The EU’s new digital ID rules, the Digital Identity Regulation (eIDAS 2.0), are about to come into force on May 20, mandating compliance from Big Tech and member countries in supporting the EU Digital Identity (EUDI) Wallet.
However, work is not complete on the EUDI Wallet, as several pilots are planned for 2025 to consolidate the process of the implementation of the rules.
According to the framework, the European Council passed recently, which has now been officially published, the deadline for the digital ID wallet to be recognized and made available is 2026. For now, it will be used in several scenarios, including accessing government services and age verification, reports note.
As things stand now, that deadline means that while the wallet scheme must become fully functional by that time, it will not be obligatory for citizens of the EU’s 27 members, and protection against discrimination is promised to those choosing not to opt in.
Getting a digital wallet issued, using it, or having it revoked will be free of charge, while the code powering the system will be “open source” – but with the caveat that countries will be able to “withhold certain information with reasonable justification.”
The regulation also aims to preserve website authentication certificate standards now in place and established in the industry, while “clarifying their scope.”
Some institutions across Europe appear more enthusiastic than others, and so the government of Spain’s Catalonia province has hailed the revised regulation as “a clear paradigm shift” that promotes standardization in the bloc, and one that allegedly gives users “greater autonomy over their personal data.”
When it comes to age verification, the new rules are overall seen as a positive development by the proponents, but they are not fully satisfied that EUDI Wallet will provide the ultimate solution.
Thus the euCONSENT NGO, set up to promote pan-European age verification utilizing eIDAS infrastructure, noted that implementing the wallet for this purpose will not be “convenient” due to the complexity of disclosing “an age attribute to each website separately.”
euCONSENT specifically remarked that even with EUDI Wallet, “alternatives” will have to be put in place for those children too young to have a wallet linked to their identity.
Digital IDs can also be used to control access to essential services, potentially manipulating social or political compliance. The extensive data collection involved can lead to profiling and discrimination. Furthermore, these IDs are susceptible to hacking and identity theft, placing individuals at risk of financial and reputation damage. Often, citizens are coerced into participating without genuine consent, and the lack of transparency and oversight in these systems increases the risk of misuse.
The worst part of it is that we had it figured out in Norway. We relied on banks more or less as a form of digital ID. I wouldn’t use it for voting, but it’s good enough to sign contracts, file taxes and send applications online.
Now the EU has told us that the government needs to have their own ID system… and considering what they usually do is apply new public management, so now some other company gets paid millions to do a job we already had covered.
Thanks, EU. Good job.