you're reading...
BLOG

STOA roundtable on digital sovereign identity

Written by Philip Boucher

© Shutterstock

In the digital age, citizens need to manage a range of online identities that are linked to their offline identity. In managing these identities and entering into agreements, citizens navigate a complex legal and technical infrastructure. As digital identities become increasingly important, it is worth considering how this infrastructure can be made more trustworthy, empowering users while increasing the availability of data and ensuring citizens’ safety and privacy.

In this context, the Panel for the Future of Science and Technology (STOA) hosted a roundtable discussion to examine how citizens can manage their identities online while maintaining privacy, safety and security. The event was organised in cooperation with ELONTech and the IOT Council in the context of the work of next generation internet, a European Commission initiative to reimagine and re-engineer the internet for the third millennium and beyond.

In her introduction, STOA Chair Eva Kaili (S&D, Greece) highlighted the importance of managing digital identities safely and securely in the digital age, paying particular attention to who owns and controls the identity management tools. She then welcomed the speakers, all experts on digital sovereign identity and coming from industry, academia and policy-making, including Remy Knecht, COO of ITSME.be; Daniel Du Seuil, Convenor European Self Sovereign Identity Framework, part of the European Blockchain Services Infrastructure (EBSI); Loretta Anania, Scientific Officer at DG Connect, European Commission; Thibaut Verbiest, Head of Regulatory Affairs Europe & Africa at Diginex and Petros Kavassalis, Associate Professor at the University of the Aegean.

Itsme.be is an identity management service that is widely used for securely signing digital transactions. While they are well known for their banking services, their COO, Remy Knecht, explained that they are also active in many other domains, including utilities, human recourses and mobility. These services are useful for many citizens, but only when they are trustworthy, that is, when they respect privacy and protect users when something goes wrong. Remy concluded his talk by identifying gaps in regulations and standards to providing a reliable link between decentralised IDs (known as DIDs) and more traditional centralised IDs, such as government-issued documents.

Daniel Du Seuil from the European Blockchain Services Infrastructure (EBSI) spoke about how DIDs empower citizens by giving them control of their own data and identities. Citing several problematic experiences of identity management around the world, he emphasised the importance of empowering citizens while ensuring adequate protection of security and privacy. He argued that good partnerships between the public and private sector are key to achieving this.

The European Commission has been active in promoting the development and application of DIDs, for example through the next generation internet initiative. Loretta Anania – a Scientific Officer at the Commission – emphasised that privacy is not just a value, but a hard-won right enshrined in the EU Treaties that needs to be respected. However, while the treaties themselves do not provide guidance on how to respect these rights in the digital age, she argued that legislation such as the GDPR and eIDAS could form a solid basis for positioning Europe as a centre for safeguarding digital identities.

With their decentralised structure, blockchain technologies can form a key part of decentralised identity solutions. Thibaut Verbiest from Diginex – a digital financial services company focusing on blockchain technology – said that users already have to deal with dozens of digital IDs, passwords and accounts, and the number is growing. He emphasised the need for user-friendly systems. However, reliable decentralised systems for ID management can be expensive, and firms also need to consider regulatory elements as they are compelled to use the most GDPR-compliant technologies available to them. He highlighted that decentralised and centralised ID services could enter a virtuous circle whereby centralised IDs provide the basic credentials to enable users and service providers to engage in decentralised systems confidently, while decentralised systems provide a layer of transparency for centralised systems of the state by acting as a witness or notary.

Providing the final talk of the event, Petros Kavassalis recalled that the internet has always had to compromise between centralised and decentralised systems. Both have their role, and neither one alone can provide all of the privacy and security that users need. For that, it is key to develop a ‘trust layer’, and to complement technology with appropriate regulation.

During the subsequent discussion, inclusion emerged as a key issue. The primary device used for managing digital IDs are smartphones, but not all citizens have one. Indeed, many citizens prefer or require traditional physical interactions, and they should not be excluded from key services such as banking. Technology could provide some alternative solutions but, in the meantime, it remains important to maintain an ecosystem of identity management services that can cater to all citizens’ needs.

In his concluding remarks, STOA second Vice-Chair Ivars Ijabs (Renew Europe, Latvia), underlined the importance of DIDs, highlighting the competition to provide ID services from a wide range of platforms, including for example Facebook, which is also used as an ID service to access to many other online services. In closing, he stressed the important role of STOA, working at the interface of science and policy-making, to address these issues.

The full recording of the meeting is available here.

This slideshow requires JavaScript.

About Scientific Foresight (STOA)

The Scientific Foresight Unit (STOA) carries out interdisciplinary research and provides strategic advice in the field of science and technology options assessment and scientific foresight. It undertakes in-depth studies and organises workshops on developments in these fields, and it hosts the European Science-Media Hub (ESMH), a platform to promote networking, training and knowledge sharing between the EP, the scientific community and the media. All this work is carried out under the guidance of the Panel for the Future of Science and Technology (STOA), composed of 27 MEPs nominated by 11 EP Committees. The STOA Panel forms an integral part of the structure of the EP.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Download the EPRS App

EPRS App on Google Play
EPRS App on App Store
What Europe Does For You
EU Legislation in Progress
Topical Digests
EPRS Podcasts

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 3,341 other followers

RSS Link to Scientific Foresight (STOA)

Disclaimer and Copyright statement

The content of all documents (and articles) contained in this blog is the sole responsibility of the author and any opinions expressed therein do not necessarily represent the official position of the European Parliament. It is addressed to the Members and staff of the EP for their parliamentary work. Reproduction and translation for non-commercial purposes are authorised, provided the source is acknowledged and the European Parliament is given prior notice and sent a copy.

For a comprehensive description of our cookie and data protection policies, please visit Terms and Conditions page.

Copyright © European Union, 2014-2019. All rights reserved.

%d bloggers like this: