on Google Play Services on Android or App Attest on Apple (or "secure enclave"), and that is in fact essentially the only functionality.
This could have been solved instead switching to a standard (switching to OATH, RFC 4226 and RFC 6238), thus killing the dependency on Google/Apple while still allowing those devices to work smoothly, but also allowing a Linux implementation, allowing anyone . Plenty of European companies provide implementations for this, some with and some without the dependency on Google/Apple attestation.
applfanboysbgon 57 minutes ago [-]
I'm not talking about some abstract sense of "did the government do anything at all today", I am saying "good on the government for doing something in this specific case instead of doing nothing and letting it be sold", which was a possible outcome, and in fact the default outcome of the vast, vast majority of acquisitions is that the government does nothing to intervene.
Could they do something better, sure. I am still glad to see they did something at all.
Vinnl 1 hours ago [-]
I can sign in to DigID without using my phone, except sometimes with an SMS verification code. (Of course they want to, and should, phase that out. Hopefully that won't be replaced by app store dependence.)
(Also works fine on my GrapheneOS phone with only basic integrity, also worked on microG when I tested.)
1 hours ago [-]
midasz 1 hours ago [-]
Great news. Would have been devastating to have such an integral part of our society at the whims of not just another nation, but an unstable and downright hostile one.
mkj 2 hours ago [-]
Solvinity is a pretty terrible company name.
cactusplant7374 1 hours ago [-]
Solvinity = Solvent Divinity
mortarion 1 hours ago [-]
We're terrible at company and brand naming here in Europe. Just look at the "Wero" payment solution (formerly/currently iDeal). Like, who the hell came up with that stupid name?
The list of stupid European company names and product names are endless.
twjdeboer 26 minutes ago [-]
I agree, the Dutch iDeal was probably the better name. However I'm not sure if this is an uniquely European problem. Wero's counterpart 'Zelle' doesn't seem to be that much better of a name.
TacticalCoder 1 hours ago [-]
> Solvinity is a pretty terrible company name.
I find it okay'ish. At least it's unique. Say, as much as I like Mario Zechner (who doesn't like HNers anymore for whatever reason), naming your product "Pi" is just terribly bad.
Facebook was a good name (hate the company but the name was good). But "Meta" is just dumbfucktarded.
Wait... I've got an idea: I'm going to make a product and name it "Alt". Or "Control".
Really: there are a lot of totally unhelpful name that just confuses everybody, including search engines, humans, and LLMs but I don't think "Solvinity" is that bad.
agmater 1 hours ago [-]
I've always found Whatsapp a terrible name, but its so established now that 'apping' is understood. If you're big enough it seems that a bad name hardly hold you back.
amelius 55 minutes ago [-]
Reminds me of the old joke:
After Bill and Melinda Gates have their honeymoon, Melinda says, "Now I know why you call it Microsoft."
carlosjobim 12 minutes ago [-]
How come the Dutch people aren't offering more than the US investors to purchase this company, since this seems to be so close at heart?
_HMCB_ 35 minutes ago [-]
One word: good.
selectively 50 minutes ago [-]
A ground invasion would be an appropriate response.
creaturemachine 33 minutes ago [-]
By that we mean, send a whitehouse crony over to throw a temper tantrum on Dutch soil.
The entire country has been clamouring for this for weeks, and the government has been completely silent about it. A couple of weeks ago, the entire parliament (with only a single party dissenting) voted for a motion to end the contract with Solvinity, but the government extended it anyway, leaving blocking the takeover as the only option, and there wasn't a lot of confidence that the government would do that.
The whole reason for this is that Solvinity host DigiD, the Dutch e-ID system that handles authentication to all government and many other sensitive systems (healthcare). With the US law that the US government should be able to get access to any data held by a US company, regardless of where it's hosted, this system clearly should be kept out of American hands.
Of course there's still plenty of sensitive data in the hands of Microsoft, Amazon and other US companies. No idea when they're going to do something about that.
Logius is the company that actually owns and manages the DigiD stack, it's just that they hired Solvinity for their expertise. AFAIK Solvinity can't access the data.
I can't find it right now, but on Tweakers there was a long comment by someone on the inside that explained Logius basically had almost no know-how of how the current stack works, and there's lots of bespoke stuff. Basically classic vendor lock-in. The government (rather, Logius) now really wants to transition away from Solvinity, but that will likely be a 5+ year process.
I also feel like this is another thing that the "fast ring" of the EU should do together. Take Estonia's stack as a base, and then countries like Sweden, Denmark, Finland, The Netherlands adopt it and co- develop it. Make it extensible for the bespoke things the countries need, and every few years check which bespoke extensions can actually be generalized and modularized. Would lead to a much better product. A man can dream :)
You are behind the curve. You read here first. Lets revisit this comment in 2 years...
This will be overturned by both Dutch and European courts after the company appeals, and specially after Mark Rutte Daddy calls. The only purpose of this action is for the Dutch government to save face, and its for internal consumption. They already have the internal legal advice stating this, hidden away in some closet. But then they will say: You see, we wanted to do it but a court blocked us.
>>Of course there's still plenty of sensitive data in the hands of Microsoft, Amazon and other US companies.
The WHOLE Dutch diplomatic and broader civil service, including the Ministry of Foreign Affairs, runs extensively on Microsoft infrastructure for its daily operations, cloud services, and email. And they leak....
"Microsoft Accused Of Sharing Dutch Officials’ Data with U.S. Government" - https://www.yahoo.com/news/politics/articles/microsoft-accus...
This will also be the core legal argument by the appealing company. They will argue that the decision was politicized, insufficiently reasoned, or disproportionate because binding technical/legal safeguards would have solved the risks... And they will use as example, the diplomatic service extensive use of Microsoft :-)
So is nothing more than another Polder hypocritical take, by the Dutch government.
How would that argument support a sale to the US? It sounds like the perfect argument against it. Those technical/legal safeguards clearly didn't work for Microsoft either.
Mark Rutte, the chief of NATO and ex-PM, that has nothing to do with civilian tech? Can we please leave unfounded conspiracy theories to Reddit?
It's probably something he would use as 'change' to resolve something unrelated with NATO. Then he can sell how well he's keeping NATO together
"...Above and beyond the role of chair, the Secretary General has the authority to propose items for discussion and use their good offices in case of disputes between member states....
...In order to facilitate this process, the Secretary General maintains direct contact with Heads of State and Government, and Foreign and Defence Ministers in NATO and partner countries...."
[1] - https://www.nato.int/en/about-us/organization/nato-structure...
And Mark Rutte has been shaping the domestic fiscal debate inside the Netherlands [2]: "...Mark Rutte said the Netherlands must significantly boost defence spending and pointed to Dutch spending on pensions, healthcare and social security, saying only a small fraction of those allocations would strengthen defence..."
[2] - https://nltimes.nl/2024/12/03/nato-leader-rutte-netherlands-...
And on conspiracy theories - Do you trust the Financieele Dagblad?
https://nltimes.nl/2025/11/20/asml-offered-spy-us-breaking-e...
Their sentiment is that Trump intervenes by whining to Mark Rutte, who seems to be the only European Trump is actually willing to listen to, at the expense of course of giving up all his dignity in calling Trump, literally, Daddy [1].
And I would not put it past Trump to do that... I mean, that's what he already did regarding Tiktok.
With Trump nothing is impossible any more, especially if he or someone in his circle stands to make or lose money. And that's the greatest danger in the US turning into a full blown banana republic.
[1] https://www.politico.com/news/2025/06/25/nato-chief-calls-tr...
Given what we know now, this seems perfectly logical. It's just that we don't know what else is going on behind the scenes.
I'm sure there was some negotiations on how to keep the data separate or something, with the threat of blocking it altogether as a final solution.
But agreed, this is a good outcome
which i'm sure the current administration would honour
There should be grave consequences alone for the fact that the goverment acted against the parliament
It would've been the same administration as the one doing the negotiations, so I would assume yes.
> There should be grave consequences alone for the fact that the goverment acted against the parliament
In general I think there's a pretty good understanding between the legislative branch and the executive branch. The Netherlands has always had coalitions. Also, every single government will talk to the other parties.
I'm not sure what country you're referring to but the Netherlands has a properly functioning democracy. The only problem it has is splintering into too many small factions making coalitions super hard
> If it's such a vital piece of infrastructure, why is it in Dutch hands at all?
It was the funniest thing I have misread in a while.
https://en.wikipedia.org/wiki/Kyndryl
> Officially formed in late 2021, Kyndryl was created from the spin-off of IBM's infrastructure services
> Kyndryl operated in 63 countries in November 2021
You cannot unring this bell, however, nor can you put the genie back in the bottle, close Pandora’s Box, etc, pick your own metaphor. The US burned through the trust thermocline very suddenly these past few years, snapping the tension that had been brewing over several decades from US hegemony and the abusive diplomacy it created.
Now that the US regime is openly hostile to everyone else and US firms have dropped the pretense of being anything less than a global surveillance state, there’s nothing to go back to. These sorts of rejections and blocks will continue to escalate until a new norm is agreed upon by cooler heads, which I don’t see happening in the current climate.
Make no mistake, power everywhere wants more surveillance capabilities; the EU wants it as much as China or the USA. The difference is that with the leading empire in decline, everyone realizes that owning their own surveillance state is an advantage over outsourcing it to a potential enemy.
The Netherlands blocking a US acquisition due to technology control concerns is sure to ruffle some feathers in Washington.
Like in this case. The technology here utterly depends on Google Play Services on Android or App Attest on Apple (or "secure enclave"), and that is in fact essentially the only functionality.
This could have been solved instead switching to a standard (switching to OATH, RFC 4226 and RFC 6238), thus killing the dependency on Google/Apple while still allowing those devices to work smoothly, but also allowing a Linux implementation, allowing anyone . Plenty of European companies provide implementations for this, some with and some without the dependency on Google/Apple attestation.
Could they do something better, sure. I am still glad to see they did something at all.
https://www.logius.nl/actueel/qr-code-scanner-digid-app-werk...
(Also works fine on my GrapheneOS phone with only basic integrity, also worked on microG when I tested.)
The list of stupid European company names and product names are endless.
I find it okay'ish. At least it's unique. Say, as much as I like Mario Zechner (who doesn't like HNers anymore for whatever reason), naming your product "Pi" is just terribly bad.
Facebook was a good name (hate the company but the name was good). But "Meta" is just dumbfucktarded.
Wait... I've got an idea: I'm going to make a product and name it "Alt". Or "Control".
Really: there are a lot of totally unhelpful name that just confuses everybody, including search engines, humans, and LLMs but I don't think "Solvinity" is that bad.
After Bill and Melinda Gates have their honeymoon, Melinda says, "Now I know why you call it Microsoft."