Brussels Privacy Hub report on “Legal Bases For the Use and Operation of European Digital Identity Wallets” written by Niko Tsakalakis and Alessandro Ortalda has been published today.
Introduction of the Report:
“eIDAS 2.0 introduces the concept of European Digital Identity (EUDI) Wallets as an additional means of performing electronic identifications when EU digital services require it. Since electronic identification is a form of processing of personal (identification) data, lawful processing must comply with the obligations under the GDPR. Digital services requesting electronic identification will justify their processing by the legal basis that is most appropriate for their processing purpose, e.g. a legal obligation for public-sector services or performance of a contract for private-sector services. However, this is distinct from the processing performed by the EUDI Wallet itself. Since the use of EUDI Wallets is optional, in addition to existing traditional and electronic identification means, their use will likely depend on the consent of the Wallet owner (i.e. the data subject). Consent, as the agreement of the data subject of the processing of their personal data, is therefore of paramount importance for the use of EUDI Wallets. At the same time, consent appears in eIDAS 2.0 and related documents to also signify user confirmation functions for security and transparency requirements. The two concepts are different, and they should be clearly distinguished into data subject consent and user confirmation requirements.”
You can reach the article from the following link: