Publish the first trust story collection
validate / validate (push) Successful in 23s

This commit is contained in:
Compleet
2026-07-14 13:58:14 +01:00
parent e7e690a8ed
commit eaf9a614d9
39 changed files with 1815 additions and 327 deletions
@@ -0,0 +1,76 @@
---
title: "The EU wallet arrives before its privacy does"
description: "Europe's identity wallet is real, useful, optional—and racing toward a privacy problem that selective disclosure does not solve."
published: 2026-07-14
editorialOrder: 1
reviewed: 2026-07-14
author: "Ana"
maintainers: ["Ana"]
status: developing
featured: true
homepage: true
section: "Identity / Now"
frontTone: paper
draft: false
tags: ["eudi", "digital-identity", "privacy", "europe"]
image: "https://images.unsplash.com/photo-1691256676376-357c3aa66c89?auto=format&fit=crop&w=1800&q=82"
imageAlt: "A hand holding a smartphone with a blank screen"
imageCredit: "personalgraphic.com"
imageCreditUrl: "https://unsplash.com/photos/a-person-holding-a-phone-in-their-hand-u1b6E6IkSGQ"
trustPattern:
claim: "A wallet can let Europeans prove facts without routinely handing over an entire identity document."
trusted: "Users must trust national wallet providers, credential issuers, relying parties, device security, certification, and the rules connecting them."
failure: "Selective disclosure can reduce what one verifier sees while still leaving repeated presentations linkable across time or services."
---
By the end of 2026, every EU member state is supposed to offer at least one European Digital Identity Wallet. That sentence used to sound like a policy aspiration. It now describes software, implementing regulations, certification work, six large-scale pilots, and a deadline.
The wallet is intended to hold more than a digital passport. A person may use it to present a driving licence, a diploma, a professional qualification, a bank-related credential, or a proof of age. Its use is legally optional. The application components installed on a user's device must be open-source licensed. Relying parties that are required to identify customers will in many cases have to accept it.
This is not nothing. Today, proving that you are over eighteen can mean showing a stranger a document containing your name, photograph, date of birth, nationality and document number. A well-designed wallet can answer the narrower question instead: **yes, this person is over eighteen**.
The European Commission calls this user control. The phrase is deserved, but incomplete.
## Four parties, not one wallet
The friendly picture is a phone containing your credentials. The working system has at least four kinds of actor:
1. the person using the wallet;
2. an issuer that signs a fact about them;
3. a relying party that asks to see it;
4. a scheme authority that decides which wallets, issuers and relying parties count.
Then come the phone maker, operating system, secure hardware, wallet provider, certification bodies, national registries, revocation services and whatever recovery process appears when the phone is lost.
The wallet moves some data and decisions toward the user. It does not remove the surrounding government and commercial trust system. It gives that system a new interface.
## Disclosure is not unlinkability
The urgent issue is not whether a credential can hide unnecessary fields. The technical formats can do that. The harder question is whether two presentations can be recognised as coming from the same person.
In its 2025 technical analysis, the European Data Protection Supervisor distinguished **selective disclosure** from **unlinkability**. Commonly deployed credential formats can reveal only selected attributes while retaining values or signatures that let a relying party recognise repeat visits. Colluding parties may gain more. Anonymous-credential and zero-knowledge systems can do better, but they bring different implementation and revocation costs.
This is not an argument to cancel the wallet. Paper documents overshare. Passwords are miserable. "Sign in with Google" is hardly a sovereignty programme. A common European alternative could be genuinely useful.
It is an argument for asking the right acceptance question. Not: *does the wallet share less data than a passport scan?* It often will. Ask: *which parties can tell that two apparently minimal disclosures belong to the same person, and under what conditions?*
The distinction will determine whether the wallet becomes a privacy tool that happens to identify us, or an identity system that happens to disclose selectively.
## The practical test
Before installing a national wallet, a person should be able to answer five questions without reading a standards repository:
- What will a service receive when I approve this request?
- Can this service recognise me next time?
- Can the issuer learn where I used the credential?
- What happens when I replace or lose my phone?
- Can I use the service another way?
If the interface cannot answer those, "full control" is still a policy claim rather than a user property.
### Sources
- [European Commission: EUDI Regulation and end-of-2026 rollout](https://digital-strategy.ec.europa.eu/en/policies/eudi-regulation)
- [Regulation (EU) 2024/1183](https://eur-lex.europa.eu/eli/reg/2024/1183/oj)
- [European Data Protection Supervisor: Digital Identity Wallets](https://www.edps.europa.eu/data-protection/our-work/publications/techdispatch/2025-12-15-techdispatch-32025-digital-identity-wallets_en)
- [Official Architecture and Reference Framework](https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework)