Yesterday was quite a busy day. I went to Brussels in the morning to attend the e-ID event. This event was dedicated to the electronic identity card. The Belgian Minister From Work and Informatisation of State, Peter Vanvelthoven, gave a speech about the way the e-ID is going to be integrated in the daily life. e-ID as part of the government policy, so to speak.
Other speakers I listened to were Dr. Andreas Mitrakas, Legal Adviser, European Network and Information Security Agency (ENISA), who gave an overview on the present and emerging regulatory framework on information security and it positions initiatives related to electronic identity within the EU.
Reinhard Posch, CIO of the Federal Government of Austria: With the lack of a mandate or joint commitment on a European level the development so far has exhibited quite local solutions that did not focus on interoperability. Increasingly this is seen as a deficit especially in situations like eProcurement etc. where not only the electronic identity but also the recognition of electronically signed documents becomes crucial. With the presentation the background of the i2010 signposts is analyzed. The focus is on the elements of identification and on interoperability of eServices. The presentation itself focuses on the basic elements and structures of electronic identity. This is done clearly observing privacy considerations which have proven to be very important likewith the UK eID-situation lately.
Jan Deprest, chairman of Fedict and Frank Robben, General Manager Kruispuntbank Sociale Zekerheid (crossroad bank for social security)
The basic priciple of the idea is that the e-ID card should be a key to its holder and not be considered as a portable carrier of informaton. No extra data will be able to be stored on the card, there isn’t going to be additional memory space available.
This e-ID card is a real issue because politicians need to set firm rules to limit the invasion of the privacy. Will the blood type be mentioned? Possibly, yes. But then what about the notice you’ve volunteered to be an organ donor? What about diseases like HIV etc? It’s a true invasion of the privacy to mention that, but it would be incredibly useful to doctors and providers of first aid, in case of an accident.
The card will hold two sorts of certificates to either authenticate your identity or distribute your digital and verified signature.
In the UK they are thinking about a £80 ($ 138.59!) ID card that holds a fingerprint and iris-scan. How the government is going to sell it to its citizens is yet to be shown. The Belgian e-ID card will cost app. €15 ($ 17), to give you a rough idea of the difference.
In April this year (meaning somewhere next month), the Belgian government is going to launch the ‘internet for everyone’ campaign, in which they’ll deliver a pc and internet connection together for a reasonable price.
Another future thought was the release of an e-ID card for kids (under 12 years) and the merging of the SiS-card (chipcard that proves you’re ‘covered’ by a social security organization) with the new e-ID.
eGovernment is in fact a means to modernize public administrations and to strengthen support for public policies. The objective of eGovernment is to strive for enhanced cooperation among public administrations and the private sector, by using personalized services. eGovernments aims at improved service to both citizens and businesses.
Identity management is a rather great issue in eGovernment. It’s about digital identities and authorization to access eGovernment services. ID management finds its origin in the need for law enforcement and public security requiring systems for identification. Therefor some sort of citizen data management needs to be enabled within secured databases of the public administration.
An ideal situation of a fully intergrated international system would enable a citizen from country A with an Identity Token and Identity Base from that same coutry to apply for the same services that are granted to that citizen in other countries. The interopability isn’t fully integrated yet. A citizen from the UK with an Italian ID Token and Austrian ID Base isn’t able (yet) to apply for services in Belgium. In the future, that should be possible.
e-ID labeling is the defining of a set of procedures, based on three big issues.
‘Privacy’, where the citizens need to be protected from things like profiling, spamming, phishing or tracing…
Question here is: “what happens when I insert my card somewhere?”
‘Security’, where the citizens need to have a certified key and citizens are made aware what happens if they type in their PIN (4 digits) code.
‘Trust’, where the ‘what if’ questions of the citizens are countered and the label itself (pictured above) is an indication that the service citizens access is verified and trustworthy.
More information:
Software downloads, API’s and information about eID.be
I left e-ID at noon, because I had to go to Hasselt for the i-City brokerage event, where I bumped into Hans Robben and our Minister of Work and Informatization of State, two speakers I had heared already that same morning. Apparently they also drove to Hasselt, for the same reason I did :) Small world.
The event in Hasselt was attended by a lot of (socialist) politicians like Willy Claes, Patricia Cijsens and Marc Eyskens (the Minister of State). A lot of people from the IT scene where there too. I had a long chat with Paul Theyskens from Telenet Operations (the Flemish cable provider) about the future of mobile television. Theyskens is also the man behind chat.be, a popular chat platform for people of all ages.
At the i-City event, I attented the session of Stijn Bijnens, CEO and one of the masterminds behind Ubizen, who talked about the integration of e-ID in the mobile world. Interesting presentation, but I didn’t learn that much. The keynote was really short and was only scratching the surface, because a lot of the attendees where either too old to understand it, or not so up-to-date. The questions after the session where rather ordinary ones like ‘what if I change my address’ (you’ll need to update your digital profile, of course) and if you have intelligent locks on your house, based on the e-ID, how will the house know it’s me if I had to change my card due to it’s validity of 5 years? (the server gets pinged by the lock (which is connected to another server of course) and if your profile is updated in the main database, your intelligent lock will know).
People also asked questions like: “isn’t the safety of my digital identity going to decrease every time I use the card?” and “what if people steal my card or I lost it?”, typical questions for people who’re afraid of evolution, because what happens if you lose your credit card now? What if your wallet is stolen now? It’s exactly the same thing. You go to the cops to tell them, the card gets blocked, you get a new ID card. It’s so simple, but people fail to see it.
After this session, I went home. Too bad I had to leave early because the dinner afterwards really looked good. Ah well. Homemade food is better.