On Thursday 9 June, Member States discussed the latest compromise version from the French Presidency of the Council of the EU (FPEU) on the future European electronic identity wallet at a meeting of the EU Council’s Telecommunications Group.
The new version of the text first includes several references to the NIS 2 Directive, which is intended to ensure a high common level of cyber security across the EU and on which the co-legislators reached a provisional political agreement on 12 May (see EUROPE 12952/1).
The compromise document specifies that, in the event that the Commission adopts an implementing act or the EU concludes an international agreement on the mutual recognition of trust services, trust services provided by providers established in the third country concerned would then be considered equivalent to trust services provided by service providers established within the EU.
However, the text adds, these implementing decisions and other agreements should ensure that the requirements inherent in the electronic identity wallet, such as effective supervision of trust services and compliance with the requirements applicable to trust service providers, respect the framework set by the NIS 2 Directive.
In addition, the French Presidency of the Council of the EU stresses that user entities should communicate to Member States their intention to use European Digital Identity Wallets. They should also specify the intended use of the wallet through a list of their services that will rely on it.
The wallet, in turn, should be able to validate the identity of the parties relying on it and verify that they are authorised to provide specific services.
In addition, the French EU Presidency compromise also addresses the issue of providers of non-qualified trust services.
On this point, the FPEU considers that these providers should notify the supervisory body, the persons concerned and, if it is in the public interest, the public, of “any breach or disruption of the provision of the service (...) no later than 24 hours after becoming aware of it”.
Finally, the compromise document also addresses the issue of archiving systems. In this respect, it also suggests that, “insofar as electronic archiving services are not fully harmonised”, Member States may “maintain or introduce national provisions, in conformity with Union law” to allow certain derogations for services integrated into an organisation and strictly used for the ‘internal archives’ of that organisation.
See the compromise document: https://aeur.eu/f/220 (Original version in French by Thomas Mangin)