{"id":58298,"date":"2024-06-17T11:40:46","date_gmt":"2024-06-17T09:40:46","guid":{"rendered":"https:\/\/www.intesa.it\/eidas-2-0-what-it-says-whats-new-and-the-roadmap\/"},"modified":"2024-06-17T12:30:01","modified_gmt":"2024-06-17T10:30:01","slug":"eidas-2-0-what-it-says-whats-new-and-the-roadmap","status":"publish","type":"post","link":"https:\/\/oldintesa.etinet.net\/en\/eidas-2-0-what-it-says-whats-new-and-the-roadmap\/","title":{"rendered":"eIDAS 2.0: what it says, what\u2019s new, and the roadmap"},"content":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; admin_label=&#8221;section&#8221; module_id=&#8221;post-blog-intesa&#8221; _builder_version=&#8221;4.16&#8243; global_colors_info=&#8221;{}&#8221;][et_pb_row admin_label=&#8221;row&#8221; _builder_version=&#8221;4.16&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221; max_width=&#8221;80%&#8221; use_custom_width=&#8221;on&#8221; width_unit=&#8221;off&#8221; global_colors_info=&#8221;{}&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.16&#8243; custom_padding=&#8221;|||&#8221; global_colors_info=&#8221;{}&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_post_title author=&#8221;off&#8221; date_format=&#8221;j F Y&#8221; categories=&#8221;off&#8221; comments=&#8221;off&#8221; featured_image=&#8221;off&#8221; _builder_version=&#8221;4.16&#8243; title_line_height=&#8221;1.5em&#8221; text_orientation=&#8221;center&#8221; border_style=&#8221;solid&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_post_title][et_pb_text admin_label=&#8221;Sottotitolo&#8221; _builder_version=&#8221;4.23.1&#8243; header_2_font_size=&#8221;22px&#8221; hover_enabled=&#8221;0&#8243; custom_css_main_element=&#8221;font-size: 24px!important;||font-weight: 400;||font-family: &#8216;Ubuntu&#8217;;&#8221; global_colors_info=&#8221;{}&#8221; sticky_enabled=&#8221;0&#8243;]<\/p>\n<h2 class=\"sottotitolo\" style=\"font-size: 20px !important;\"><span style=\"font-weight: 400;\">The revision of the regulation is proceeding swiftly. Here is where it has reached and the points still to be clarified.<\/span><\/h2>\n<p>[\/et_pb_text][et_pb_image src=&#8221;https:\/\/www.intesa.it\/wp-content\/uploads\/2022\/11\/Articolo_Digital-identity-wallet.png&#8221; align_tablet=&#8221;center&#8221; align_phone=&#8221;center&#8221; align_last_edited=&#8221;on|desktop&#8221; _builder_version=&#8221;4.16&#8243; global_colors_info=&#8221;{}&#8221;][\/et_pb_image][et_pb_divider color=&#8221;#6aca98&#8243; divider_weight=&#8221;6&#8243; _builder_version=&#8221;4.16&#8243; max_width=&#8221;300px&#8221; module_alignment=&#8221;center&#8221; height=&#8221;32px&#8221; custom_margin=&#8221;60px|||&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_divider][et_pb_text admin_label=&#8221;Paragrafo di apertura&#8221; _builder_version=&#8221;4.23.1&#8243; hover_enabled=&#8221;0&#8243; custom_css_main_element=&#8221;font-size:24px!important;||font-weight:400;||font-family: &#8216;droid-sans&#8217;;&#8221; border_radii=&#8221;on|0px|0px|0px|0px&#8221; global_colors_info=&#8221;{}&#8221; sticky_enabled=&#8221;0&#8243;]<\/p>\n<p style=\"text-align: center;\">The European Union also has to deal with a market and socio-economic fabric that are constantly changing, revising its objectives and directives in light of these transformations.<\/p>\n<p>[\/et_pb_text][et_pb_divider color=&#8221;#6aca98&#8243; divider_weight=&#8221;6&#8243; _builder_version=&#8221;4.16&#8243; max_width=&#8221;300px&#8221; module_alignment=&#8221;center&#8221; height=&#8221;32px&#8221; global_colors_info=&#8221;{}&#8221;][\/et_pb_divider][et_pb_text admin_label=&#8221;Table of content&#8221; _builder_version=&#8221;4.16&#8243; custom_css_main_element=&#8221;background-color:#f4f7fa;||font-family: &#8216;Ubuntu&#8217;;&#8221; global_colors_info=&#8221;{}&#8221;]<img loading=\"lazy\" decoding=\"async\" class=\"freccia-interna alignright wp-image-45945\" src=\"https:\/\/www.intesa.it\/wp-content\/uploads\/2021\/11\/freccia-interna.png\" alt=\"\" width=\"31\" height=\"36\" \/><\/p>\n<p style=\"padding-left: 26px; padding-top: 26px;\"><strong>In questo articolo scoprirai:<\/strong><\/p>\n<p>\n\n\t<div id=\"toc\">\n\t  \n\t<\/div>\n\n\t<style>\n\t#toc {\n\t\tbackground-color: #F4F7FA;\n\t}\n\n\t#toc p{\n\t\tfont-size:18px;\n\t\tcolor: #013158;\n\t\tfont-weight: bold;\n\t}\n\n\t#toc ul {\n\t  list-style-type: none;\n\t}\n\t<\/style>\n\n\t\t<script>\n\t\t\n\n\tvar c = function() {\n\t\treturn({\n\t\t\tlog: function(msg) {\n\t\t\t  consoleDiv = document.getElementById('post-blog-intesa');\n\t\t\t  para = document.createElement('p');\n\t\t\t  text = document.createTextNode(msg);\n\t\t\t  para.appendChild(text);\n\t\t\t  consoleDiv.appendChild(para);\n\t\t\t}\n\t\t});\n\t}();\n\n\twindow.onload = function () {\n\t\tvar toc = \"\";\n\t\tvar level = 0;\n\t\tvar maxLevel = 3;\n\n\t\tdocument.getElementById(\"post-blog-intesa\").innerHTML =\n\t\t\tdocument.getElementById(\"post-blog-intesa\").innerHTML.replace(\n\t\t\t\t\/<h([\\d])>([^<]+)<\\\/h([\\d])>\/gi,\n\t\t\t\tfunction (str, openLevel, titleText, closeLevel) {\n\t\t\t\t\tif (openLevel != closeLevel) {\n\t\t\t\t\t c.log(openLevel)\n\t\t\t\t\t\treturn str + ' - ' + openLevel;\n\t\t\t\t\t}\n\n\t\t\t\t\tif (openLevel > level) {\n\t\t\t\t\t\ttoc += (new Array(openLevel - level + 1)).join(\"<ul>\");\n\t\t\t\t\t} else if (openLevel < level) {\n\t\t\t\t\t\ttoc += (new Array(level - openLevel + 1)).join(\"<\/ul>\");\n\t\t\t\t\t}\n\n\t\t\t\t\tlevel = parseInt(openLevel);\n\n\t\t\t\t\tvar anchor = titleText.replace(\/ \/g, \"_\");\n\t\t\t\t\ttoc += \"<li><a href=\\\"#\" + anchor + \"\\\">\" + titleText\n\t\t\t\t\t\t+ \"<\/a><\/li>\";\n\n\t\t\t\t\treturn \"<h\" + openLevel + \"><a name=\\\"\" + anchor + \"\\\">\"\n\t\t\t\t\t\t+ titleText + \"<\/a><\/h\" + closeLevel + \">\";\n\t\t\t\t}\n\t\t\t);\n\n\t\tif (level) {\n\t\t\ttoc += (new Array(level + 1)).join(\"<\/ol>\");\n\t\t}\n\n\t\tdocument.getElementById(\"toc\").innerHTML += toc;\n\t};\n\n\t\t<\/script>\n\n\n\n\t\t<br \/>\n[\/et_pb_text][et_pb_text admin_label=&#8221;intro&#8221; _builder_version=&#8221;4.23.1&#8243; hover_enabled=&#8221;0&#8243; global_colors_info=&#8221;{}&#8221; sticky_enabled=&#8221;0&#8243;]<\/p>\n<p>In 2014, when the European eIDAS regulation (electronic IDentification, Authentication and trust Services) was established, one of the EU&#8217;s objectives was to provide all citizens with access to highly secure digital trust services and digital identities that could be used across Europe.<\/p>\n<p>This goal has been achieved, but in a very uneven manner: despite Italy being among the &#8220;virtuous&#8221; countries where digital identity is more widespread among the population, only 14 EU member states have notified at least one digital identity system to the Commission. Currently, <strong>only 59% of European citizens possess a digital ID.<\/strong> Moreover, within the European context, there is little interoperability or consistency in both the accreditation methods for Qualified Trust Service Providers and the delivery methods of services.<\/p>\n<p>[\/et_pb_text][et_pb_text admin_label=&#8221;The revision of eIDAS: why?&#8221; _builder_version=&#8221;4.23.1&#8243; hover_enabled=&#8221;0&#8243; global_colors_info=&#8221;{}&#8221; sticky_enabled=&#8221;0&#8243;]<\/p>\n<h3>The revision of eIDAS: why?<\/h3>\n<p>On a broad scale, the goal of revising eIDAS is much broader: in addition to unifying the landscape of digital identities in terms of adoption, user experience, and security, <strong>the new eIDAS regulation also aims to restore sovereignty over personal data to citizens<\/strong>\u2014aligned with GDPR principles and in contrast to how big tech companies manage information. Furthermore, it aims to ensure equal conditions for the use of trust services across the EU: while Italy leads in terms of Qualified Trust Service Provider presence, in other countries, this number is very limited.<\/p>\n<p>In essence, the ultimate purpose of <strong>revising eIDAS is to increase interoperability and integrability of trust services within the EU<\/strong>, taking another step toward the unification of member states and laying the foundation for creating the <em>European digital market<\/em>.<\/p>\n<p>[\/et_pb_text][et_pb_text admin_label=&#8221;The roadmap of eIDAS 2.0: where do we stand?&#8221; _builder_version=&#8221;4.23.1&#8243; hover_enabled=&#8221;0&#8243; global_colors_info=&#8221;{}&#8221; sticky_enabled=&#8221;0&#8243;]<\/p>\n<h2>The roadmap of eIDAS 2.0: where do we stand?<\/h2>\n<p>For these reasons, in June 2021, the Commission announced the revision of the eIDAS regulation, with the most anticipated and discussed updates focusing on the implementation of the European Digital Identity Wallet and the inclusion of compliant archiving among qualified trust services. Since the June announcement, the revision has made rapid progress: in early February 2022, a public hearing on the topic was held at the European Parliament, and on February 22 of the same year, the Union launched a <em>call for proposals<\/em> for the implementation of the European Digital Identity Framework.<\/p>\n<p>On February 29, 2024, the revision was officially approved by <strong>the European Parliament and published in the Official Gazette on April 30, 2024.<\/strong><\/p>\n<p>Subsequently, <strong>within 12\/24 months, the so-called &#8220;Implementing Acts&#8221; are expected to be published<\/strong>, and the new eIDAS regulation will officially come into force.<\/p>\n<p>[\/et_pb_text][et_pb_text admin_label=&#8221;The most anticipated innovation: the EUDI Wallet&#8221; _builder_version=&#8221;4.23.1&#8243; hover_enabled=&#8221;0&#8243; global_colors_info=&#8221;{}&#8221; sticky_enabled=&#8221;0&#8243;]<\/p>\n<h2>The most anticipated innovation: the EUDI Wallet<\/h2>\n<p>The European Digital Identity Wallet, as mentioned, is the most anticipated and &#8220;discussed&#8221; innovation of this regulation, or at least the one that will have the broadest impact on citizens&#8217; lives beyond sector-specific operators. It will be a fully-fledged digital identity, similar to SPID (the Italian digital identity system), but mandatory across the EU and structured as a digital &#8220;wallet&#8221; where verifiable and certified documents and attributes such as passport details, birth certificate, driver&#8217;s license, and voter card can be stored.<\/p>\n<p>Furthermore, adopting a model similar to Self Sovereign Identity based on Blockchain, the EUDI Wallet will enhance privacy and data protection, returning control over identity and shared information to users.<\/p>\n<p>[\/et_pb_text][et_pb_text admin_label=&#8221;Coming soon: %22qualified e-archiving%22&#8243; _builder_version=&#8221;4.23.1&#8243; hover_enabled=&#8221;0&#8243; global_colors_info=&#8221;{}&#8221; sticky_enabled=&#8221;0&#8243;]<\/p>\n<h2>Coming soon: &#8220;qualified e-archiving&#8221;<\/h2>\n<p>The second major innovation of eIDAS 2.0 involves digital service providers and Qualified Trust Service Providers to a greater extent. Specifically, it introduces digital preservation (or &#8220;qualified e-archiving&#8221;) among trust services. This choice will certainly promote interoperability across countries, surpassing national regulations, and will also open up a new market within trust services.<\/p>\n<p>From what has been published so far, there appear to be many points of intersection between eIDAS 2.0 and the CAD regulation on digital preservation that qualified archivers must adhere to. This presents a significant competitive advantage for all Italian service providers holding this certification.<\/p>\n<p>[\/et_pb_text][et_pb_text admin_label=&#8221;The other innovations&#8221; _builder_version=&#8221;4.23.1&#8243; hover_enabled=&#8221;0&#8243; global_colors_info=&#8221;{}&#8221; sticky_enabled=&#8221;0&#8243;]<\/p>\n<h2>The other innovations<\/h2>\n<p>As mentioned, to achieve the goal of European digitalization, the revised eIDAS not only maintains existing provisions but also adds to those already regulated in the first version (electronic signature, electronic seal, timestamp, website authentication certificate). It introduces additional trust services and expands the ecosystem to include:<\/p>\n<ul>\n<li>Management of signature devices and Hardware Security Modules (HSMs), which will become a separate trust service;<\/li>\n<li>The option for registration and storing of data on electronic ledgers (blockchain), already introduced in the first version;<\/li>\n<li>&#8220;Validators&#8221; of certificates, electronic signatures, seals, and attestations will become fully qualified services;<\/li>\n<li>Issuance of electronic attributes and attestations (which can then be used with the digital wallet).<\/li>\n<\/ul>\n<p>Moreover, the new regulation will require all European countries to provide national databases to obtain reliable information about citizens, addressing current deficiencies or unreliability in Italy.<\/p>\n<p>[\/et_pb_text][et_pb_text admin_label=&#8221;The elephant in the room%22: the role of SPID in the Digital Wallet&#8221; _builder_version=&#8221;4.23.1&#8243; hover_enabled=&#8221;0&#8243; global_colors_info=&#8221;{}&#8221; sticky_enabled=&#8221;0&#8243;]<\/p>\n<h2>The elephant in the room&#8221;: the role of SPID in the Digital Wallet<\/h2>\n<p>What sparks the most discussion at the eIDAS revision working tables, however, is the issue related to the levels of security (Level of Assurance, LoA) of digital identities currently in use across European countries (including SPID and CIE) for citizens&#8217; access to the European Digital Wallet. SPID, for instance, can be used with all three security levels provided (Low, Substantial, and High), but the majority of SPID identities currently in use in Italy are limited to the level 2 of substantial. Conversely, some European countries other than Italy require access to the wallet to be limited to digital identities with a high level of assurance, which is already achieved by CIE.<\/p>\n<p>Moreover, a recent decree will modify the user experience of CIE, making it much more similar to SPID. The concern is that with the eIDAS revision, a significant portion of SPID users widespread in Italy today might not be accepted to access the digital wallet, a decision that could severely limit SPID&#8217;s future and potentially dissipate part of the investments, including private investments, made over these years.<\/p>\n<p>In a recent article for Agenda Digitale, Matteo Panfilo, Chief Solutions Officer of Intesa, hopes that an Italian model for digital identities will finally be defined and that the Italian experience will be adequately valued.<\/p>\n<p>&#8220;The legislative process will conclude in 2023 and &#8211; whether we like it or not &#8211; it could have significant impacts for our country, which, for what has been built in recent years, we hope can continue to be a European reference point in the future.&#8221;<\/p>\n<p>However, the EuDI wallet is already shaping up to be a major innovation in the field of digital identities, not only due to the numerous areas and use cases it can apply to but also due to its high attention to citizens&#8217; privacy. The wallet will allow users to share only the necessary information to access the service. This represents a new paradigm in privacy management, far exceeding the experience of current use cases and approaching the model of Self Sovereign Identity.<\/p>\n<p>Therefore, an absolutely crucial theme, considering SPID&#8217;s experience in Italy, is tied to the economic sustainability of the model. Specifically, it will be important to understand what opportunities the legislator intends to provide for the remuneration\/costs for the various actors involved with the wallet (Wallet providers, PID, QTSP, Attribute Authorities, and Relying parties), and the related accounting\/convention rules, considering the constraints imposed by privacy and the confidentiality of the information exchanged between the parties.<\/p>\n<p>In summary, it is certain that a significant change in the management of digital identities will occur. For private service providers, it is time to initiate investments and strategies for adopting this tool.<\/p>\n<p>[\/et_pb_text][et_pb_text admin_label=&#8221;%22The revision of eIDAS: why?%22&#8243; _builder_version=&#8221;4.23.1&#8243; hover_enabled=&#8221;0&#8243; global_colors_info=&#8221;{}&#8221; sticky_enabled=&#8221;0&#8243;]<\/p>\n<h2>The revision of eIDAS: why?<\/h2>\n<p>On a broad scale, the objective of the eIDAS revision is much broader: in addition to unifying the landscape of digital identities in terms of adoption, user experience, and security, the new eIDAS regulation aims to restore sovereignty over personal data to citizens &#8211; aligning with GDPR principles and contrasting with how big tech companies manage information. It also aims to ensure equal conditions for the use of trust services within the EU. Italy stands out as the most advanced country in terms of Qualified Trust Service Provider presence, whereas in other countries, this presence is very limited.<\/p>\n<p>In essence, the ultimate goal of the eIDAS revision is to enhance interoperability and integration of trust services within the EU, taking a further step towards unifying member states and laying the groundwork for creating the European digital market.<\/p>\n<p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The European Union must also contend with a constantly evolving market and socio-economic fabric, revising its objectives and directives in light of these transformations.<\/p>\n","protected":false},"author":43,"featured_media":55753,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_et_pb_use_builder":"on","_et_pb_old_content":"<p>[et_pb_section fb_built=\"1\" admin_label=\"section\" module_id=\"post-blog-intesa\" _builder_version=\"4.16\" global_colors_info=\"{}\"][et_pb_row admin_label=\"row\" _builder_version=\"4.16\" background_size=\"initial\" background_position=\"top_left\" background_repeat=\"repeat\" max_width=\"80%\" use_custom_width=\"on\" width_unit=\"off\" global_colors_info=\"{}\"][et_pb_column type=\"4_4\" _builder_version=\"4.16\" custom_padding=\"|||\" global_colors_info=\"{}\" custom_padding__hover=\"|||\"][et_pb_post_title author=\"off\" date_format=\"j F Y\" categories=\"off\" comments=\"off\" featured_image=\"off\" _builder_version=\"4.16\" title_line_height=\"1.5em\" text_orientation=\"center\" border_style=\"solid\" global_colors_info=\"{}\"][\/et_pb_post_title][et_pb_text admin_label=\"Sottotitolo\" _builder_version=\"4.16\" header_2_font_size=\"22px\" custom_css_main_element=\"font-size: 24px!important;||font-weight: 400;||font-family: 'Ubuntu';\" global_colors_info=\"{}\"]<\/p><h2 class=\"sottotitolo\" style=\"font-size: 20px !important;\"><span style=\"font-weight: 400;\">La revisione del regolamento procede velocemente. Ecco dove \u00e8 arrivata e i punti ancora da chiarire.<\/span><\/h2><p>[\/et_pb_text][et_pb_image src=\"https:\/\/www.intesa.it\/wp-content\/uploads\/2022\/11\/Articolo_Digital-identity-wallet.png\" align_tablet=\"center\" align_phone=\"center\" align_last_edited=\"on|desktop\" _builder_version=\"4.16\" global_colors_info=\"{}\"][\/et_pb_image][et_pb_divider color=\"#6aca98\" divider_weight=\"6\" _builder_version=\"4.16\" max_width=\"300px\" module_alignment=\"center\" height=\"32px\" custom_margin=\"60px|||\" global_colors_info=\"{}\"][\/et_pb_divider][et_pb_text admin_label=\"Paragrafo di apertura\" _builder_version=\"4.16\" custom_css_main_element=\"font-size:24px!important;||font-weight:400;||font-family: 'droid-sans';\" border_radii=\"on|0px|0px|0px|0px\" global_colors_info=\"{}\"]<\/p><p style=\"text-align: center;\">Anche l\u2019Unione Europea deve fare i conti con un mercato e un tessuto socio-economico in costante trasformazione, rivedendo i suoi obiettivi e le sue direttive alla luce di queste trasformazioni.<\/p><p>[\/et_pb_text][et_pb_divider color=\"#6aca98\" divider_weight=\"6\" _builder_version=\"4.16\" max_width=\"300px\" module_alignment=\"center\" height=\"32px\" global_colors_info=\"{}\"][\/et_pb_divider][et_pb_text admin_label=\"Table of content\" _builder_version=\"4.16\" custom_css_main_element=\"background-color:#f4f7fa;||font-family: 'Ubuntu';\" global_colors_info=\"{}\"]<\/p><p><img class=\"freccia-interna alignright wp-image-45945\" src=\"https:\/\/www.intesa.it\/wp-content\/uploads\/2021\/11\/freccia-interna.png\" alt=\"\" width=\"31\" height=\"36\" \/><\/p><p style=\"padding-left: 26px; padding-top: 26px;\"><strong>In questo articolo scoprirai:<\/strong><\/p><p>[toc]<\/p><p>[\/et_pb_text][et_pb_text admin_label=\"intro\" _builder_version=\"4.16\" global_colors_info=\"{}\"]<\/p><p><span style=\"font-weight: 400;\">Nel 2014, quando \u00e8 stato istituito <strong>il regolamento europeo eIDAS<\/strong> (electronic IDentification, Authentic and trust Services), uno degli obiettivi dell\u2019UE era quello dare accesso a tutti i cittadini a servizi fiduciari digitali altamente sicuri, ma anche a identit\u00e0 digitali da poter spendere in tutta Europa.<\/span><\/p><p><span style=\"font-weight: 400;\">Un obiettivo raggiunto, ma in modo molto disomogeneo: nonostante l\u2019Italia sia tra i paesi \u201cvirtuosi\u201d, in cui l<strong>\u2019identit\u00e0 digitale \u00e8 pi\u00f9 diffusa tra la popolazione<\/strong>,<strong> nel resto d\u2019Europa<\/strong> sono<strong> solo 14 gli stati membri che hanno notificato almeno un sistema di identit\u00e0 digitale<\/strong> alla Commissione, e <strong>solo il 59% dei cittadini europei \u00e8 oggi in possesso di una digital ID<\/strong>. Inoltre, restando sempre in ambito europeo, ad oggi vi \u00e8 poca interoperabilit\u00e0 o coerenza sia nelle modalit\u00e0 di accreditamento dei Qualified Trust Service Provider che nelle modalit\u00e0 di erogazione dei servizi.\u00a0<\/span><\/p><p>[\/et_pb_text][et_pb_text admin_label=\"La revisione eIDAS: perch\u00e9?\" _builder_version=\"4.16\" global_colors_info=\"{}\"]<\/p><h3>La revisione eIDAS: perch\u00e9?<\/h3><p><span style=\"font-weight: 400;\">Su larga scala l\u2019<strong>obiettivo della revisione eIDAS<\/strong> \u00e8 per\u00f2 molto pi\u00f9 ampio: oltre a unificare il panorama delle identit\u00e0 digitali in termini di diffusione, ux e sicurezza, il nuovo regolamento eIDAS ha anche l\u2019obiettivo di<strong> riportare la sovranit\u00e0 dei dati personali nelle mani dei cittadini<\/strong> -\u00a0 in linea con la GDPR e in contrasto con la gestione delle informazioni da parte delle big tech - ma anche garantire parit\u00e0 di condizione nell\u2019utilizzo dei servizi fiduciari all\u2019interno dell\u2019UE: l\u2019Italia infatti \u00e8 il paese pi\u00f9 avanzato per presenza di Qualified Trust Service Provider, ma in altri paesi il numero \u00e8 molto limitato.<\/span><\/p><p><span style=\"font-weight: 400;\">Insomma, lo scopo ultimo della revisione di eIDAS \u00e8 quello di<strong> aumentare l\u2019interoperabilit\u00e0 e integrabilit\u00e0 dei servizi fiduciari all\u2019interno dell\u2019UE<\/strong>, facendo un ulteriore passo avanti nell\u2019unificazione dei paesi e porre le basi per creare <\/span><i><span style=\"font-weight: 400;\">l\u2019european digital market<\/span><\/i><span style=\"font-weight: 400;\">.<\/span><\/p><p>[\/et_pb_text][et_pb_text admin_label=\"La roadmap di eIDAS 2.0: a che punto siamo\" _builder_version=\"4.23.1\" global_colors_info=\"{}\"]<\/p><h2>La roadmap di eIDAS 2.0: a che punto siamo<\/h2><p><span style=\"font-weight: 400;\">Per questi motivi, a giugno 2021, la Commissione ha annunciato la revisione del regolamento eIDAS, le cui novit\u00e0 pi\u00f9 attese e discusse si trovano nell\u2019implementazione dell\u2019<\/span><a href=\"https:\/\/www.intesa.it\/che-cose-european-digital-identity-eudi-wallet-e-quando-verra-rilasciato\/\"><span style=\"font-weight: 400;\">European Digital Identity Wallet<\/span><\/a><span style=\"font-weight: 400;\"> e nell\u2019inserimento della conservazione a norma tra i servizi fiduciari qualificati. Dall\u2019annuncio di giugno la revisione ha fatto veloci passi avanti: a inizio febbraio 2022 al Parlamento Europeo si \u00e8 tenuta un\u2019audizione pubblica sul tema, mentre il 22 febbraio dello stesso anno \u00e8 stata aperta dall\u2019Unione una <\/span><i><span style=\"font-weight: 400;\">call for proposals<\/span><\/i><span style=\"font-weight: 400;\"> per l\u2019implementazione dell\u2019European Digital Identity Framework.<\/span><\/p><p><b>Il 29 febbraio 2024<\/b><span style=\"font-weight: 400;\"> la revisione \u00e8 stata ufficialmente approvata dal Parlamento Europeo ed <strong>\u00e8 stata\u00a0pubblicata nella <\/strong><\/span><strong>Gazzetta Ufficiale il 30 aprile 2024<\/strong>.<\/p><p><span style=\"font-weight: 400;\">Successivamente, entro 12\/24 mesi, dovranno essere pubblicati i cosiddetti \u201cImplementing Acts\u201d e il nuovo regolamento eIDAS entrer\u00e0 ufficialmente in vigore.<\/span><\/p><p>[\/et_pb_text][et_pb_text admin_label=\"L\u2019innovazione pi\u00f9 attesa: l\u2019EUDI Wallet\" _builder_version=\"4.16\" global_colors_info=\"{}\"]<\/p><h2>L\u2019innovazione pi\u00f9 attesa: l\u2019EUDI Wallet<\/h2><p><span style=\"font-weight: 400;\">L'<\/span><a href=\"https:\/\/www.intesa.it\/che-cose-european-digital-identity-eudi-wallet-e-quando-verra-rilasciato\/\"><span style=\"font-weight: 400;\">European Digital Identity Wallet<\/span><\/a><span style=\"font-weight: 400;\">, come si \u00e8 detto, \u00e8 l\u2019innovazione pi\u00f9 attesa e \u201cdiscussa\u201d di questo regolamento, o per lo meno quella che avr\u00e0 un impatto pi\u00f9 diffuso sulla vita dei cittadini e non limitato agli operatori di settore. Sar\u00e0 un\u2019identit\u00e0 digitale a tutti gli effetti, proprio come SPID, ma sar\u00e0 valida obbligatoriamente in tutta l\u2019UE e avr\u00e0 la struttura di un \"portafoglio\" digitale in cui potranno essere raccolte certificazioni e documenti verificabili e verificati - i cosiddetti \u201cattributi\u201d - quali estremi di passaporto, certificato di nascita, patente e tessera elettorale.<\/span><\/p><p><span style=\"font-weight: 400;\">Inoltre, adottando un modello simile a quello della<strong> Self Sovereign Identity<\/strong> basata su Blockchain, l\u2019EUDI Wallet migliorer\u00e0 la privacy e la protezione dei dati personali, restituendo agli utenti il controllo sulla propria identit\u00e0 e sulle informazioni condivise.<\/span><\/p><p><span style=\"font-weight: 400;\"><strong>Leggi anche<\/strong>: <\/span><a href=\"https:\/\/www.intesa.it\/che-cose-european-digital-identity-eudi-wallet-e-quando-verra-rilasciato\/\"><span style=\"font-weight: 400;\">Che cos\u2019\u00e8 l\u2019European Digital Identity (EUDI) Wallet e quando verr\u00e0 rilasciato<\/span><\/a><\/p><p>[\/et_pb_text][et_pb_text admin_label=\"In arrivo il \u201cqualified e-archiving\u201d\" _builder_version=\"4.16\" global_colors_info=\"{}\"]<\/p><h2>In arrivo il \u201cqualified e-archiving\u201d<\/h2><p><span style=\"font-weight: 400;\">La seconda \u201cgrande novit\u00e0\u201d di eIDAS 2.0 coinvolge maggiormente i fornitori di servizi digitali e i<strong> Qualified Trust Service Provider. <\/strong><\/span><a href=\"https:\/\/www.intesa.it\/la-conservazione-digitale-in-europa-gli-impatti-di-eidas-2-0\/\"><span style=\"font-weight: 400;\">Viene infatti inserita tra i servizi fiduciari la conservazione digitale (o \u201cconservazione a norma\u201d)<\/span><\/a><span style=\"font-weight: 400;\">. Una scelta che certamente promuover\u00e0 l'interoperabilit\u00e0 tra i paesi, superando le normative nazionali, ma che aprir\u00e0 anche un nuovo mercato nei servizi fiduciari.<\/span><\/p><p><span style=\"font-weight: 400;\">Da quanto pubblicato fino ad ora, comunque, pare che siano molti i punti di contatto tra eIDAS 2.0 e la normativa CAD sulla conservazione digitale a cui i conservatori qualificati si devono attenere. Un vantaggio competitivo non indifferente per tutte i service provider italiani in possesso di questa certificazione.<\/span><\/p><p><b>Leggi anche:<\/b> <a href=\"https:\/\/www.intesa.it\/la-conservazione-digitale-in-europa-gli-impatti-di-eidas-2-0\/\"><span style=\"font-weight: 400;\">La conservazione digitale: gli impatti di eIDAS 2.0<\/span><\/a><\/p><p>[\/et_pb_text][et_pb_text admin_label=\"Le altre novit\u00e0\" _builder_version=\"4.16\" global_colors_info=\"{}\"]<\/p><h2>Le altre novit\u00e0<\/h2><p><span style=\"font-weight: 400;\">Come si \u00e8 detto, per raggiungere l\u2019obiettivo di digitalizzazione comunitaria la revisione eIDAS non interviene su quanto gi\u00e0 in essere, ma anche aggiunge a quelli gi\u00e0 regolamentati nella prima versione (firma elettronica, sigillo elettronico, timestamp, website authentication certificate) altri servizi fiduciari e attori nell\u2019ecosistema:<\/span><\/p><ul><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">la gestione degli apparati di firma e degli HSM, che diventer\u00e0 un servizio fiduciario a s\u00e9 stante;<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">la possibilit\u00e0 di registrazione e storing dei dati su electronic ledger (blockchain), apparsa nella prima versione;<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">i \u201cverificatori\u201d di certificati, firme elettroniche, sigilli e attestazioni diventeranno veri e propri servizi qualificati;<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">l\u2019emissione di attributi e attestazioni elettroniche (che potranno poi essere spesi con il digital wallet).<\/span><\/li><\/ul><p><span style=\"font-weight: 400;\">Il nuovo regolamento, inoltre, obbligher\u00e0 tutti i paesi europei a mettere a disposizione delle banche dati nazionali per ottenere informazioni significative sui cittadini, in Italia attualmente carenti o poco attendibili.\u00a0<\/span><\/p><p>[\/et_pb_text][et_pb_text admin_label=\"L\u2019 \u201celefante nella stanza\u201d: il ruolo di SPID nel Digital Wallet\" _builder_version=\"4.16\" global_colors_info=\"{}\"]<\/p><h2>L\u2019 \u201celefante nella stanza\u201d: il ruolo di SPID nel Digital Wallet<\/h2><p><span style=\"font-weight: 400;\">Ci\u00f2 che pi\u00f9 fa discutere sui tavoli di lavoro della revisione eIDAS, per\u00f2, \u00e8 la questione legata ai livelli di sicurezza (il <strong>Level of Assurance, LoA<\/strong>) delle identit\u00e0 digitali attualmente in uso nei paesi europei (comprese SPID e CIE) <strong>per l\u2019accesso dei cittadini al digital wallet europeo.<\/strong> SPID, infatti, pu\u00f2 essere utilizzato con tutti e tre i livelli di sicurezza previsti (Low, Substantial e High), ma la maggior parte degli SPID attualmente in uso in Italia si limita al livello 2 di substantial. Alcuni paesi europei diversi dall\u2019Italia, tuttavia, richiedono che l\u2019accesso al wallet sia limitato alle identit\u00e0 digitali con livello high, gi\u00e0 raggiunto invece da CIE. Un recente decreto, inoltre, apporter\u00e0 delle modifiche alla UX di CIE, rendendola molto pi\u00f9 simile a SPID. Insomma, il timore \u00e8 che con la revisione eIDAS gran parte delle utenze SPID diffuse oggi in Italia non sarebbero accettate per accedere al digital wallet, decisione che potrebbe limitare molto il futuro di SPID e quindi dissipare parte degli investimenti - anche privati - di questi anni.<\/span><\/p><p><span style=\"font-weight: 400;\">In un recente articolo per Agenda Digitale,<strong> Matteo Panfilo<\/strong>, Chief Solutions Officer di Intesa, auspica che venga finalmente definito un modello italiano per le identit\u00e0 digitali e che l\u2019esperienza italiana venga adeguatamente valorizzata.<\/span><\/p><p><span style=\"font-weight: 400;\">\u00abL\u2019iter legislativo si concluder\u00e0 nel 2023 e \u2013 volenti o nolenti \u2013 potrebbe avere impatti ragguardevoli per il nostro Paese che, per quanto costruito in questi anni, auspichiamo possa continuare ad essere un punto di riferimento europeo anche in futuro\u00bb.<\/span><\/p><p><span style=\"font-weight: 400;\">L\u2019<strong>EuDI wallet,<\/strong> comunque, si configura gi\u00e0 come una grande innovazione nell\u2019ambito delle identit\u00e0 digitali, non solo per i numerosi ambiti e use case a cui si potr\u00e0 applicare, ma anche per l\u2019altissima attenzione alla privacy dei cittadini: il wallet infatti consentir\u00e0 agli utenti di condividere solo e unicamente le informazioni necessarie ad accedere al servizio. Un nuovo paradigma nella gestione della privacy, che supera di gran lunga l\u2019esperienza di ogni use case attuale e che si avvicina al modello della Self Sovereign Identity.<\/span><\/p><p><span style=\"font-weight: 400;\">Tema quindi assolutamente prioritario, anche vista l\u2019esperienza di SPID in Italia, \u00e8 legato alla sostenibilit\u00e0 economica del modello. In particolare, andr\u00e0 compreso quali opportunit\u00e0 il legislatore vorr\u00e0 dare per la remunerazione\/costo per i vari attori collegati al wallet (Wallet provider, PID, QTSP, Attribute Authorities e Relying parties) e le relative regole di accounting\/convenzionamento anche considerando i vincoli dettati dalla privacy e dal rispetto della confidenzialit\u00e0 delle informazioni scambiate tra le parti.<\/span><\/p><p><span style=\"font-weight: 400;\">Insomma, la certezza \u00e8 che si verificher\u00e0 un grande cambiamento nella gestione delle identit\u00e0 digitali: per gli erogatori di servizi privati \u00e8 tempo di avviare investimenti e strategie per l\u2019adozione di questo strumento.<\/span><\/p><p>[\/et_pb_text][et_pb_text admin_label=\"La revisione eIDAS: perch\u00e9?\" _builder_version=\"4.16\" global_colors_info=\"{}\"]<\/p><h2>La revisione eIDAS: perch\u00e9?<\/h2><p><span style=\"font-weight: 400;\">Su larga scala l\u2019obiettivo della revisione eIDAS \u00e8 per\u00f2 molto pi\u00f9 ampio: oltre a unificare il panorama delle identit\u00e0 digitali in termini di diffusione, ux e sicurezza, il nuovo regolamento eIDAS ha anche l\u2019obiettivo di riportare la sovranit\u00e0 dei dati personali nelle mani dei cittadini -\u00a0 in linea con la GDPR e in contrasto con la gestione delle informazioni da parte delle big tech - ma anche garantire parit\u00e0 di condizione nell\u2019utilizzo dei servizi fiduciari all\u2019interno dell\u2019UE: l\u2019Italia infatti \u00e8 il paese pi\u00f9 avanzato per presenza di Qualified Trust Service Provider, ma in altri paesi il numero \u00e8 molto limitato.<\/span><\/p><p><span style=\"font-weight: 400;\">Insomma, lo scopo ultimo della revisione di eIDAS \u00e8 quello di aumentare l\u2019interoperabilit\u00e0 e integrabilit\u00e0 dei servizi fiduciari all\u2019interno dell\u2019UE, facendo un ulteriore passo avanti nell\u2019unificazione dei paesi e porre le basi per creare <\/span><i><span style=\"font-weight: 400;\">l\u2019european digital market<\/span><\/i><span style=\"font-weight: 400;\">.<\/span><\/p><p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>","_et_gb_content_width":"","footnotes":""},"categories":[571],"tags":[690,705,706,488,647,707,708],"class_list":["post-58298","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-regulations","tag-cie-en","tag-cie-en-2","tag-digital-identity-en-2","tag-digital-identity","tag-digital-identity-2","tag-eidas-en","tag-eudi-wallet-en"],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/oldintesa.etinet.net\/en\/wp-json\/wp\/v2\/posts\/58298","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/oldintesa.etinet.net\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/oldintesa.etinet.net\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/oldintesa.etinet.net\/en\/wp-json\/wp\/v2\/users\/43"}],"replies":[{"embeddable":true,"href":"https:\/\/oldintesa.etinet.net\/en\/wp-json\/wp\/v2\/comments?post=58298"}],"version-history":[{"count":2,"href":"https:\/\/oldintesa.etinet.net\/en\/wp-json\/wp\/v2\/posts\/58298\/revisions"}],"predecessor-version":[{"id":58303,"href":"https:\/\/oldintesa.etinet.net\/en\/wp-json\/wp\/v2\/posts\/58298\/revisions\/58303"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/oldintesa.etinet.net\/en\/wp-json\/wp\/v2\/media\/55753"}],"wp:attachment":[{"href":"https:\/\/oldintesa.etinet.net\/en\/wp-json\/wp\/v2\/media?parent=58298"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/oldintesa.etinet.net\/en\/wp-json\/wp\/v2\/categories?post=58298"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/oldintesa.etinet.net\/en\/wp-json\/wp\/v2\/tags?post=58298"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}