ENISA presents its first report on pan-European eIDM

On 29 January 2009, the EU Agency ENISA (the European Network and Information Security Agency) presented its first report on the current state of pan-European eID interoperability.


Europe has bold ambitions regarding interoperable eID services by the end of 2009. This report looks at how various initiatives such as the STORK project and the Services Directive could make eID work for business and government eServices across Europe.

Security and interoperability of eID systems across Europe is a current topic. European eID Management (eIDM) presently stands at crossroads. This is a vital and delicate stage, as pilot studies and models are now transformed into actual working systems.

ENISA calls its report a “milestone”, as it is the Agency’s first experts’ snapshot of Europe’s state of play in eIDM. The study charts the origins and scope of European eID interoperability. It focuses specifically on the triangle of three intrinsically connected drivers:

Policy level; an examination of the eID Roadmap and the eID -2010 goals to be reached by 2010.
The analysis of the recently initiated €20 million STORK Project. Among several EU projects focusing on eID, this initiative develops a series of pilot projects for citizens of 13 EU Member States, using their governments’ eID/authentication systems. Thus, the STORK project pilots a basic infrastructure in the EU for cross-border eID systems. But, the report strongly underlines that although STORK is significant, it is not to be seen as the panacea for all eID interoperability problems. Many European eIDM projects overlap but the solution does not lie in any single project. Instead the outcomes of all eID building blocks must eventually be put together to create a coherent and pragmatic infrastructure for European eID interoperability.
The implementation of the Services Directive. The Directive requires Member States to put electronic points of single contact in place by 28 December 2009. By then, service providers from any Member State should be able to complete formalities, to offer their services and to identify themselves electronically in a reliable way.
The report identified the following four main policy priorities for European eIDM:

In 2009, the policy objectives of the eID Roadmap will need to be reviewed and updated.
The results of the STORK project and how the pilot infrastructure can be expanded into a full-scale system, will need to be examined.
Once an interoperability infrastructure is in place, Member States will need to decide on the security requirements of their applications which do not discriminate against foreign citizens and enterprises.
Greater emphasis will need to be given on the citizen-centric approach to eID. It is crucial to give users sufficient personal control over their identity.
Mr. Andrea Pirotti, Executive Director of ENISA commented:

“This report shows that the pioneer eID systems soon must move into interoperable systems. This is a crucial time for EU Member States to make the right decisions, not only to guarantee interoperability, but also security and usability.”

Further information:

Source press release – ENISA
ePractice Library – i2010 eIDM Roadmap
Website of the STORK Project
ePractice Library – Directive on services in the internal market
ePractice Library – ENISA Report on the state of pan-European eIDM initiatives and FAQs of the report