New eIDAS2 regulation and its implementation
For European businesses to thrive in the digital age, they need secure and reliable tools to operate seamlessly across the continent. The key lies in digital identity solutions that are recognised throughout the European Union, regardless of country of origin.
A harmonised European approach to trust, security and interoperability is essential to achieve this goal. This means that citizens and businesses alike must be confident that digital identities will be verified and protected in the same way wherever they are in the EU.
The objective of eIDAS2 (Regulation 910/2014) is to establish the requirements that European digital identity wallets must meet in order to achieve a high level of security and reliability.
What is new in eIDAS2?
- The Digital Identity Wallet will be valid in all Member States for accessing public services that require electronic identification.
- Also, private service providers such as: transport, energy, social security, financial services, postal services, health, etc. will be obliged to accept the Digital Identity Wallet as a means of online identification.
- The Digital Identity Wallet will be issued by each Member State of the European Union, which will have to follow common guidelines and standards in order to ensure interoperability and trust in the system.
- The wallet components and other relevant elements will be made available to Member States and other stakeholders to implement the requirements of the Regulation on a framework for a European digital identity.
eIDAS2 use cases
Users will be able to store their identifying information and other attributes related to their identity. Examples of use cases are as follows:
- Opening a bank account using the European Digital Identity Wallet of a Member State other than the one where the bank in question is headquartered.
- Renting a car using the e-ID of a Member State other than that of the rental company.
- Accessing health data, under the control of the holder, in case of needing health care in a European State other than the State of residence.
- Sharing financial data (income, credit rating, etc.) via the “European Digital Identity Wallet” for online bank loan applications. All this always under the full control of the holder and transparent to him or her.
Risks and vulnerabilities in the use of digital wallets
The idea of a digital wallet that stores all our personal information in one place may seem appealing at first glance. However, it is important to consider the potential risks involved:
A treasure trove for cybercriminals
By concentrating such valuable information in one place, the digital wallet becomes a very attractive target for hackers and cybercriminals. A data breach in this system could have devastating consequences for affected individuals, including identity theft, financial fraud and reputational damage.
Unprecedented surveillance
Cybersecurity experts warn of the possibility that governments or entities with access to the digital wallet could intercept communications and monitor citizens’ online activities. This represents a serious threat to individual privacy and civil liberties.
Abuse of power by governments
Without proper protections in place, governments could use the digital wallet to invasively track and control their citizens. This could include monitoring their online activities, restricting their access to certain services or even manipulating their behavior.
Over-reliance on technology
If the digital wallet becomes the primary tool for accessing essential services, citizens could be left in a situation of high technological dependency. Any technical problems or system failures could have serious consequences for their daily lives.
Lack of control over shared data
While the digital wallet allows users to control what information they share, there is a risk that some services or applications request more data than necessary. Users may be pressured to provide additional information without fully understanding the implications of doing so.
In sum, the centralization of personal data in a digital wallet presents considerable risks that should not be taken lightly. It is crucial that robust security measures are implemented and clear control and transparency mechanisms are put in place before such a system is widely adopted.
It is essential that an open and transparent public debate on the risks and benefits of the digital wallet is encouraged so that citizens can make informed decisions about its use.
Paula Ferrándiz es abogada especialista en Propiedad Intelectual e Industrial, Nuevas Tecnologías y Derecho de la Competencia.
Apasionada del sector digital y las redes sociales presta asesoramiento legal a todo tipo de clientes tanto nacionales como internacionales en materia de protección de datos, comercio electrónico, publicidad y marketing digital entre otras.