A provisional agreement has been reached between the European Union Council and Parliament about eIDAS2.0, a new framework for a European digital identity (eID). The provision of digital wallets connected to national digital identities is a crucial component of the new laws.
European Central Bank (ECB) is actively pursuing the prospect of having its CBDC (Central Bank Digital Currency), despite knowing the fact that this may weaken its key role in the payment space, and it would not be possible to ensure the complementary and convertibility of public and private money.
Understanding the need
The Bank of Spain, for example, believes that traditional physical currency is ill-suited to exploit the advantages offered by a digital economy. The Digital Euro is more suited for the purpose.
ECB has been batting in favour of a CBDC since 2020, understanding the method’s utility in the retail payment space.
ECB sees the Digital Euro as protecting the strategic autonomy of European payments and monetary sovereignty. Fintech ventures working in the digital payment space will be able to offer innovative and competitive services based on the digital euro, thereby promoting financial inclusion.
After a detailed study phase on the Digital Euro from July 2021-October 2023, the “preparation phase” has been launched, which will end by 2025, where the focus will be on finalising the regulatory framework for the digital currency while also selecting the banks that will issue the CBDC.
Concerns galore too
Over 500 experts in cybersecurity and privacy signed a letter protesting the move. One of the main worries surrounding a digital currency is privacy is the enactment of legislation that is allegedly meant to allow Big Brother surveillance.
According to the letter, the proposal would make it possible for one government to monitor every EU citizen’s online activity. Furthermore, the wallet is missing crucial privacy protection.
The Electronic Frontier Foundation (EFF) and numerous scholars from throughout the globe are among the signatories to the letter. Also, a dozen business representatives expressed their opposition to the measure, as they raised concerns about Digital Euro “making some websites inaccessible to EU citizens”.
According to the EFF and the letter writers, if the European Union goes ahead with the CBDC project, its citizens will need to download customised web browsers, different from the ones provided by Apple, Google, and Mozilla.
A website that uses security certificates to encrypt its content is indicated by a padlock in the address bar of your browser. What if someone could change every certificate on every website you visit? Then, everything you see is visible to them. Including all of your financial information, chat history, information from the health website you visited, and more.
A certificate authority, typically a business, is responsible for issuing security certificates for websites. Google Chrome has about sixty certificate authorities it trusts. The root certificate that the certifying body issues is one of several components that make up security certificates.
It’s the component that allows the issuer to change any certificate and intercept any user’s online activity. They are not just interfering with the websites that they have security certificates for. For this reason, when root certificates and issuers behave improperly, browser developers want to be able to delete them.
Google took down TrustCor’s certifications from Chrome earlier in 2023. It came after a story in the Washington Post that claimed TrustCor had ties to US intelligence services.
The EU wants its member governments to be able to choose the root certificate providers. It also wants to prevent browser developers from having the ability to remove them if they misbehave. A formal procedure is followed. A web browser needs the government’s permission to delete a provider, should it be listed in the first place.
The EU is certainly justified in wishing to establish more certifying authorities of its own. Whether it realises the implications is the question. In any case, that’s alarming.
Digital identities will first be stored in EU digital wallets. Wallets will hold the digital euro when it is eventually issued. Your financial, health, and other information may also be stored in an eIDAS wallet. It is probably pretty personal for the most part.
The prevention of information cross-linking is one of the main problems associated with identity. Therefore, there is a chance that the data you share with different people will be aggregated if all of the data you share has the same identifier, which isn’t always your name.
In a speech given in February 2023, Wojciech Wiewiórowski, the European Data Protection Supervisor, stated that “this identifier inherently creates risks for individuals, such as the full and possibly unnecessary ability to link personal data across sectors and actors, wide consequences in case of identity theft, surveillance, and of course abuse by marketing practises.”
Another side of the coin
The digital euro, dubbed Cash+, will be available to all EU nationals. They can accumulate up to €3,000 or €4,000 in the currency, before paying merchants.
The ECB will be issuing the digital euro, in contrast to cryptocurrencies like Bitcoin, which are created and distributed by an independent organisation.
Despite this, there are some similarities: digital money can be saved in a digital wallet without the need to open a bank account and will be powered by the same blockchain technology as cryptocurrencies.
Brussels anticipates that its growth will lessen EU reliance on foreign payment processors, particularly the US behemoths Visa and Mastercard, who already control the majority of the world’s card payment business.
Others, however, contend that the EU’s proposal to introduce a digital currency is problematic, particularly for banks.
The European Banking Federation issued a warning in March regarding the “significant risk for banks” due to the possibility of bank runs, as clients may retain their money in digital wallets and accounts, removing it from the banks’ balance sheets.
The commission warned that “the costs of no action can potentially be very large” and stated that the digital euro’s “long-term benefits… outweigh its costs” in the initial proposal.
Those who reside in the Eurozone would be the first to have access to the currency.
Currently, the European Central Bank (ECB) faces some degree of public mistrust because, in theory, the European Union will have easier access to information about all payments than it does now when a banking intermediary must go through several formalities to obtain fiscal data.
Not to mention physical currency and its absolute assurance of anonymity.
Although the Brussels proposal has previously clarified that exceptions could be made in situations like money laundering or tax fraud, it is meant to be strict when it comes to privacy protection.
Additionally, the EU stated that Cash+ would not be programmable, which means it would not have an expiration date and would not be limited to the purchase of particular goods.
The digital currency will be given “legal tender” status, which means it has to be accepted as payment, the Commission said.
The European Union’s progress towards eIDAS2.0 and the potential introduction of a Digital Euro through CBDC reflects a transformative shift in the landscape of digital identity and currency. The provisional agreement on eIDAS2.0 emphasises the importance of digital wallets connected to national identities, aligning with the evolving needs of a digital economy.
While the European Central Bank actively pursues the Digital Euro to secure strategic autonomy in payments, concerns about privacy and surveillance have surfaced. The opposition, highlighted by over 500 cybersecurity experts and business representatives, emphasises potential risks and the need for robust privacy protection.
The evolution of digital currencies, like Cash+, presents both opportunities and challenges. The EU’s push for payment autonomy aims to reduce reliance on external processors but raises concerns about bank stability. The debate around privacy, security, and the impact on traditional banking underscores the complexity of this digital transformation.
The introduction of a digital euro has both its supporters and detractors. The EU looks firm as of now to reduce reliance on foreign payment processors and increase Europe’s payment autonomy. Will it listen to the critics? Only time will tell.