As from 29 September 2018, the eIDAS Regulation creates new impetus across EU Member States (MS) as the latter will be obliged to recognise national systems of other MS, which have been notified to the European Commission and comply with eIDAS.
Notification to the Commission is essential to ensure cross-recognition. The goal is to spearhead the use of cross border services in a range of relevant areas, like for instance, in banking, eGovernment, health care etc. These application areas can all benefit from the cross border use of eIDs issued in the country of residence of an EU MS citizen while being used to consume services across borders.
Implicitly, the advent of notified eID systems is also likely to mitigate some cybercrime threats especially those related to age limits to access particular services and protect vulnerable types of internet users such as underage persons.
In an effort to render the Digital Single Market (DSM) meaningful, the upcoming transition marks a waypoint to better services in the internal market for business and citizens alike.
As technical compatibility across various eID systems is key, the Commission has been working hard on a set of principles and guidelines on eID interoperability.
ENISA is looking forward to the likely new competence in the policy area of eID as it stems from the draft Cybersecurity Act that is currently under legislative scrutiny. This new competence will complement the role that ENISA has assumed in the area of Trust services. ENISA has been active to support the implementation of eIDAS in Trust services in a uniform manner across the MS by providing technical guidance on standards and trust services in the EU, including the reports on annual security incidents under Article 19 of the eIDAS Regulation. ENISA also seeks to stimulate discussion by means of an annual conference Trust service forum, the 4th edition of which is due in Berlin on 23 October 2018. Additionally, particular tenets of the set of principles and guidelines on eID interoperability, point to areas such as security by design and security measures for the protection of personal data (art 32. of the GDPR), that have been part and parcel of the work of ENISA in the past few years.
The ENISA Executive Director Prof. Udo Helmbrecht, underscored that […] “much like it has done throughout its 14-year long lifespan, ENISA is prepared to make available its advice and support to the EU MS and the Commission alike in the compelling policy area of eID”.
For more information, please revert to www.enisa.europa.eu/topics/trust-services or contact us at trust@enisa.europa.eu.