The Dutch should be aware that if Netherland has some information-sharing agreements with Five Eyes or Fourteen Eyes, all this data will still be available to the US (and other allies) (hopefully, presumably, with your government acting as the gatekeeper).
It's not only about the data, it's about the risk that the US would basically turn off things like tax collection and doctors' visits in the Netherlands as part of (say) a first strike on Greenland.
Sure, the chance is low. But in the current climate people are nervous and it's best not to risk it. The current government has already embarked on a long-term strategy to bring more of critical software infrastructure back in-country, selling the core identity provider software abroad would go directly against current policy.
Why would the risk be low?
Trump also already sanctioned Justices from the ICC based in Netherlands because he didn't like them.
He's clearly not the guy with impulse control
Sanctioning people is basically risk-free and more importantly dollar-free. Fighting wars is extremely not-free, as Trump is currently discovering in Iran. I personally rate the risk of the US actually invading Greenland as not higher than about 10%, with the matter most likely being resolved by the US administration re-discovering that the US is allowed to establish a base on the country, doing so and then announcing with big fanfare that they solved the terrible terrible problem of Greenland being "the most unsafe".
Still though, that is about 10 percentage points higher than before Trump took office. Better not to hand him too many tools to exert leverage with.
> Sanctioning people is basically risk-free and more importantly dollar-free.
In the long term, I think this was actually really expensive. People talk and worry about this, and as a result of this (and similar developments) general consensus seems to have shifted towards preferring EU companies over US companies for tech. That used to be the exact opposite for as long as I can remember.
The issue was less privacy concerns, and more "hey lets not hand over one of the most critical pieces of infrastructure to a potentially hostile state". DigID is the user authentication platform for basically every government site in The Netherlands. A foreign government could use sanctions to pressure Dutch individuals to comply by limiting access to it.
> (hopefully, presumably, with your government acting as the gatekeeper)
Exactly, that gatekeeper role is what's the difference here. Do you give all data to another country and ask them for pieces back as needed (whenever someone wants to use DigiD, the country can block it), or do you host it yourself and only share the parts that are relevant for this other country's investigations?
> if Netherland has some information-sharing agreements with … Fourteen Eyes
Probably a safe assumption, since the Netherlands is a member of the Fourteen Eyes
It's not about privacy, it's about control.