D4.2: Set of requirements for interoperability of Identity Management Systems

FIDIS BARRIERS FOR INTEROPERABILITY

Barriers for interoperability

Barriers were analysed at three different levels: Technical – Legal – Cultural  

Technological/technical barriers 

In some countries, interoperability seems to have been fully achieved (Austria – Leitold). However, at EU level, standards should be defined in order to grant technical interoperability. In the same vein, the expert says that any system which is defined in a way that it does not require any specific hardware is most likely easily interoperable with other national solutions. It can be concluded that the use of specific technology (i.e. smart card, etc.) would hinder interoperability at a technical level.

On the other hand, Marc Sel says that one of the obstacles is the existence of massive installed legacy databases. It will take a long while, probably decades, before they are all replaced by systems which enable interoperable IMSs. Technology will also have to meet the different interests of the parties involved; Users may want restricted interoperability, over which they keep control, while merchants favour more far-reaching interoperability, for example, to be able to cross-sell.  Moreover, the merchants as a group may not be interested in cooperating with each other, because they also have different interests and may lose competitive advantage if they work with interoperable IMS.

Legal barriers

One problem comes from the fact that some countries come with their own solutions and as it has been noted by Weck, particular countries naturally try to push through their solution, which of course may create problems. 

Another obstacle comes from the fact that the legal framework needs to be further adjusted to the use of interoperable and cross-country IMS.  The legal gaps need to be identified by the specialists.

As an example, Leitold says that the EU Signature Directive was not sufficient to fulfil Austria’s requirements on privacy and data protection. This will most likely also be the case with other EU country’s legislative regulations. As a result most EU members will pass additional laws that might hinder interoperability on a legal level. 

Cultural barriers:

One of the biggest cultural problems comes from the force of habit. Weck notices that people are used to established structures and are tied to existing infrastructures, so that it makes them reluctant to change. Leitold explains that because of immense differences in the historic backgrounds of countries a European-wide interoperable eID solution will take a while. Austria for example is a country in which only a minor percentage of the population owns an ID card, which makes it difficult to elaborate a full IMS system. 

Interoperability of IMS is also often not well understood and therefore, creates doubts and uncertainty in the minds of the users, government and merchants. At the specific side of the users, there is also fear of surveillance, of ‘big brother’ watching everything they do, and of potential misuse (Sel). Moreover, as a result of the EU Signature directive, an eID solution designed only according to this directive is not workable in practice. For example the EU Signature Directive defines that identification is also sufficient after a specific transaction has been completed. In practice this is not possible as most working processes require an identification and even authentication before a specific working progress can be started. This is only a small example but shows that most EU member states will handle their processes in different ways. These different work practices and many other issues will hinder a European-wide interoperability on a cultural level. 

Finally, Weck underlines a lack of knowledge. It is hard to see where interoperability is missing. Moreover, there are targeted attempts to let interoperability fail (hoping for an advantage in competition).