The ultimate aim of regulations like eIDAS is the creation of a true Digital Single Market (DSM). eIDAS plays its role by providing the necessary authentication and trust service tools to address the needs of the DSM. To succeed, however, it is necessary to understand the precise needs of each market stakeholder.
This article briefly looks at all the stakeholders that eIDAS has to cater to. We analyze the needs of each of those stakeholders and the potential value addition provided by eIDAS and eIDAS-enabled solutions.
Technical standards and legal requirements form the bedrock of eIDAS. It has been designed from the ground up to ensure better security and interoperability while simplifying the actual implementation as much as possible. The regulatory environment is a complex mixture of national and supra-national guidelines, and eIDAS cannot hope to succeed without taking all of them into consideration simultaneously and providing an integrated solution.
Regulators, national competent authorities, and supervisory bodies rely on the solutions provided by eIDAS to minimize non-compliance and any potential breaches. They want the market to operate smoothly and with as little manual intervention as necessary.
The demand side of the market is composed of the users of eID and trust services. These can be service providers like banks, companies, universities, public utilities, hospitals, governments, etc. These organizations use eIDAS-provided tools to deliver services to their customers.
Also on the demand side are the end-users, including retail customers and businesses that utilize business providers' and governments' services. eIDAS has to ensure that the needs of both these groups are met. The potential solutions must be cheap and easy to deploy, easy to use, cost-effective, and so on.
Supply side users
The supply side is made up of various groups as well. These are the eID service providers and the eTrust service providers that build and deploy solutions on behalf of their clients that need them. There are other supply-side stakeholders as well, like hardware providers, software developers, solution integrators, etc.
This group is responsible for building, deploying, and maintaining the solution in most cases. They need the solutions to be easy to implement and free of any vulnerabilities or drawbacks.
Intermediaries and Facilitators
Finally, we have entities such as consulting companies and solution providers that advise their clients to deploy a particular solution to meet their needs. They can play a crucial role as many companies do not have the in-house expertise to assess various solutions and rely on consultants to develop a broad strategy for their businesses.
Over time, these consulting companies must develop a good understanding of the various eIDAS-enabled solutions along with the potential cost, volume, and other such aspects. Successfully implementing any solution would depend on the overall business strategy outlined here.
We have barely scratched the surface of the various stakeholders' various needs in the Digital Single Market. Yet, we can already see how all of them are related in one way or another and how managing the complex interplay of their individual needs would lead to a successful outcome. The design philosophy behind eIDAS has ensured that the market's requirements are met to the greatest extent possible.
References and Further Reading
- REGULATION (EU) No 1316/2013 establishing the Connecting Europe Facility, amending Regulation (EU) No 913/2010 and repealing Regulations (EC) No 680/2007 and (EC) No 67/2010(12/2013), by the European Parliament and the European Council
- Selected articles on Authentication (2014-today), by Heather Walker, Luis Balbas, Guillaume Forget, Jan Kjaersgaard, Dawn M. Turner and more
- Selected articles on Electronic Signing and Digital Signatures (2014-today), by Ashiq JA, Gaurav Sharma, Guillaume Forget, Jan Kjaersgaard , Peter Landrock, Torben Pedersen, Dawn M. Turner, and more
- The European Interoperability Framework - Implementation Strategy (2017), by the European Commission
- Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (2016), by the European Commission
- REGULATION (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (2016), by the European Parliament and the European Council
Proposal for a REGULATION concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications), (2017), by the European Parliament and the European Council
- Revised Directive 2015/2366 on Payment Services (commonly known as PSD2) (2015), by the European Parliament and the Council of the European Union
- REGULATION (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC (2014) by the European Parliament and the European Commission
DIRECTIVE 2013/37/EU amending Directive 2003/98/EC on the re-use of public sector information (2013) by the European Parliament and the Council
Image: Pmbok cafe s2w2 stakeholder 010, courtesy of Robert Higgins, Flickr (CC BY 2.0)