Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
EU Government

'Provisional Agreement' Reached on eID, a 'Digital Identity for All Europeans' (europa.eu) 194

This week the Council of the European Union made an announcement. "With a view to ensuring a trusted and secure digital identity for all Europeans, the Council presidency and European Parliament representatives reached today a provisional agreement on a new framework for a European digital identity (eID)."

The proposed new framework would also require member states "to issue a digital wallet under a notified eID scheme, built on common technical standards, following compulsory certification."

"With the approval of the European digital identity regulation, we are taking a fundamental step so that citizens can have a unique and secure European digital identity," said Nadia Calviao, acting Spanish first vice-president and minister for economy and digitalisation.

From the announcement: The revised regulation constitutes a clear paradigm shift for digital identity in Europe aiming to ensure universal access for people and businesses to secure and trustworthy electronic identification and authentication. Under the new law, member states will offer citizens and businesses digital wallets that will be able to link their national digital identities with proof of other personal attributes (e.g., driving licence, diplomas, bank account). Citizens will be able to prove their identity and share electronic documents from their digital wallets with a click of a button on their mobile phone.

The new European digital identity wallets will enable all Europeans to access online services with their national digital identification, which will be recognised throughout Europe, without having to use private identification methods or unnecessarily sharing personal data. User control ensures that only information that needs to be shared will be shared...

The revised law clarifies the scope of the qualified web authentication certificates (QWACs), which ensures that users can verify who is behind a website, while preserving the current well-established industry security rules and standards.

"When finalised, the text will be submitted to the member states' representatives (Coreper) for endorsement. Subject to a legal/linguistic review, the revised regulation will then need to be formally adopted by the Parliament and the Council before it can be published in the EU's Official Journal and enter into force."
This discussion has been archived. No new comments can be posted.

'Provisional Agreement' Reached on eID, a 'Digital Identity for All Europeans'

Comments Filter:
  • by mileshigh ( 963980 ) on Sunday November 12, 2023 @12:40PM (#64000025)
    Goodbye anonymity.
    • by bsolar ( 1176767 ) on Sunday November 12, 2023 @12:55PM (#64000055)

      Anonymity was never an option in most cases: if you want to access some services you need to identify yourself first.

      Most European countries already have identity documents: this is merely the digital version of them which would allow for accessing services online in a consistent manner.

      • The revised regulation constitutes a clear paradigm shift for digital identity in Europe aiming to ensure universal access for people and businesses to secure and trustworthy electronic

        • ...identification

        ...and authentication.

        They mean surveillance.

      • by mileshigh ( 963980 ) on Sunday November 12, 2023 @01:23PM (#64000115)
        Fast forward a few years and it'll be required on all sites after some inevitable digital 9/11. "...and why not show your ID? You say you're just checking stock prices? Well, that might be just the clue authorities need to track down human trafficking or child porn or terrorism. Or insider trading. Honest people have nothing to hide. The ID makes everything totally convenient and secure for both your and the authorities."
      • Anonymity was never an option in most cases: if you want to access some services you need to identify yourself first.

        In the U.S. you need to show [voanews.com] ID [time.com] to buy [cnn.com] groceries [huffpost.com].

        • by mustafap ( 452510 ) on Sunday November 12, 2023 @02:45PM (#64000279) Homepage

          God help you, there is a chance that nut-job could be back, with even more nonsense.
          I'll pray for you.

        • That's just Trump babbling.

          • by quonset ( 4839537 ) on Sunday November 12, 2023 @06:17PM (#64000759)

            That's just Trump babbling.

            This is him babbling [imgur.com]. His comment about needing ID to buy groceries is his senility kicking in.

            • by Calydor ( 739835 )

              The closest I can come to needing ID to buy groceries is if for whatever reason the store wants to confirm it's not a stolen credit card. Last time I had to show ID to verify I was actually the owner of the card was pre-pandemic. I think the stores dropped that idea HARD when literally everyone was asked to please pay with card instead of cash if at all possible ...

        • That's funny because as someone that works in a fucking grocery store, that's 100% not true. I buy groceries nearly every work day and NEVER do I show ID. I even pay cash on some of these purchases with nothing else identifying me to the system.

      • Soon it will be all services. Almost everywhere on the planet has identity documents that doesn't mean there aren't major concerns about a digital ID that will obviously be linked to a digital wallet with a digital currency that will empower authoritarian control.
      • If this is what I think it is, most EU member countries have this already within their own borders (I have one & it gives me online access to almost all govt services, including healthcare. It's very convenient.) It sounds like a proposal to have a standard so that citizens can use the same eID in other EU member countries, e.g. if you need access to universal healthcare, to enrol your kids in a state school, access employment & tax records, etc.. We can already do a lot of this with our physical na
        • Your tax guy can just grab money from your account?

          Holy fuck!

          The IRS said I owed $150k. By the time we were done and their bad numbers were corrected they sent me a check for $94k.

          Fuck them just reaching in and grabbing 150k when they owe me almost 100k. Or reaching in at any time for any reason.

          • If I'm concerned that I'm paying too much or too little tax, I can also look up my tax records online & correspond with or arrange to see someone at the tax office. No need for huge, once-a-year, surprise tax bills. I mean, I'm sure it is possible to do it that way if you want to but... why?
    • Re: (Score:2, Informative)

      by billyswong ( 1858858 )

      While I have a bit concern in power concentration to EU, what "anonymity" you want to the government? If you want anonymity of your money, the solution is NOT refusal to link your bank account to that eID. Your bank account is not anonymous since the beginning. All banks are required to collect enough personal private data so that government can catch you when that bank account involves crime.

      If we want better anonymity in what we buy and where we go in daily life, we should either (1) make sure everythi

      • There is also a separation between anonymity and privacy. In theory, in a government that knows what they are doing, they may know a lot about Alice's banking, but Mallory working for Lower Elbonia's intelligence corps is not going to be able to find out anything about what Alice likes buying, and Mallory won't know what Alice likes a certain (legal, but odd) kink, which she could be fired from her job for if it was made public.

        However, because this often isn't the case, where if the government knows somet

    • by znrt ( 2424692 ) on Sunday November 12, 2023 @01:32PM (#64000129)

      why on earth would expect or even want anonymity when transacting with the administration?

      e.g. (quote from https://commission.europa.eu/s... [europa.eu]):

      public services such as requesting birth certificates, medical certificates, reporting a change of address
      opening a bank account
      filing tax returns
      applying for a university, at home or in another Member State
      storing a medical prescription that can be used anywhere in Europe
      proving your age
      renting a car using a digital driving licence
      checking in to a hotel

      well, if this auth system were mandatory for any business or activity online you would have a point, but it just isn't. for that they would have to 1) pass an explicit law and ofc 2) get every single service (even your shady dealer) to comply. the existence of a common id would be indeed a prerequisite for that, but both are highly unlikely, .

      • Why is "checking in to a hotel" transacting with the administration?

        • Because you might wreck the place. Have you met any rock stars?

        • by bsolar ( 1176767 )

          Why is "checking in to a hotel" transacting with the administration?

          Because the administration would be able to identify you through an online service and would allow for that identification to happen in an authoritative and standardized way.

          In case you don't realize it, "contactless check-in" is actually a thing nowadays.

          • Contactless check in? Sounds horrible. How am I getting a free upgrade or extra services by checking in through a computer?

            Hell, even small stuff is great. After an airline scheduling fuckup caused a missed connection I showed at a convention 8 hours late and was a wreck. No idea where my luggage was and needed to clean up. The front desk gave me a pile of shampoo, soap, tooth paste, tooth brush, comb, etc just for asking. Try that with a computer screen or a card reader.

        • Hotels already have to report the name of their guests to the administration, at least for the non-nationals. I guess it has to do with immigration regulations (so they can check you do not overpass your visa days). Have you ever stayed at a hotel where you did not have to give your name?

          • by pjt33 ( 739471 )

            In some countries it has to do with immigration (e.g. in the UK hoteliers have to maintain a register of guests except those with British or Irish nationality). In other countries, AIUI, it was introduced to make it harder for criminals on the run to remain undetected.

        • by znrt ( 2424692 )

          it is in most of the world afaik. where have you checked in without supplying an id or passport?

      • by taustin ( 171655 )

        well, if this auth system were mandatory for any business or activity online you would have a point, but it just isn't.

        Yet.

    • by UpnAtom ( 551727 )

      Why would there be more identity checks than there is currently?

  • by loufoque ( 1400831 ) on Sunday November 12, 2023 @12:55PM (#64000057)

    How long until those IDs are mandated to log in onto social networks?

    • Social networks? Try again: EVERYTHING! Between butt-covering lawyers, marketers and organizational data-squirreling instincts, getting your ID will be the default for any site.
    • How long until those IDs are mandated to log in onto social networks?

      Yes, because the most dangerous thing about THE form of identification being hacked, stolen, or destroyed, is the ability to access your Instafarce account.

      At least we know what the critical priority will be for Gen LookAtMe.

      • LOL it's not about the worry someone will access your account. If you don't tow the line there will be no account is the worry.
        • by UpnAtom ( 551727 )

          Err, citizenship is guaranteed by EU treaty.

          • What does citizenship have to do with being banned from social media because you criticized someone in power?
            • Do you even live in the EU?

              • What does that have to do with the question seeking clarification about a comment that appears to be wildly irrelevant to what it was responding to?
            • by UpnAtom ( 551727 )

              Since you can just pretend to be from the US, you can't be banned.

              But why would the EU co-operate with democracy-damaging US corporations?

        • by Calydor ( 739835 )

          One might be able to take you a little bit more seriously if you knew the expression is to 'toe' the line, as in standing right up against it rather than pulling it somewhere.

          • That's not a serious reason to dismiss what was said so we are at a stall mate ;)
            • by Calydor ( 739835 )

              Maybe not, but it is a serious reason to not take you seriously as you appear to be regurgitating sound bites without an actual understanding of what you're saying.

              • You appear to be searching for ways to ignore the subject in order to combat cognitive dissonance. Seriously all you can muster is style criticism without addressing the subject.
    • Must be funny for those where Napoleon didn't visit, but the rest of us all have ID's since, just like we use the metric system. Now the digital ID is just being standardized.

      For social networks? Nope, that's not how it works. Citizens use it for any and all communication with official instances.

      Tax papers? Long since I've seen one. Medical documents? Previous and current residencies and real estate, criminal records (or better, lack thereof;) if the new job demands a clean sheet, you name it. It's all ther

      • by UpnAtom ( 551727 )

        All the ID card schemes in existence are left over from WW2. Whilst the EU at least has the strongest privacy and other rights in the world, with the far right's prominence, it is far from guaranteed that this data won't be abused. It's not impossible the left will abuse it too.

        I haven't looked at this scheme yet and will campaign for improvements. The devil is in the detail of course. Nobody should have access to this data except on a strictly limited basis where needed. The line about user control is

        • Govt and it institutions has such data on is anyway. With eID, one gets to access it and has free access. Anytime, from anywhere.

          Some muricans here think just because their data is handed out to the highest bidder in DC, corporate and commercial black boxes they never get to see, that it doesn't exist. They better think again.

          Also, I'd pick my ID that I can block, revoke and change like any bank card over a hardcoded [p]Social Serial Number[/pun] any time. Any time.

      • Oh sweet summer child. Your naivety would be cute if it wasn't going to help damn us all.
    • by 0xG ( 712423 )

      How long until those IDs are mandated to log in onto social networks?

      How long until social networks *prefer* you to "login with eid"?
      If apple created an app for this, people would line up to try it.

      • How long until social networks *prefer* you to "login with eid"?
        If apple created an app for this, people would line up to try it.

        What's stopping social networks from requiring the number from the physical ID card people already own? This line of thought is so dumb.

        • Yeah, social networks don't need this. They are already tracking most users at a level way beyond the average person's understanding.
        • It's stupid to see the surveillance/censorship state's explosive growth in the digital era and not understand the gov will mandate it under the premise of stopping dangerous disinformation and terrorist plotting. The ground work is being laid already. They aren't even hiding it. They are saying it to your face. You have to be seriously dedicated to ignorance not know what is coming.
          • You sound like conservative talk radio in the 1990s. Nothing they ever said came to fruition. The closest they came to being right was saying how bad a company Monsanto was.

            • That's a silly strawman that makes you sound naive and ignorant. Rather than addressing what powerful business leaders and politicians are literally saying you've chosen to go off on some irrelevant tangent rehashing an argument you've been having in your head since the 90s.
              • You've tried your best to convince them Nom. They seem to think that history couldn't ever repeat itself and that some future dictator could never gain power ever again.

                It's the same problem here in the US. Democrats want to essentially ban gun ownership, thinking that there is no possible way we may need those guns when a future government goes full on authoritarian on us. You would think after seeing someone like Trump actually win and he could win again, would be enough to wake them up to the realities o

      • Prefer? Nah they'll be required to do so.
    • by znrt ( 2424692 )

      well, as soon as those social networks decide they want to see their user totals plummet ...

      note i'm not defending or endorsing this particular initiative, but you folks could really take it a bit easier with the tinfoil ...

      • They'll just spin it as freeing their networks of bots and if all the social networks are forced to adopt it at the same time in each region there will be no ground lost to competitors. They will all just have a new baseline. The real pain they might feel will be the hit on fraudlent ads being served to bots but they'll just jack up the price of advertising to real people to make up for it.
    • Re: (Score:3, Interesting)

      Terrible reasoning. What is stopping social networks from mandating the number from the physical ID card you already own?

      I must ask, do you give money to the NRA? All guns owners are scared to death of some national firearms registry. So they pay money to an organization which is a glorified registry of gun owners.

      • Terrible reasoning. You are pretending they will have a choice.
      • Do you really think it's not possible for a future law, think of the children!, to be passed requiring all social media to only allow people to log in if they use their official ID? Seems like a natural progression to me.

    • by UpnAtom ( 551727 )

      Why would the EU let US corporations that threaten the EU's safety have that data?

      Facebook caused Brexit.
      X is run by an insecure MAGA-ist nut job and is literally actively promoting hatred of Jews today. It's listed as a trending topic FFS.

    • And then social networks will simply pick up from a nation and move to another. Issue SOLVED.

      You and others like you, continue to push for conditions that will allow cyberattacks, political manipulation, and insane social media to continue.
    • In some countries, one has to type in their ID in order to log onto Internet cafes and social networks already before access is granted.

  • Also a brain chip that can be used to control people's movements. In case they do something illegal, or untowards (to the government, not each other).

  • tattoo in progress https://www.youtube.com/watch?... [youtube.com]

  • Kindly submit your body to the suicide booth and do society a favor.

  • What has any of this got to do with selling produce in a Common Market [wikipedia.org]?
    • by UpnAtom ( 551727 )

      The EU isn't a common market. It's part of a common market called The Single Market, which also includes non-EU countries like Norway and Iceland.

      The EU is a level of multinational Govt with its power limited by treaty. Outside of that scope, all countries can veto measures on an individual basis.

      And the EEC hasn't existed since 1993.

    • It can simplify cross-border sales of products and services where you have to prove your identity, such as prescription medicines and tobacco. you presently can't do that because websites don't implement an ID verification that would work for all the member states.

      But I don't think it's the main motive. The main reason is "harmonization". Each time the occasion appears to change a system (e.g. ID systems), they do it EU-level instead of national level. When I was young, identity cards where a piece of brown

  • In Italy you have to use, to access public administration services a form of Single Sign On with 2FA.
    You could use SPID [spid.gov.it] That normally uses an email/password and a token or sms confirmation. An older system, that could also be used to digital sign documents it's the CNS [agid.gov.it] that require for 2FA a smart card, isn't widely used because it requires a smart card reader and it's difficult to use with smartphones. A new version stat uses NFC it's the CIE that's embedded with newer plastic ID cards.
    So at the end i
  • Many a55holes here will claim that anonymity will disappear. Nothing could be further from the truth.
    If you have a VETTED digital cert from the government: 1) it does not mean that the dark web will go away.
    2) it does not mean that all social media sites will require that you use them (though MOST likely will).
    3) if a social media site requires that you use these, it does not mean that they will require you to have only 1 logon (few will likely do that).
    4) if a social media site requires that you use
  • by MpVpRb ( 1423381 ) on Sunday November 12, 2023 @03:18PM (#64000379)

    I oppose this
    What about desktop computer users?
    Will we be prevented from participating?

    • It will be interesting after they mandate support for digital id be built into hardware and disallow legacy devices on networks. I'm sure there will be a game of cat and mouse to work around and spoof. There will certainly be a boom for black markets selling fraudulent credentials. There's going to be an awful lot of deceased people still magically using the internet. It's going to be a bumpy ride.
  • The new regulation is called eIDAS 2 in brief.
    Google "eidas 2" for background information and opinion articles.
    Relevant Wiki page: https://en.wikipedia.org/wiki/... [wikipedia.org]

    I assume most Slashdot readers are from US.
    Some notes for the non-EU audience.

    1) EU had eIDAS 2 in 2014. It was a complete failure, unable to fulfil any of its goals to any degree.

    2) EU is not a country or government. The laws it creates are mostly a framework that the real Europe - member states and companies - should implement. Amend the local,

"Hello again, Peabody here..." -- Mister Peabody

Working...