For the most surface level concerns like risking them accessing any app on your phone, you can enable app lock on those that support it. Usually the most sensitive do: WhatsApp, Signal, banking apps and others.
If they don't, take advantage of the private space which locks apps until you unlock, and you can relock whenever you want

I'm thinking of going stoic and dropping anything Android, but this would require setting up an emulator working good enough for WhatsApp, Google Authenticator, MS Authenticator and probably something else.

I've always just shown a scan of my ID on my phone. It's just a picture?

Nah, I'll just carry my ID card around.

That means if I used the digital version, they would had unlimited access to all my digital life. Photos, emails, chats, from decades ago.

Bare minimum, it would take a substantial amount of time and resources to harvest data from every phone of every driver passing through a particular checkpoint. Not that I'd ever recommend handing over my phone to a cop, but this kind of data transfer isn't trivial. And its not clear what a street cop is going to do with 10 GB of accumulated vacation photos.

On the flip side, if you have an Automatic Backup feature on your phone, its going to a cloud computer somewhere. And that cloud computer is almost certainly compromised by the state digital security agency (and probably a number of foreign security agencies). At that point, it doesn't matter if you've got a physical id or a digital one, just knowing who you are is enough to tie you back to that digital archive.

But... again, what is it that front-line state agents are planning to do with all this data? That's never been made particularly clear.

Why is nobody mentioning that by installing it and authenticating, there is sweet fuck all you can do to stop them tracking your movements and downloading your whole address book so they can see who you Associate with?

Taking the phone isn't the problem if they are already in it.

Pretty sure they're not supposed to take your phone. The point of a digital document is that you don't have to hand in anything. Scan the QR code and they can run as many background checks on the data they want. You'll still have your phone.

1. Do not have a mobile device
2. Do not install anything proprietary or governmental on that device you don't have
3. Use borderline secure (GrapheneOS) OS on that device you don't have and don't unlock it if demanded unless your health and/or life is in danger

In Brazil, the officer just uses their own phone to scan a validation QR on the ID app, at no point your phone leaves your hand and in a few seconds the officer has what they need. Shouldn't this be the case in the EU? AFAIK the officers only take your physical ID to check the number, so if you're using the app they shouldn't need to confirm that as the info is already validated

Yup, if you hand them your unlocked phone they can look through it.

that's odd. in south africa while we don't have a digital license the physical ones do have a code. they scan the code and that's it. they never take the license unless they asking for a bribe.

They don't need to take your phone with them. They literally can just scan the code, because it sends all the info to their screen, that they were gonna look up anyway.

No way the government implemented an app for this use case. That's extremely inefficient.

I thought you actually tried, that they took your phone?

Convenience always has a cost

You're absolutely right about the danger of giving up your phone, if the police wanted to take it from you. By sticking with traditional documents you remove any pretense they might have to try. It is not a stupid call, it's just less convenient - but then, security is always a compromise with accessibility.

On iOS you can enable Guided Access and restrict what one can do, for example disable touch and lock it to an app, until you enter a Code. I imagine Android will have something similar.

This obviously doesn’t protect against electronic forensics, but it does protect against just opening different apps and searching through the phone manually.

Either have a cheap second hand sim less phone just for that or carry the physical Id or perhaps a copy of the physical id.

Hi, Your dedicated local Secret Service agent here.

We don't need your smartphone to access your data. We have surveillance equipment for that. That is why we can scan the qr code of your ID app and do the checks we need.

If you want us not to track you, you need a degoogled smartphone and use cash exclusively. Also you could use a vpn while you browse the interwebs, but we ll still be, eventually, able to see where you browse.

BTW we don't stop randomly ppl on roadblocks. You or your car or your route or all of the above was of concern for us.

Digital licence is all I have used for about 7 years. Police here are careful never to reach for a phone as they can't legally. You display the licence and give it a shake to animate it and they copy the number down in their notebook. If the police ever did illegally take a phone I would wipe it and replace it and lodge a complaint.

They may have similar protections in Europe. People often post opinions on social media without checking facts. I get why on commercial social media where everything is rage bait. But i don't know why people can't take a few minutes to check local laws before posting here.

If you use an android phone, just create a separate account on your phone just with the apps you want the police to see. No email, photos, social media, or anything. This way you can switch to the restricted user before giving the cop your phone.

There's a good chance they have a Cellebrite in their car and will copy your entire phone's storage over.

If you are on android you can use screen pinning. That way phone won't get locked and bother the police but they can't switch to any other app without your password.

But I don't know how much I'll trust an app by government. Maybe in Europe that app is Open source.

I just double checked on my phone, on Android you can pin the current app, that limits access for the user to only that app. Unpinning requires you to essentially unlock the phone again. I wouldn't hand my phone to a pig either, but if I pinned the app, it would be secure enough for a traffic stop.

As others already stated there are solutions already to pin apps and to be honest, I feel I would not give the phone to a policeman like that.

On the other hand, what I'm more concerned about is giving the access to my phone's data through different permissions to my government.

For example this is the list of permissions for the Hungarian government app: https://reports.exodus-privacy.eu.org/en/reports/hu.gov.dap.app/latest/#trackers