"Tax website shut down as memory stick with secret personal data of 12 million is found in a pub car park" headlined a recent newspaper article. It is one of the tangible ways for us to understand how important digital security has become in today's society.
The Breakfast debate at EIF on 15 April focused on that subject matter and Prof. Dr. Reinhard Posch discussed how a strong European Identity Platform protects and helps privacy in a global Internet-powered knowledge-based economy.
It is obvious that in order for the Internet to be useful to us all in society it needs to be a safe and reliable environment for everybody. We know as well that today this is not the case. Spam is 98% of all email that is going around, and if we order something online we can sometimes be unpleasantly surprised by the added local taxes added to the bill, which the sender omitted to report when we bought the product.
What eID is offering is a secure zone where providers guarantee that only services of cooperating jurisdictions are available. It would allow mail or downloads from non-trusted servers being restricted to non-active content if the user decides this or even fall back to text only email. In such a secure zone users could profit from the rich possibilities of web 2.0 without risking exposure.
Professor Posch explained that by 2010 all European citizens, businesses and administrations will be able to benefit from such secure means of electronic identification (eID) that allows people online to enter secure zones where they can be sure that their privacy is respected and where they can make use of services without fear of getting attacked by malicious software or fraudsters.
The eID is completely different from the kind of ID that travel documents represent. When citizens pass the border control in a country travel documents are checked for inspection. Electronic ID on the Internet has a different function. When we go to the Internet we go there to do something, i.e. to consume a service or to buy a product, whereas if we pass a border we do not engage in any willful acts.
The fact that we are still missing a quality eID has severe consequences. Let's take an economic example. One study shows for instance that when something goes wrong with an Internet banking transactions, a high proportion of customers would leave their bank to find a more secure bank. What is interesting about this is that the consumer would not really be open to discuss if it was their pc or Internet connection that may have been at fault or if, for instance, the bank had a temporary Internet outage. No, instead customers, especially those over 50, would rather leave the bank than take another (perceived) risk. Only building digital trust can avoid such scenarios in the future.
Currently the EU is funding projects to test eID such as "SaferChat", "eID electronic delivery" and "eID change of address" mechanisms that would allow for easier authentication and verification of transactions. Possible future directions could be a "European Citizen Card" but the question is if our society is already ready for that level of detail at this moment.