European e-identity plan to be unveiled this month

The European Commission is set to lay out proposals for a EU-wide e-ID scheme, it has revealed as it outlined a pan-European strategy aimed at protecting children from harmful online content
Written by David Meyer, Contributor

Authorities in Europe are ready to lay out plans to introduce an electronic identity system across Europe, with the proposals to be unveiled at the end of this month.

EU flags

Digital agenda commissioner Neelie Kroes has outlined a proposal to bring in an electronic identity system across the EU.

On Wednesday, the European Commission published a strategy document aimed at setting up systems to protect children online. In the document (PDF) — but not in the accompanying press release nor the citizens' summary — the Commission mentioned that it will soon propose a "pan-European framework for electronic authentication".

A spokesman for digital agenda commissioner Neelie Kroes said the Commission "will have full e-ID proposals on 30 May".

The document, entitled European Strategy for a Better Internet for Children, gives a rough outline of proposals to harmonise protections across member states for children using online services. It contains many suggestions for the increased use of age classification, as well as the inclusion of "efficient" parental controls "on any type of device and for any type of content, including user-generated content".

The age classification scheme, which is meant to feed into new data protection rules that take specific account of children's privacy and 'right to be forgotten', will largely be a matter of industry self-regulation. However, the language of the e-ID clause suggested that one element will be mandatory.

"The Commission... intends to propose in 2012 a pan-European framework for electronic authentication that will enable the use of personal attributes (age in particular) to ensure compliance with the age provisions of the proposed data protection regulation," the Commission said in the document, adding that member states should "ensure the implementation of EU legislation in this field at national level".

As part of this, the industry will be expected to introduce "technical means" of electronic identification and authentication, it noted.

The launch of the strategy follows Kroes's push in November to strengthen internet security in the EU, which laid the ground for the child protection proposals. It also outlined legal measures to make it easier for people to use a single e-ID for online services across borders, which would underpin a move toward a pan-European framework for electronic identification, authentication and signature (Pefias) framework.

Fuzzy areas

Digital rights campaigner Jim Killock, of the Open Rights Group, told ZDNet UK that the idea of an electronic ID scheme was not in itself bad, but he is keen to know the scope of the programme.

"There are discussions elsewhere about identity management online — the UK is looking at this," Killock said. "That in itself isn't a terrible thing, although there may be fuzzy areas where you're having to supply your identity to sites that are discursive."

"If it's aimed at the end services, then there's possibly something in what they are saying, but the devil is in the detail," he added.

Killock also gave a tentative welcome to the idea of putting parental controls on devices such as smartphones or tablets, "as the calls we're hearing for content filtering at network level is much more dangerous". However, he added that parental control technologies are "fallible".

The strategy document also said the Commission will adopt a pan-EU "initiative on notice-and-takedown procedures" for websites. This will extend not only to child sexual abuse images, but to "all categories of illegal content".

Questions remain as to whether the e-ID system will have uses beyond age classification, and whether every citizen will be required to use the system, with the implications this has for online anonymity. In addition, the document did not describe what technology is needed to apply parental controls to any type of device and which parts of industry are expected to implement this, and whether the harmonised notice-and-takedown procedures will apply to material that breaches copyright. The Commission had not replied to a request for clarification on these questions at the time of writing.

Editorial standards