eIDAS: a Tool for Liberation which Opens up the future of Global Trade and Mobility

November 14, 2018

Blog

Andrea Servida Head of eGovernment and Trust, European Commission

When I think of mobile communications – in particular, of the smartphone – I see a token of freedom.  Having established the Single Market in goods, we are now entering  an era of extraordinary promise in cross-border trade and services  through the creation of a Digital Single Market in Europe. As the ways in which people conduct commerce and access services become increasingly digital, the potential for enhanced autonomy to the individual is difficult to overstate. It must however remain so.  A device such as a smartphone must act in accordance with our wishes, and speak for us, not about us. It must be a tool not a beacon.

It is on the basis of this principle that the European Commission developed eIDAS (Electronic IDentification, Authentication and Trust Services) Regulation. People previously accessed internet often without thinking a lot about   which data they were sharing. This innocence has been at times terribly abused to the detriment of the obligation to make user experience safe and secure. Users’ personal data has been collected, disseminated and exploited for economic, political, security or even military purposes. And this without giving the users the opportunity to manage or even monitor these processes in any way, let alone withhold their consent for them.

This jeopardises, at least to some extent, the user’s basic rights – in particular, those of self-determination and of privacy.  It is essential to take seriously into account the invasive potential here, and enshrine a more symmetrical relationship between business and end-user in this respect:  a relationship  which allows users to make the most of what online services have to offer, while reclaiming full control over the  information held  about them . This more symmetrical dynamic is only possible if we regain full control over the manner in which we disclose our data. If we allow our identities to become commodities managed by others, we become products and not consumers.  In this regard the ability to control our own digital identities is nothing less than a safeguard of freedom.

For this reason we aim to ensure that the data users reveal on themselves is both voluntary and relevant.  If I want to place a bet online, for example, nobody involved in that transaction needs to know my gender, marital status or town of residence. They only need to know my legitimacy to use that  service, that I fit the minimum age  and reside in an approved jurisdiction, and so on. Users are increasingly resistant to the prospect of firing a ‘scattergun’ of data every time they go online, and rightly so. The ‘minimum dataset disclosure’ principle is therefore a core requirement of eIDAS, as is the ‘once-only’ principle, which stipulates that once the user’s private information has been obtained by the public sector,  it is not necessary to be be proffered on subsequent occasions.

As the digital world becomes increasingly mobile, any viable identity solution must take this properly into account. Mobile Connect, the mobile industry’s identity solution, does so by design  and on a global scale.  In addition,  it prioritises privacy underpinned by the same authentication credentials which eIDAS seeks to reinforce for example two or multiple factor authentication. Thus, it is a  highly appropriate tool for enhancing trust across Europe. And enhancing trust means at the same time strengthening cross-border trade among Member States.  An eIDAS pilot undertaken earlier this year allowed us to demonstrate that the ecosystem created by eIDAS can be easily integrated with existing identity solutions like Mobile Connect. With 84% penetration across Europe already, the mobile industry is a natural partner for the delivery of trust across borders within the EU.

Looking beyond Europe’s frontiers, it is interesting, and I would say gratifying, to note jurisdictions outside the EU adopting analogous requirements to eIDAS. The US state of Virginia for example has already adopted  eIDAS standards for accreditation of digital identity providers. As talks progress, other states are expected to join in the future; South Africa is also implementing the same requirements for trust tokens such as electronic signatures and Japan seems to take a similar direction to Europe.

These developments raise some fundamental questions on the future of global trade. Trade is based on trust: the fact that some jurisdictions follow the example of eIDAS while others stop short of, is this going to impact on are we going to seeglobal patterns of digital commerce and services? We are confident in the progress made to date in pursuit of the Digital Single Market in Europe and anticipate recognition of its benefits globally as regulators outside the EU seek alignment with our model. And if that comes to pass, we can anticipate striking changes in the digital trade routes of the world taken into account that jurisdictions prioritising trust find increasingly efficient to trade with one another. We believe that trust among users is essential to conduct digital commerce. That is why, we expect full vindication of the user-first approach we are championing.

Back

Report: Mobile Connect Turbocharges New Services How Turkcell’s mobile authentication service is helping Turkey’s start-ups to grow This case study explores how Turkcell is harnessing the global Mobile Connect authenticatio...

Read more | See all Identity Resources

Identity Hangout: Decentralised Identity – Material The GSMA Identity team was joined by Andrew Tobin from Evernym to discuss the role of identity and the mobile industry in decentralised identity. Presentation Audio...

Read more | See all Identity Resources

MWC19 Barcelona Seminar Presentations The industry seminars at Mobile World Congress have developed a reputation for being one of the leading ways in which to discover the plans and motives of any given market. Below...

Read more | See all Identity Resources

Mobile Connect Platforms & Operations services The GSMA offers a series of technical platforms and services designed to help mobile network operators and service providers deploy Mobile Connect successfully. This document co...

Read more | See all Identity Resources

The Identity Guide to MWC 19 Barcelona With mobile internet traffic accounting for more than half of all global online traffic, the nature of digital identity is changing. Our impressions and personal information are ...

Read more | See all Identity Resources

Presentation: Identity Hangout Delivering Identity Services The first Identity Hangout: Delivering Identity Services on 5 December explored the value and commercial scalability of mobile-based identity services. The online event was targ...

Read more | See all Identity Resources

Biometric authentication is getting stronger – so we’ll be seeing David Pollington, Head of Service Access, Identity, GSMA Biometric authentication has been around for some time but is now becoming mainstream. Why? It’s mostly down to the wea...

Read more | Visit Identity Blog

Digital Identity: if you Streamline it, They Will Come Digital startups face all manner of challenges, and identity is no exception.  However strong the service offering, if registration and login processes detract from the user exp...

Read more | Visit Identity Blog

Flash News: Multi-factor Authentication Gains Traction Report says SMS is the most widely used method of adding an extra layer of security Almost 30% of businesses are now using multi-factor authentication to enable customers to acce...

Read more | Visit Identity Blog

News Flash: Big Names Back Digital ID Start-Ups SoftBank, Salesforce, Microsoft & PayPal make strategic investments in ID innovators SoftBank Investment, Salesforce Ventures and M12 (formerly Microsoft Ventures) all partic...

Read more | Visit Identity Blog

News Flash: Australia Accelerates Digital Identity Push Federal government allocates additional funds for myGovID system Australia’s government has injected a further AUS$67 million (US$48 million) into the development of its myGovI...

Read more | Visit Identity Blog

The Future of Digital Identity is Simplicity, Decentralisation and Con Last year was a complicated one for digital enterprise, with highlights and more bracing moments – and at the centre of that developing picture has been digital identity. On on...

Read more | Visit Identity Blog

Identity Hangout: Controlling fake online identities June 12, 2019 Hear what´s new in the identity space. This Hangout will focus on fake online identities and how the mobile industry can help control it....

Read more | See all Identity Events

Contact GSMA Legal Email Preference Centre Copyright © 2019 GSMA. GSM and the GSM Logo are registered and owned by the GSMA.