Prepared for the eGovernment Unit DG Information Society and Media European Commission Modinis Study on Identity Management in eGovernment The Status of Identity Management in European eGovernment initiatives 28 February 2007 Table of contents modinisIDM Member State- / Projects Overview 5 1.1 Document Scope 6 1.2 Status of Identity Management in Member States 7 1.2.1 Introduction 7 1.2.1.1 Study planning 7 1.2.1.2 Information in the national profiles 8 1.3 National reports 10 1.3.1 Austria 10 1.3.1.1 General status and most significant systems 10 1.3.1.2 Existing issues 13 1.3.1.3 Analysis: successes, failures and lessons learned 13 1.3.1.4 Expected future developments 13 1.3.2 Belgium 13 1.3.2.1 General status and most significant systems 13 1.3.2.2 Existing issues 15 1.3.2.3 Analysis: successes, failures and lessons learned 15 1.3.2.4 Expected future developments 16 1.3.3 Cyprus 16 1.3.3.1 General status and most significant systems 16 1.3.3.2 Expected future developments 17 1.3.4 Czech Republic 17 1.3.4.1 General status and most significant systems 17 1.3.4.2 Existing issues 17 1.3.4.3 Analysis: successes, failures and lessons learned 18 1.3.4.4 Expected future developments 18 1.3.5 Denmark 18 1.3.5.1 General status and most significant systems 18 1.3.5.2 Existing issues 20 1.3.5.3 Analysis: successes, failures and lessons learned 20 1.3.5.4 Expected future developments 20 1.3.5.5 References 20 1.3.6 Estonia 20 1.3.6.1 General status and most significant systems 20 1.3.6.2 Existing issues 21 1.3.6.3 Analysis: successes, failures and lessons learned 22 1.3.6.4 Expected future developments 22 1.3.6.5 References 22 1.3.7 Finland 22 1.3.7.1 General status and most significant systems 22 1.3.7.2 Existing issues 24 1.3.7.3 Analysis: successes, failures and lessons learned 24 1.3.7.4 Expected future developments 25 1.3.7.5 References 25 1.3.8 France 25 1.3.8.1 General status and most significant systems 25 1.3.8.2 Existing issues 27 1.3.8.3 Analysis: successes, failures and lessons learned 27 1.3.8.4 Expected future developments 27 1.3.9 Germany 28 1.3.9.1 General status and most significant systems 28 1.3.9.2 Existing issues 28 1.3.9.3 Analysis: successes, failures and lessons learned 28 Deliverable 3.6 National IDM Report Member State Overview 2 1.3.9.4 Expected future developments 29 1.3.10 Greece 29 1.3.10.1 General status and most significant systems 29 1.3.10.2 Existing Issues 30 1.3.10.3 Expected future developments 30 1.3.11 Hungary 30 1.3.11.1 General status and most significant systems 30 1.3.11.2 History and Background 30 1.3.11.3 Existing issues 31 1.3.11.4 Enforcement of e-Government regulations of the new act on administration processes and services – Case 2: Authentication by digital certificate 32 1.3.12 Ireland 33 1.3.12.1 General status and most significant systems 33 1.3.12.2 Existing issues 35 1.3.12.3 Analysis: successes, failures and lessons learned 36 1.3.12.4 Expected future developments 36 1.3.13 Italy 36 1.3.13.1 General status and most significant systems 36 1.3.13.2 Existing issues 38 1.3.13.3 Analysis: successes, failures and lessons learned 39 1.3.13.4 Expected future developments 39 1.3.14 Latvia 39 1.3.14.1 General status and most significant systems 39 1.3.14.2 Existing issues 39 1.3.14.3 Expected future developments 39 1.3.15 Lithuania 40 1.3.15.1 General status and most significant systems 40 1.3.15.2 Expected future developments 40 1.3.15.3 References 40 1.3.16 Luxembourg 40 1.3.16.1 General status and most significant systems 40 1.3.16.2 Existing issues 41 1.3.16.3 Analysis: successes, failures and lessons learned 41 1.3.16.4 Expected future developments 41 1.3.17 Malta 41 1.3.17.1 General status and most significant systems 41 1.3.17.2 Existing issues 42 1.3.17.3 Analysis: successes, failures and lessons learned 43 1.3.17.4 Expected future developments 43 1.3.18 Poland 43 1.3.18.1 General status and most significant systems 43 1.3.18.2 Expected future developments 43 1.3.19 Portugal 44 1.3.19.1 General status and most significant systems 44 1.3.19.2 Existing issues 45 1.3.19.3 Analysis: successes, failures and lessons learned 45 1.3.19.4 Expected future developments 46 1.3.20 Slovakia 46 1.3.20.1 General status and most significant systems 46 1.3.20.2 Existing issues 46 1.3.20.3 Analysis: successes, failures and lessons learned 47 1.3.20.4 Expected future developments 47 1.3.21 Slovenia 47 1.3.21.1 General status and most significant systems 47 1.3.21.2 Existing issues 48 1.3.22 Spain 51 1.3.22.1 General status and most significant systems 51 Deliverable 3.6 National IDM Report Member State Overview 3 1.3.22.2 Existing issues 52 1.3.22.3 Analysis: successes, failures and lessons learned 52 1.3.22.4 Expected future developments 52 1.3.23 Sweden 52 1.3.23.1 General status and most significant systems 52 1.3.23.2 Existing issues 53 1.3.23.3 Analysis: successes, failures and lessons learned 54 1.3.23.4 Expected future developments 54 1.3.23.5 References 54 1.3.24 United Kingdom 54 1.3.24.1 General status and most significant systems 54 1.3.24.2 Existing issues 56 1.3.24.3 Analysis: successes, failures and lessons learned 56 1.3.24.4 Expected future developments 56 1.3.25 The Netherlands 56 1.3.25.1 General status and most significant systems 56 1.3.25.2 Existing issues 58 1.3.25.3 Analysis: successes, failures and lessons learned 58 1.3.25.4 Expected future developments 58 1.4 Preliminary analysis and categorisation 59 1.4.1 Variation between national approaches and the principles of local validity and interregional intransposability 59 1.4.2 Phases of development status 61 1.4.3 eID card based solutions 62 1.4.4 PKI based solutions 62 1.4.5 Private sector intervention 64 1.4.6 Planned/existing biometrics 65 1.4.7 Local service solutions 66 1.4.8 Portal based solutions 67 Deliverable 3.6 National IDM Report Member State Overview 4 The opinions expressed in this study are those of the authors and do not necessarily reflect the views of the European Commission. Reproduction is authorised, provided the source (eGovernment Unit, DG Information Society, European Commission) is clearly acknowledged, save where otherwise stated. modinisIDM Member State- / Projects Overview Out of MODINIS a project to identify good practice projects on eGovernment has been contracted by the European Commission. As one of three lots, the modinisIDM study will identify good practice projects on identity management and aim to build on expertise and initiatives in the EU Member States to progress towards a coherent approach in electronic identity management in eGovernment in the European Union. This document is the first coordinated and public version of a national status report of the most significant IDM systems used throughout the 25 European Member States. While the report does not aim towards completeness – this would not be a realistic goal, since most Member States employ dozens or even hundreds of parallel IDM systems in their administrations, all with a different goal, scope and impact – but rather, the report would like to present the reader with an overview of the most predominant IDM systems in the Member States. Specifically, the report focuses on such IDM systems which potentially impact the whole of the Member State’s population and/or business initiatives, and which are thus most likely to show potential for generalisation and/or cross border functionality. A first version of the document was produced on 2 May 2006. This is the final iteration of the document. The most up to date versions of the national reports are available through the project website (https://www.cosic.esat.kuleuven.ac.be/modinis-idm). These profiles will be continuously updated as new information becomes available to the project team. Deliverable 3.6 National IDM Report Member State Overview 5 1.1 Document Scope As stated above, the present report would like to present the reader with an overview of the most predominant IDM systems used in eGovernment applications in the Member States. Specifically, the report focuses on such IDM systems which potentially impact the whole of the Member State’s population and/or business initiatives, and which are thus most likely to show potential for generalisation and/or cross border functionality. The information in this report was collected through a variety of sources: • Information that was directly known to the authors in their capacity of experts in the field of eGovernment IDM solutions; • Information that is made commonly available through public administration web sites (i.e.