🌌
Privacy Village Academy
Join The Community!AcademyAbout HGPE
  • Hitchhiker's Guide to Privacy Engineering
    • ❓What is HGPE?
      • ⚖️Who is this for?
      • 🧙‍♂️Privacy Engineering
      • 🎨Creative Privacy
      • 🔮Generative AI
      • 🧑‍💻About the Author
  • 🧙‍♂️The Ethical AI Governance Playbook 2025 Edition
    • 🤖Chapter 1 : AI Literacy
    • 🌍Chapter 2 : AI Governance in the 21st Century
    • ⌛Chapter 3 - Getting Started with AI Act Compliance
    • 🚀Chapter 4 : Rise of AI Governance: Building Ethical & Compliant AI
    • Chapter 5 : Introduction to the Lifecycle of AI
  • 🎓Privacy Engineering Field Guide Season 1
    • ❓Decoding the Digital World: Exploring Everyday Technology
    • 👁️Introduction: Why Privacy Matters?
      • Age of Mass Surveillance
      • Privacy & Democracy
      • Privacy & Government Surveillance
    • ⚡Chapter 1 : How Computers Work?
      • Electricity
      • Bits
      • Logic Gates
      • Central Processing Unit (CPU)
      • Graphic Processing Unit (GPU)
      • Motherboard
      • Data Storage
      • Databases
      • Operating System (OS)
      • Computer Code
      • Programming Languages
      • The File System
      • Bugs and Errors
      • Computer Virus
      • Internet of Things (IoT)
      • Cloud Computing
    • 🛰️Chapter 2 : How the internet works?
      • Physical Infrastructure
      • Network and Protocols
      • Switch
      • Routers
      • IP Address
      • Domain Name System (DNS)
      • Mac Address
      • TCP / IP
      • OSI Model
      • Packets
      • The Client - Server Architecture
      • Secure Socket Shell (SSH)
      • Transport Layer Security (TLS)
      • Firewall
      • Tunnels and VPNs
      • Proxy Server
    • 🖥️Chapter 3 : How Websites Work?
      • HTML
      • CSS
      • Javascript
      • Web Server
      • Browser
      • HTTP
      • Databases
      • Front End (Client Side)
      • Back End (Server Side)
      • Cookies
      • Local Storage
      • Session Storage
      • IndexedDB
      • XHR Requests
      • Web APIs
      • Webhooks
      • Email Server
      • HTTPS
      • Web Application Firewall
      • Single Sign-on (SS0)
      • OAuth 2.0
      • Pixels
      • Canvas Fingerprinting
      • Email Tracking
      • Containers
      • CI/CD
      • Kubernetes
      • Serverless Architecture
    • ⚛️Chapter 4 : How Quantum Computers Work?
      • Quantum Properties
      • Quantum Bits (Qubits)
      • Decoherence
      • Quantum Circuits
      • Quantum Algorithms
      • Quantum Sensing
      • Post-Quantum Cryptography
    • 📳Chapter 5 : Mobile Apps and Privacy
      • Battery
      • Processor
      • Mobile Operating Systems
      • Mobile Data Storage
      • Cellular Data
      • Mobile Device Sensors
      • Wireless Connectivity
      • Camera & Microphone
      • Mobile Apps
      • Software Development Kits (SDKs)
      • Mobile Device Identifiers
      • Bring Your Own Device (BYOD)
  • 🕵️‍♂️Privacy Engineering Field Guide Season 2
    • ❓Introduction to Privacy Engineering for Non-Techs
      • 🎭Chapter 1 : Digital Identities
        • What is identity?
        • Authentication Flows
        • Authentication vs. Authorization
        • OAuth 2.0
        • OpenID Connect (OIDC)
        • Self Sovereign Identities
        • Decentralized Identifiers
        • eIDAS
      • 👁️‍🗨️Chapter 2 : De-Identification
        • Introduction to De-Identification?
        • Input / Output Privacy
        • De-identification Strategies
        • K-Anonymity
        • Differential Privacy
        • Privacy Threat Modeling
  • 📖HGPE Story and Lore
    • 🪦Chapter 1 : The Prologue
    • ☄️Chapter 2 : Battle for Earth
    • 🦠Chapter 3 : A Nightmare To Remember
    • 🧙‍♂️Chapter 4 : The Academy
    • 🌃Chapter 5: The Approaching Darkness
    • ⚔️Chapter 6 : The Invasion
    • 🏰Chapter 7 : The Fall of the Academy
    • 🛩️Chapter 8 : The Escape
    • 🪐Chapter 9 : The Moon Cave
    • 🦇Chapter 10: Queen of Darkness
  • 📺Videos, Audio Book and Soundtracks
    • 🎧Reading Episodes
    • 🎹Soundtracks
  • 👾HGPE Privacy Games and Challenges
    • 🎮Data Privacy Day'23 / Privacy Treasure Hunt Game
    • 🧩Privacy Quest
  • 📬Subscribe Now!
Powered by GitBook
On this page

Was this helpful?

  1. Privacy Engineering Field Guide Season 2
  2. Introduction to Privacy Engineering for Non-Techs
  3. Chapter 1 : Digital Identities

eIDAS

PreviousDecentralized IdentifiersNextChapter 2 : De-Identification

Last updated 1 year ago

Was this helpful?

What is eIDAS 1.0 👀

Back in 2014, the European Commission introduced Electronic Identification, Authentication, and Trust Services (eIDAS) as part of its Digital Agenda to stimulate innovation.

Its aim was to provide unique, verifiable credentials to every EU citizen and business, simplifying online interactions.

However, the initial rollout faced hurdles, including limited adoption and concerns over user autonomy and privacy.

eIDAS 1.0 Shortcomings

The original eIDAS framework had its share of flaws. It insisted on persistent IDs that raised privacy concerns.

It also allowed governments to remotely deactivate IDs, sparking concerns about unchecked authority. Moreover, the framework’s complexity discouraged private sector adoption, resulting in a fragmented landscape.

What is eIDAS 2.0 👀

To address these issues, eIDAS 2.0 embraces self-sovereign identity (SSI) concepts, where users retain control over their data.

This approach enables the verification of specific identity elements, enhancing security while safeguarding privacy. Blockchain’s decentralized nature adds an extra layer of protection.

Privacy Safeguards and Wider Applicability

eIDAS 2.0 ensures that social media platforms have limited access to users’ data, preventing data harvesting abuses. It also allows for a broader range of data types to be securely stored, from medical records to travel history, enhancing convenience and safety. Furthermore, it offers a means for individuals to verify the authenticity of others in personal interactions, fostering trust.

Key to eIDAS 2.0’s success is placing control firmly in users’ hands. With exclusive access to their personal information, users are more likely to adopt the framework. Achieving ubiquity across the EU is vital, ensuring credentials are universally valid. Stricter safeguards are needed to prevent third-party profiling and data mining.

The Role of PETs

Zero-knowledge proofs and biometrics play a crucial role in eIDAS 2.0’s security strategy. They enable verification without revealing sensitive data, enhancing privacy. Unique physical identifiers like fingerprints and iris scans add an extra layer of protection.

EFF Open Letter

A group of cybersecurity experts from EFF is deeply concerned about specific aspects of the European Digital Identity framework (eIDAS revision).

They fear these provisions, meant to enhance web authentication, may inadvertently weaken web security. Website authentication is a cornerstone of online security, protecting against identity theft, financial crimes, malware, and surveillance. However, the framework’s emphasis on Qualified Website Authentication Certificates (QWACs) without proper security assessments raises significant cybersecurity risks.

The group calls for revisions to Article 45.2 to preserve browsers’ vital role in safeguarding users against cybercrime and prevent potential vulnerabilities.

🕵️‍♂️
❓
🎭
Page cover image