New Zealand has launched a trust framework for digital identity, a crucial step towards the country's digital transformation.
New German identity wallet: a real danger without Self-Sovereignty
The German government has taken the initiative to develop a digital wallet, an essential measure to align with the EU’s EUDI project.
T
he new German wallet represents a technological advancement, but raises questions regarding security, privacy, and digital rights.
Working on the expansion of Identity Wallets
The creation of digital identity wallets is part of a broader effort by the European Union to modernise how European citizens interact with public administrations and the private sector.
In 2021, the EU proposed a regulatory framework for the implementation of the European Digital Identity Wallet (EUDI), aimed at establishing a unified system that enables citizens to verify their identity and access services easily and securely across all member states. This framework seeks to provide a solution that is not only efficient but also compliant with existing data protection regulations.
The EU mandate stipulates that all member nations must implement their own version of the EUDI, allowing citizens to store personal information, such as their identity documents, birth certificates, or even academic degrees, in a digital wallet accessible from their smartphones. The EUDI will not only facilitate identity verification in various situations, such as accessing public services, conducting financial transactions, or managing daily life, but it will also promote an integrated and accessible single digital market.
With the development of the digital identity wallet in Germany, the country is positioning itself as one of the first to adopt this European regulation.
This is the German identity wallet project
- Secure Document Storage: The wallet will allow users to store their national identity document, as well as other official documents such as birth certificates, academic degrees, or even driving licences, in digital format. This secure storage in the wallet facilitates access to essential documents without the need to carry physical versions.
- Identity and Age Verification: Citizens will be able to use the wallet to prove their identity in various situations, such as when conducting online transactions, accessing public services, or registering on digital platforms. Furthermore, the wallet will also enable users to verify their age, which is particularly useful in contexts where age restrictions must be adhered to, such as purchasing alcohol or accessing certain online content (gambling, gaming, etc.).
- Qualified Electronic Signature: One of the most notable features of this wallet is its ability to facilitate a qualified electronic signature (the highest level of security for electronic signatures). This means that users will be able to sign documents digitally, with the same legal validity as a handwritten signature.
- Free Accessibility: Access to the wallet will be free of charge, a condition imposed by the EUDI regulatory framework.
Decentralising data: an insufficient effort
The development of the digital wallet in Germany is based on a decentralised approach, meaning it will not rely on a central authority to manage identity data. However, this approach alone is insufficient. True protection of citizens’ digital rights requires the integration of Self-Sovereign Identity (SSI) into the system, a factor that is not mentioned in the sources consulted regarding the project.
Decentralisation of data does not guarantee that users will have complete control over how, when, and with whom they share their information. In contrast, SSI grants individuals full ownership of their data, allowing them to decide what information to share and under what conditions. This control is crucial for safeguarding citizens against privacy abuses, mass surveillance, and potential manipulation by centralised entities, such as governments or large corporations.
Moreover, the absence of an SSI model in the wallet could lead to the accumulation of large volumes of sensitive data on a single platform, thereby increasing vulnerability to hacks and unauthorised access. This centralisation of personal information could compromise public trust in digital technologies.
For the German digital wallet to be truly innovative and respectful of citizens’ rights, it is essential that it is founded on the Self-Sovereign Identity (SSI) model. This approach ensures that citizens are the sole owners of their identity—not only their data but also the credentials issued by third parties. Through SSI, individuals can share information in a controlled manner using verifiable credentials, which can be validated without the need to resort to a central authority.
This approach reinforces privacy and transparency, offering users the ability to revoke any permissions they have granted at any time.
Germany, and the EUDI programme as a whole, must recognise that decentralisation is only part of the solution and that the true potential of digital identities lies in self-sovereignty. This will enable German citizens to participate in the digital ecosystem in a secure and confident manner, without the fear of their data being poorly managed or controlled by external actors.
The adoption of new systems like this should be voluntary, with alternatives for those citizens who prefer not to use them, without imposing limitations on access to essential services, harassment, or exclusion of any kind.
At present, there does not appear to be a firm commitment to self-sovereignty, which leaves users in a vulnerable position regarding the control and management of their data by third parties, thus compromising true digital independence.
The true impact of the German Wallet
The introduction of the digital identity wallet has transformative potential in terms of digital inclusion. However, it is not enough to develop the tools; it must be done with a full awareness that the user has the final say on whether to adopt them or not.
To ensure that the development process is indeed transparent and to encourage public participation, Germany organised an online public consultation on 9 October. Anyone interested can ask questions and actively participate in the debate.
If self-sovereignty is not considered in projects like the German wallet, citizens will be exposed to serious risks. Without absolute control over their own data, they will be at the mercy of governments, corporations, and third parties that could access, manipulate, or abuse their personal information without transparency or genuine consent. Privacy will be eroded, and with it, individual freedoms. Ignoring Self-Sovereign Identity opens the door to a future where digitalisation, instead of empowering, subjugates, and where the principles that have built today’s Europe would disappear.
Contact our team and get to know TrustCloud Wallet, based on Self-Sovereign Identity