Activities of Harald VILIMSKY related to 2021/0136(COD)
Shadow opinions (1)
OPINION on the proposal for a regulation of the European Parliament and of the Council Amending Regulation (EU) No 910/2014 as regards establishing a framework for a European Digital Identity
Amendments (19)
Amendment 17 #
Proposal for a regulation
Recital 4
Recital 4
(4) A more harmonised approach to digital identification should reduce the risks and costs of the current fragmentation due to the use of divergent national solutions and will strengthen the Single Market by allowing citizens, other residents as defined by national law and businesses to identify online in a convenient and uniform way across the Union. Everyone should be able to securely access public and private services relying on an improved ecosystem for trust services and on verified proofs of identity and attestations of attributes, such as a university degree legally recognised and accepted everywhere in the Union. However, users should not be obliged to use a digital identification portfolio to access private or public services. The use of digital key generator or ID card readers should, for example, remain possible. The framework for a European Digital Identity aims to achieve a shift from the reliance on national digital identity solutions only, to the provision of electronic attestations of attributes valid at European level. Providers of electronic attestations of attributes should benefit from a clear and uniform set of rules and public administrations should be able to rely on electronic documents in a given format.
Amendment 18 #
Proposal for a regulation
Recital 5 a (new)
Recital 5 a (new)
(5 a) It is necessary to clarify that the recognition of an electronic attestation qualified as attributes in a Member State is limited to confirmation of the facts. The recognition of an electronic attestation qualified as attributes in any other Member State shall be limited to confirming the factual circumstances relating to the attribute concerned, and shall not produce legal effects therein, unless the attested attributes comply with its national law.
Amendment 39 #
Proposal for a regulation
Recital 14
Recital 14
(14) Only Member States’ competent authorities can provide a high degree of confidence in establishing the identity of a person and therefore provide assurance that the person claiming or asserting a particular identity is in fact the person he or she claims to be. The process of notification of electronic identification schemes should be simplified and accelerated to promote the access to convenient, trusted, secure and innovative authentication and identification solutions and, where relevant, to encourage private identity providers to offer electronic identification schemes to Member State’s authorities for notification as nationalto produce electronic identity card schemes under Regulation 910/2014.
Amendment 40 #
Proposal for a regulation
Recital 14 a (new)
Recital 14 a (new)
(14 a) Sanctions for negligence in the protection of personal data by private identity providers or on consumer or consumer use platforms and sites should be dissuasive in order to promote access to practical, reliable, secure and innovative authentication and identification solutions.
Amendment 69 #
Proposal for a regulation
Recital 36 a (new)
Recital 36 a (new)
(36 a) The issuance and systematic use of persistent unique identifiers at EU level creates risks for the protection of personal data and privacy. Therefore, the use of privacy-by-design architectures (privacy by design) must be promoted by the Member States and the Commission.
Amendment 90 #
Proposal for a regulation
Article 1 – paragraph 1 – point 3 – point i
Article 1 – paragraph 1 – point 3 – point i
Regulation (EU) No 910/2014
Article 3 point 46
Article 3 point 46
(46) ‘authentic source’ is a repository or system, held under the responsibility of a public sector body or private entity, that contains attributes about a natural or legal person and is considered to be the primary source of that information or recognised as authentic in national law;
Amendment 113 #
Proposal for a regulation
Article 1 – paragraph 1 – point 7
Article 1 – paragraph 1 – point 7
Regulation (EU) 910/2014
Article 6a(2)(b)
Article 6a(2)(b)
(b) underon a mandate from a Member State by a European public organisation or company, based in Europe, which employs and pays significant taxes in Europe;
Amendment 151 #
Proposal for a regulation
Article 1 – paragraph 1 – point 7
Article 1 – paragraph 1 – point 7
Article I — paragraph 1 — point 7
Article I — paragraph 1 — point 7
7. The user shall be in full control of the European Digital Identity Wallet. The issuer of the European Digital Identity Wallet shall not collect information about the use of the wallet which are not necessary for the provision of the wallet services, nor shall it combine person identification data and any other personal data stored or relating to the use of the European Digital Identity Wallet with personal data from any other services offered by this issuer or from third-party services which are not necessary for the provision of the wallet services, unless the user has expressly requested it. PThe European Digital Identity Wallet must not contain health data and all other personal data relating to the provision of European Digital Identity Wallets shall be kept physically and logically separate from any other data held. If the European Digital Identity Wallet is provided by private parties in accordance to paragraph 1 (b) and (c), the provisions of article 45f paragraph 4 shall apply mutatis mutandis.
Amendment 200 #
Proposal for a regulation
Article 1 – paragraph 1 – point 16
Article 1 – paragraph 1 – point 16
Regulation (EU) No 910/2014
Article 12b(5)
Article 12b(5)
5. The Commission shall make an assessment within 18 months after deployment of the European Digital Identity Wallets whether on the basis of evidence showing availability, security and usability of the European Digital Identity Wallet, additional private online service providers shall be mandated to accept the use of the European Digital identity Wallet strictly upon voluntary request of the user. Criteria of assessment may include extent of user base, cross-border presence of service providers, technological development, evolution in usage patterns. The Commission shall be empowered to adopt delegated acts based on this assessment, regarding a revision of the requirements for recognition of the European Digital Identity wallet under points 1 to 4 of this article.
Amendment 201 #
Proposal for a regulation
Article 1 – paragraph 1 – point 17
Article 1 – paragraph 1 – point 17
Regulation (EU) No 910/2014
Article 13(1)
Article 13(1)
1. NotwithstThe liability of trust service providers cannot be limited by and ing paragraph 2ternal policy ofn this Article, te provision of services. Trust service providers shall be liable for damage caused intentionally or negligently to any natural or legal person due to a failure to comply withas a result of a breach of the obligations under this Regulation and withof the cybersecurity risk management obligations underresulting from Article 18 of the Directive (EU) XXXX/XXXX [NIS 2].;
Amendment 202 #
Proposal for a regulation
Article 1 – paragraph 1 – point 17
Article 1 – paragraph 1 – point 17
Regulation (EU) No 910/2014
Article 13, paragraph 1a (new)
Article 13, paragraph 1a (new)
1 a. Users of European Digital Identity Wallets should be assured of receiving compensation for any undesirable situation related to their data, such as theft, loss, disclosure, use for purposes other than those originally intended. This liability should extend to all the above situations, regardless of the intentions or negligence of the supplier (whether at fault or not).
Amendment 203 #
Proposal for a regulation
Article 1 – paragraph 1 – point 18
Article 1 – paragraph 1 – point 18
Regulation (EU) No 910/2014
Article 14(1)
Article 14(1)
Amendment 204 #
Proposal for a regulation
Article 1 – paragraph 1 – point 18
Article 1 – paragraph 1 – point 18
Regulation (EU) No 910/2014
Article 14(2)
Article 14(2)
Amendment 216 #
Amendment 237 #
Proposal for a regulation
Article 1 – paragraph 1 – point 39
Article 1 – paragraph 1 – point 39
Regulation (EU) No 910/2014
Article 45f(3)
Article 45f(3)
3. Personal data relating to the provision of qualified electronic attestation of attributes services shall be kept physically in Europe and logically separate from any other data held.
Amendment 269 #
Proposal for a regulation
Article 1 – paragraph 1 – point 40
Article 1 – paragraph 1 – point 40
Regulation (EU) No 910/2014
Article 48a paragraph 2 point ca (new)
Article 48a paragraph 2 point ca (new)
(c a) The number of persons who have suffered data theft; the number of companies reporting a data theft; the number of complaints to the authorities about an infringement related to data (identity theft, data fraud, etc.).
Amendment 271 #
Proposal for a regulation
Article 1 – paragraph 1 – point 40
Article 1 – paragraph 1 – point 40
Regulation (EU) No 910/2014
Article 48a
Article 48a
(c b) The number and extent of sanctions imposed on companies during the year for non-protection of identity data (EU and non-EU).
Amendment 273 #
Proposal for a regulation
Article 1 – paragraph 1 – point 41
Article 1 – paragraph 1 – point 41
Regulation (EU) No 910/2014
Article 49(2)
Article 49(2)
2. The evaluation report shall, include an assessment of the particular, examine the availability, security, availability and usability of the identification means including European Digital Identity Wallets in scope of this Regulation and assess whether all online private service providers relying on third party electronic identification services for users authentication, shall be mandated to accept the use of notified electronic identification means and European
Amendment 274 #
Proposal for a regulation
Annex VI – paragraph 1 – point 3
Annex VI – paragraph 1 – point 3
3. biological Gender;