Following the EU Regulation 910/2014 concerning electronic identification and trust services for electronic transactions (EU verordening betreffende elektronische identificatie en vertrouwensdiensten voor elektronische transacties in de interne markt (eIDAS) ), the Dutch government published the Digitaal 2017.
Digitaal 2017 includes various legislative proposals regarding the implementation of eIDAS, one of which is a new law referred to as Wet generieke digitale infrastructuur (GDI). Through the GDI, the Dutch government aims to create an ecosystem of authenticity tools in order to prevent identify fraud cases.
The legislative proposals also include the Dutch government’s vision to carry out all necessary communication with government agencies digitally. At the moment, the only available digital method for government related communication is the platform DigiD. With the introduction of the eIDAS however, DigiD no longer meets the minimum security standards as set out in the GDI.
Moreover, from a recent consultation between the government and the commercial sector, it followed that the GDI is also lacking from various angles. Firstly, it was noted that the GDI is built on outdated technology. Secondly, it is unclear which government regulated sectors the GDI will apply to, and how the government is planning on enforcing this. Lastly, the rules regarding the provision of the authenticity tools are vague and for example do not make clear which authenticity tool will be used by which sector.
In order to upgrade this platform, the government plans to have a chip built into identity and license cards through which citizens will be able to log on to the DigiD platform. It also wants to make it possible to log onto this platform via personal bank accounts, as well as through apps.
For now however, it has been established that the only digital government platform that is currently available to Dutch citizens does not meet the EU level of authenticity security, and that whilst a law has been introduced to address this matter, various elements require to be revised as well as added to the GDI in order to ensure compliance with the eIDAS.