In June 2021, the European Commission announced its plans for a framework for Digital Identity Wallets. Additionally, the concept of Self-Sovereign Identity (SSI) – a new way of thinking about digital identity – has emerged in the market over the past few years. This raises the following question: To what extent is the EU Digital Identity Wallet an implementation of SSI?
EU proposal to introduce a Digital Identity Wallet
In June 2021, as part of the revised eIDAS regulation, the European Commission announced its plans for a framework for Digital Identity Wallets for everyone in the European Union (EU). The Commission proposed that each member state will be required to make at least one wallet available to its citizens. The wallets must be free of charge for citizens, and mandatory acceptance is expected to apply in both the public sector and some parts of the private sector. Moreover, to ensure pan-European usage, each member state must accept the wallets of all other member states. There are multiple and diverse possible use cases for the EU Digital Identity Wallet including, for example, onboarding, sharing attributes (e.g. age or address), signing and authorisations/mandates.
The European Commission and member states are currently working on the development of the necessary common standards for the EU Digital Identity Wallet. The aim is to test these standards in pilot projects from October 2022 onwards. The intention is to develop a solution which is decentralised, privacy-preserving and secure, thus putting the user in control of their digital identity.
Self-Sovereign Identity: users in control
Over the past few years, a new way of thinking about digital identity has emerged: Self-Sovereign Identity (SSI). SSI is based on the principle of putting users in control of their digital identity and the related data. It is difficult to give a clear and unambiguous definition of Self-Sovereign Identity (SSI) – There is still no market consensus on the exact definition of SSI, with current interpretations ranging from the principles (Christopher Allen)1 to decentralised solutions based on blockchain2.
By design not all SSI principles can be fulfilled by EU Digital Identity Wallet
SSI and the EU Digital Identity Wallet share some common ambitions around putting the user in control and creating a decentralised, privacy-friendly and secure identity solution. But will the EU Digital Identity Wallet be fully SSI? For the purpose of this article, we have analysed the EU Digital Identity Wallet based on the ten original principles from Christopher Allen’s vision on SSI (Figure 1). As the precise details and technical architecture of the EU Digital Identity Wallet are still unknown at the time of writing, we have based our analysis on what is currently known or can be assumed.
The EU Digital Identity Wallet is likely to fulfil the SSI principles of existence, access, interoperability, consent, minimalisation and protection. It will allow citizens to have an independent existence. It is likely that the wallet will give users access to all its claims and data and that users can retrieve the claims and other data within their wallet. Data will be stored decentrally in the user’s wallet. The intention of the European Commission is to allow – or even force – acceptance in a wide range of sectors in the public and private domain and thereby ensure that identities are as wisely usable as possible (interoperability). The principle of consent will also be met, as it is already fulfilled with current eID solutions notified under eIDAS and other EU regulations, such as GDPR and PSD2. One of the explicit requirements of the proposal is selective disclosure, in line with GDPR’s rules on data minimalisation. The rights of users will be protected, as the proposed regulation includes multiple explicit statements about privacy, security and protection of personal data.
The principle of transparency could be fulfilled, although this is still uncertain. The principle requires systems and algorithms to be free, open-source, well-known and as independent as possible of any architecture. The principle also requires management and updates to be transparent. The generic technical framework as described in the proposal will likely be transparent, but since it is intended to also allow for market parties to deliver their services, it remains to be seen whether systems, algorithms, management and updates of all individual wallets will be fully transparent.
The degree to which the principles of portability will be fulfilled by the EU Digital Identity Wallet also remains to be seen. The principle requires information and services about identity to be transportable and requires that identities must not be held by a singular third-party entity. The proposed regulation allows member states to develop and implement their own government-operated EU Digital Identity Wallet, or to select an external organisation to develop and implement the EU Digital Identity Wallet on behalf of the government, or a combination of both. This freedom in implementation could make it impossible to transfer information and services to other wallets, as alternatives might not exist in a single member state. Within a member state, the digital identity can still be locked down to one single solution.
The principle of control cannot be entirely fulfilled by the EU Digital Identity Wallet. The principle requires the user to have the ultimate authority over his/her identity, including the ability to hide his/her identity. In several public or compliance-heavy use cases, this is impossible. For example, in circumstances such as submitting a tax declaration, pressing charges, registering as a donor or opening a bank account, the verifier requires a certain level of assurance and the user will not have control over which attributes he/she provides. Many European countries have a central register of persons that is used for many such cases. There are also legal provisions in place for these use cases that do not allow the user to have the ultimate authority over his/her identity.
The principle of persistence will not be entirely fulfilled either. The principle requires a user to be able to dispose of an identity if he/she wishes claims to be modified or removed as appropriate over time. This requires a firm separation between an identity and its claims. In many use cases in a public setting, such as submitting a tax declaration, this is impossible. The tax authority needs to know who did the specific tax declaration. Disposing of an identity should be within legal constraints. A user cannot undo a criminal record because he/she wants to be forgotten. Such use cases do require a connection between an identity and its claims.
Balancing ‘user in control’ with ‘public administration realities’
By design, the EU Digital Identity Wallet cannot fulfil all SSI principles. In a public setting, users have an obligation to provide identity attributes to relying parties, and legal constraints make a firm separation between an identity and its claims impossible. Because of that, the EU Digital Identity Wallet requires the ambition to put the user in control to be balanced with public administration realities. It remains to be seen how exactly this will be balanced as it depends on choices that still need to be made in the eIDAS revision. However, the fact that the revision seems to be an attempt to move towards putting the user in control can be regarded as a positive change compared to the current situation.