{"id":271,"date":"2024-09-17T11:23:01","date_gmt":"2024-09-17T11:23:01","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=271"},"modified":"2024-09-17T11:23:01","modified_gmt":"2024-09-17T11:23:01","slug":"european-digital-identity-this-is-how-the-eus-big-bet-is-evolving","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=271","title":{"rendered":"European digital identity: this is how the EU\u2019s big bet is evolving"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

Imagine you\u2019ve just arrived at your vacation destination. You have to pick up the rental car at the office and from there head to the hotel to check in. Maybe you go to the pharmacy first, because you have a bit of an allergy and it\u2019s better to anticipate buying your medication. You reach into your bag and\u2026 disaster: you\u2019ve forgotten your wallet containing your driver\u2019s license, identity card and health card.\u00a0\u00a0<\/p>\n

But if there is one thing that most of us always have with us today, it is our mobile phone \u2014 even if we do not always protect it, nor the information contained in it, as we should. The European digital identity project is creating a secure wallet interoperable between the countries of the European Union.\u00a0An app on the mobile phone will only share the necessary information to each agent who requests it and that, they hope, will be safer than leaving your (physical) wallet lying around when you are just going on vacation.<\/p>\n

[ Beware of the 4 key problems with digital identity<\/a> and learn about the concept of decentralized identity<\/a> ] <\/p>\n

A regulation to unify all standards<\/h2>\n

This initiative is included in Regulation (EU) 2024\/1183 of the European Parliament and of the Council<\/a>, commonly known as eIDAS2, as it amends the 2014 regulation, which established the European digital identity framework. eIDAS2 arises within the framework of a greater digitalisation of citizens, which forces us to rethink current online identification systems to shield them, make them simpler and, above all, unify them.<\/p>\n

The text of eIDAS2, in force since May of this year, specifies this in the European Digital Identity Wallet, \u201ca harmonised means of electronic identification that allows you to authenticate and share data related to your identity\u201d. The purpose, it is explained, is \u201cto move from the exclusive use of national digital identity solutions to the provision of electronic declarations of attributes that are valid and legally recognised throughout the Union\u201d.<\/p>\n

The European Commission has until November 21, 2024, to establish a list of reference standards, specifications, and procedures needed to make the wallet a reality.<\/p>\n

Along with this, the regulations introduce a series of changes. The main ones are the expansion of the catalogue of services that can be provided by trusted providers, as well as the expansion of the scope of digital identity to the field of health, mobility, education and the financial sector. The entry into force of the regulation opens a period of just over two years, until the end of 2026, for its full implementation: by then, states must have digital wallets ready for their citizens. \u201cAn essential deadline given the complexity of creating a system that is secure, interoperable and accessible throughout the European Union,\u201d explains Mar\u00eda Gonz\u00e1lez, Director of Public Policy and Regulation at Adigital.\u00a0\u00a0<\/p>\n

The approval of eIDAS2 has set the clock in motion. In August, the European Commission began consultations on five regulations that will be crucial in the implementation phase, related to aspects such as interfaces, interoperability or cybersecurity requirements, Gonz\u00e1lez recapitulates. Collaboration with bodies such as the European Telecommunications Standards Institute (ETSI) and the European Committee for Standardisation (CEN) in the development of standards will also be key. And, of course, the work in each country. \u201cNow the ball is in the courts of all the governments in Europe, which have to put this into practice,\u201d says Paula Lamo, director of UNIR\u2019s Master\u2019s Degree in Internet of Things.<\/p>\n

It is not only the administrations that must prepare: the private sector can also move pieces so that the advent of the European digital wallet does not catch them half-hearted. \u201cCompanies have to be oriented towards this digitalization, adapting their production processes for this situation, which may be a competitive advantage,\u201d says Lamo. Beyond this differential value in the business strategy, there may be other benefits. \u201cThey will be impacted by this simplification of administrative procedures by eliminating one of the great challenges they currently face, such as bureaucracy and the excessive time they dedicate to it,\u201d says Gonz\u00e1lez. In addition to the reinforcement in security and data protection, it adds as an advantage its transnational nature, which \u201cmultiplies its opportunities and helps to promote the single market\u201d.<\/p>\n

Challenges to be solved on the path to European digital identity<\/h2>\n

With much of the practical work still to be done, it is clear that there is still a long way to go. Gonz\u00e1lez summarizes the main challenges: \u201cGuaranteeing the security and privacy of data. On a more technical level, managing interoperability between the systems of the different Member States also entails its complexity. Finally, there is the challenge of getting citizens and companies to adopt the system, which will depend on the confidence they generate in terms of its security and ease of use.\u201d<\/p>\n

Lamo delves into this last topic. \u201cI am convinced that there will be some more reticent, more denialist sector that is going to say: \u2018This is to keep an eye on us.\u2019 The objective is not that, or at least the original idea is not to control the citizen, but to try to improve your life with technology.\u201d To face this line of thought, his recipe involves \u201ca lot, a lot of pedagogy, explaining very well what this is for and the advantages it has\u201d. Showing off this advice, he reiterates them: \u201cMake your transactions simpler, make your life less complicated, be more digitalized. Moving towards the future and also in a very secure way, guaranteeing that in this way you are not going to share unnecessary data\u201d. Gonz\u00e1lez points out: \u201cCitizens will be able to prove their identity, share documents and access digital services in a simple, secure and recognised way throughout the EU, from their mobile phone. For example, accessing public services (such as applying for a birth certificate), opening a bank account or applying for a place at a university in any Member State\u201d.<\/p>\n

Pedagogy will also be necessary to overcome the reluctance of the population when it comes to sharing their personal information, no longer because of a matter of control, but because of a greater sensitivity to data theft. \u201cIt is about centralizing in a secure way and guaranteeing the citizen that at all times they will only give the necessary data,\u201d says Lamo. \u201cWe have to give confidence,\u201d he reiterates, \u201cexplain that this digital identity is not mandatory, of course, but each person, if they want it, can use it; that it will be to make their lives easier and that it is not a carte blanche to give the data to everyone\u201d.<\/p>\n

This is not mandatory and includes another of the social sectors that the digital portfolio can reach: those groups that do not have the technological skills or sufficient means to use it.\u00a0The regulations do not establish that the use of the digital wallet is mandatory; Moreover, it is explicitly contemplated, in certain contexts of use, that the population should not have \u201cany obligation to use a European Digital Identity Wallet to access private services and their access to services should not be restricted or hindered by not using a European Digital Identity Wallet\u201d. Respect for this non-digital alternative can also help to alleviate the reservations of the groups most reluctant to share their data. There is still time for this scenario: at least two years in which the pedagogy that Lamo demands must be applied to promote an initiative that, well directed, has great potential.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Imagine you\u2019ve just arrived at your vacation destination. You have to pick up the rental car at the office and from there head to the hotel to check in. Maybe you go to the pharmacy first, because you have a bit of an allergy and it\u2019s better to anticipate buying your medication. You reach into […]<\/p>\n","protected":false},"author":0,"featured_media":270,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-271","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/271"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=271"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/271\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/270"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=271"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=271"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=271"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}