Why eIDAS 2.0/EU Digital Wallet is not Trustworthy & How to Make it Trustworthy

Program:
19:00 - 20:00 Presentation
20:00 - 20:30 Q&A

From the author:
EU is in process to make an update of eIDAS labeled eIDAS 2.0 – mainly focused on incorporating a US standard ”Verifiable Credentials”, whitewashing distributed ledger technologies and creating a ”EU Digital Wallet”. Whereas there is little doubt that so-called ABC (attributed based credentials) technologies are vital to solve the serious security problems in eIDAS 1.0, it is also clear that the process and standards suffer from serious problems and misunderstandings.

As an update to the webinar on anonymous Privacy by Design solutions to the key problems related to Covid-19 (http://blog.citizenkey.eu/index.php?post/2021/10/04/The-power-of-CitizenKey-Covid-19-as-the-perfect-Privacy-by-Design-case), this talk will go straight to the problems and serious misconceptions governing this eIDAS 2.0 process and how the legal / technical implementations considered are not even close to matching the political claims from the top-down and lobby driven process.
The core argument is that mechanisms such as “Self Sovereign Identity” and “EU Digital Wallet” will fail to provide on both rights, security and interoperability unless we upgrade from “Trusted Anchors” to “Trustworthy Anchors” – the difference being if a eIDAS Qualified Signature used for a context is linkable or non-linkable to other non-related transactions for anyone except the citizen.

The talk will address how CitizenKey, designed as a voluntary framework for Trustworthy Inclusive Interoperability, will address and solve the basic problems through an upgrade and decentralization of control within the standards already governing eIDAS 1.0.
Relevant is that the work following the announcement of EU Digital Wallet also triggered solutions on how to make Distributed Ledger Technologies and cryptocurrencies legal within EU eliminating the complex contradictions between AML, CyberSecurity and GDPR.

About the author:
Stephan Engberg was in 2009 elected a ”Moral Exemplar in the Computing Profession” (https://blog.privacytrust.eu/public/Good_Computing.pdf) mainly for his work ”on combined the design of privacy-enhancing technologies with a desire to reform privacy policy and practice in Denmark”.
He was for more than a decade member of the International Advisory Board of Privacy International and very active in EU Research on Privacy, Security and Dependability, e.g. as member of the Strategic Advisory Board of FP7 Security & Dependability Roadmapping and a long range of projects, key notes and workshops on pre-policy and scientific events on the topic of Identity and Privacy by Design.
Stephan Engberg was founder of RFIDsec ApS manufacturing RFID chips based on low-computational zero-knowledge protocol and strong Privacy by Design in the IOT space. As part of this he was on the Programme Committee for the annual RFIDSEC Conference.
For the last 6 years he has been actively leading the work on CitizenKey as a peer-to-peer solution to the Global Identity problem based on the zero-knowledge proofs.
Prior to this he was 10 years in banking, COO and CFO of a Born Global in Optical Telecommunications and Executive Management Consultant in eBusiness Strategy and 1:1 eLoyalty.
He holds a M.Sc in Computer Science Business Administration from Copenhagen Business School and International Business Development at London Business School.