cross-posted from: https://feddit.org/post/317047

in February 2024, the EU Parliament adopted the eIDAS regulation, creating the framework for a “European Digital Identity Wallet”. This digital Wallet will enable citizens to identify themselves in a legally binding manner, both online and offline, sign documents, login into websites and share personal data about them with others. Recently, the European Commission published the Architectural Reference Framework (ARF) 1.4 for the technical implementation of the Wallet.

The success of the EU Digital Identity Wallet depends on its ability to gain citizens’ trust and establish a resilient infrastructure in our current data-driven economy.

“However, after our analysis, we believe that this goal has been missed,” says the digital rights group Epicenter Works.

“We see severe shortcomings in the ARF that either contradict the regulation or ignore important elements of it. These issues, if left unaddressed, could significantly undermine user rights and privacy.”

    • zweieuro@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      edit-2
      4 months ago

      I would be very worried if this was ‘final, and now we will do it as written’ but it seems to be just another iteration.the critique is great and I just hope they listen.

      I am not shocked, but i’d save disappointed for when they try to do it and noone uses it because of these reasons.

  • hperrin@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    3
    ·
    4 months ago

    I’m not gonna trust the headline of an article with an AI image from a place called epicenter.works.

    • 0x815@feddit.orgOP
      link
      fedilink
      English
      arrow-up
      8
      ·
      4 months ago

      Epicenter Works is a digital rights organizations based in Austria.

      • hperrin@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        3
        ·
        4 months ago

        Yeah, I read their about page. I wouldn’t trust them as a lone voice on something, but if other groups come to the same conclusion, sure. But mostly, I don’t trust articles with AI image headers. It makes it seem like the article is written by a bot.

        • 0x815@feddit.orgOP
          link
          fedilink
          English
          arrow-up
          7
          ·
          4 months ago

          Yeah, they work in a huge network mainly in Europe. As always, we should never trust blindly, but Epicenter appears to do a solid work. I have been disagreeing with what they said in the last years on some incidents, but all in all they do a good work. At least that’s my opinion.

        • MajorHavoc@programming.dev
          link
          fedilink
          English
          arrow-up
          6
          ·
          4 months ago

          I wouldn’t trust them as a lone voice on something, but if other groups come to the same conclusion, sure.

          As a Privacy nerd, I agree with the conclusions in the article, for what it’s worth. We do see a lot of “privacy” law proposals lately that are anything but.

          I don’t think things will get better, on this front, until the average person better understands privacy rights and risks.

      • MajorHavoc@programming.dev
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        4 months ago

        Would you trust this “wallet” tho lol

        Hell no. I just kicked Google out of my life for the same crap. Ugh. But I’ll laugh too, because it’s either that or cry.

    • conciselyverbose@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      ·
      4 months ago

      I started to highlight bits to cut out and highlight as the key points, but it became pretty quickly that that link already is the executive summary. It’s already basically in outline form, and a super quick read.

      You don’t need to rely on the headline.

  • themurphy@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    2
    ·
    4 months ago

    We have this in Denmark, and when it works, you’ll all love it.

    It’s soooo easy to use, and it’s also a very secure way it’s implemented, because we have 2FA for everything important.

      • themurphy@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        4 months ago

        You do. They can only collect data you allow.

        Are you familiar with the Danish system tho?

        • unexposedhazard@discuss.tchncs.de
          link
          fedilink
          English
          arrow-up
          1
          ·
          4 months ago

          Im not, but the german one works the same. This doesnt change what i said tho, because if you are only allowed to use something by offering that information then its not really given “freely”.