Public Consultation on the “Target Image E-ID” / Statement of the krm to Hd. of the FOJ

The federal government has invited interested parties to submit a statement on the future E-ID. Here is the statement of the krm:

What are the three most important requirements for a government e-ID as a digital credential?

  1. Priority: As a matter of absolute priority and before all other considerations, the decision must be made to implement an electronic identity immediately. Switzerland has long since missed the boat on implementing electronic identity. The author contacted the then FDJP in 1996 (sic!) and inquired when one could expect the introduction of an electronic identity! In the current situation, it can only be a matter of damage limitation. The detailed questions you raise about implementation are only of marginal interest and hinder the discussion about the fundamental question “Digital identity: YES or NO” This question must be submitted to the legislature. The law to be created must be drafted as leanly as possible and without unnecessary detailed regulations and implemented in a fast-track procedure.
  2. Digital identity must be issued and financed by the state. It is the “Trust Anchor” and the citizen’s highest value means of identification. No system can create a comparable basis of trust (this also applies in particular to DLT-based systems). But: there are no commercial business cases that can be used for funding. This is a basic infrastructure. When the physical passport or identity card was introduced, no one wondered how often they would be able to use them. Still less whether the person relying on it can derive a business case from it. This illusionary assumption led, among other things, to the loss of the vote on the E-ID law.
  3. Digital identity must be implemented as simply as possible and on established technologies. Public key infrastructures, which can be implemented without great effort, are best suited for this and have proven themselves in practice. All other solution approaches are either not yet mature or are also based on PKI technology at their core.


Which use cases of the E-ID are in the foreground?

As already recorded above, the creation of the E-ID is not about its application. It is not the task of the state to ensure that digital identity can be used. Just as the government built cars to use highways, it does not have to provide applications for E-ID. As soon as a trustworthy identity infrastructure is in place, applications will immediately present themselves, which are either already in operation today or can be put into operation in the short term. The use cases mentioned in the discussion paper are well-known and partly already implemented.

However, it is important that the number of state identities is mandatorily limited to 1 (= one)! It cannot be that administrative units or cantons build additional identities and infrastructures. This is a federalism that would make the E-ID impossible. As mentioned, the E-ID is intended to be the counterpart to the physical identification document. Other users should build on this, but in no case build parallel solutions.


What are the benefits of a national infrastructure that enables the state and private parties to issue and verify digital evidence (e.g., E-ID, digital driver’s license, employee badges, educational credentials)?

The sole core task of the state, and thus the federal government, is to create the digital ID card. It is not its task to launch applications directly, unless they are within the sole competence of the federal government and are thus already organized in a centralized manner. One example of this would be criminal records, which can already be retrieved digitally today. Identification has nothing to do with usage or the authentication process. As soon as a digital identity is to be used for an application, there are various options for implementing this. This is where the issuer of the E-ID must not and should not interfere. Over time, today’s isolated solutions will use the E-ID as an identification anchor, because the cost of continuing their own identification solutions will become too great.


Comment by B. Wildhaber on the technical approaches:

In the case of the technical solution variants, a new solution approach is brought into play by the FOJ: SSI. This is poison for the whole discussion, because it brings a new complexity into play, which is absolutely unnecessary. We are dealing with non-proven technologies here. The very discussion of such solutions risks pushing the e-ID issue into the nerd corner politically. That would mean the end of the initiative.


Submit a Comment

Your email address will not be published. Required fields are marked *

Related articles

On 16.3. is Digital Cleanup Day

On 16.3. is Digital Cleanup Day

Tidying up is clearly not everyone's cup of tea, but we all know the good feeling that a tidy room, a tidy desk or ... a tidy drive! You can feel proud with a clear conscience, because deleting data also has an important effect on energy consumption. I have calculated...

read more
Dealing with data risks: Data breach notification

Dealing with data risks: Data breach notification

A data breach notification or "data breach notification" refers to the process by which an organization or company is required to notify the relevant data protection authorities and, if applicable, data subjects of a data breach that is likely to result in a high risk...

read more