National electronic identity (e-ID) card schemes and electronic identity management systems (e-IDMS) in Europe are characterised by considerable diversity. This contribution analyses the creation of a national e-IDMS in Austria with the aim of improving our understanding of the reasons behind the genesis of particular designs of national e-IDMS. It seeks to explain how the system’s specific design evolved and which factors shaped its appearance. Being part of a comparative four country study, a common theoretical framework is employed to allow (...) for a comparison of national e-IDMS in Austria, Belgium, Germany and Spain. It combines the approach of actor-centred institutionalism and the concept of path dependence in order to analyse the innovation process and to explain resulting key characteristics of the e-IDMS in Austria: a technology-neutral system with multiple tokens; an ID model based on the Central Register of Residents; a privacy concept using sector-specific personal identifiers. It is shown that innovation process and outcome are not only shaped by specific actor constellations dominated by strategic e-government bodies, but also by path dependence at three levels: technological, institutional and organisational. (shrink)

This paper compares the four national electronic Identity Management Systems (eIDMS), which have been described in the previous chapters. The section Similarities and differences between four national eIDMS will highlight the differences between these systems conceived as socio-technical systems with regard to the eID itself, the eID cards as tokens, the authentication processes as well as the procedures for distribution and personalisation, the support provided for installing the technology and any provider-related regulation. The section A three-fold path dependency , according (...) to the conceptual framework presented in the introductory chapter to this special issue, compares the new electronic systems with the previous ones in each country, in order to assess the continuation or changes with regard to the organisational, technological and regulatory path of development. The following sections explain the differences between the paths chosen and the path-related changes by analysing the actor constellation of the institutional actors, in particular the policy field and the power structure, as well as the context in which the policy makers made their choices, looking at privacy and Staatsverständnis in particular. Finally the diffusion and usage of the eID function will be compared and analysed, discussing to what extent the new institution has made a contribution to solving the policy problem it was developed for, e.g. providing a stronger authentication in order to meet security concerns regarding e-government and e-commerce transactions and avoiding new privacy infringements. Using grounded theory, the explanations provided have the status of generalisations derived from the four cases. They have to be considered as hypotheses, which will be checked for other countries in the following papers of this special issue. The comparison of the four cases in this article shows a high degree of path dependency. Most of the differences between the new systems are just a continuation of differences between the previous systems although they are to solve the same problem and can draw on the same technologies. But most astonishing is the finding that these differences between the systems do not influence diffusion and use of the eID function in the respective countries. (shrink)

This article provides a critical view on the development and deployment phase of the e-ID in Belgium since 1999. It is based on extensive desk research and fifteen in depth-interviews with experts and stakeholders from government, administration, academia and industry who have been key in the development of the e-ID. The article identifies different elements that influenced, both in a positive and negative way, the societal, technical and political aspects of the Belgian e-ID. It shows that no severe problems occurred (...) during the initial deployment phase, which came to an end in 2009 providing over eight million Belgian citizens with an e-ID. The pre-existence of a National Register and the preliminary experiences with the exchange of digital information between administrative entities in the field of Social Security enabled and facilitated the development and the distribution of the e-ID. However, the research also reveals that usage of the e-ID by citizens and uptake of e-ID based services by administration and business remains limited due to multiple factors. The complex system of state structures in Belgium and as a consequence the dispersion of competences across different governmental entities makes that no unified approach to e-government and e-ID based services has been developed. From the industries’ point of view the privacy framework and the strictly regulated use of the National Registration Number provides no clear view on the allowed use of data accessible through the e-ID hampering take up in this area. (shrink)

This chapter provides an analysis of the long process of introducing an electronic identity for online authentication in Germany. This process is described as a multi-facet innovation, involving actors from different policy fields shifting over time. The eID process started in the late ‘90s in the context of eGovernment and eCommerce with the legislation on e-signatures, which were supposed to allow for online authentication of citizens. When after 5 years it was recognized that this was not the case, a new (...) digital ID card, which had meanwhile been announced, was chosen as token for the eID. This process was dominated by the concerns for visual inspection and border control, including the storage of digital fingerprints. Under the leadership of the Ministry of the Interior (BMI) and technical guidance of the Federal Agency for Information Security (BSI), technical specifications have to a large extent been adopted from the electronic passport, which had been smoothly introduced 2 years before. However, in the legislative process some concern regarding digital fingerprints on the eID card was raised and led to an opt-in solution. In 2009, a bill on the new ID card was passed which regulates the eID function for online authentication as well. This is characterized as a radical innovation by introducing a double-sided, mutual authentication of the citizen and the service provider and implementing the principle of proportionality regarding the access of service providers to data on the chip. At the time of writing, field tests are conducted. Roll-out of the new eID card is to start in November 2010. Therefore no figures about adoption can be provided here. (shrink)

As research into identity in the information society gets into its stride, with contributions from many scholarly disciplines such as technology, social sciences, the humanities and the law, a moment of intellectual stocktaking seems appropriate. This article seeks to provide a roadmap of research currently undertaken in the field of identity and identity management showing how the area is developing and how disparate contributions relate to each other. Five different perspectives are proposed through which work in the identity field can (...) be seen: tensions, themes, application areas, research focus and disciplinary approaches and taken together they provide a comprehensive overview of the intellectual territory currently being tilled by academia on this subject. This attempt at a coherent overview is offered in the spirit of debate and discussion, and the authors invite criticism, development and improvement. Another purpose of this paper is to provide an introduction to the range and type of research that the new journal Identity in the Information Society will publish, giving researchers working in the field a clearer idea of the scope of multidisciplinary study that is envisaged. (shrink)

This paper describes the introduction of a new electronic identity card including an electronic identity (EID) for local physical and online authentication in 2006. The most significant difference to any European country is the decentralized issuing at 256 police stations employing an automatic printing machine. This is the most visible element in a high degree continuation, as the previous paper based ID cards were also personalized and issued at the police stations. Similarly the attributes defining the identity and the legal (...) framework were not changed either. While there was some delay in the planning phase, the role-out of the new eID cards was rather smooth. At the end of 2009, approx. 13 Mio Spanish citizens out of more than 46.5 Mio inhabitants (www.ine.es) were in possession of an eID card. But this does not necessarily mean that they are using the eID function for online authentication. The reasons for this application gap will be discussed with reference to online tax declaration, where the eID so far covers less than one percent of all online declarations while authentication by software certificates still make up for 98 percent. (shrink)

The present paper summarizes the development of the national electronic Identity Management System (eIDMS) in Estonia according to a conceptual framework developed in an European comparative research project outlined in the first chapter of this special issue. Its main function is to amend the picture of the European eIDMS landscape by presenting a case with high involvement of the private sector and thereby checking the generalizations from the comparisons of Austria, Belgium, Germany and Spain, presented by Kubicek and Noack in (...) the previous chapter of this special issue. Starting with a short introduction into the historical background of identity documents in Estonia the national population register, the passport as well as the bank ID are described as the main pillars of the Estonian eIDMS, on which the national ID card builds on, which has been introduced in 2002. The technical features of the eID and the ID card are described in Section two as well as the areas of application and the processes for production and distribution. Section three presents the actors constellation, Section four the time line of the development process, starting from 1997. Section five deals with the diffusion and promotion of the ID card and the eID authentication function. After a very low and slow take up during the first 5 years due to a cooperation agreement between major banks, telecom operators and the government usage has increased. But still the authentication by Internet banks, which provides authentication services to third parties, including government, is the biggest competitor for the eID function on the national eID card. Only recently the major banks have announced to slowly fade out the password cards and PIN calculators as alternative modes of bank authentication. (shrink)

The focus of this article is to explain why there is still no qualified digital signature in Denmark as defined by the EU eSignatures Directive nor any other nationwide eID even though Denmark had an early start in eGovernment, and a high level of e-readiness compared to other nations. Laying out the technological, organizational and legal dimensions of eID in Denmark, and comparing these with a number of other European countries made it possible to explain this paradox. Thus, the three (...) main reasons for the special route development has taken in Denmark seems to be concerns over privacy, lack of intergovernmental coordination and lack of cooperation between public and private sector. However, with the recent tender on digital signatures won by the PBS and the roll-out of the NemID it seems that Denmark will finally—after twenty years of delay—have an eID which can be widely used in the public as well as the private sector. (shrink)

A first comparison of the innovation processes of introducing electronic identities on a national level in Austria, Belgium, Germany and Spain, based on extensive expert interviews with key actors, has been amended by four more country reports from Denmark, Finland, Estonia and Sweden in order to check the validity of generalisations derived from the first four cases. The extended comparison with the four additional countries increases the variance between the eID systems in Europe by showing differing technical and organisational features, (...) such as purely software-based solutions, e.g. in Denmark, or complete outsourcing of the eIDMs, e.g. in Sweden. In the second part of the paper, the conceptual framework of the comparative study, a combination of path analysis, institutional actor theory and policy field analysis will be reflected. It has resulted in a fruitful approach allowing for the explanation of some, but by no means all, of the differences between the national eIDMs in Europe. (shrink)

This chapter describes the introduction and diffusion of the Finnish Electronic Identity Card (FINEID card). FINEID establishes an electronic identity (eID), based on the civil registry and placed on an identity chip card issued by Finnish government to Finnish citizens and permanent residents from age 18 and older. It is a non-mandatory electronic identity card introduced in 1999 in order to replace the older citizen ID card. It serves as a travel document and is intended to facilitate access to eGovernment (...) services as well as offering a possibility to sign electronically. Therefore the chip contains two certificates: one for authentication purposes, and one for qualified signatures. The eID function had to compete with the already existing PIN/TAN based TUPAS standard for online authentication for eBanking, eCommerce and eGovernment applications, and has lost this battle by reaching less than one percent of all online authentications. The history, actor constellation, time line and barriers will be described and a few communalities and differences to other countries under study in this special issue will be highlighted. (shrink)