According to the regulation adopted on Thursday, and already agreed upon with EU ministers, this new Digital Identity Wallet will allow citizens to identify and authenticate themselves online without having to resort to commercial providers – a practice that raises trust, security and privacy concerns.
The EU wallet will be used on a voluntary basis. During negotiations, MEPs secured provisions to safeguard citizens’ rights and foster an inclusive digital system by avoiding discrimination against people opting not to use the digital wallet.
The law provides for free “qualified electronic signatures” for EU wallet users, which are the most trusted, and have the same legal standing as a handwritten signature, as well as wallet-to-wallet interactions, to improve the fluidity of digital exchanges.
MEPs have also mandated an open-source wallet to encourage transparency, innovation and to enhance security. They also set stringent rules for the registration and oversight of companies involved to ensure accountability and traceability.
Via a so-called privacy dashboard, users will be able to have full control of their data and will be able to request their data be deleted, as provided for under the General Data Protection Regulation (GDPR).
Quote
Rapporteur Romana Jerković (S&D, HR) said: “This legislation aims to empower citizens by putting them in full control of the use and sharing of their data. Digital identity has evolved from being a mere convenience to becoming a catalyst for civic involvement, social empowerment, and a means to foster inclusivity in the digital age.”
Next steps
Parliament gave its final green light to the regulation with 335 votes to 190, with 31 abstentions. It will now have to be formally endorsed by the EU Council of Ministers to become law.
Background
A study from the European Parliament research service highlights that since the pandemic, the provision of public and private services has become increasingly digital. Existing digital wallet solutions allow users to store and link data in a single, seamless environment on their mobile phones. However, according to the Commission, this convenience comes at the cost of loss of control over personal data, while these solutions are disconnected from a verified physical identity, which makes fraud and cybersecurity threats more difficult to mitigate.
Conference on the Future of Europe
The legislation is a direct response to the recommendations from the Conference on the Future of Europe, particularly aligning with Proposal 35(10) and Proposal 33(5). Proposal 35(10) advocates for the creation of a European common digital identity to streamline cross-border digital transactions and services, underpinned by a robust framework of European standards and guidelines to ensure necessary safeguards. Proposal 33(5) underscores the importance of establishing a secure and trustworthy digital environment.