The European Union (EU) has implemented a new regulation regarding digital identity, which requires member states to provide EU digital identity wallets to all citizens and residents. The regulation, called the European Digital Identity (EUDI), was updated on May 21 and is expected to be fully implemented by 2026. This regulation aims to transform the way Europeans live and work by allowing the digital ID wallet to be used for signing and storing documents, such as university diplomas and train tickets. Thierry Breton, the EU commissioner for the internal market, believes that this wallet will revolutionize online services by integrating convenience, safety, and privacy seamlessly.
To support the deployment of these wallets, the European Commission has invested 46 million euros ($50 million) in four large-scale pilots and has announced a second call for more pilots. However, this development raises concerns about the appearance and functionality of government-issued digital ID wallets, as well as the preservation of individual privacy and regulatory compliance on a large scale.
Cointelegraph spoke to Dr. Jonas Gross, CEO of Hakata, a company that provides compliant privacy solutions for Web2 and Web3 businesses. The discussion aimed to understand the challenges faced by developers when integrating privacy-preserving features into digital ID solutions and to find ways to overcome these obstacles. Dr. Gross emphasized the importance of a user-centric design and a privacy-first approach for digital identity solutions, especially the EU digital identity. He suggested that users should have control over the data they share and with whom they share it, and this sovereignty should be a key principle in the EU identity infrastructure.
To maintain privacy and confidentiality, Dr. Gross proposed using zero-knowledge proofs (ZKPs) as a Web3 tool. ZKPs allow users to reveal cryptographic proofs instead of clear data, thus preserving their privacy. He provided an example of using ZKPs in the context of a government-issued digital ID on a phone. Instead of revealing the entire ID to prove age when buying alcohol, a specific ZKP could be shared to verify that the person is older than 18. This way, only the necessary information is disclosed.
While ZKPs may seem like a solution, developers face challenges in implementing them due to the lack of standardization in the ZK space. Each ZK tech stack works differently, making interoperability difficult. Additionally, the technology is still undergoing security evaluation in many countries before it can be used for governmental and regulated services. Dr. Gross also suggested making reference implementations, like the EUDI Wallet Reference Implementation, available open-source on GitHub. This would allow people to verify the privacy standards of the solution without relying solely on the solution provider.
Overall, this new regulation will require member states to provide EUDI wallets to their citizens and integrate the wallet into various industries. Dr. Gross believes that this development will help rebuild the EU’s online infrastructure and incorporate digital identity into its digital ecosystem. With the EUDI wallet, the hassle of losing a physical ID while in a foreign country will become a thing of the past.