Open Source Identity Management: eID Cards and Free Software in Europe

Smart cards and digital signatures are presented as among the most important components of e-government in Europe, but they are still far from being an effective, Linux-friendly solution to reduce administrative and business costs. But the same tools may become a way to make the general public use or support Free Software.

Almost 10 years ago, European Community directive 1999/93/Ce stated the principle that, in certain cases and under certain conditions, a digital signature can be just as reliable and legally binding as one on paper. “Qualified electronic signatures,” which are generated with a secure device and validated by an official certificate, belong to this category. For this reason, digital signatures and identification through smart cards are considered one of the main tools to reduce costs and increase efficiency in European e-government and public administrations. The Italian newspaper Corriere della Sera reported in March that Italian economy as a whole saved €260 million since some procedures to create a new company went entirely digital, and that, country-wide, online tax filings cost €90 million less every year than doing them with paper documents.

Back in 1997, Italy was the first EU country to acknowledge the legal validity of electronic documents. The Code of Digital Administration that followed in 2005 laid down the official rules for using digital signatures and smart cards in the country. As a result, as of June 2007 Italy was also the EU country with the highest number of smart cards — almost three million — released for official purposes. In the coming years this trend will grow, due both to the need to comply with national and EU regulations and, above all, to reduce costs.

In spite of all this, however, inertia, as well as lack of information and coordination, still limit the benefits of smart cards in Italy, especially for GNU/Linux users. Many procedures and tools are either redundant, obscure, or far from being technically and legally interoperable, even when they are open source.

Read the full article, by Marco Fioretti.

On the same topic read also the report on the 12th Porvoo group meeting, by Bud Bruegger.