eIDAS 2.0: The latest developments

Grace Macej 29 Jul 2022

Looking ahead, there’s plenty of work left to do in order to make eIDAS 2.0 a reality.

eIDAS (electronic Identification, Authentic and trust Services) 2.0 continues to move swiftly. Avast recently teamed up with the Intesi Group to co-host a webinar informing the public on the latest developments of the effort.

A critical initiative designed to transform online privacy and security for Europeans, eIDAS aims to provide every European citizen with a unique set of digital credentials that they can use to securely identify themselves and access cross-border services. Andy Tobin, the European Lead for Avast’s Digital Trust Services business, served as moderator and co-host, along with fellow co-host Viky Manaila, Trust Services Director of the Intesi Group.

In addition to Andy and Viky, the panelists included:

  • Cristian Terhes, an MEP (Minister for European Parliament) and the Committee Chair of LIBE (the Committee on Civil Liberties, Justice, and Home Affairs);
  • Vedran Lalic, the Head of the Office for MEP Romana Jerkovic (Group of the Progressive Alliance of Socialists and Democrats in the European Parliament) and Rapporteur for eIDAS file; and,
  • Maya Madrid, the Policy Officer at the eGovernment and Trust Unit for the European Commission.

The wide-ranging conversation centered on the latest developments in eIDAS 2.0 and where the technology is headed.

“We’ve seen with the EU Digital COVID certificate program, how successful that was, and it demonstrated how fast technology can be implemented if everyone’s incentives are aligned. And, in the eIDAS world, things are also moving at breakneck speed at the moment,” Tobin said. “eIDAS 2.0 though is much more complex than the digital code certificate.”

Tobin went on to say that eIDAS 2.0 “legislation is progressing in parallel with the selection and delivery of supporting technology, and this creates a really interesting situation where the tech is being designed and built before the requirements, i.e., the legislation is finalized, which is always very exciting for everyone involved.”

Still, there are plenty of questions left unresolved. The panel received several questions about the impact the complex bill was having from a legislative perspective. And most of the panel members said it’s taken time to get the context they need.

“It took us some time to really wrap our head around the proposal due to how complex, also from a legal and technical point of view the whole proposal is,” said Lalic. “So I think, yes, there was intention by the commission to move much faster with the legislation, but that was not really feasible for various reasons.”

Lalic said that the proposal’s “very technical nature” has proven to slow down the process. But the stakes are also higher. In a world wracked by the war in Ukraine and the impact the global pandemic continues to have on people across the globe, getting digital identity right is paramount.

“Digital identity has never been more important as it is today, both for the citizens and for the businesses,” Lalic said.

Both Madrid and Manaila emphasized the importance of getting businesses involved as a catalyst for widespread adoption and use. “The inclusion of the private sector is really very important and one of the key drivers for this proposal because one of the things that was not working with the first eIDAS regulation was that the private sector was not a component of the ecosystem,” commented Madrid. “It's important that the private sector takes their role in both issuing credentials and as relying parties.”

Looking ahead, the panel agrees there’s plenty of work left to do in order to make eIDAS 2.0 a reality. And they acknowledge that Europeans hope for a solution that truly works for all.

“I think a lot of times, you will hear in colloquial conversations that this is really Europe’s opportunity to deliver a level of success that we had with the mobile phone roaming regulation,” Lalic said. “I think this is really the ultimate goal that we need to achieve here.”

Further reading:
eIDAS 2.0: How Europe can define the digital identity blueprint for the world
Avast’s views on the proposed amendments to the eIDAS 2.0 regulation

--> -->