An observable trend in eGovernment initiatives throughout Europe in recent years has been the emergence and rollout of electronic identity (eID) schemes that allow individuals to manage and authenticate their identities in conjunction with the use of online public services. The development of national eID schemes can also be situated in the context of the encouragement of the deployment of eID schemes at the EU level with the adoption two years before the GDPR of the Regulation on electronic identification and trust services for electronic transactions in the internal market (eIDAS). eIDAS defines an interoperability framework for national eID schemes, which should ‘facilitate’ data protection by design. It is however not clear what the implications of GDPR Art. 25 should be for eID schemes.
• What should the implications of GDPR Art. 25 be for national eID schemes?
• How will the eIDAS interoperability framework impact upon the level of data protection guaranteed by national eID schemes?
• How to demonstrate data protection by design for eID schemes?
• What are the implications of the push for expanding the use of eID schemes to enable access to private services?