2 April, 2016

The European Digital Agenda has an urgent appointment: Digital identity.

The consequences of the invasion of our privacy in the digital era.

We are completely losing our identity guarantor and unless we solve this situation soon, another HOLOCAUST will take place, but this time it will be DIGITAL.

At a time in our history when the digital and physical worlds are about to converge, backdropped by smart cities, internet of things, or big data just around the corner and invading our privacy, the situation cannot be more critical and it’s vital we NOW face one of the most important challenges of the 21st century: turning our GOVERNMENTS back into the guarantors of our digital identity.

In recent years, large North American corporations have positioned themselves where our COUNTRIES once covered for us, handing us an identity in the new digital era.

Facebook, LinkedIn, or Google have much more to say about who we are than any Government in the digital space and are becoming the WORLD'S ACTIVE DIRECTORIES, replacing the National Police forces and other organizations who were previously guarantors of our physical identity.

The police no longer say who we are, through our ID in the Internet space. It is done by Google or Facebook who, let's not forget, are profit motive entities interested in trading with our data.

Our digital identity is therefore hijacked and threatened by large American companies that violate our privacy daily. They do so by telling anyone that is willing to pay for it, who we are, what we’re like, why we are how we are, who we deal with, what we buy or stop buying, what our habits are, whether we are able to pay or whether our profile or our children’s is healthy. An absolute scandal!

Let us remember that we are talking about our IDENTITY, the group of qualities that characterizes us from the rest, recognized as a HUMAN and FUNDAMENTAL right in the Universal Declaration of Human Rights and in the Constitutions of European countries; therefore, it should be guaranteed and guarded by the NATIONS and not by profit-motive organizations.

In the face of such a critical situation, we find ourselves before the alarming indifference of the European States who are busy regulating cybersecurity or privacy with a promising new Data Protection Regulation, and an eIDAS electronic identity regulation - http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv%3AOJ.L_.2014.257.01.0073.01.ENG - which, however, does not regulate the aspects we are mentioning here.

Not to mention that our absolutely fragmented nature of the European Union casts doubts on whether all this legislation is really comprehensively applied over its entire territory, and with its guarantees.

And even if it were, the CURRENT EUROPEAN LEGISLATION does not ensure that our States guarantee and safeguard our digital identity as they did with our physical identity, and they are carrying out small projects that partially solve the access to web pages through the use of our electronic ID, while they boast of not providing services beyond the ones mentioned.

Thus, in Europe we have initiatives such as E-SENS - Electronic Simple Networked Services - http://www.esens.eu - for cross-border public services; STORK - https://www.eid-stork2.eu - as a gateway for the use of European Electronic Identities that allows authentication on web pages, and CEF - Connecting Europe Facility -https://ec.europa.eu/digital-single-market/en/connecting-europe-facility- - as a Digital Infrastructure.

However, the United States -as usual- is ahead of us with PUBLIC AND PRIVATE INITIATIVES consisting in the development of both standards and protocols related to Digital Identity such as SAFE BIOPHARMA, IdenTRUST, TSCP, InCommon, Open Identity Exchange, OASIS... just to mention a few. The most important being the NSTIC - NATIONAL STRATEGY FOR TRUSTED IDENTITIES IN CYBERSPACE - http://www.nist.gov/nstic/ - directly promoted by the Obama Administration.

The Americans are creating an IDENTITY ECOSYSTEM by developing INSTITUTIONS and CUSTODY PROTOCOLS and corporations that already have actual control over people's identity, while we Europeans deal with this situation by watching it pass with the same face the cows make from their meadow when they see the train pass by: dumbfounded.

At least in Spain - thank goodness - we are a bit savvier. We are not very conceited, but we do many things well, especially our National Police Corps. They have developed a new version of the electronic ID card with many possibilities of becoming the most secure univocal credential on the market. We can rely on it in the digital world and be able to identify ourselves as we did in the physical world.

To this end, the new Spanish DNI 3.0 incorporates NFC technology - Near Field Communication, https://en.wikipedia.org/wiki/Near_field_communication - which allows the ID to be placed close to the cell phone and have the cell phone recognize it without the need for any additional device, as was previously the case.

The Police and the national legislator, by equating it with the handwritten signature in our electronic signature laws, have been up to speed to citizen needs. Not only is the DNI 3.0 well developed as a credential, but we also have the appropriate legislation to exploit all its possibilities as an element of unique identification and even electronic signature.

Therefore, there is a technological element on which we can rely and with which the State can once again guarantee our identity in the digital world: the DNI 3.0, one we must all promote.

The current terrorism situation pours over us the threat of a DIGITAL HOLOCAUST that accompanies us on a daily basis. According to the "Allianz Cyber Risk Guide” - http://www.agcs.allianz.com/assets/PDFs/risk bulletins/CyberRiskGuide.pdf

• 315 MILLION EUROPEANS USE THE INTERNET EVERY DAY, constantly threatened by hackers interested in seizing our digital identity.
• Annual cybercrime costs in 2015 ran up to $445 billion.
• In 2016, the frequency and severity of cyber-attacks, the risk of business interruption and the vulnerability of industrial control systems, are expected to increase.

An alarming situation to which me must add Islamic terrorist groups, eager to destroy our western society based precisely on the privacy of this data.

Can you imagine all this information falling into the hands of genocidal groups in underdeveloped countries?

I know it is hard to imagine a new holocaust in Europe or the United States, but the world is not only the West! The data of the Islamic population is, among others, in the hands of Facebook. Can you imagine if all the information of these people were to end up in the hands of Al Qaeda or ISIS terrorists? Can you imagine the consequences of the data of all dissident citizens in the hands of governments that do not grant warranties? I'm not talking about such far-fetched scenarios. They are just around the corner, and we must react immediately. We have to hurry up and return to the ID as a univocal identity credential in Europe, and for the Governments to make it easier for us to manage our digital identity through legislation and a modular platform that allows us to identify ourselves, access our devices, monitor the use that companies make of our data and control our identity ecosystem in the areas of Internet of Things, Big Data and Smart Cities, among others.

Only in this way can we be prepared to react from the institutions and solve in a centralized and European way, a threat situation related to the digital identity of citizens that affects in a very SERIOUS AND ALARMING way OUR PRIVACY, and which could end in a HOLOCAUST, this time a DIGITAL one.

So, I believe I am not exaggerating when I say that the European Digital Agenda has an urgent assignment: Digital Identity 2.0.