Foreword CASE STUDY: EID PROJECTS, FROM CAPABILITY TO USE

Case study: eID projects, from capability to use

Paolo Spagnoletti, LSE and LUISS, Italy and Stephan Freh, LSE 

We now review eID initiatives addressing their technical, formal and social/informal dimensions. We highlight issues of interoperability of eID projects in these dimensions. 

 Overview of eID projects

There are currently several projects on IMS, with differences in terms of objectives, scope, budget and policy. Most of these projects are not yet completed and in some cases, such as in Canada and Korea, eID projects failed because of budget and privacy issues. 

This section aims to provide a high-level overview on the current status of international and European eID projects and of EU research projects. Furthermore, it analyses key projects and highlights drivers and obstacles that lead from capability to use. The research data of this chapter is primarily based on a working paper of the European Commission (CEN/ISSS 2004 ), a white paper of the Information Society Technologies (Ringwald 2003 ), a survey of a government advisory agency (Hayat et al. 2004 ) and on the information available from the links of the “eGoverment Observatory” area of the IDABC website (http://europa.eu.int/idabc/en/chapter/140).

To perform the analysis we reviewed the projects using three dimensions. These dimensions are related to the main issues of the development of ID management systems. First, we look at the issues in the adoption of different technical solutions, such as biometrics, smart cards, PKI, etc. Second, we introduce privacy concerns and the influence of local legislation in the decision-making process of government. Third, we focus on the possible roles of governments in driving the move from capability to use. A more detailed study on PKIs and biometrics, specifically from the legal and technological point of view, is presented in D 3.2. 

Technological issues 

The secure identification and authentication of the end-user of a smart card system remains one of the main technical issues of eID systems. The smart card is used mainly as a secure access mechanism to e-services. For all kinds of e-Government services it is of utmost importance that the identity of the card holder - who is not physically present in the offices or outlets of the government but at the other end of a network connection - may be verified with very high reliability. Simple passwords or PIN codes might very well be acceptable from a legal point of view and may well limit liability but form no ‘real’ proof that a person is indeed who he or she claims to be. This is because of the simple fact that passwords and PIN codes can simply be handed over from one person to another, either willingly or by loss or theft. This is where biometrics comes in. Biometric characteristics (either physical or behavioural) cannot be transferred between persons. 

Though the work on the development of a policy framework for European passport described in section of this document, at this point in time only very few European countries are on their way of introducing biometrics for end-user verification in combination with the national ID card (See FIDIS deliverable D3.2). This is despite the fact that worldwide more than 70 countries are applying biometrics for card holder verification purposes.

The reasons for the European delay can be found both in the incomplete standardization in biometric technologies and in the complexity of risks that arise when using biometrics. In essence, a biometric is comparable to a PIN which can never be changed; hence, if it is ever compromised, it is compromised for ever. PINs are protected by ensuring that they never leave the secure PIN-pad at the ATM or EFT/POS terminal. Unless a similar approach is adopted with biometrics, and central storage of such identifiers precluded, individuals will be possibly subject to masquerade, identity theft and identity denial, not only by other people, but also by the State. Another area of threat is the application of location and tracking technologies to people (Clarke 1999 ). By combining the tracking of devices with authenticated identities of individuals, enormously powerful social control mechanisms would become available to corporations and governments alike. Furthermore, from a technological point of view, there are also issues on reliability and security of biometric data (see D 3.2).

Privacy and legal issues 

From the point of view of regulations, the main issues lie in the ways to manage identities in different States. For example, in Austria or in Hong Kong, holding an ID card is mandatory for every adult, while in the UK or the US state-issued ID cards do not currently exist. Furthermore, the development of eID management systems becomes easier in a context where large database containing citizens information are already available. This is the case in Malaysia (CEN/ISSS 2004 ). In fact, the government, in order to issue a national eID systematically, has to gain access to all necessary information required for the registration process concerning its citizens and businesses. While for example most former Eastern European countries have a central registry of all their citizens, most common law countries do not have similar data marts. As a result nationwide eID solutions in common law countries require a greater number of interconnections, are of greater complexity and require a higher level of interoperability. However, this also means that a common law country would need considerable change to its laws and regulations in order to allow its government agencies to implement such national eIDs. This is probably one of the key reasons, why countries such as the USA, Canada or Australia do not have a national eID nor do they plan to issue one. In fact, only 3 common law countries worldwide have a national eID solution in comparison to 27 code law based countries where a national eID is in place or in preparation.

Examples of projects terminated for legal and privacy issues are the 1998 Argentina smart card project with fingerprint biometrics, the 2001 national eID card in Israel and the Korean eID card. In the latter case the Korean Government undertook a feasibility study in 1996 for a smart card based national ID card holding personal data, a national ID number, health insurance information and also a credit card as well as a public transport function.  

Additional problems, in terms of interoperability, arise when the implementation of eID solutions have to face different national regulations. In fact, the legal assessment becomes more complex if, in addition to the various national areas of regulation, other geographical areas such as for example the US or Japan have to be implemented in the e-ID concept. The European Union clearly has the most regulated environment for data protection and electronic signatures. US regulation tends to be more pragmatic than EU regulation and hence more flexible. Other regions of the world do not match the level of US/European regulation in this area.  

Business and political issues 

In this section we describe national and international forces driving the process of adoption of eID solutions.  

A brief scenario of the worldwide adoption of eID solution can be depicted as follows. The Anglo-American regions are not ID card minded. In Canada, a national ID project was withdrawn under public pressure and the same applies in Australia. On the other hand, electronic ID cards are booming in the Far East (Japan, China, Hong Kong, Malaysia etc) as well as in the Middle East. 

Interestingly, China, Japan, Korea, Hong Kong and Singapore have agreed to concerted action to develop a cross border interoperable smart card (Silk Road Card).  

The EC has considered eID so far as a political minefield where national interests and privacy issues are dominant and has therefore not stepped in. However strong external pressure – coming from the US VISIT program is rapidly changing this situation and has forced Europe to organise itself in the eID arena. This is already leading to the speedy introduction of biometrics in passports. This will also influence the adoption of biometrics in the national eID cards domain although not necessarily using the same technical solutions.

In order to better understand the national level strategies driving the move from capability to use, we suggest an in-depth analysis of Asian countries where successful projects have been launched. An interesting aspect is the different role assumed by the governments.  

Whereas in China a mandatory policy has been adopted aimed to kick off the world’s largest National Citizen eID system issuing what will be ultimately contactless chip cards to 900 million citizen, different approaches have been adopted by the Hong Kong and Malaysian governments. 

The Hong Kong government leaves to the cardholders the free choice of deciding whether or not to include applications such as Post e-Cert in their smart ID card in order to promote awareness and growth of the service. Hong Kong expects this will also encourage and drive industry initiatives to develop new business applications or services relating to the use of e-Cert on smart ID cards. A different role has been played by the Malaysian government in the deployment of his Multi Purpose Card Project. 

The Government Multi Purpose Card project is one of seven flagship applications deployed by the Malaysian government to attract leading edge technology development to Malaysia. One of the big advantages in support of the project was that the Malaysian government had already a very effective National Registration Department that was charged with the issuance and maintenance of a paper-based national identity card. The MyKad incorporates in the national identity card several function such as Passport application, Drivers License, health card, retail transactions, tolls on the highways and parking, payment on the urban transport network and a PKI based digital signature application. The card supports an Automatic Teller machine (ATM) application for cash withdrawal, e-debit transactions to pay for government services and to conveniently reload the e-purses. Further details on the Malaysian project can be found on (CEN/ISSS 2004: 57 ).

 eID Interoperability Initiatives and Projects

Up to the 19th century, merchants, who moved to a new city where they were not personally known usually carried with them a “letter of recommendation” from their bank, monarch or any other trusted third party, which would assist them to be identified and integrated into their new community. When reference is made to pan-European identity and ID management, it is exactly this process which is discussed – verification and authentication of citizens and businesses to unknown European government agencies, and as referred before in this document eID, which is also known as Electronic Identity (CEN/ISSS2004 ).

We will use the Technical, Formal and Informal model as a lens to analyse the survey data. Firstly, we address the technical domain. It merges the results of three surveys and complements it with extensive online research. Secondly, we deal with the formal level of eID interoperability. Government agencies operate in a strictly defined legal environment. The legal framework aims to restrict the power for the purpose of preventing the citizen from government arbitrariness and ensuring their privacy ). In the case of eID interoperability projects, the formal level is represented by the legal framework in which the country is working. Thirdly, we address the informal level of eID interoperability. While the grounding data of the first two levels is primarily based on quantitative data, the informal domain is approached with a qualitative analysis of several eID interoperability research projects.

We now present the findings from an analysis of various surveys available and online research (CEN/ISSS 2004, Ringwald 2003 ; Hayat et al. 2004 ). While projects vary significantly in their objectives, scope, budget and policy, we emphasise identification of differences of interoperability in relation to the informal notion of efforts undertaken by the governments achieving interconnection. In order to do so it is therefore critical to understand the current eID interoperability status of the countries surveyed.

As an initial step, 67 countries were identified as requiring closer analysis. This number includes the EU 25 and all countries that were part of the eID surveys mentioned above. At this point, it should be stated that the level of information on eID projects in these surveys varied considerably from country to country. However, the information on the countries in these surveys quite often showed significant similarities in content, structure and length. In other words, it is anticipated that large amounts of information from previously published surveys were reproduced in later surveys with little further additional research being carried out. 

shows the number of countries supporting various eID functionalities. 67% of the 42 countries (excluding the EU 25) have made the decision to introduce an eID, and an even higher percentage of countries (80%) are planning one but have not yet reached a formal decision. Several countries including Australia, New Zealand and the US, have made the decision not to introduce a nationwide eID in the near future.

Figure : Number of Global Countries (EU 25 excluded) Supporting various eID Functionalities

Multifunctional eID solutions can be used in a great number of different domains and require an even more complex interconnection, and these are therefore of special interest to us. Multifunctional eIDs are not necessarily but usually supported by smart card and digital certificate technology. Although, less than a third of the countries support or plan to support these features. In any case when digital certificates are used, the argument arises as to who will be the Root CA. This is closely linked to liability, privacy and most importantly to power issues. Apart from Norway and Singapore, all countries surveyed operate with a government agency controlled Root CA. 

Advanced biometric solutions are usually linked with data and identity security. Technologies such as digital fingerprints, DNA codes, iris scans or facial recognition are classified as advanced in comparison to technologies such as photos, signatures or physical descriptions of individuals. Advanced technologies are primarily used for all types of fraud prevention. However, less than 50% of the countries which either have or plan eIDs are supporting any kind of advanced biometric technologies. 

Interoperability from a customer focused point of view is often linked with convenience. Being able to use a single form of identity across different communication channels for corresponding with various parties is perceived as an enhancement of service and increased convenience, which should ideally result in a higher individual satisfaction. Government authorities therefore intend trying to interlink as many agencies as possible. Often this includes organisations from the private or commercial domain as well. In particular payment, transport and security control service providers are of special interest. Nonetheless, at present only a quarter of countries support or plan so support the use of a national eID in the private and commercial domain. 

At the formal level, interoperability of eIDs is primarily seen through the lens of legal frameworks. In order to issue a national eID systematically, the government has to gain access to all necessary information concerning its citizens and businesses required for the registration process. While for example most former Eastern European countries do have a central registry of all its citizens, most countries based on a common law system do not have similar data marts. This is most probably one of the key reasons, why countries like the USA, Canada or Australia do not have a national eID nor do they plan to issue one. In fact, only 3 common law countries worldwide have a national eID solution in comparison to 27 code law based countries where a national eID is in place or in preparation (CIA 2003 ).

In Europe, the current situation with regard to national eID interoperability appears different. While only little more than half of the EU 25 countries have either already launched or are planning to issue a national eID, the projects seem to be quite ambitious in terms of interconnection complexity and use of advanced technology.  

Whereas 14 countries plan an eID solution, shows a greater number than 14 countries are working on or are already supporting various eID functionality. This is the case as France and Italy have more than one national-wide eID project running and as multiple initiatives are reflected in the chart. Almost 80% of the EU 25 will offer a Digital Certificate service to its citizens and businesses by 2008 out of which Estonia, Luxemburg and Sweden do not have a government managed Root CA.

 While a relatively high proportion of EU 25 countries are in favour of Digital Certificates, their willingness to work with advanced biometrics is rather limited in comparison with the rest of the world. Whereas, to date, 5 countries plan to use digital fingerprints, facial recognition and other similar advanced technologies, 8 countries have concluded that they do not believe that such high security measurements are needed.

Another significant difference is the collaboration approach of a majority of the European eID interoperability projects. While a high proportion of tax, health, social security and other government agencies will be able to use the national eIDs for identification and authentication purpose, more than half of the countries plan to open its eID solution to commercial organizations. 

Figure : Number of EU 25 Countries Supporting various eID Functionalities

An analysis of formal differences between countries based on their legal system (common law versus code law system) showed, on a global view, a considerable difference in level of adoption. However, a similar scrutiny among the EU 25 would not be of any relevance as the UK and Eire are the only countries within the EU with a common-law based legal system. Therefore by far the more challenging and pressing problem appears on a pan-European eID interoperability level, since the individual national legislation has to be harmonized in order to allow EU Member States to share, interconnect and use national versatile identities. Issues like data protection, privacy, information liability, access authority and the quality of authentication are heavily disputed issues. 

 EU Interoperability and Identity Related Programs

We now review various EU initiatives to establish pan-European eID solutions. As most research in Europe is fragmented into national programmes, the Information Society Technologies (IST) priority within the EU’s Sixth Research Framework Programme (FP6) focuses on bringing universities, research institutes, small and large companies and governmental organisations together. FP6 can be seen as an umbrella program and it coordinates a great number of activities, which are scheduled for the period 2003-2006 (Information Society and Media DG 2005b ). shows a rating of current FP6 funded interoperability eID related projects. The TFI model is used in identifying whether a project focuses at a technical, formal or informal level. A maximum combined score of 10 can be given to all 3 levels of the TFI model (1 being the lowest and 10 being the highest).

Table : TFI Rating of FP6 Interoperability eID Related Projects

eTEN is the European Community Programme designed to help the deployment of telecommunication networks based services with a trans-European dimension (Information Society and Media DG 2005d ). The program is split up in the following six research areas: eGovernment, eHealthcare, eInclusion, eLearning, Services for SMEs (eBusiness), and Trust and Security services components. eTEN focuses heavily on the legislative (formal) level as well as on the technical level. However, it hardly addresses issues at the informal level and it is found that eTEN has low relevance to interoperability.

The Electronic and Secure Municipal Administration for European Citizens (eMayor) project aims to provide secure, interoperable and affordable web services for small and medium sized government organisations (SMGOs) across Europe. The development of eGovernment web services in smaller municipalities is often hindered by lack of financial, political or legal support. Security and technical problems cannot be solved as the required expertise or infrastructure is not available. eMayor looks into the issues which are the main barriers to progress. By creating an eGovernment platform eMayor intends to help SMGOs overcome these barriers (Deloitte 2005) . eMajor scored relatively well on the informal level as it considers cultural and regional related differences of eGovernment approaches. It is further rated as having a low and medium relevance to eID and interoperability.

The Government User Identity for Europe (GUIDE) program will create a European conceptual framework for electronic identity management for eGovernment. Technologically, it will begin the development of an architecture for secure transactions between administrations, citizens and businesses as well as fostering back-office process integration. The social objective will start to create the institutional setting in Europe to endorse take-up of eGovernment services including social, ethical and legislative research (IST 2005 ). The project’s approach is multi-disciplinary and includes technology, procedural and policy development across Europe. GUIDE consists of 23 organisations from 13 countries (GUIDE2005 ). This program has an extremely high relevance to eID interoperability. In addition, it pays comparatively great attention to the informal level.

The Intelligent Natural Language Based Hub for the Deployment of Advanced Semantically Enriched Multi-channel Mass-scale Online Public Services (HOPS) program is a three-year project focused on the deployment of advanced semantically enriched ICT voice-enabled front-end public platforms in Europe permitting access for European citizens to their nearest Public Administration (Inforamation Society Technologies 2005b ). The main objective is to address the mass-scale deployment of new online public services supported and accessible by voice channels. The project is based on the integration of voice technologies such as automatic speech recognition with natural language process technologies, complemented by a public administration sector-specific implementation of semantic web technologies (Montserrat 2005 ). HOPS understands semantic differently to the approach that is taken by this paper. HOPS’s research concentrates on a rather technically driven view of semantic. When argued through a TFI lens, HOPS pays little attention to the formal and informal level. While it is rated as being not relevant to eID issues, it is of medium interest to interoperability.

The IntelCities (Intelligent Cities) project is focusing on eGovernment, ePlanning and eInclusion. It creates a shared, interoperable platform which will act as the basis for an eCity Platform which can deliver services and applications based on new and innovative forms of ambient intelligence. The eCity platform will collect information from many sources and present it through a virtual city that can be accessed by anyone who has access to a web browser, a mobile phone or other internet capable devices (IntelCities 2005 ). IntelCities is probably the most technically related project of all the seven examined in this paper. Its aim is to create a middleware solution and to outline processes for a successful implementation of it. Furthermore, its relevance to eID and interoperability is rated as low and medium.

The Impact of eGovernment on Territorial Government Services (TERREGOV) program addresses the issue of interoperability of eGovernment services for local and regional governments. The project integrates the dimensions of technological R&D, pilot applications involvement and socio-economic research in order to offer a European reference for the deployment of interoperable eGovernment services in local governments (Spy-Anderson 2005 ). TERREGOV shows a healthy balance of the technical, formal and informal level. It specifically focuses on semantic and social research in regards to interoperability. Moreover it is of great relevance to interoperability compared with little importance to eID issues.

Perhaps the most important initiative towards eID research among the EU 25 is eEurope (Malkom 2002 ). It is a political initiative that settles concrete action plans agreed by the European Council. In the area of eID the action plan settles a roadmap for secure networks and smart cards as part of the main objective for a cheaper, faster, more secure internet (Iversen et al. 2004 ). The action plan highlights the need to accelerate, consolidate and harmonise the use of smart cards across the EU. eEurope contributes significant research to informal as well as technical issues and is of high relevance for both eID and interoperability.