PostEurop took note of the publication of the proposal for a regulation revising the Regulation (EU) No 910/2014 (eIDAS) as regards establishing a framework for a European Digital Identity [1].

This revision aims at extending the electronic identification framework to the private sector and promoting trusted identities for all Europeans.

PostEurop’s Members will be directly impacted by this proposal:

• as postal operators (and sometimes banks) are considered as « Relying Parties »2 in the text proposed by the Commission;
• as market players providing trust services such as electronic registered delivery services, digital identities, etc.

1. General comments on the legislative process

PostEurop takes note of the publication of the legislative text and the discussion around technical specifications taking place in parallel to define the common « ToolBox » as well as the future Implementing Acts of the Regulation. This Toolbox will comprise technical architecture, standards and guidelines for best practices and ultimately grant interoperability among different Member States’ wallets, and the Commission plans to have it ready by September 2022.

However, this situation leads to a high level of uncertainty because most technical specifications are needed to understand the text and its impact on “Relying Parties” and market players.

PostEurop’s recommendations

• The legislative process transparency principles should be applied to the “technical” discussions on the Toolbox and Implementing Acts, because they are key to the whole eIDAS framework.
• Postal operators due to their dual nature (as Identity/Trust Service Providers and Relying Parties) can actively contribute to the EU debate on the Regulation itself but also on the Toolbox.

Comments on the EU ID Wallet framework

We welcome the introduction of the proposed European Digital Identity Wallet (EU ID Wallet) and we strongly believe it will be a key enabler to speed up the digitalisation of processes and transactions involving citizens, governments, and businesses. However, to make it happen it is important to clarify some relevant issues.

We think that the EU ID Wallets should be built on existing eIDAS-compliant national digital identity systems, thereby ensuring a level playing field and preserving both the investments already made and the existing ecosystem. The EU ID Wallet should be considered as a technological enabler which contains digital identity means and electronic attestations of attributes. It should not be a digital identity scheme itself.

Then, we agree on the need to have a high security level for the EU ID Wallet technological infrastructure, but we cannot  support  the proposal that the notified ID means inside the wallet must be limited to a level of assurance high. The notified ID means inside the EU ID Wallet should meet the requirements of all the assurance levels provided for in the Article 8 (low, substantial and high), responding to the different requirements of trust defined by Relying Parties. Only in that way a widespread use of the ID Wallet by citizens and Relying Parties can be ensured.

PostEurop’s recommendations

• While being certified and notified by a Member State, the EU ID Wallet should not be a digital identity scheme itself.
• The EU ID Wallet should be built on existing eIDAS-compliant national digital identity systems.
• The notified ID means inside the EU ID Wallet can have different levels of assurance according to Article 8, not only the assurance level high.

Find the full position paper here [2].

POSTEUROP is the association which represents European public postal operators. It is committed to supporting and developing a sustainable and competitive European postal communication market accessible to

all customers and ensuring a modern and affordable universal service.

Our Members represent 2 million employees across Europe and deliver to 800 million customers daily through over 175,000 counters.

posteurop.org | ©PostEurop