Keep Factually independent
Whether you agree or disagree with our analysis, these conversations matter for democracy. We don't take money from political groups - even a $5 donation helps us keep it that way.
What is the EU eIDAS regulation for digital identities?
Executive summary
eIDAS is the EU’s legal framework for electronic identification and “trust services” that made national e‑IDs and qualified electronic signatures legally valid across borders since 2014 and was fundamentally updated in 2024 to introduce a voluntary European Digital Identity Wallet for citizens and residents (Regulation (EU) No 910/2014 as amended by Regulation 2024/1183) [1] [2]. The updated “eIDAS 2.0” or European Digital Identity Framework requires Member States to make wallets available and aims to expand use from public services into the private sector while stressing interoperability, security and user control [3] [4].
1. What eIDAS originally set out to do — a cross‑border trust rulebook
The original eIDAS Regulation (EU No 910/2014) created a single EU framework for electronic identification, authentication and trust services so that electronic signatures, seals and identification issued under one Member State could be recognised in others and given equivalent legal effect to paper processes [5] [6]. It established mutual recognition of notified national eID schemes and a European internal market for qualified trust service providers, with technical and procedural standards intended to promote interoperability without forcing a single technology choice [6] [2].
2. Why policymakers moved to “eIDAS 2.0” — gaps and the wallet idea
EU institutions concluded the 2014 framework left gaps: limited rollout in some states, technical fragility because interoperability relied on a superstructure, and restricted use mainly to public services [3] [4]. In response, the Commission proposed and lawmakers adopted amendments in 2024 to establish a European Digital Identity Framework that introduces a voluntary government‑issued Digital Identity Wallet to broaden uptake and private‑sector use [6] [1] [7].
3. What the amended regulation requires and promises
The amended eIDAS (often called eIDAS 2.0 or the EU Digital Identity Framework) requires Member States to issue digital identity wallets at citizens’ request and sets common technical standards and governance arrangements to make wallets interoperable across the EU; it also promises privacy‑enhancing features, control for users and free qualified electronic signatures with legal standing [8] [3] [9]. Timelines and implementation milestones are repeatedly referenced in policy briefings and industry commentary, with wallet availability and business acceptance phased in over coming years [10] [8].
4. Key design principles and intended safeguards
The reform emphasizes user choice, privacy, interoperability, security and proportionality — principles repeatedly cited by the Commission and commentators as central to the wallets’ architecture. The Parliament pushed for cybersecurity and privacy‑by‑design requirements as part of governance amendments [8] [9]. Official EU pages and the eIDAS dashboard describe the framework as providing legal certainty for identification of natural and legal persons and for trust services in the internal market [2] [5].
5. Who benefits — public services, businesses and citizens
Public administrations gain smoother cross‑border access to e‑services; businesses can rely on a government‑backed identity layer to onboard customers and provide services across Member States; citizens get an EU‑level means to prove attributes (age, qualifications, etc.) with legal weight and promises of more control over data sharing [3] [11] [10]. Proponents argue wallets will reduce friction in things like opening bank accounts or obtaining prescriptions [3] [10].
6. Criticisms, risks and competing views
Civil society and watchdogs warn about privacy, re‑use of government‑certified identity data by commercial ecosystems, and concentration of power; some technical commentators say the reform centralises identification while offering only a partial solution to corporate jurisdiction or surveillance concerns [12]. The eIDAS text includes a right to pseudonymity, but critics note that right can be limited by national and EU law — a point that complicates assurances about absolute anonymity [12].
7. Implementation realities and open questions
Practical rollout requires national schemes, notified eIDs and certified wallet providers, and past uptake was uneven (only a subset of Member States had fully implemented notified schemes before the reform) — problems the 2024 reform seeks to address but does not instantly solve [13] [3]. Available sources document ambitious timelines and governance proposals but do not provide exhaustive operational details about vendor roles, long‑term data governance, or how conflicts with other national rules will be resolved in every case [9] [2].
8. Bottom line for users and organisations
For users: expect a government‑backed digital wallet option that can be used across the EU to prove identity and attributes, with stated privacy and security safeguards [3] [7]. For organisations: anticipate new technical and legal interoperability obligations and an expanded market for identity-aware services; prepare for phased adoption and for national differences during rollout [10] [13]. Available sources do not mention operational specifics such as exact APIs, vendor certification processes in each Member State, or how dispute resolution will work day‑to‑day (not found in current reporting).