Regulation (EU) eIDAS 2.0: revised European framework for electronic identification and trust services for electronic transactions

In Monaco, the matters governed by the eIDAS 2.0 Regulation are dealt with in Law no. 1.483 of 17 December 2019 on digital identity, as well as in Law no. 1.383 of 2 August 2011 for a digital Principality, which will be thoroughly revised in 2019. These two texts lay the foundations of Monaco's legal framework for digital identification and trust services.

Developments in version 2.0 of the eIDAS Regulation are of interest to Monaco in the context of a sustained digital transformation and Bill no. 1093 amending various provisions relating to digital matters, tabled on 22 May 2024, which is explicitly inspired by it (in addition to the Data Governance Act "DGA").

Source : Regulation (EU) no 2024/1183 of 11 April 2024 amending Regulation (EU) no 910/2014 as regards establishing the European Digital Identity Framework - ELI : http://data.europa.eu/eli/reg/2024/1183/oj

* * *

Presentation

The revision of Regulation (EU) no 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market (consolidated: eIDAS 2.0), which comes into force on 20 May 2024, aims to develop a secure, sovereign and interoperable European digital ecosystem:

• Harmonise the use of digital identity across the EU;
• Increase the security of electronic exchanges, particularly for cross-border transactions;
• Stimulate innovation and the adoption of new trusted digital services;
• Affirm European digital sovereignty, which has emerged as a strategic issue, against a backdrop of increased dependence on non-European platforms.

At the heart of the eIDAS 2.0 reform is the creation of the European Digital Identity Wallet (EUDI Wallet) to enable any citizen, resident or business in the EU to prove their identity and share attributes in a secure and controlled manner.

* * *

New features introduced by eIDAS 2.0

¤ Creation of the European Digital Identity Wallet

eIDAS 2. 0 introduces the European Digital Identity Wallet defined as "an electronic identification means which allows the user to securely store, manage and validate person identification data and electronic attestations of attributes for the purpose of providing them to relying parties and other users of European Digital Identity Wallets, and to sign by means of qualified electronic signatures or to seal by means of qualified electronic seals".

This wallet (a free mobile application) is based on a high level of interoperability between Member States and aims to facilitate access to online services, while giving users control over their data. Users will be able to store identification data or proof of their identity, communicate it to user parties on request and use it to authenticate themselves on public or private services throughout the European Union.

The Regulation requires EU Member States to make this portfolio available to their citizens by November 2026. Pilot projects are currently underway. The aim is for at least 80% of EU citizens to be using it by 2030. Each Member State will offer its own version of the application, all of which will be interoperable at European level.

Examples of uses for EUDI Wallet:

• Access to public services (secure identification and authentication to access digital public services at European level, application for social benefits, online renewal of official documents, proof of residence or family status to access certain administrative services).
• Digital driving licence.
• Health (secure storage and sharing of medical records with healthcare professionals, presentation of health insurance card or electronic prescriptions at pharmacies).
• Education and professional qualifications (storing diplomas, transcripts and training certificates, sharing these documents when applying for jobs, training courses or universities, certifying professional status (e.g. doctor, lawyer) to access specific services).
• Payments and banking services (opening online bank accounts with integrated identity verification, strong authentication for sensitive financial transactions).
• Daily life (age verification for the purchase of age-restricted products, storage of membership cards (gyms, libraries, etc.) or electronic tickets for events).
• Travel (storage and presentation of key travel documents, such as visas and passports, and identification when booking hotels).
• Contract signing (with the creation of a secure digital signature for any document), etc.

¤ Extension of trust services eligible for qualification

eIDAS 2. 0 extends the scope of trust services, with the inclusion of four new services that can be qualified:

• issuance of electronic attestation of attribute ("a characteristic, quality, right or authorisation of a natural or legal person or an object"),
• electronic registers, including those using decentralised technologies (such as blockchain),
• electronic archiving,
• remote management of qualified signature creation devices and electronic seals (QSCD)

The aim of this development is to guarantee greater legal certainty for new digital uses, while ensuring technical and regulatory interoperability within the EU single market.

* * *

The eIDAS 2.0 regulation thus marks a major step forward in the construction of a common European digital identity that is secure, interoperable and respectful of fundamental rights. It is a strategic lever for strengthening confidence in digital services, developing the digital internal market and asserting the European Union's technological sovereignty.

This new framework serves as a reference for Monaco in its reform of identity and trust services in the digital environment.

* * *