- Thierry Spanjaard
European ID Wallet on its way
Earlier this week the "FIC" (International Cybersecurity Forum), along with its "ID Forum" side conference, took place providing one of the best opportunities to get the latest news in the fields of government and digital identity.
We all know that a good project starts with a good definition of needs and objectives. This was the theme of a conference on the European Digital Identity project, especially the future European ID Wallet.
The European Commission wishes to establish a new system, especially building on the identified shortcomings of the eIDAS regulation: only 14 countries out of 27 participated in it and the expected interoperability level was not achieved. The new project will take into account a series of requirements:
· It will be mandatory for all Member States,
· It will respect European values, especially privacy requirements putting the citizens in control of each of their identity elements,
· It will provide not only citizen authentication but also support attributes such as existing documents,
· It will be built upon security by design principles,
· It will reach a high level of security and a high performance,
· It will be certifiable.
This move is a step in the direction of reestablishing sovereignty of European institutions and of Member State governments in front of the private identity services provided by large private organizations such as the GAFAM (and probably also the BATX – Baidu, Alibaba, Tencent and Xiaomi). However, the initiative takes for granted the idea citizens will be more confident into services proposed by government entities than in private service providers. The amount of data left by most of us every day to Google, Facebook and others tend to demonstrate the opposite. Also, at the end of the day, the ease of use of these identity solutions will also play a major role in their mass adoption, along with privacy concerns.
A first step has happened earlier this year when the European Commission was able to standardize and to setup quickly the European standard Covid certificate, demonstrating their ability to work with Member States and industrialists in developing and implementing a functional solution in just a few months.
Philosophical issues remain before setting up a unified ID solution at the European level: some Member States have set up centralized ID solutions while others prefer decentralized approaches, some governments have chosen to have a single unified citizen identifier while this is even prohibited by law in other Member States, just to name a few topics, ...
However, the battle is far from being already won. Different initiatives happen in other world regions. For instance, in the US, Arizona, Connecticut, Georgia, Iowa, Kentucky, Maryland, Oklahoma, and Utah are among the first states to bring their state IDs and driver’s licenses in Apple Wallet (on both iPhone and Apple Watch), demonstrating a totally different approach of the relation between government and private players.
With the European ID Wallet, European authorities expect to become a model for the rest of the world in the same manner the proclamation of GDPR has set a global example.