Eema, the e-business trade association, has announced a new pilot project to develop electronic ID cards that can be used EU-wide. Eema is targeting a 2010 delivery date for the project, to coincide with the coming into force of the EU’s eID management framework.
Researchers will be exploring ways to establish secure systems that enable mutual recognition of national electronic ID’s by member states. The project, in which the UK Government is set to play a significant part, will also test non-government agents that would be involved in initial registrations, authentication of identities and the supply of the electronic ID cards.
If successful, Eema believe the project should make it easier for citizens to migrate, set up businesses, access health services and purchase properties, although it is not intended to replace passports in the short term.
Among other key challenges to be addressed, the project will need to demonstrate the scalability of the technology and achieve pan-European acceptance of the credibility, quality and sufficiency of the requisite vetting, registration, card issuing and authentication processes across member states.
With identity theft and fraud on the increase, the security of any such pan-European system will be critical, as will liability for breaches.
The recent House of Lords report on Personal Internet Security recommended that, to encourage software and hardware manufacturers to raise security standards, a principle of vendor liability should be introduced at EU level within the IT industry. Such a proposal is strongly opposed by many vendors who argue it would suppress interoperability and innovation. In the context of a pan-European ID card, it also raises the question of who the vendor should owe a duty of care to - just the government purchaser that contracted to buy the relevant software/hardware, or the ID card holding public at large as well? The scope of the potential liability for a breach is enormous. It remains to be seen what stance the EU and member states’ governments will take on this in the future.
For details of the House Of Lords report on Personal Internet Security please click here to open in a new window.