Harmonisation of electronic Identities for the European Citizen

Jan van Arkel, co- chair Porvoo group, May 11, 2006 Ljubljana

The need for harmonisation

Status of eID policy setting & legislation in the EU

Status of European eID standardisation

Status of eID projects & deployment in Europe

Topics

global support of eServices for the mobile citizen (building block for trust, security, easy access, convenience, service providing only to entitled persons)

Building a more global (incuding a EU) society (enhancing sense of communicty, offering trust, making persons aware to be a –relevant- part of society by offering a seamless e-services experience)

global combating of ID fraud and ID theft (causes more and more of a problem)

global preventing of illegal work and illegal immigration

global measure of anti-terrorism and combating organised crime

watch the common EU payment domain!

Rationale for a global eID approach

Legal in progress

MINISTERIAL DECLARATION

approved unanimously on 24 November 2005, Manchester, UK

By 2010 European citizens and businesses shall be able to benefit from secure means of electronic identification that maximise user convenience while respecting data protection regulations. Such means shall be made available under the responsibility of the Member States but recognised across the EU.

By 2010 Member States will have agreed a framework for reference to and where appropriate the use of authenticated electronic documents across the EU, as appropriate in terms of necessity and applicable law.

Legal in progress

COMMUNICATION FROM THE COMMISSION on the i2010 eGovernment Action Plan, approved 25 April 2006

eGovernment has reached a critical juncture. Further significant progress requires certain key enablers to be in place, particularly for high impact services to be effective. Among those, interoperable electronic identification management (eIDM) for access to public services, electronic document authentication and electronic archiving are considered critical key enablers.

Harmonised national ID cards might be one specific means to implement public service eIDM, but this is a national choice. Biometric national ID cards and eIDM for public services are markedly different: national ID cards serve public security, for example by facilitating integrated border management and supporting fight against terrorism, whereas electronic identification for public services is intended to ease access and offer personalised and smarter services.

Member States recognise the importance of eIDM for ensuring that by 2010 European citizens and businesses will be able to benefit from secure and convenient electronic means, issued at local, regional or national levels and complying with data protection regulations, to identify themselves to public services in their own or in any other Member State.

The Commission will also consider if regulatory measures are needed for the development of electronic identification and authentication for public services.

eID action plan

2006 Agree with Member States on a roadmap setting measurable objectives and milestones on the way to a European eIDM framework by 2010 based on interoperability and mutual recognition of national eIDM.

2007 Agree common specifications for interoperable eIDM in the EU.

2008 Monitor large scale pilots of interoperable eIDMs in cross-border services and implementing commonly agreed specifications.

2009 eSignatures in eGovernment: Undertake review of take-up in public services.

2010 Review the uptake by the Member States of the European eIDM framework for interoperable eIDMs.

CEN/ISSS WS eAuthentication (Architectural model) Government requirements, Architectural model, Business models, Legal

Framework, Card issuer guidelines, Multi-application environment, Human interface aspects, eID policy vision

CEN/ISSS WS MMUSST (Business case approach) Based on the UK SmartCities project experiences and the outputs from the

UK National Smart Card Project, offers business models, role models and implementation guidelines for multi issuer, multi application service providing as well as a scheme architecture and implemetation solutions.

CEN 224 WG 15 European Citizen Card (Technical specification) Policy and rules for CMS, Physical and logical card characteristics, data elements and structures, IAS procedures, Durability aspects, Middleware for interoperability, ECC profiles and use cases.

Main EU eID standardisation activities

Deployment of eID in Europe

Main driver in Europe at present: the ePassport

Belgium, France, Germany, Norway, Sweden, UK have already started to issue the ePassport

the majority of EU waiver countries is aiming for the August 2006

EU deadline or the October 2006 deadline set by the US

Europe’s leading examples

Belgium 2 M

Estonia 1.1 M

Italy 2 M+9.3M

Finland 100 K

Austria 8 M ecards

Sweden 40 K

Spain started iss.

Portugal testing

Political understanding of the need for European Identity management, eID road map in progress

Relevant standards are in place (almost)

European commission offers FP 6 support (and future FP 7 support): - Guide - Modinis - Prime - FIDIS World wide interest of smart card and non-smartcard Industry - Eurosmart, Smart Card Alliance, Global Platform, Maosco - Microsoft

- Liberty Alliance - OATH

Active groups (EC eID Government group, Porvoo, GCF, art 6 Group) )

Some IOP demonstrators are in process National Deployment of eID cards is in process

Overall picture in Europe