OIX has responded to the consultation on behalf of it’s members.
Input was gathered from members in a well attended workshop.
Key points raise in OIX supplemental response are:
• OIX is supportive of the move to improve eIDAS regulation and to provide intervention into Digital Identity adoption in the private sector.
• OIX advocates for a regulated competitive market for Digital ID services. An overarching Trust Framework such as eIDAS can establish the regulatory framework for ID services to complete in a compliant way.
• OIX also advocates for user choice. Any extension of eIDAS should be done so in a manner allowing the user to choose the best ID provider for them.
• OIX envisages that Trust Schemes will emerge that are specific to market segments. Any extension of the eIDAS regulation should provide a level playing field for competition, taking into account sector-based Trust Schemes.
• Governments do not take liability for fraudulent IDs. Private sector is likely to take a different view on liability, seeing indemnification by ID Providers as a competitive feature. ID Providers will seek to lean on a Trust Scheme or Trust Framework to allow them to implement fault-based liability. Any changes to the eIDAS regulation should take this into account.
• Accessibility and Inclusion is key in the successful implementation of any Trust Framework.
• Fraud Controls must be to a consistent level of robustness to allow IDs to interoperate across different use cases. Fraud controls must also be for the life of the ID: all uses and updates, not just when the ID is established.
• OIX questions as to whether the EU need to go as far as creating an EU wide ID Trust Scheme that actually issues its own identities. The issuance and management of identities should be left to certified ID providers, be these public or private sector organisations.