NGI Forward Salon Digital Sovereignty in eID-Solutions – Self-sovereign, Centralised or Privatised? Part 1
with Deutsches Forschungsinstitut für öffentliche Verwaltung , FÖV
NGI Forward WP4 Salon with organizing partner: German University of Administrative Sciences and German Research Institute for Public Administration – Programme area “Transformation of the state in the digital age”. (Prof. Dr. Mario Martini).
Electronic identity (eID) is the enabler of digital transformation: whether in business or in public administration, citizens and companies need a convenient and secure way to identify themselves in the digital world.
In the long term, however, an electronic identity should not be limited to simply provide a digital twin to the state-issued ID document. The vision of an eID already shows great potential for revolutionizing a wide range of digital processes, such as opening a bank account, verifying an academic degree, or applying for social welfare payments.
Time is running out for the government’s own solutions, because large technology companies have discovered the power of convenient eID solutions that allow them to collect a large amount of data. This makes it more difficult to find holistic, interoperable solutions in which the user does not become a data supplier. At the same time, the German administration is under time pressure due to the implementation requirement of the (Online Access Act) OZG by the end of 2022. Without authenticated citizen accounts that individuals can use to log in to the electronic administration, fully digitized communication between the administration and citizens or companies is impossible. The rollout of OZG services is therefore directly linked to the rollout of digital identities. In a European electronic government network (Single Digital Gateway), interoperable solutions not only make economic sense, but are also a legal requirement.
It is therefore hardly surprising that the German chancellor has made digital identity a top priority. With the support of 20 partners from science and industry, she wants to create facts with the Optimos 2.0 project by September 2021. The stated goal is to develop eID services that enable citizens to securely release personal data to service providers – directly from one’ smartphone. At the same time, the Ministry of Economy is promoting real-life “showcase regions” with the “Secure Identities” program – with the aim of making digital identities accessible to a relevant number of users and thus creating a state-driven alternative program to Facebook-login or other data-intensive industry solutions.
The federal policy strategies thus follow a common line with Brussels: At the Union level, the eIDAS Regulation pursues the goal of generating an interoperable Europe-wide identity ecosystem from existing isolated solutions. At the core of the EU Commission’s current reform efforts is the intention to promote digital identities through suitable interface standards.
Last but not least, the eID card, which has been introduced in Germany since January 1, 2021, represents an important impetus for cross-border legal transactions: It allows citizens from other EU countries to apply for a “digital ID card” in Germany in order to be able to identify themselves digitally in the same way as with a German electronic ID card. This also makes it clear: Anyone who does not think about interoperability and citizen-centricity from the very beginning will either promote eID solutions that are of limited help to users due to their lack of broad impact, or solutions that users trust only to a limited extent due to questionable data usage.
But to what extent have legislative efforts so far been successful in turning the existing isolated solutions of individual industries into a broadly functioning ecosystem? What hurdles must an eID solution overcome in order to be as connectable as it is secure from the citizen’s perspective? How can the digital sovereignty of citizens be ensured? And how can the “German Angst” of a lack of data protection and security be reconciled with technical progress?
Elizabeth M. Renieris, Tech & Human Rights Fellow at the Carr Center for Human Rights Policy at Harvard Kennedy School
Christoph Sorge, Inhaber der Professur für Rechtsinformatik, Universität des Saarlandes
Helmut Nehrenheim, Ministry of economics and digitalisation NRW/Germany; UN/CEFACT; Blockchain-Initiative BiVD; Self-Sovereign Identity
Kai Hermsen, Global Coordinator of the Charter of Trust; Member of the Siemens Cybersecurity Board
Margrit Seckelmann, Managing Director German Research Institute for Public Administration, https://www.linkedin.com/in/margrit-seckelmann-65093734/
Carsten Berger, Researcher German Research Institute for Public Administration, https://www.linkedin.com/in/carsten-berger-4132a2105/
Carsten Berger and Michael Kolain (FÖV Speyer) with Rob Van Kranenburg and Gaëlle Le Gars