FB pixel

Hold up: 300 say eIDAS rules could make surveillance easier for EU nations

Categories Biometrics News  |  Surveillance
Hold up: 300 say eIDAS rules could make surveillance easier for EU nations
 

Language in proposed revised regulation of eIDAS in the European Union is being loudly rebuffed by 335 individuals and civil society organizations in 32 nations.

In an open letter to the European Parliament and the Council of the EU, signatories argue that articles within the revised eIDAS would open the system to surveillance by rogue governments, and block checks on the security of EU web certificates. They also believe the rules for the European Digital Identity Wallet would enable surveillance by governments and service providers.

A similar statement issued by ten internet infrastructure and security companies says articles 45 and 45a “are likely to weaken the security of the Internet as a whole.” The articles require all web browsers to recognize new site-authentication certificates.

But the passages in question are “imprecise,” they say.

That imprecision could be interpreted as saying that all browsers must recognize the certificate authorities that are appointed by each state to authenticate domain names.

Open letter signatory and University College London Professor of Security Engineering tells Computer Weekly that the offending clause is outside of the regulation’s intended scope of governing digital identity and signatures.

A separate statement issued by Mozilla says that forcing the world to recognize authorities hand-picked by EU nations gives the government of those nations more power to “surveil their citizens by ensuring cryptographic keys under government control can be used to intercept encrypted web traffic across the EU.”

Browsers would be prohibited from revoking trust in the keys unless the relevant government allows them to. And there would be no independent body to check what a government does, according to Mozilla.

Article Topics

 |   |   |   |   | 

Latest Biometrics News

 

US discusses ethics of biometric travel

As U.S. lawmakers debate the Traveler Privacy Protection Act, government agencies, including the Transportation Security Administration (TSA), are working on…

 

Nigeria embraces DTCs amid talks on passport-free travel in Africa

The Nigerian federal government has unveiled its intention to adopt digital travel credentials (DTCs), in a bid to streamline the…

 

Prove launches user verification tool with Uber as first client

A new identity verification offering, Prove Verified Users, has been announced to enhance security across digital marketplaces. Its introduction by…

 

ICE to award contract to field more NEC fingerprint capture devices

US Immigration and Customs Enforcement (ICE) intends to award a firm fixed price delivery order under the First Source II…

 

Veriff passes Level 2 biometric PAD evaluation from iBeta

Veriff has completed the ISO/IEC 30107-3 Level 2 Compliance evaluation for biometric passive liveness detection by iBeta. The Estonia-based company…

 

Outdated biometric liveness tests create ‘false sense of security,’ FaceTec argues

Biometrics are replacing legacy knowledge-based authentication for remote and unsupervised authentication scenarios. But the latest liveness detection report from FaceTec…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events