In my (European) country now we can have a digital copy of the driving license on the phone. It specifically says that it’s valid to be presented to law enforcement officers during a check.

I saw amazed in the beginning. They went from limited beta testing to full scale nationwide launch in just two months. Unbelievable. And I even thought “wow this is so convenient I won’t need to take the wallet with me anymore”. I installed the government app and signed up with my government id and I got my digital driving license.

Then yesterday I got stopped by a random roadblock check and police asked me my id card. I was eager to immediately try the new app and show them the digital version, but then because music was playing via Bluetooth and I didn’t want to pause it, i just gave the real one.

They took it and went back to their patrol for a full five minutes while they were doing background checks on me.

That means if I used the digital version, they would had unlimited access to all my digital life. Photos, emails, chats, from decades ago.

What are you are going to do, you expect that they just scan the qr code on the window, but they take the phone from your hand. Are you going to complain raising doubts? Or even say “wait I pin the app with a lock so you can’t see the content?”

“I have nothing to hide” but surely when searching for some keywords something is going to pop-up. Maybe you did some ironic statement and now they want to know more about that.

And this is a godsend for the secret services. They no longer need to buy zero day exploits for infecting their targets, they can just cosplay as a patrol and have the victim hand the unlocked phone, for easy malware installation

Immediately uninstalled the government app, went back to traditional documents.

  • JoeKrogan@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    4 months ago

    Either have a cheap second hand sim less phone just for that or carry the physical Id or perhaps a copy of the physical id.

  • unskilled5117@feddit.org
    link
    fedilink
    English
    arrow-up
    0
    ·
    4 months ago

    On iOS you can enable Guided Access and restrict what one can do, for example disable touch and lock it to an app, until you enter a Code. I imagine Android will have something similar.

    This obviously doesn’t protect against electronic forensics, but it does protect against just opening different apps and searching through the phone manually.

    • catloaf@lemm.ee
      link
      fedilink
      English
      arrow-up
      0
      ·
      4 months ago

      Yes, Android has app pinning. But they still have access to anything the app gives them.

      They can see my ID on the phone. But if they want to take it, then no, I don’t have that ID on me. But then, I live in the US where digital ID isn’t valid.

      • 1024_Kibibytes@lemm.ee
        link
        fedilink
        arrow-up
        0
        ·
        4 months ago

        It is valid in some states. OP raises an excellent point. I live in the U.S. and have the digital ID on my phone, but I won’t be handling it to law enforcement. I’ll make sure I have the physical copy when I’m driving.

      • ifItWasUpToMe@lemmy.ca
        link
        fedilink
        English
        arrow-up
        0
        ·
        4 months ago

        You can block off certain sections of the screen, or disable touch completely. If all the info they need is on the screen just make it so they can’t tap anything.

  • moreeni@lemm.ee
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    4 months ago

    They went as far here in Ukraine as making some services exclusive to those who have the app. The official government app for digital documents and services, Diia, also has stupid integrity check, which makes it unable to be installed from Aurora Store, which makes me cut out from such services, because I don’t have Google Services installed. By the way, there are Google trackers in the app.

    • Cousin Mose@lemmy.hogru.ch
      link
      fedilink
      arrow-up
      0
      ·
      4 months ago

      The IRS (tax authority) in the US has Google trackers loaded into the DOM including pages listing your Social Security number too, yikes.

  • shirro@aussie.zone
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    4 months ago

    Digital licence is all I have used for about 7 years. Police here are careful never to reach for a phone as they can’t legally. You display the licence and give it a shake to animate it and they copy the number down in their notebook. If the police ever did illegally take a phone I would wipe it and replace it and lodge a complaint.

    They may have similar protections in Europe. People often post opinions on social media without checking facts. I get why on commercial social media where everything is rage bait. But i don’t know why people can’t take a few minutes to check local laws before posting here.

    • MutilationWave@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      4 months ago

      Probably because I live in America but we don’t trust police to not do something just because they’re not supposed to. They do it all the time here.

  • MyNameIsIgglePiggle@sh.itjust.works
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    Why is nobody mentioning that by installing it and authenticating, there is sweet fuck all you can do to stop them tracking your movements and downloading your whole address book so they can see who you Associate with?

    Taking the phone isn’t the problem if they are already in it.

    • bokherif@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      4 months ago

      Honestly, I wouldn’t worry about all the comments discussed here. Mainly because the governments already have access to everything and I mean EVERYTHING. They will get a subpoena in under a minute if they want to check something regarding your digital life. Not condoning it, just a fact of present life.

    • Boomkop3@reddthat.com
      link
      fedilink
      arrow-up
      0
      ·
      4 months ago

      You have to explicitly allow that, at least on android. However, most people hit allow and don’t think anyways :/

          • Matt@lemmy.ml
            link
            fedilink
            arrow-up
            0
            ·
            4 months ago

            There are camera and location permissions listed. AFAIK my ID card doesn’t have those.

            • Boomkop3@reddthat.com
              link
              fedilink
              arrow-up
              0
              ·
              4 months ago

              I think that might just be to scan qr codes. And unless you’ve got a very shitty phone, that camera can’t run without the app being active.

              You do close your apps, right?

      • stetech@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        4 months ago

        iOS too. Permissions can even be given only while the app is active if it “requires” them, or for location for example an approximate one is sufficient.

        • Boomkop3@reddthat.com
          link
          fedilink
          arrow-up
          0
          ·
          4 months ago

          Yep, but there was some news about that recently. Apparently their security doesn’t quite work as it should. Perhaps that’s been fixed by now, but then again, Apple does not have a great reputation there.

    • EarJava@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      4 months ago

      In most phones it is possible to set permissions (to contacts, locaton, etc) for every app.

  • /home/pineapplelover@lemm.ee
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    You can pin the app (android) or have it in guided access mode (ios). Although, yeah, I wouldn’t be surprised if there’s an exploit to get out and access memory it shouldn’t. Maybe if you install the govt spyware app in a different user profile (Android) then it will be restricted to that certain memory.

  • HiddenLayer555@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    4 months ago

    There’s a good chance they have a Cellebrite in their car and will copy your entire phone’s storage over.

      • HiddenLayer555@lemmy.ml
        link
        fedilink
        English
        arrow-up
        0
        ·
        edit-2
        4 months ago

        Yeah because the police using a commercially available and ridiculously cheap device to copy data from your phone is totally unbelievable. I must be the crazy one.

        News flash, they’re not FBI tier ultra classified tools anymore, you can find them on eBay for less than $1000. There’s a good chance that’s cheaper than the phone you have right now. You think a police department who is already intent on scrolling through your phone while “checking your ID” wouldn’t just put one in every cruiser?

        • Miaou@jlai.lu
          link
          fedilink
          arrow-up
          0
          ·
          edit-2
          4 months ago

          You think a government can ask a couple of dozen thousand, barely literate goons to do something like this without the word getting out within a week?

    • bokherif@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      4 months ago

      Forensic acquisition tools like Cellebrite take hours to clone storage. Not saying they wouldn’t do it, just saying that legitimate acquisition that can be used against you has to be collected in a very certain way for it to be proof.

  • potatopotato@sh.itjust.works
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    4 months ago

    To add to this, a lot of what keeps us safe is the friction of bureaucracy. Authoritarians cannot micromanage every decision you make or round up every person they want because those actions take time and resources that aren’t infinite. But you can reduce the time and resources required if you make identification more convenient and therefore enforcement more targeted. Maybe now they can justify making you present ID every time you pay cash at Starbucks, buy a backpack, get on a bus, use a bike share, watch hot snuff porn, you name it.

  • krolden@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    Pit it on another phone that you keep in your car or another profile with nothing else on it

  • QuazarOmega@lemy.lol
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    For the most surface level concerns like risking them accessing any app on your phone, you can enable app lock on those that support it. Usually the most sensitive do: WhatsApp, Signal, banking apps and others.
    If they don’t, take advantage of the private space which locks apps until you unlock, and you can relock whenever you want

  • Niquarl@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    I’ve always just shown a scan of my ID on my phone. It’s just a picture?

    • Moonrise2473@feddit.itOP
      link
      fedilink
      arrow-up
      0
      ·
      4 months ago

      and they accept that as a valid id? I mean in a store ok, but a public official? It’s incredibly easy to make a fake screenshot

      the digital version of id cards are glorified qr codes: they scan it and their device downloads from the government servers the official version. Or, for offline usage: the qr code contains all the data, signed with their key, they check if the signature is valid