I don't think it's Godwin's Law when you are so spot on, exactly describing the worst case.
However even if the app is secure the storage and handling of the information is a different matter and it has been shown that care is not always taken.
Governments likely already know your name, age, place of birth, so having an app with a standard API for verifying users isn't giving the government additional data.
so it will gather extra data, sell it sideways and leak like hell. (as they already do with all the data they already have)
https://www-bitsoffreedom-nl.translate.goog/2026/07/06/aivd-...
Amusingly fantastically wrong.
NL may have its own issues like you linked to, but more uniquely had their collected data abused more than other countries in probably the worst event in history.