The European Union is famous for its ambivalent relationship with privacy — on the one hand, it was the first place in the world to apply strict data protection regulations. On the other, its central bank digital currency (CBDC) project lacks the anonymity standards of private cryptocurrencies.
Nevertheless, last week EU lawmakers made a vital step to embrace privacy in the space of citizens’ digital identities. On Feb. 9, the Industry, Research and Energy Committee included the standard of zero-knowledge proofs in its amendments to the European digital identity framework (eID). The latest update was voted in by 55 votes to 8 in the committee — the draft will now proceed to the trilogue phase of negotiations.
While the latest draft is still not available publicly, the press release specifies that EU citizens would be granted full control of their data, with the option to decide what information to share and with whom:
“The new eID would allow citizens to identify and authenticate themselves online (via a European digital identity wallet) without having to resort to commercial providers, as is the case today - a practice that raised trust, security and privacy concerns.”
As Jonas Fredriksen, the senior director for EU government affairs at Circle has noted on Twitter:
“The proposal would facilitate the emergence of new business models and opportunities in the digital economy, as companies develop innovative products and services that rely on zero-knowledge proofs and eID solutions.”
Zero-knowledge proofs have recently been at the center of researchers’ attention as a possible means to ensure regulatory compliance and privacy in digital currencies.
The joint paper by the San Francisco-based Mina Foundation, operator of the Mina Protocol; German Hauck Aufhäuser Lampe bank; and the Interdisciplinary Centre for Security, Reliability and Trust of the University of Luxembourg showed how exactly the zero proofs could be connected to Europe’s eIDAS electronic identity system.
However, not everyone is convinced by that solution. Writing for Cointelegraph, Balázs Némethi, the CEO of Veri Labs and a co-founder of kycDAO, claimed that when proofs alone are insufficient and personal information sharing between the participants of a transaction is essential, relying only on off-chain solutions is advised.