The European Commission wants to create a common digital identity system

The European Commission wants to create a common digital identity system

The project of an infrastructure to be used with public bodies and companies sharing the bare essentials. The green pass will be the first test

The European Commission proposes a new common digital identity (Ben Sweet via Unsplash) The first test for the European Commission will be the green pass. Not only a viaticum for easing travel restrictions during the summer holidays, but also a test bed for a future common digital identity system. A project, the latter, which Brussels has been working on for some time and which has publicly unveiled in these hours, just as the system is about to launch a system of recognition of the attestation of vaccination, recovery from the coronavirus or negativity to a swab performed within 48 euros, useful for traveling with fewer constraints.

Digital identities for all

The green pass, as confirmed to Wired by sources of the Italian government involved in the game on digital identity with the leaders of the European Commission, is a first training session for the Union authorities. There are two long-term objectives of the digital identity project. The first is that all 27 countries equip their citizens and companies with these systems and apps for storing documents. Today 19 have one and cover 59% of the 450 million people living within the Union, but Brussels needs to accelerate, also due to the pandemic's push to digitize.

While Brussels will commit to establish common rules and technical standards to make national systems dialogue with each other and with private companies that need to recognize who they are dealing with, such as banks. Thus, in the future, an Italian citizen will be able to use the public digital identity system (SPID) to identify themselves and enroll in a French university or to make a subscription to public transport in Portugal. Recognition must be mutual.

Few but good

The second purpose is to minimize the information shared outside to identify oneself. The Commission aims to establish the bare essentials as a rule, once again focusing its policies on the protection of personal data which, from the GDPR onwards, represents the key value of its activity. In this case, Brussels looks, for example, at age assessment to access an online platform. A case that took center stage at the beginning of the year in Italy with the investigation of the Privacy Guarantor and Tiktok.

The problem is to confirm a data (age) without providing others that could detect the identity of a person and violate the protection that online anonymity guarantees. The digital identity system should just make up for this: providing the strictly necessary information without revealing more than necessary and allowing citizens to know how much and what data they are disseminating. An approach strongly sponsored by the Italian authorities at the tables for the development of this project.

The construction site

The time has come for Brussels to unveil the project, anticipated by an article in the Financial Times on a digital wallet. On June 1st, at a meeting on common digital strategies, the President of the European Commission, Ursula von der Leyen, set out the direction: “We want to offer Europeans a new digital identity. An identity that guarantees trust and protects online users. We are about to present our proposal. It will allow everyone to check their identity online and interact with governments and businesses across the Union. " For von der Leyen, “no one should be obliged to provide more data than is necessary for the purpose in question. To book a hotel room online, no one needs to know where I come from and who my friends are. With our proposal we offer an alternative to the models of large online platforms ".

The European Union, in reality, will not take the place of governments in managing citizens' identities. That process, as well as the launch of dedicated wallets, entrusted to dedicated operators (such as PagoPa in Italy), remain the responsibility of the individual countries. The Commission will do two things. First: establish the rules of the game, the same for everyone. Second: make sure that documents issued by one state are also recognized by another or by a company through this wallet. Therefore, if in the future a company will have to acquire identification data on a customer (for example, a bank), it will have to interact through this channel and receive what is strictly necessary. This is why the green pass, which also contains detailed information (including, for example, the vaccine batch), is a strategic experiment for the Commission. The document is provided by a local authority on a local app (Io or Immuni for Italy) but is valid throughout Europe and every state must equip itself to recognize it.

Digital identification is not, of done, nothing new under the sun. It is a daily practice, from the simplest login systems to the most sophisticated ones, to carry out delicate operations, such as a banking transaction. Just as it is daily practice to save documents in digital format on apps. From boarding passes to dematerialized credit cards. What the Commission wants to do again is to standardize rules, technical standards and functionalities, make systems interoperable and give the citizen the choice of what to reveal.

The goal is to keep documents on these wallets ranging from driving licenses to medical prescriptions, from educational qualifications to cadastral practices. As explained by Margrethe Vestager, Vice-President of the Commission with responsibility for digital, the goal is to achieve an adoption of digital identity "by 80% of the European population by 2040".


The European Union has already had a regulation on electronic identification since 2014, Eidas, which however does not oblige states to equip their citizens with digital systems or ensure their use across borders or with private services . Result: the chancelleries have moved in no particular order.

The Commission aims to put down a technical draft by September, to be approved by December. For June 2022, on the other hand, he wants to define the four key points of the plan, as stated in the proposal: forecasts on attributes and exchange systems; wallet security; identity coupling systems; management. And for September 2022 it wants to define a common toolbox for digital identity and to launch a regulatory system in October with which to activate the first experiments.

Brussels aims not only to reaffirm its principles of protection of privacy, by forcing large platforms to recognize its rules, but it is also confident that it can create business opportunities for all those companies engaged in strong authentication or cyber security solutions. A preliminary study by the Commission calculates investments at over 3.2 billion euros, while the benefits range from 3.9 to 9.6 billion between savings and added value. With an adoption of 67%, already 500 million investments could multiply in economic opportunities for 1.2 billion in ten years, Brussels estimates, with new jobs between 5 thousand and 27 thousand units. Overall, the Commission calculates that it must allocate 30.8 million in the 2022-27 budget for this program.

But the game is delicate from several points of view. First: the cybersecurity in the strict sense of these apps. Second: the transition from law to business. Because if the Commission is particularly well versed in writing laws, it is less well versed in turning them into fertilizer for the digital economy to thrive. Sector in which he suffers a delay behind China and the United States. According to a recent report from the European Investment Bank, Brussels is 5-10 billion euros behind in investments in artificial intelligence and blockchain compared to Beijing and Washington. And common sense rules have often remained on paper or created delays. Problems the Commission cannot ignore.

Business - 1 hour ago

Now Flixbus wants to become leader in the United States

adsJSCode ("nativeADV1", [[2,1]], "true", "1", "native", "read-more", "1"); Politics - 2 hours ago

Brusca's release is a bitter but necessary morsel for the fight against the mafia

adsJSCode ("nativeADV2", [[2,1]], "true", "2", "native", "read-more", "2"); Startup - 4 hours ago

What the Italian startup Depop does, paid more than Instagram


Cybersecurity Europe Gdpr Italy Privacy Policy globalData.fldTopic = "Cybersecurity, Europe, Gdpr, Italy, Politics, Privacy "

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.

Powered by Blogger.