The 21 page 'Governance Models for Interoperable Electronic Identities"' by Tobias Mahler in
Journal of International Commercial Law and Technology (JICTL)
comments that -
Current implementations of electronic identity in Europe are rather diverse; they include state-driven identity management frameworks as well as private sector frameworks and different forms of public-private collaborations. This diversity may represent a major challenge for the deployment of information society services addressed towards the European internal market. This raises the question: How can we achieve interoperability of electronic identities across Europe, and potentially beyond Europe’s borders? This paper argues that the interoperability of electronic identity could be governed by a multi-stakeholder governance framework that brings together different parties with interests in the provision and use of electronic identities. Such a governance framework could, for example, consist in designing and operating a portal with common functionalities that allows interoperable authentication across multiple domains and contexts. Inspiration for the governance of such a portal could come both from existing successful implementations of electronic identity and from multi-stakeholder institutions that have proven useful in Internet governance.
Mahler notes that -
It may be the case that existing eIDs in Europe are too heterogeneous to be incorporated in a single hub. However, this example illustrates fairly clearly that there are alternatives to creating a single and all-encompassing European eID if one wishes to facilitate interoperability in Europe. Rather than offering European citizens and others yet another eID (for European use), we should consider the alternative of governing authentication processes based on a selection of existing eIDs.
Of course, the model raises many new questions, such as who might establish such a portal, and how it should be governed. In my view, a governance framework for a potential European eID portal should go beyond the participative model selected in Norway and also encompass other stakeholders, such as eID providers, other intermediaries and perhaps also end-users and their representations in civil society organizations. Moreover, if the intention is to ensure eID interoperability also for non-governmental actors, the private sector should definitely be incorporated into the governance framework.
The advantage of the eID hub model is its potential openness, which could potentially be used to encompass not only European eIDs, but perhaps even allow sufficient flexibility to facilitate interoperability with other non-European eIDs in the future. At the same time it has to be acknowledged that the model also may involve new legal challenges related to, for example, compliance and liability.