Secure electronic identification is an essential aspect of daily life in the digital world. It is used to check email, shop online and even unlock phones. The COVID-19 pandemic highlighted the importance of this further, as governments and private companies decreased physical interactions to the bare minimum.
Electronic identification can guarantee the unambiguous identification of a person and ensures the right service is delivered to the person who is really entitled to it, for example for banking purposes. However, the lack of a common legal basis has prevented Member States from recognising and accepting electronic identification schemes issued in other Member States. The insufficient cross-border interoperability of national schemes prevents citizens and businesses from benefitting fully from a digital EU.
The Commission set out a number of targets and milestones for electronic identification in its Communication 2030 Digital Compass: The European Way for the Digital Decade (.pdf). For example, by 2030, all key public services should be available online, all citizens will have access to electronic medical records; and 80% citizens should use an electronic identification solution.
The Electronic Identification, Authentication and Trust Services (eIDAS) Regulation provides the basis for cross-border electronic identification, authentication and website certification within the EU.
EU Member States may notify and recognise, on a voluntary basis, national electronic identification schemes in their Member States. The recognition of notified electronic identification became mandatory in 2018. Already 60% of Europeans can benefit from the current system but take up is low, their use is cumbersome and business cases are limited.
Yet, there is no requirement for Member States to develop a national electronic identification and to make it interoperable with those in other Member States. This has led to discrepancies between countries.
European Digital Identity Regulation
The new proposal for a Regulation on digital identity will address shortcomings in eIDAS by improving the effectiveness of the framework and extending its benefits to the private sector.
Member States will offer citizens and businesses digital wallets that will be able to link various aspects of their national digital identities. These may be provided by public authorities or the private sector, if they are recognized by the Member States.
Consumers should also be able to access services online without having to use private platforms or unnecessarily sharing personal data. They will have full control of the data they share.
The European Digital Identity will be:
- made available to anyone who wants to use it: Any EU citizen, resident, and business in the EU who would like to make use of the European Digital Identity will be able to do so.
- used widely: European Digital Identity wallets will be used as a way to identify users when providing them with access to public and private digital services across the EU.
- controlled by users: The European Digital Identity wallets will enable people to choose and keep track of their identity, data and certificates which they share with third parties. Anything which is not necessary to share will not be shared.
To make it a reality as soon as possible, the proposal for a Regulation is accompanied by a Recommendation. The Commission invites Member States to establish a common toolbox by September 2022 and to start the necessary preparatory work immediately. This toolbox should include the technical architecture, standards and guidelines for best practices and will allow a smooth entry into force of the Regulation once it is approved by the European Parliament and Council.