Machine translations by Deepl

Identification creates increasing risks for all

Identifying oneself - including showing proof of identity (ID) - is itself a risky activity for people, especially if that ID is copied and stored. Increased digital crime, unsafe practices by those who identify and the government's desire for people to identify themselves before accessing the internet to prove their age are causing the dangers to grow exponentially.

Privacy First activities on identification

Recently, Privacy First has been plenty active on the subject of identification:

Brand letter on EUDI wallet

Last March, in a fire letter to the finance minister, we asked [1] attention to a European proposal leading to the European identifier, the European Digital Identity, also referred to as EUDI wallet or EDI wallet, becoming mandatory. The minister, in a letter to the House of Representatives on 11 May last [2] let it be known to disagree with us.

Participation in European consultation eIDAS/EUDI wallet

Privacy First raised the issue of identification in a recent European consultation on the Business Wallet [3]. This wallet, like the EUDI wallet, is based on the European eIDAS regulation. In our consultation response [4] we pointed out that private parties in the eIDAS system, such as wallet providers, are not tested for integrity or lack of conflict of interest. This is a serious flaw in the system. Among other things, Privacy First called for strengthening the provisions on the voluntariness of wallets.

New Privacy First letter to House of Representatives

Recently, the Digital Affairs Committee of the House of Representatives decided to start paying extra attention to the eIDAS regulation and the Business Wallet. This prompted Privacy First to issue a detailed letter on 1 June last [5] to this committee and other relevant committees of the House of Representatives, in which we addressed the risks surrounding identification in detail. In this letter, we explain why we do not agree with the Finance Minister's position as expressed in his letter to the House of Representatives on 11 May last. Furthermore, we address the voluntariness of wallets and raise a large number of questions about the eIDAS system, including:

  • How to prevent wallets from becoming a means of control,
  • How to ensure that receiving parties do not over-ask (overidentify),
  • what safeguards are in place to prevent unnecessary dissemination of personal data,
  • How about the flawed revenue model for wallet providers,
  • why there is no requirement that the wallets can be used without devices or software from non-EU internet giants.

Privacy First continues to critically monitor developments in this regard.

If you have useful information for us or relevant experiences with identification (i.e. identity verification) that could be useful for our contacts with government agencies, please let us know.

 

[1] https://privacyfirst.nl/artikelen/brandbrief-privacy-first-over-verplichtstelling-europese-digitale-identiteit-bij-banken/ (see also update 1 June 2026)

[2] https://www.tweedekamer.nl/kamerstukken/brieven_regering/detail?id=2026Z09523&did=2026D21471

[3] https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/14663-Europese-portemonnee-voor-ondernemingen-digitale-identiteit-veilige-gegevensuitwisseling-en-juridische-kennisgevingen-voor-eenvoudige-digitale-bedrijven_nl

[4] https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/14663-Europese-portemonnee-voor-ondernemingen-digitale-identiteit-veilige-gegevensuitwisseling-en-juridische-kennisgevingen-voor-eenvoudige-digitale-bedrijven/F33399513_nl

[5] https://privacyfirst.nl/wp-content/uploads/SPF20260601.pdf (pdf)