eIDAS: Building Trust or Invading Privacy?
epicenter.works
We analysed the new technical framework for the European Digital Identity Wallet, revealing severe shortcomings that threaten user privacy and contradict the regulation's intent.

cross-posted from: https://feddit.org/post/317047

in February 2024, the EU Parliament adopted the eIDAS regulation, creating the framework for a “European Digital Identity Wallet”. This digital Wallet will enable citizens to identify themselves in a legally binding manner, both online and offline, sign documents, login into websites and share personal data about them with others. Recently, the European Commission published the Architectural Reference Framework (ARF) 1.4 for the technical implementation of the Wallet.

The success of the EU Digital Identity Wallet depends on its ability to gain citizens’ trust and establish a resilient infrastructure in our current data-driven economy.

“However, after our analysis, we believe that this goal has been missed,” says the digital rights group Epicenter Works.

“We see severe shortcomings in the ARF that either contradict the regulation or ignore important elements of it. These issues, if left unaddressed, could significantly undermine user rights and privacy.”

  • themurphy@lemmy.mlEnglish
    12·
    2 days ago

    We have this in Denmark, and when it works, you’ll all love it.

    It’s soooo easy to use, and it’s also a very secure way it’s implemented, because we have 2FA for everything important.

      • themurphy@lemmy.mlEnglish
        1·
        2 days ago

        You do. They can only collect data you allow.

        Are you familiar with the Danish system tho?

        • unexposedhazard@discuss.tchncs.deEnglish
          1·
          2 days ago

          Im not, but the german one works the same. This doesnt change what i said tho, because if you are only allowed to use something by offering that information then its not really given “freely”.