The current eIDAS Regulation came into force in 2016 with the objective of achieving something unthinkable at the time, that is the cross-border interoperability of the electronic identity schemes of European Member States, and to provide a solid framework for the harmonisation of Qualified Electronic Signatures.
The eIDAS Regulation was superseding the eSignatures Directive which had achieved its intended purpose of catalysing the work for establishing the basic legal frameworks for electronic signatures within Member States, but which had left a rather patchy situation at European level.
At the time, at MITA we had just finished building a complex ICT system for Government, known as a Public Key Infrastructure, intended to issue digital certificates for the electronic Identity Cards. The transitional measures of the eIDAS Regulation stipulated that a Conformity Assessment Report had to be submitted within a year to meet the requirements for Trust Service Providers issuing Qualified Certificates. After months of hard work, Malta successfully navigated the transition and achieved the highest level of certification for this important national infrastructure.
In parallel, MITA had assembled a specialised team to set up the eIDAS Node for Malta, which is now fully operational. But even while we were still working on this, the review of the eIDAS Regulation had begun in 2021. At the time, Europe was emerging from the grip of the pandemic. Member States had gone into overdrive to make their eGovernment services accessible to people from their homes. People had discovered the need for their electronic identity to access these services. The European Commission was about to embark on a massive recovery programme which would see the revision of the eIDAS Regulation as one of its strategic pillars.
eIDAS 2.0, as it is commonly being referred to, is expected to largely build upon its predecessor in evolving the landscape for electronic signatures once the scheme has proven sufficiently robust and reliable. Cross-border interoperability is achieved by ensuring that Member States adhere to very strict and established security standards for signing tokens and applications. The availability of a comprehensive set of standards has helped the providers of such services ensure that investments were made reliably to achieve the desired objectives. The new Regulation is likely to afford recognition to electronic ledgers, which would be typically based on blockchain technology, in a similar way to signatures.
Rather differently, for the authentication to electronic services, eIDAS 2.0 intends to usher in a big change through the introduction of the European Digital Wallet. The vision is to provide all European citizens with a ubiquitous, powerful, and secure way to access any type of electronic services, be they eGovernment, cross-border or private sector services. It will be a complex build, but the Wallet carries the promise of achieving that elusive combination of usability and security thanks to the simplicity of use of mobile apps and the security afforded by latest generation smartphone chipsets. The underlying trust model will be based on Qualified Electronic Attestations, which are highly secure ‘certificates’ issued by the Government proving the identity and other attributes of the holder which can then be provided to relying parties under the holder’s full control.
MITA is a key player in the run-up to eIDAS 2.0, as we leverage our technical competence in this subject matter to provide strategic advisory services to the Ministry of Economy, Lands and European Funds, and fulfill our mission to assist the Government in achieving notable transformational outcomes for the benefit of the country. These are very exciting times as we help prepare the country to embrace the challenges and maximise the benefits from the large-scale projects being championed by this European Commission which will be significantly changing the ICT landscape within Europe in the coming decade.