Unifying Digital Identity across Europe

European Digital Identity – Part 2

Recapturing Part 1 – Self Sovereign Identity (SSI) and the European identity wallet

In our previous article , published on March 6th, we discussed the background, purpose and nature of the new e-IDAS 2.0 regulation. It is governing the emergence of a pan-European trust framework for the exchange of digital certificates, logging in, and proofing your identity.

We explained the impressive paradigm switch from the classical, siloed digital identity set-up, whith re-entering the same data over and again, versus so called ‘Self Sovereign Identity’ (SSI) where you reuse your data and manage it yourself through an ‘identity wallet’ that you own. A personal mini-platform on your device, exactly the concept applied by EarthID.

Privacy, security, ease of use, and cross border scope of the identity wallets are all meant to boost the European Digital Single Market and the e-IDAS regulation is facilitating it.

?Inplementing Acts for eIDAs 2.0

In order to manage a whole electronic identification ecosystem for millions of wallets, and to guarantee security and sustainable interoperability, the EU needs to arrange for a lot of circumstantial objectives beyond the wallets only. Obviously, technology is a key topic, but governance is equally important. Think about accountabilities, enforcement, and conditions to become a certified EU wallet provider, and managerial aspects.

While the main principles have been covered in the text body of the legislation itself, these more detailed and operational items will be covered in what we call ‘Implementing Acts’. These will be published within six to twelve months after the adoption of e-IDAS 2.0 (on February 29th, 2024). Over 40 Implementing Acts will cover for instance detailed reporting and notification formats, technical specifications, procedures for complaints and enforcement, and processes for the installment of the governance bodies and oversight committees.

Technology and e-IDAS 2.0

Legislation can never be specifically prescribing technology. Technology changes fast and the law would be outdated once the ink is dry. Also, multiple technical solutions can satisfy the same legal objectives. Opinions about technical standards are multiple and diverse. Three main initiatives should help to deal with the technology, and to create a consistent approach to the technology. Next to an e-IDAS Expert Group to deliver independent advice, two main initiatives are important:

Toolbox

This toolbox is a set of common standards and technical specifications and a set of common guidelines and best practices, developed by experts from the EU member state. It also includes an ?Architecture Reference Framework . Outcomes will serve as a basis for the implementation of the European Digital Identity Framework Regulation once adopted, without the process of developing the Toolbox interfering or prejudging the legislative process. A reference wallet is being created, as example for other wallet developers, more information is available on Github .

Large Scale Pilots

To gain proven insights about technology topics and test the use cases,? the EU spends a budget of about 40.000.000 Euro for socalled ‘Large Scale Pilots ’ (LSP). This grant was established in 2022, and all four consortia entering the competiton, a share of the budget was allocated. They are implementing practical use cases for SSI, and this leverages adoption, knowledge and awareness of SSI in the real world. The consortia , Nobid , Potential ,? DC4EU , and the EU Digital Identity Wallet? Consortium (EUC ) are contributing to further development of guidelines and best practises for the toolbox.

Third country identities

Interoperability of digital identities throughout the EU is the main objective, but what about ‘third countries’, not part of the EU? The new legislation is not yet describing the preconditions and procedures to have these interoperate in the ecosystem. In Article 14 the international aspects are covered. How this should be managed is not yet fully been defined, but the EU is running a separte pilot for this topic.

Key Takeaways:

• The EU's e-IDAS 2.0 regulation aims to unify digital identity across Europe with a focus on security and user control.
• Implementing Acts will detail the operational aspects of this digital identity framework.
• The integration of non-EU digital identities is being explored to ensure broader interoperability.

Next article: Part 3: Practical use cases for e-IDAS 2.0.