Canada and EU agree to work more closely on use of digital credentials
Canada and the European Union are working on ways to recognize the use of digital credentials, including transactions made through digital wallets, for business and personal purposes.
The Minister of Innovation, Science and Industry, FranÃ§ois-Philippe Champagne, said this morning that after a series of technical workshops, the two jurisdictions have agreed to collaborate on research and innovation on digital credentials. Other countries may be invited to join the work.
The goals are to ensure that trust in digital credentials is maintained and privacy is protected.
A digital identifier is a portable digital record of a claim made by a business, organization or individual, the government said in a press release. It can be stored and shared through a digital wallet, serving as a digital representation of traditionally physical certificates or information, such as driver’s licenses, business licenses, certificates of incorporation, or airline tickets.
All entities in the economy and society can trust digital credentials as they rely on cryptography to detect fraud and verify the authenticity and issuer of digital credentials, says. the report of the workshops.
There are already commonalities between Canada and the EU that could be built upon to advance the implementation of digital credentials, notes Ottawa. For example, there is some use of hyperledger-based solutions in Canada and the EU, including Hyperledger Indy and Fabric, and the esatus digital wallet.
According to a background report also released today, a key finding from technical workshops held earlier this year was that Canada and the EU already have a variety of different Autonomous Identity (ISS) and digital ID technologies in use. in their jurisdictions, many of which are not interoperable with each other. In addition, different ISS and digital ID technologies and approaches are emerging in different economic sectors and at different levels of government, creating the risk of economic and jurisdictional technological silos.
Therefore, Canadian and European experts recommended that the two jurisdictions work according to the following common principles and approaches:
âTransactions in the global economy and society are built on trust, where each party to the transaction is convinced that the other is who they say they are and that the information provided is true,â the report partially states. âHow to secure that trust in a digital world has become an increasingly important issue facing governments and organizations around the world, with massive implications for the health and vitality of the global economy. “
The workshops revealed that there are two main gaps for Canada and the EU. First, there is a lack of standards for digital wallets, resulting in a “wild west” atmosphere in the space and endangering trust in the system and the potential for interoperability. In response, standards are currently being developed by both parties. The second key gap concerns zero-knowledge evidence (ZKP), a new approach to sharing information without sharing personal data, which is also ahead of current policy frameworks.
The workshop summary indicates that the ZKP, while desirable, continues to be a problem as it is not legally binding and could pose a problem. âIt is important to develop a thorough understanding of this new approach before taking steps to standardize it. Said the summary. âThis deeper understanding will also help inform related policy development. For example, there is currently confusion as to whether ZKP evidence could be considered personal data, which would lead to conflicts with the General Data Protection Regulation (GDPR). “
The workshops identified three risks that need to be addressed through the Canadian and EU trust frameworks:
- Supplier lock, which means becoming dependent on a specific supplier for products and services, without having the ability to switch to another supplier without substantial expense or effort. This risk could be mitigated by relying on open standards and technological interoperability.
- Efragmentation of ecosystems, where different communities develop their own standards. Examples include emerging approaches to COVID travel, education and credentials, all of which have momentum and are being developed largely in isolation from each other. While a healthy and diverse ecosystem of actors and initiatives is positive, the challenge lies in how to mitigate siled approaches to ensure mutual recognition, scalability and adoption beyond a context. specific. It is necessary to examine how to deal with a lack of control over these various ecosystems.
- Pplatform capture. As the biggest players on the platform move into the digital wallet and identity space, there is a risk that they will dominate the market and have disproportionate influence on standards. There is a need to establish an approach that balances consumer choice and healthy markets with mitigating the potential damage of private sector control over personal data and privacy.
Canada and the EU will continue to cooperate in the development of standards and certifications for digital credentials. This will include joint proofs of concept and pilot projects for end-to-end digital credential use cases, ultimately leading to the establishment of mutual recognition for digital credentials and services. digital trust through formal agreements.