A European IT security agency has called for a co-ordinated strategy for the privacy of personal data in 23 national electronic identity card schemes now in force or planned across the EU.
Enisa (the European Network and Information Security Agency) said in a position paper on security features in European eID schemes that they lack a co-ordinated strategy for how to protect the private data stored by the card. "This is both an obstacle to eID interoperability and limits its acceptance by the users," the agency said.
Andrea Pirotti, Enisa's executive director, said, "Privacy is an area where the member states' approaches differ a lot and European eID will not take off unless we get this right. The fundamental human right to privacy must be guaranteed for all European eID card holders."
Enisa found 10 national eID card schemes in force, with 13 in the pipeline. eID cards are currently used mainly for tax declarations and other e-government services, but more commercial applications are emerging, it said.
"In all these applications, the eID card is a gateway to personal information, be it at national or European level," it said. "It is vital to address privacy concerns related to eID, namely the unwanted disclosure of data and subsequent misuse."
The paper provides an overview and comparison of the privacy and protection measures used to reduce 14 risks to personal privacy that result from eID cards. It also lists eight techniques available to address and mitigate these risks.
Einsa has been unable to establish the specifications for seven crucial aspects of electronic identity (eID) cards planned for the UK and other leading EU nations. Its findings come as the House of Lords' constitutional committee prepares to publish its report on citizen surveillance.
The lords are worried that the increased use of CCTV, the NHS electronic patient record, the national ID card, and other data collection, storage and sharing systems affect the basic relationship between the state, business and the citizen.
Technical aspects of eID cards
Interfaces and functionality
Access control and encryption
Authentications vs. electronic signature
Personal unique verification
Threats to privacy from eID cards
Falsification of content
User signs a bogus document
User authenticates to a bogus server due to misplaced trust in a server
Inappropriate delegation of card
Loss or theft of card8
Physical invasive attacks involving rewiring a circuit on the chip or using probing pins to monitor data flows.
Proving the trustworthiness of personal information to a third party