Yeah, thank you very much for having me here. I'm really happy to have the opportunity to share with you the latest insights in the implementation of the AIDA regulation here in Germany. I'm speaking on behalf of the, the Ministry of the Interior and for community, and our ministry is responsible for the implementation of the EU Digital Identity Wallet. And let me show you what we've planned so far and how the process is set up here in Germany. As you all may know, there is the new regulation now in place since May.
And what the, the YAS regulation brings with it is especially the EU digital identity wallet. And with a digital identity wallet, we not only have cross-border functionality of all functions of the wallet when it comes to identification, when it comes to signatures, when it comes to additional credentials, but also free use for all citizens.
And additionally, we have functions not only for online use case, but also for use cases offline in presence.
And the, the whole thing should be safe and more data protective compared than the status quo. So when, for example, I want to share my age for whatever service, I don't have to share the whole birthday, but only the age. So it will bring a lot of benefits for the citizens and organizations in Europe. And I'm sure it will set standards worldwide. And there are, is this regulation ahead or it's already in place, but the, our need to implement the European Digital Identity wallet will come in the next two and a half years.
So we started the process two one year ago and what we've done is we, as a government, as federal government in Germany, we've set up an open architecture and consultation process. 'cause we said this will have a huge impact on the life of citizens and organizations within Germany.
And there will be a lot of things to be discussed. Yeah. So we have to make some decisions when it comes to operating models, when it comes to technical decisions and designs. And we did not want to do this process behind closed doors. We want to do this in an open process.
And that's why we decided to start this open process to fulfill the legal requirements and the legal obligations we have as federal government. And also to fit this European regulation within the framework of the chairman, the existing chairman ecosystem. And this like the special requirements in within Germany. As you know, Germany is a federal state and in like in federalism, we like, we have a special form of federalism actually.
Yeah, we do not only have 16 federal states, but we have 11,000 municipalities and a lot of competencies, a lot of registries are actually in the municipalities.
So it's not enough to just make digital transformation across 16 states and the federal government, but across 11,000 municipalities. So it's a quite complex thing. And we do have colleagues with, in our ministry looking especially on this modernization of registries, how it is called. And we are in close contact with them to see how this process is synchronized with the European digital identity wallet.
So the other thing is that we did want to use the e IIDA implementation as a chance to create even more added value for citizens in Germany. So we not only wanted to implement it because we have to, but we want to take it and take it a step further, make it more secure, more data protective, more usable, and yeah, have this process to do it. And as I said, it's an open process. What does this mean? This means that we invited the public to join the process.
So we got the, it's the Sprint is the federal agency for disruptive innovation.
It's a public agency with our project lead toss who will explain more technical details within the next two days. And we took the, the, the sprint as the lead and we also took the BUN array with experience within the German EID system. And we created a team together with the federal agency for cybersecurity. And we have a really strong interdisciplinary team, which is not only there to do technical work, but also to do this consultation work.
So I'll talk about this in a in a minute, but what we do is we want to share as much as possible and invite the community to comment, to bring their ideas, to share their knowledge, to have the best version possible. And so what, what's happening at the moment, we do have this architecture process.
We started it last year in August.
So it's not, it's, it's, yeah, 10 months now that we have this process and the, the process is finished by next summer and until then we want to have an architectural concept, architectural proposal where we see the main decisions not only technical, but also when it comes to governance, when it comes to business models around the EUDI wallet ecosystem. And we want to, yeah, have more knowledge about crucial decisions within the ecosystem.
As you may know in the e iida regulation is, for example, an open point if the government wants to provide the wallet itself or get partner to provide wallet or just to accept wallets in the market. So that's one big decision we have to take if we want, if we want to go one of the three ways or if we want to have a mix of, of, of some of these options.
So, and that's something we discuss with different options. We also discuss different options of technical decisions such as where to or how to get the pit, the personal identification data on the phone. So we have six different options, how to implement the pit in the European digital identity wallet. And we treat the wallet for now more as a concept than a product because it's not the decision if there will be a government provided wallet is not made yet. So we discuss about any European digital identity wallet or wallets in plural within Germany.
So what are the rules for the German UDI wallets? We published a first architecture proposal last year in November with a rough concept for the pit. We published a second version this march. And more proposals or more iterations of the proposal will follow. And we have different focus, focus on, on the different versions.
So there are will be another version where we focus more on the qualified electronic signature for example.
But, but the technical details we'll have the chance in in other sessions with toten as I already announced. So let me come back to the consultation part of the process. So as I said, it's not only a technical process, it's a broader process to include opinions and expertise from not only the industry but also from science and from civil society and from within the administration. So we want to have a broad, yeah, participation format.
And what we did, we not only publish the technical specifications, but we also publish for example, visualizations of potential decisions so everyone can understand what the decision means in practice. So we want to take the whole debate out of a like technical environment up to like discussion within society because there are many groups which are affected by this regulations.
And as I said in the beginning, the EUDI wall will have an impact on everyone's life.
So what we had, we had three different workshops and additionally up to now five open online consultations where people could just join, ask questions to our technical experts from our team and get answers and discuss with them. At the same time, we have approached certain civil society groups actively because not everyone joins us, like actively. So we have to go there where the people are and ask them to join, to do interviews to ask them what's the impact on their field of expertise.
Yeah, so just for example, groups of transgender activists are an important group to talk with, which are not interested in digital identity per se, but they are impacted on how like there's an impact on their interests when it comes to digital identity. So we have to get their expertise, what it means if I change my gender or change my name, for example, what this means for UDI wallet implementation.
And at the same time we have like an asynchronous mode of work. So we uploaded not only the architecture proposal but also the documentation of the workshops online on GitLab.
And it's called open code. So it's like the German federal government version of GitLab, but it's like GitLab behind. So you can join via this link and you can see all documentation up to now and offer the documentation and you can join actively. So whenever you have time, you don't have to wait for a workshop or a consultation hour, you can just type in a comment. We have collected 220 issues so far. You can comment, you can add your expertise and we'll come back to you. So that's the idea how to like get a broader process to implement the EI DS regulation.
And that's like what we've done until now. And yeah, I think we gathered a lot of important information and important expertise so far.
So in this slide I show you how all things come together, like from our activities within the federal government.
So we, what I spoke about are the two parts. The UDI wallet concept.
Yeah, the, the whole architecture proposal where we will have a final publication of the UDI wallet concept in the third quarter of 2025. And with this concept, we can go into the actual implementation of A-E-U-D-I wallet ecosystem, which is life and working until 2027 when we need to have an EUDI wallet at least one for citizens and organizations working. So beside that, we have the consultation, I, I talked about this, but we don't only want to stay within concepts, we want to get like somehow in a practical sense we want to get working.
So what we have, and I'll talk about this in a second, is the funke, which is innovation competition to get prototypes of our architecture concept.
So we have a concept, we get prototypes, and then we have large scale pilots, potential consortium. You may have heard about it, I'll talk about this tomorrow in another session. So in the LSP potential consortium, there are almost 150 organizations out of 19 states within the European Union.
And in this consortium we work together with banks, with car rental companies, with mobile network operators to test actual use cases for the European digital identity wallet cross border. And we bring our prototypes to this consortium as the German contribution and our prototypes has the chance to be tested within real use cases. So not with real use data, but real use case with real partners. So we will have a lot of experience from this testing and this experience will come back to the concept and our concept in mid 2025. We'll be really profound.
Yeah, because it's not only a theoretical concept because it's a tested concept.
We have all the experience from within LFP potential from cross-border tests, which will start by January, 2025. So that's the, the the most important thing. And now let me come to this. So that's a competition which was invented by, by our federal agency for disruptive in innovation. And they did this format for different innovative things.
Yeah, like in in pharmacy and, and pharmaceutical stuff and in engineering, et cetera. And now it's the first time they do it for digital identity.
So what, what we've done, we have this innovation published two, no one and a half months ago, something like this. And in this publication we asked teams to apply for creating European digital identity wallet prototypes based in our, on our architecture proposal, based on the rules of the iida of the architecture and reference framework. And to bring some innovation and to to share their experience.
The, we have a funded track with up to six teams and this funded track, the rule of the funded track is that they have to publish everything open source. And so we can share the knowledge across not only the teams, but also across Europe and learn from our process.
And yeah, for the implementation, which is around one year in three stages, they can get per team almost 1 million euro. And we have parallel non-funded track with another six teams.
And yeah, they don't get money so they don't have to publish open source. But beside that, the same rules apply to them. And the idea is that in three stages, they will implement not only the pit or different pit options, but also the, the, the presentation of of of electronic attribute attestations and pseudonyms log in and they have to bring the QES function with them.
So that's unfortunately an old slide. I just changed the slides before but it did not work. So we have already published the six teams for the non, for the funded track. They're online.
When you go to the website of you can see the six teams. Unfortunately it's still the version from two weeks ago where we did not publish the teams yet. Now you can see the six teams online. And by the end of this week we also will publish the six teams for the non-funded track. And who select the teams. We have a jury of experts. You see the jury members on the left side and this jury of experts from different Yeah. Areas of expertise. They select, they have selected the six teams for the non-funded and six teams for the funder track.
And in the next months they will come together at least twice.
So in at the end of stage one, end of August, they come together and select in each track four out of six teams. So two teams get kicked out, the best four will survive. And by the end of November they come together after stage two and they'll select again two out of four teams then in both tracks. So in the end of this year we will have two funded and two non-funded prototypes. Or at least two or maximum two, no maximum two because maybe not all teams will make it. But I think they are really good teams, really innovative teams.
So I'm very hopeful we'll see four prototypes by the end of this year and they're ready to go to the cross border tests of LSP potential. And then we'll see them working in the first half of next year.
And yeah, everything else is what I've told you. So I'm really happy to have a really, really good concept by the middle of next year. And then to get this concept to the implementation to have the best possible version of the new digital identity wallet for Germany and for Europe. Thank you.
Thank you for your insightful presentation. We have many, many questions. Let's see how far we get. And the first and foremost question is, on the first slide, there's written with a smartphone. Is the smartphone a prerequisite for using the wallet? And what about multi-device usage or kiosks? Kiosks.
Yeah, that's, that's important point there. We not only talk about cross device flows, that will be something we, we have in our yeah. Proposal as well. And a central point is the smartphone. So in the future, maybe you don't need the smartphone for everything. And especially when it comes to organization organizational identities, it's not necessarily a wallet on a smartphone. But our main focus in this project is the wallet for natural persons and not for legal persons. There will be s for this.
Well,
And another question, is there a strategy for convincing people to use the EOD wallet? 'cause it's not mandatory of course, but it's nice as every, if people start using it.
Yeah, so you already mentioned it. It's not mandatory and we want to keep up alternatives throughout the way. So we don't want to have like it to be like in, in fact somehow mandatory even it's not legally mandatory. But what we want to achieve with also with this process is high public support. Yeah. Because we want to build trust for the solution. We want to build like, like understanding and also like somehow kind of education how things work, why we did, which decisions we did so people can understand and people want to use it.
We are, and then bits related to that, in my country in the Netherlands, we've had some people being very much against the European identity because they think it's one big European wallet with one identity tracking everything. 'cause they don't believe all the functionalities that are being proposed. But is the German wallet in some way connected to the European strategy and is there a European general all over European wallet in the pipeline or not?
So we, we are not only in working together in the LSP potential but also in other contexts. So there are shared strategies. We are looking for example to the Netherlands, which have published their code open source as well. So there is exchange and when it comes to tracking and and tracing, we said our solution should be privacy by the sign and security by the sign. So we want to avoid tracking and tracing not only from the wallet provider side, but also from the issuer side and from the government side if this is not identical. So no tracking for no one.
So the functionality in privacy, that's the core business of such a wallet. But a European generic, oh, European level wallet
Initially that was the idea of the European Commission. Actually the idea was to like create one European digital identity. And then they realized that within Europe you, you cannot like have one scheme below this like or one product.
So they decided to have like one framework and within this framework we will have interoperable solutions and how this will work out in 10 years if we have like only two, three, or even one solution for whole Europe or we'll have 27 or even 50 solutions, we'll see. So who am I to predict?
Yeah, so there's a lot of cooperation on the European level on reference frameworks and reference wallet and lessons learned and pilots. But that won't be one unique European wallet. And then also there's a question, will there be fines connected to the ADOS too? Will there be sanctions in case things don't go as they should go if anyone is like a data pirate, whatever.
Yeah, definitely. We have another process just set up to see how to adapt the regulation within German regulation. So there will be like laws in Germany like answering on the open points within the YAS regulation. So the national implementation. And we will not only have to think about like which are the governance bodies who are responsible for examples Yeah. To see this like if there is misuse and stuff, but also which are the consequences and there will be consequences.
Sure. Yeah. I think in, in the ADAS legislation it's also mentioned under article 16 penalties. Yeah.
And I've read of number of 5 million euro if a qualified trust service provider is, well not doing as they should or is if they're data pirates or whatever. And but of course the implementing acts, as you say in Germany or in the member states, they are more decisive in the types of sanctions Yeah. And how to implement that. Well thank you very much for this question. Thank you for, for answering these questions and your presentation.
Yeah,
Yeah. Thank you.
