Current Region:

European Digital Identity Wallet: is the end nigh for independent age verification?

July 21, 2021

At first sight, the creation of an EU digital wallet may appear to some observers to offer a state-sponsored replacement for the online age verification market.   Yet why, those same observers may ask,  is the EU already funding a major project to develop the infrastructure require for interoperable age verification and parental consent (  The answer lies in some key distinctions between the two initiatives, but does not preclude the opportunity to leverage some significant synergies through complementary aspects of each exercise.

The “EU digital ID scheme for online transactions” is the successor to the electronic identification and trust services (eIDAS) programme which since its launch in 2018. Half the Member States have an approved scheme, giving access to digital ID for 6 in 10 citizens, but technology waits for no-one, and the move from a system built on central databases to one with distrbuted wallets, was inevitable and welcome.

But the EU ID wallet does not supplant age verification for a number of key reasons.

  • eIDAS does not generally offer children a digital identity.  There are some member states where young people do obtain eIDAS credentials, but these are the exception.  The work  of the AV sector is heavily focused on children under 18, so requires a universally accessible solution for all ages.
  • While some age-restrictions apply to significant risks of harm where strict age checks are required,  many use-cases require a lower  level of assurance, perhaps basing the check on estimates made by artifical intelligence.  This is of course a lot easier to generate than it will be to create a new EU wallet where the  standard of evidenced will be that defined  as  “high”  under existing eIDAS rules.
  • The AV Sector is open and compeitive, keeping downward  pressure on costs and prices, and ensuring a wide-range of private  sector suppliers.  It is not, therefore, a government issued ID which some users may be concerned about owning or using in certain situations.
  • Indeed, through the privacy by design and data minimisation techniques required in the AV sector, consumers can have more confidence in anonymity
  • Another key difference as that the AV technology offers a persistent form of proof to support an uninterupted user experience and minimize friction as they move from site to site.  In time, the EU digital wallet could  release age attributes in the background to automate the age assurance process,  but it is a complex challenge which will not be high on the priority list for eIDAS 2.0.
  • Age verification is also a global market,  and consumers will demand a global solution so they can use age-restricted functions on the internet regardless of their own or the site’s location.

There are also, however, principles in the plan for the EU wallet which it holds in common with age verification:

  • Both are based on a double-blind approach to checks, where the service checking does not know any more personal data than the user wishes to share, and the attribute issuer does  not know  who is asking.
  • Nor does either project  permit the creation of records of an individual user’s activity
  • And both initiatives are aiming to  solve the challenges they address both online and offline, in  the physical environment.

The AV sector, not least through the euCONSENT project, will be working closely with the Commission as the plans for the Digital ID Wallet develop but we see these as highly complementary projects which can benefit from one another’s success.

AVPA gives evidence to Utah Senate Business and Labor Committee

On Wednesday 14th February, we were invited to addres the Utah Senate Business and Labor Committee which is considering a revision to the State's existing laws designed to protect minors from the harms presented by the use of social media.  It was the longest hearing...

AVPA responses to Ireland’s Coimisiún na Meán

AVPA responses to Ireland’s Coimisiún na Meán

We responded to a consultation on the new Online Safety Code proposed by the Coimisiún na Meán, Ireland new online regulator. We shared our views that: The Coimisiún should be careful it does not imply that smaller sites are exempt from taking action to protect...