The recently approved European Digital Identity Bill is moving into the final stage of negotiations.
The European Parliament recently approved legislation creating an EU wide framework for digital identity, moving the process into the next and final stage of negotiations. The bill would require platforms with more than 45 million European users to accept the European digital identity as a login credential. European leaders largely support this legislation in hopes that it will diminish the role of large tech companies such as Google and Apple. The proposal, known as the eIDAS Regulation, received a clear majority vote, setting up the final stage of negotiations between the Parliament, the European Commission and the Council of the European Union, a step known as the trilogue.
The framework, originally proposed in 2020 is expected to be fully rolled out and in use by 80% of Europeans by 2030.
The framework was originally proposed by the European Commission in June 2021. Thereafter, the Council agreed to its own version of a European digital identity wallet in December. This legislation has been in the making from as early as 2020, when Commission President Ursula von der Leyen suggested it in response to the practices followed by technology providers in handling users’ online data. She stated “Every time an app or website asks us to create a new digital identity or to easily log on via a big platform, we have no idea what happens to our data in reality.” The European Commission anticipates that by 2030, 8 in 10 Europeans should be able to access all key public services online and will use digital identity to access services once the program is fully rolled out.
As the bill moves through various committees, suggestions have been made promoting greater anonymity.
For now, the proposal approved by the Parliament supports the concept of unique identifiers.This has given rise to some concerns of government surveillance, however it is expected that member states will have the ability to create multiple unique and persistent identifiers for individuals for use by particular sectors or relying parties. In addition, the Council also says an identifier may consist of a combination of several national and sectoral identifiers. As the bill moved through various committees, members of the European Parliament called for additional privacy measures such as the right of the user anonymity for digital services which don’t require identification. German member Patrick Breyer negotiated the bill introducing the anonymisation, stating that “decentralized data storage protects our data from hacks and identity theft.” Digital rights activists within Parliament also strongly suggested an option to maintain the contents of a digital wallet on user devices rather than in the cloud.
Does your company have all of the mandated safeguards in place to ensure the safety of the personal data you collect or process? Aphaia can help. Aphaia also provides both Data Protection Officer outsourcing, and GDPR and Data Protection Act 2018 consultancy services, as well as Telecom Regulatory Consultancy. We can help your company get on track towards full compliance. Contact us today.
