The EU's digital ID: linking, control and risks in everyday life

December 15, 2025November 13, 2025 by Markus Schall

When you hear about „digital ID“, „European identity wallet“ or „EUDI wallet“, it sounds abstract at first - almost like another complicated IT project from Brussels. Many people have never consciously heard of „eIDAS 2.0“, the underlying EU regulations. And yet this project will affect almost every citizen of the European Union in the long term.

In essence, it is about something that we have been carrying around with us on paper or as a plastic card in our everyday lives for decades: official proof of our identity. Until now, we have had various documents - ID card, driver's license, health insurance card, tax ID, account login, insurance number. Each system works separately, each with its own processes, often confusing and sometimes annoying.

The EU is now pursuing the goal of merging these scattered areas of identity into a standardized digital solution. A kind of digital ID on a smartphone that can be used for dealing with authorities, banking transactions, medical access, tickets, contracts and many other situations. The form chosen for this is called a „wallet“: an app that contains all the important digital proofs of identity.

The topic is really very complex and somewhat dry, so I'll try to keep everything as concise and understandable as possible in this rather extensive article.

Social issues of the present

Vicco von Bülow alias Loriot - order, form and the quiet resistance of humor

Crimean-Tartar steppe

The Crimean Tatars - history, origins and present of a forgotten people

Energy prices in Germany

Understanding high energy prices in Germany: Gas, electricity and gasoline explained simply

Jeffrey Sachs writes open letter to Chancellor Merz

Jeffrey Sachs warns Germany: Why Europe's security needs to be rethought

Why a European solution? The official idea behind it

The European Union argues soberly:

Citizens should be able to identify themselves digitally anywhere in Europe.
Companies and authorities should be able to reliably check whether someone is really who they say they are.
The wallet should bring convenience - fewer passwords, less paper, fewer separate logins.

At first glance, the official vision sounds modern and pragmatic: instead of having 20 different access methods, a single, standardized identity mechanism should suffice. The principle behind this is based on the logic: „Identified once - used securely everywhere.“

History & Background

This is based on Regulation (EU) No. 910/2014 („eIDAS“) on electronic identification and trust services, which was applied in the Member States from 2016. In June 2021, the European Commission presented a Proposal for a comprehensive reform with the aim of creating a single digital identity for EU citizens. The new regulation came into force on May 20, 2024 Regulation (EU) 2024/1183 („eIDAS 2.0“ or „European Digital Identity Framework“) came into force.

This obliges the member states to provide a wallet solution by a fixed date.

Current status (mid / end of 2025)

The EU Commission reports that all member states until 2026 must offer at least one certified wallet.
Preparatory work and pilots are already underway in Germany, e.g. tests of technical Sandbox models.
Large-scale pilots exist in several Member States to test use cases such as mobile driving licenses, education, payments and demarcations.
Technical implementing acts for safety, interoperability and functionality are published or are published - e.g. specifications for wallet architectures.

Outlook - what's next?

By the end of 2026, each member state must offer a wallet that meets the common EU standards.
In the years thereafter (e.g. until December 2027) Private and regulated services (banks, healthcare services, etc.) may be obliged to accept the wallet as a means of identification.
Long-term goal of the EU: By 2030, the majority of of EU citizens use a digital identity.
Technical and organizational challenges remain: Interoperability across borders, data protection standards, business and government practices still need to be adapted in many cases.

What is technically in the wallet - and what is not

The basic data (PID)

A European identity wallet does not contain all the information that a state has about a citizen. Instead, it should contain so-called Person Identification Data (PID). This contains the basic identity data that can also be found on an ID card:

Name
Date of birth
Nationality
Identity number

This data is verified once - for example via the chip in the ID card or another government procedure - and then transferred to the wallet.

Additional proof (credentials)

In addition to this basis, further „digital proofs“ can be stored. This is the area that makes the wallet powerful - and critical at the same time. Possible additional proofs:

digital driver's license
Degree
Proof of health insurance
Confirmation of residence
the electronic signature for contracts
Access to bank accounts or payment services

Not all of this is mandatory. The platform is built in such a way that it is theoretically possible - what is used later depends on national decisions and economic interests.

The technical promise: „Everything stays local“

The EU emphasizes that the wallet is located locally on the smartphone. This means that

The proofs are stored in the memory of the device.
Control should remain with the user.
Only what is necessary for a transaction is disclosed („selective disclosure“).

That sounds reassuring and is also a modern approach in decades of digital development - away from large central databases and towards user control.

Where skepticism begins

Many critics agree that the technology is well designed. The concern is less about where the data is stored and more about the overall system in which the wallet operates. Because even if all the data is stored locally, every transaction requires

a connection to a service („Relying Party“),
Certificates confirming that the proof is valid,
Protocols proving that a review has taken place.

This generates metadata - time, location, type of proof, identity of the receiving service. And it is the combination of this metadata that data protectionists classify as potentially dangerous.

Official protection mechanisms - and their limits

The wallet should only reveal what a service really needs. Example: To gain access to a bar, the date of birth does not have to be passed on, only „over 18“. This is a useful feature - but only as good as:

the implementation by the providers
the certification rules
and the technical integrity of the app

Cryptography and certificates

The data is cryptographically protected. This means that the recipient can check whether the proof is genuine. Nobody can change the content en route. However, cryptography does not solve the problem of who can see that a proof has been requested.

The „Trusted Lists“

Each country maintains a list of trusted service providers. Only these are allowed to read proof. That sounds like control - but critics ask: Who decides who is on this list? How is abuse prevented if political or economic interests are involved?

Why this first chapter is so important

This chapter deliberately places a lot of emphasis on a clear, comprehensible foundation - because without this foundation, the later points of criticism cannot be understood. Strictly speaking, the wallet itself is a technical tool that improves many things. However, the real concern is not about the app, but about the linkability of data across all areas of life.

And it is precisely this linkability that will later - in the following chapters - become the central theme:

Health
Bank
digital currencies
Government systems
Insurances
Mobility data
Communication services

The more systems use the same identity anchor function, the easier it is to merge data nodes - whether voluntarily, deliberately or unintentionally.

YouTube video thumbnail

Watch this video on YouTube

eGovernment Podcast on the digital EU-ID

The invisible logic of linking

Defining a digital identity as an „anchor“ for different areas of life automatically creates the potential to bring together information that was previously separate. The wallet itself is less of a problem - it is a tool. The real risk lies in the interfaces at which authorities, health insurance companies, banks and private providers use this identity to access their own databases.
It is precisely at these interfaces that the power of linking arises. Not because „someone throws everything together“, but because the common identification features make it possible.

Health data: The most sensitive field of all

The healthcare sector already has extensive data records that have grown over many years: Diagnoses, therapies, billing, emergency data, psychological information, medication histories. This data is enormously informative about a person's inner life - not only medically, but also socially and economically.

The Electronic patient file (ePA) brings this data into a central structure for health insurance companies and healthcare providers. If a uniform digital ID is used to authenticate access throughout Europe, a common point of reference is created. Such a system does not have to automatically merge data - it is sufficient that the technical requirements are in place.

What this can lead to

The risk of a silent shift increases with every coupling:
Convenience functions create arguments for new queries.
Crisis situations can justify special access.
Legal changes can weaken earmarking.

And because health data is extremely valuable in economic terms - keyword: insurance risks, medication, mental illness - it is also of interest to attackers.

Financial data: Banks, payment services and the digital euro

Financial data has always been strictly regulated. However, with the European PSD2/PSD3 regulations, digital bank access and the planned introduction of a digital Euro new paths are emerging: Proof of identity becomes an entry ticket to a system in which every transaction is clearly assigned to a person.

When citizens identify themselves via wallet in order to open bank accounts, release payments or use digital currencies, a direct link is created between:

state-verified identity
Account movements
Payment services
Possible future digital currency

Why critics are particularly vigilant here

Cash flows show lifestyle habits much more precisely than words:
Purchases, travel, subscriptions, medical payments, insurance premiums - everything forms a pattern. As soon as the pattern clearly belongs to one person and can be combined with other areas, the financial area becomes a mirror of life as a whole.

Administrative data: Registration, social benefits, taxes

Public authorities often still work with separate systems today, but efforts have been underway internally for years to standardize them. The digital ID serves as the technical key to this in the future:

Registration certificates
Driver's license data
Pension information
Proof of social benefits
Tax data

to be clearly linked.

The logic behind the administrative link

The administration traditionally argues with efficiency: „Enter data once instead of three times - less bureaucracy.“ But experience teaches:

Good intentions can also lead to systems that allow very precise citizen profiles. And if other political ideas take hold later on, the foundations have already been laid.

Private and commercial data sources

There are also enormous amounts of data in the economy:

Purchasing behavior
Movement data via apps
Creditworthiness data
Communication patterns
Telemetry data from devices

When digital identity systems become door openers for verified proof of age, confirmation of residence or contract signatures, a direct channel is created through which companies can compare the secure identity data with their own profile data.

The economic incentive

Commercial providers rarely think in terms of restraint. The more precise a profile, the more targeted the advertising. The more precise the identity, the more valuable the data. The more secure the authentication, the easier it is to link user accounts.

This creates incentives for more and more links, often without users really being able to understand what is happening in the background.

Data category	Data source	Linking scenario	Possible risks	Potential abuse	Safety instructions
Basic identity (PID)	Identity card / state register	User identification for authorities, banks, health portals	Central identity anchor, profile building across all sectors	State surveillance, identity theft	PIN, biometrics, no disclosure of recovery codes
Health data (ePA)	Health insurance companies, clinics, medical practices	Authentication for ePA access via wallet	Disclosure of sensitive diagnoses, blackmail, discrimination	Darknet sales, insurance fraud, employer abuse	Check opt-out, no third-party apps for health data
Financial data	Banks, payment providers	Wallet-based login/payment approval	Unauthorized transfers, account takeover	Criminal account takeover, data reconciliation for creditworthiness	Transaction limits, no SMS-2FA, use hardware token
Payment behavior (digital euro)	European Central Bank, banks	Wallet as an auth channel for digital payments	Fine-grained monitoring of purchasing behavior	State control/profiling, commercial targeting	Only use official apps, no „wallet optimizers“
Reporting and tax data	Tax office, registration office	Wallet login for tax portals / authorities	Linking income, place of residence, family, assets	Political profiling, automated sanctions	Separation of private and business devices
Insurance data	Insurers of all kinds	Wallet verification for contract conclusions	Profiling, risk scoring, refusal to perform	Data trading, credit rating manipulation	No release of unnecessary evidence
Mobility and travel data	Transport services, rail, airlines	Ticket linking via digital ID	Movement profiles, travel routes, time patterns	Commercial movement analysis, government site surveillance	Only use official provider apps
Communication data	Telecommunications provider	Verification for SIM/provider account	SIM swap, phone number transfer	Criminal account takeover, social scoring	Set provider PIN, activate multi-factor
Creditworthiness and consumer profiles	Schufa / credit agencies / online stores	Wallet verification for credit checks	Automated rejection, price discrimination	Commercial profiling, AI scoring	Minimal approvals, check data information regularly
Device and telemetry data	Smartphones, IoT devices, apps	Link via app authorizations	Device takeover, malware, tracking	App data trading, sensor data profiling	Do not use dubious apps 1TP12, check authorizations

The table shows all relevant data categories that could potentially be linked in the context of a digital ID.

The core of the problem: the identity anchor

The digital ID has a clean technical structure. In theory, it is not a central monitoring system. But it becomes an identity anchor to which all sorts of things can be docked.

Health, finance, public authorities, mobility, insurance, private services - all can use the same identification data as soon as they are authorized. And even if every query is strictly regulated, the technical possibility alone raises the concern that more will be merged in the future than is permitted today.

This is precisely where the critics come in: It is not the individual system that is dangerous - but the fact that all systems can be linked via the same digital key.

The common denominator: digital identity as a lever

As soon as a digital identity is used in several areas of life, a position of power is automatically created at the location where this identity is managed or controlled. This applies regardless of whether the wallet itself is stored locally on the device.

The actual vulnerability does not arise in the smartphone, but in the ecosystem that forms around this identity. And this ecosystem has at least three major points of attack: The state, organized crime and the private business sector.

State abuse - the danger of a shift in purpose

The state often means well - but systems grow in every direction. In crises, emergencies or politically heated times, state power likes to fall back on technical possibilities that were actually built for completely different purposes. History shows:

Systems that were introduced as „practical“ often later became control mechanisms.
Exemptions that were only intended to apply for a „short time“ have been extended and expanded.
Security arguments quickly lead to new access rights.

With a digital identity that is used everywhere, a uniform trail is created. You don't even have to read out content. It is enough to know when, where and for what purpose an identity query was made.

The political temptation of linkability

Imagine a situation in which the state has a particularly strong need for information in certain areas - such as healthcare, social benefits or finance. With a central issuing body and certified access authorizations, it would be politically possible,

introduce new obligations,
accesses,
or to make exceptions permanent.

And once these decisions have been made, they are rarely reversed.

The silent protocols

Metadata is created even without technical access to content. Who identifies themselves where and when is more valuable than you might think at first. This is the kind of data that can be used to derive behavioral patterns. And it is precisely these patterns that are suitable for comprehensive government analyses if the political will is there.

Criminal abuse - organized attacks and the black market economy

Health data has been a particularly sought-after commodity on the darknet for years. The reason is simple:

They are permanently valid.
They reveal intimate details.
They can be used for blackmail, insurance fraud and identity theft.

There are already cases in which health insurance data and health cards in particular have been accessed - not by Hollywood hackers, but through completely normal vulnerabilities in doctors' surgeries, clinics or service providers.

Interaction with a digital ID

If the digital ID is used as an authentication method for health data, this opens up a new dimension for attackers:

Access data can be tapped via compromised devices or phishing.
A stolen or manipulated smartphone can become a „real“ identity.
Attackers gain access to sensitive areas if the wallet is not adequately secured.

Once a digital identity is the entry ticket to various sectors, any single leak in the system becomes a threat to a person's entire sphere of life.

Financial crime and digital payments

In combination with payment services or a digital euro, it becomes particularly attractive for attackers:

Transactions can be forged or authorized if the wallet is compromised.
Cash flows can be manipulated.
Identity theft leads to massive financial losses.

And since digital systems run 24/7, damage can occur within minutes or seconds.

Commercial abuse - silent profiling

Companies think in terms of profiles, segments and target groups. The more precisely an identity is authenticated, the easier it can be linked to commercial data. This creates a quiet but dangerous pressure:

Age verification
Address verification
Ability to pay
Transaction data
Purchase history

A digital ID opens the door to developing these links into a reliable personal file - not in the state sense, but in the economic sense.

When comfort becomes a gateway

Many services automate their processes as soon as a wallet-verified identity is available.

Simply register
„Confirm with digital ID“
Sign the contract directly

What is convenient for the user is an opportunity for companies to merge profiles across different platforms.

The danger of inevitability

Once the market has become accustomed to the digital ID, a de facto compulsion arises:

You cannot register without a wallet.
Without a digital identity, there is no access to certain services.
Alternative routes are restricted or inconvenient.

This means that the decision is no longer voluntary - even if it is still officially referred to as such.

When all three paths work together

The most dangerous case is not the individual abuse. It is the situation in which state, criminal and commercial actors each have their own interests - and these interests meet at a single identity anchor.

The state wants control and security.
Criminals want data and money.
Companies want profiles and purchasing power.

Each of these goals is challenging in itself. In combination, they create a system that knows more about a person's behavior than they are ever consciously aware of.

The digital ID is the link. Whether healthcare, the financial system, administration or private services - they all meet at a common hub. And if this hub is compromised, it is not just a small part of life that is open to attack, but the whole person.

Survey on the announced digital ID

Technical vulnerabilities and invisible risks

Cryptography protects content. However, almost all digital processes produce metadata: Who triggered which wallet check and when, which service made the request, which attribute was queried (e.g. „Over 18“ or „Insured“), which device the request came from. This accompanying information is usually small and inconspicuous - and at the same time highly informative. Time series can be used to reconstruct movement and behavior patterns, even without ever having read the respective content. Metadata is therefore not a „blind spot“ - it is often the most valuable ingredient for profiling and monitoring.

Key management, recovery and blockchains

Digital identities are based on key pairs. Anyone who loses or compromises these keys effectively loses control of their identity. The recovery must be constructed in such a way that it neither opens a back door for authorities nor a gateway for attackers. Difficult questions are:

How does a user regain their ability to act if their smartphone is stolen?
Who is responsible for re-issuing?
How quickly must certificates be revoked, and how does revocation information reach all relying parties reliably?

Practical implementations show: Rollovers, revocations and recovery workflows are complex - and this is where the fatal weaknesses often arise.

Interoperability, trusted lists and governance concentration

For wallets to function throughout Europe, lists of trusted issuers, wallet providers and relying parties are needed. These „trusted lists“ are an architectural necessity - and at the same time an instrument of power: those who are on the list receive economic advantages; those who are not on it have disadvantages. This leads to standard and profile battles, possible vendor lock-ins and the formation of central gatekeepers. From the point of view of resilience and democratic control, the distribution of this power is fragile - and therefore a potential risk.

Endpoints, APIs and the interface problem

The wallet is only one part of the system. The biggest attack surfaces are often APIs and backend endpoints - such as the interfaces of health insurance companies, banks or registration offices. Insecure implementations, a lack of access controls or porous authentication processes in these backends can quickly turn an actually secure wallet transaction into a data leak.

Supply chain risks and third-party manufacturers

Modern software is based on libraries and components from third-party manufacturers. A compromised SDK in a widely used wallet app is enough to hit the masses. The same applies to hardware components (secure elements, TPMs): Misconfigurations or manipulated firmware can undermine the security promise. The supply chain is therefore a systemic risk that goes beyond individual users.

Device loss, SIM swap and social engineering

The loss of the end device, SIM swap attacks or well-crafted phishing campaigns remain the most labor-intensive gateways. Some recovery methods rely on secondary channels (email, SMS), which are themselves insecure. Social engineering targets precisely these gaps: People are persuaded to give approvals, reveal PINs or installier supposed „helper apps“. The technical design is of little use if users remain so trickable in practice.

Logging, forensics and traces

Many systems keep logs - for security reasons. But logs are two-fold: they help with reconnaissance, but they also provide a copy of the metadata. Anyone who collects logs centrally creates a treasure trove for analytics and potentially for misuse. The challenge is to reconcile retention obligations for forensics with strict minimization of retention times.

Side channels and hardware attacks

Even strong algorithms can be attacked via side channels: Power consumption measurements, micro-timing, physical attacks on secure elements. These techniques are complex, but are used by state actors or well-equipped criminals. For particularly sensitive applications (e.g. government signatures), such attacks are realistic and must be considered.

Real-life consequences: concrete damage scenarios

1. financial losses due to account takeovers

ScenarioAn attacker gains access to a person's wallet through a combined SIM swap attack and phishing maneuver. The wallet is used to simulate a payment release; within minutes, funds are transferred to several wallets, with some of them trickling away via crypto onramps. For those affected, this means an immediate loss of assets, lengthy chargeback procedures and reputational damage. For banks, this creates a problem of trust - and the issues of recovery are legally complex.
Short-term countermeasuresStrict two-factor policies, manual transaction checks for unusual amounts, limits for new payment terms.

2. blackmail and discrimination through health data

Scenario: As a result of a data leak at a regional clinic, sensitive diagnoses are posted on darknet forums. The combination with wallet-based authentication credentials allows conclusions to be drawn about individuals. Those affected are blackmailed or experience discrimination from employers or insurance companies. Even if content is not openly accessible, circumstantial evidence (e.g. „treatment in a psychiatric ward on date X“) is enough to cause considerable damage.
Short-term countermeasuresStrict earmarking laws, liability for data leaks, reporting obligations with transparent support services.

3. mass surveillance via metadata

ScenarioA state authority is granted far-reaching access rights to metadata under the pretext of counter-terrorism. Without reading content, movement profiles, participation in meetings or recurring contacts can be reconstructed. In authoritarian contexts, this quickly leads to intimidation and a „chilling effect“: people avoid certain places or activities for fear of being monitored by the state.
Short-term countermeasuresStrict judicial control of metadata access, logging of all requests, time limits on data storage.

4. system failure due to compromised publisher

ScenarioA central issuer (e.g. large wallet provider or certification authority) is compromised. As a result, millions of proofs of identity have to be revoked, payment processes collapse and official processes cannot be verified. Recovery is lengthy and expensive - and during this time, many services can only be used to a limited extent.
Short-term countermeasuresDecentralized backups, staggered rollouts, emergency procedures with paper-based alternatives.

5. market concentration and exploitation by suppliers

ScenarioA dominant wallet provider establishes proprietary extensions that are adopted by many services. Small providers cannot follow suit, users are „locked in“. Prices for services rise, data protection features are traded for convenience. Economic power shifts to one or a few players.
Short-term countermeasuresInteroperability requirements, regulatory rules against exclusive interfaces, open standards.

6. retail attacks: sale of health and insurance data on the darknet

ScenarioData from doctors' surgeries and billing centers are merged and sold on the darknet. Buyers use this data for insurance fraud, identity theft or targeted blackmail. When wallet-based verifications smooth the field, the monetizability of the information increases - and with it the black market price.
Short-term countermeasuresStricter security requirements for practices, encryption of back ends, criminal prosecution of data broker structures.

7 Critical infrastructure: cascading consequences

ScenarioCompromised IDs are used to deceive authorities (e.g. to contest assets, falsify proof of identity for critical supply chains). The result is slow but far-reaching damage: supply chain disruptions, legal disputes, loss of trust in central services.
Short-term countermeasuresMulti-party verifications, sensitive processes do not rely solely on wallet authentication.

8. social exclusion through digital barriers

ScenarioProviders and authorities reduce alternative routes because the wallet reduces the administrative burden. Citizens without compatible devices, older people or people in precarious situations can no longer access services and are effectively excluded.
Short-term countermeasuresLegally guaranteed offline alternatives, support and funding programs for digital participation.

Final classification

These scenarios are not horror stories, but deductions from already known types of attack, economic incentives and the historical experience that systems are regularly developed and expanded. The wallet is not a monster - it is a tool. The question is: In whose hands does this tool fall, how are the control instances distributed, and how strong are the barriers against misappropriation, commercialization and criminal exploitation?

Protective measures, antidotes and responsible guard rails

1. clear legal boundaries - before systems grow

Digital identity is not a small tool. It is an infrastructure project that has a deep impact on everyday life. That is why tough legal barriers are needed before the linking of all areas of life becomes a reality. In essence, this means

Clear earmarking, which cannot simply be circumvented by majority resolution.
Transparency obligations for any kind of access - whether governmental, commercial or technical.
Binding disclosure obligations, if systems are to be expanded.

Experience has shown that large digital systems tend to grow. The only reliable brake is a law that is deliberately narrowly formulated.

2. minimum technical standards - no compromises on the foundation

The wallet itself must be built on a technical foundation that does not invite attackers. The essential minimum requirements are

Strong metadata minimizationOnly log requests that are absolutely necessary.
On-device secure elementNot just software protection, but real hardware locks.
Distributed revocation mechanismsRevocation of keys without total system shutdown.
Genuine end-to-end encryption in backends, not just on the app side.

These standards must be prescribed by law and regularly audited - otherwise the „protection“ remains pure theory.

3. organizational protection mechanisms - responsibility across the board

Anyone who deals with identities must bear responsibility. This includes:

Independent audit bodies for wallet providers and issuers.
Mandatory safety audits for health insurers, banks and official backends.
Liability regulations, that clearly define who pays and who informs in the event of data breaches.

Without clear organizational responsibilities, there is always someone who passes the buck - and that is exactly what must not happen here.

4. transparent restoration - without back doors

The recovery of stolen or lost wallets is a critical issue. It must neither be a tool for attackers nor a backdoor for authorities:

Multi-stage recovery, which is confirmed by several independent channels.
Offline options with personal identity verification to prevent misuse via remote attacks.
No use unsafe secondary channels such as SMS for sole authentication.

This is the only way to prevent attackers from using the recovery as an „entry key“.

5. emergency strategies - stability for everyday life

Even the best digital system needs alternatives if it fails. These include

Paper-based emergency procedures, that guarantee real usability.
Fallback authentication, which is possible without a smartphone.
Rules for offline operation, e.g. in the healthcare sector or for official services.

The digital ID must never be the only access to vital services.

6. civil self-defense - awareness as a protective shield

Technology alone does not protect against deception. Citizens must strengthen their own security awareness:

Distrust of unexpected messages or „emergency“ requests.
No disclosure of wallet PINs or recovery codes.
Regular updating of devices and apps.
Use of strong blocking mechanisms and biometrics with second factor.

Nobody needs to be an IT expert - a little mistrust and common sense are often more effective than any protection software.

Current survey on the digital euro

References to in-depth articles

The topic of digital identity touches on many other areas, which I have covered in more detail in separate articles. If you would like to delve deeper into the individual topics, you will find further analyses, background information and examples there:

Electronic patient file (ePA): A separate article looks at the risks associated with electronic patient records - from darknet traders and security vulnerabilities to the issue of the opt-out obligation. The large interface between ePA and digital ID is a key risk that should be understood.
Digital EuroIn another article, I explain the monitoring and control risks that could be associated with a digital central bank currency. In combination with a Europe-wide identity wallet, this creates a data-rich intersection between financial behavior and personal identity.
state tension in GermanyI have also published an article on the so-called „case of tension“. It examines the legal and social implications that arise when state powers are extended - a topic that becomes particularly relevant in the context of digital identities.
Reintroduction of compulsory military service: My article on the possible return of compulsory military service is also interesting in this context. It shows how state structures could be reactivated in times of crisis - and why digital identity systems would then take on a whole new meaning.

Final conclusion on the digital EU ID

The European digital identity is a powerful tool. It promises convenience, standardized access and modern administration. However, as with any tool, how it is used will ultimately determine whether it becomes a step forward or a risk. The real problem is not the wallet itself, but the connectivity of the many areas of our lives that were previously deliberately kept separate.

Health data, financial information, administrative files and private profiles create a web of data that - if incorrectly regulated or misused - has the power to make a person completely legible. Not only for the state, but also for criminals and companies.

History teaches us that systems that are created grow. Exceptions are codified. Convenience supersedes caution.

That is why we need clear guard rails, transparent controls and alternatives that also work without a digital identity. And a critical view is needed that is not based on panic, but on a healthy respect for the scope of modern technology. Only then can digital ID become a tool that serves society - and not one that shapes it in secret.

Current articles on EU laws

EU censorship laws

The new EU censorship laws: What Chatcontrol, DSA, EMFA and the AI Act mean

Overview of the obligation to issue electronic invoices

Electronic invoices for SMEs: XRechnung, ZUGFeRD and ERP at a glance

The digital euro is coming

The digital euro is coming - what it means, what it must not do and what it could do

Jeffrey Sachs writes open letter to Chancellor Merz

Jeffrey Sachs warns Germany: Why Europe's security needs to be rethought

28th EU regime

The EU's 28th regime: The silent restructuring of the European Economic Area?

All the facts about electronic patient records

A fact check on the electronic patient file (EPR): risks, rights and objections

Frequently asked questions

What is the EU digital ID anyway - and why is it being introduced?
The digital ID is a Europe-wide initiative that citizens should be able to use to identify themselves for a wide range of services - from public authorities to banks and healthcare portals. The EU is arguing for convenience, uniform standards and less bureaucracy. The basic idea is to make identity processes more secure and simpler by handling everything via a single digital identity.
What does „EUDI Wallet“ actually mean?
EUDI stands for „European Digital Identity“. The wallet is an app that stores digital proof of identity on your smartphone. It contains basic identity data (name, date of birth, ID number) and optional additional proof such as driving license, health insurance status or signature certificates. It is therefore a kind of digital wallet for ID cards.
Is it really safe if everything is on my cell phone?
The wallet technology itself is relatively secure - it uses cryptography, hardware security modules and selective disclosure. The problem does not arise on the device, but in the ecosystem. As soon as many services use the same identity anchor, new risks arise from interfaces, central lists, metadata and political or economic interests.
What is the difference between „content“ and „metadata“?
Content is what you actually release - e.g. „over 18“ or „insured“. Metadata is accompanying information: Time, location, which service asked, which proof was requested. Metadata reveals a lot about your behavior, even if the content remains encrypted. Metadata is often the more valuable part - for states, companies and criminals.
What data could theoretically be linked to the digital ID?
Technically, almost all areas that require authentication: Healthcare, finance, digital euro, insurance, mobility, public authorities, registration, creditworthiness data, communication, telemetry. Not because it is planned to throw all the data together, but because the common identification features make this link technically possible.
What is the biggest risk from a government perspective?
The biggest risk is the „shift in purpose“. Once systems are in place, they are often expanded. Crisis situations, political pressure or „security arguments“ can lead to access being extended, metadata being used more extensively or purpose restrictions being relaxed. The wallet then becomes a powerful instrument of control.
Can the state then see everything about me?
No, not automatically. But it could - through legislative amendments or emergency powers - force access to metadata or certain evidence. The technical infrastructure makes this possible. The crucial question is how strong the legal guard rails are and how independently the supervisory authorities work.
What is the greatest risk from a criminal perspective?
Criminals target identity theft, health data and financial transactions. A compromised wallet can be misused for account takeovers, extortion, insurance fraud or targeted identity fraud. Health data in particular is very valuable on the darknet because it is sensitive and permanently valid.
What is the biggest risk from a commercial perspective?
Companies could use the wallet to merge profiles across different platforms. Combinations of age verification, place of residence, purchasing behavior, online activity and creditworthiness data enable very precise consumer profiles. This leads to price discrimination, targeted advertising and potential exclusions.
How could the digital ID be linked to the digital euro?
When the digital euro arrives, it will require some form of authentication. The wallet could be used for this. This brings together financial transactions and state-verified identity - a very sensitive network. Critics fear surveillance, behavioral control and deep intrusions into privacy.
What happens if my cell phone is stolen or hacked?
This depends on the recovery mechanisms. If they are too simple - e.g. via SMS - there is a risk that attackers will steal your identity. If they are too complicated, everyday citizens will be blocked. Robust multi-factor procedures, offline alternatives and no backdoors are needed.
Who controls which services are allowed to access the digital ID?
Each country maintains „Trusted Lists“ - lists of trustworthy service providers. These bodies decide who is considered trustworthy. This creates centers of power. Those who make the list gain access to citizens' identities and economic benefits. The question is how transparent these decisions are.
What role do authorities and health insurance companies play in the risk chain?
A very large one. The wallet may be technically sound - but government and healthcare backends are often poorly protected. Attacks on doctors' surgeries, clinics or billing centers are already a reality today. If data flows out there and can be linked via wallet verifications, massive risks arise.
How realistic are attacks via social engineering?
Very realistic. Attackers use deceptively real messages, support calls or fake apps to obtain recovery data. Humans remain the biggest vulnerability. That's why vigilance and healthy suspicion are more important than any encryption.
Are there protection mechanisms against commercial abuse?
Official protection mechanisms exist, but they are often weak. Companies can combine data as soon as a user agrees - often under time pressure or without clear information. Stricter regulation, transparency obligations and clear purpose limitation are necessary. Citizens themselves can ensure that they do not share data unnecessarily.
Are there alternatives to the digital ID?
Yes - paper-based proofs, classic logins, two-factor systems. It is important that these alternatives remain legally secure. Otherwise, there will be a de facto compulsion to use the wallet. Digital systems must never be the only option for obtaining important services.
What can citizens do to protect themselves?
Use PINs and biometrics, never share recovery data, do not use dubious third-party apps 1TP12, keep devices up to date, check authorizations regularly, use opt-out options in the health area, beware of „Urgent! Account blocked!“ messages - vigilance beats gullibility - that is the most important rule.
Is the digital ID fundamentally bad?
No. It can make many things easier and enable modern digital services. The question is not whether the technology is good or bad - but whether the framework conditions are solid. Without strong laws, transparent controls and robust alternatives, convenience leads to dependency. With clear rules, however, the wallet can be a useful tool.

Current articles on art & culture

Decisions in the shadow of upheaval

Career, world view, future: Decisions in the shadow of upheaval

-

October 25, 2025

Future with a charger - Mr. von L'oreot buys an e-scooter

-

October 30, 2025

Game theory explains 25 years of geopolitics

Game theory explains 25 years of geopolitics: How Europe lost its strategic role

-

December 11, 2025

Jan-Josef Liefers

Jan-Josef Liefers: A portrait of attitude, origins and artistic freedom

-

December 7, 2025

4 thoughts on “Die digitale ID der EU: Verknüpfung, Kontrolle und Risiken im Alltag”

Nickish

30. November 2025 at 07:15

Dear Mr. Schall, I came across this article rather by chance. Nevertheless, it is the best article I have read on this subject so far. But:
You are focusing on the „citizen“. German law distinguishes between residents and citizens. Only citizens are entitled to vote or are liable for military service. However, „illegal foreigners“ are also covered by health insurance, and the majority of foreigners receive citizens„ benefits. Of course, they can be citizens of another country. For me, it would be better if they were guided by the legislation that applies here, not for ideological reasons! Here I am a citizen of the FRG, in Poland or another country I am a “guest„, a foreigner or a “stranger".
So does the above also apply to citizens of the USA, Canada, etc. - do they also receive a digital ID in Germany or the EU? Do they then have the ID of many countries?
I hope you don't see the questions as a provocation.
Thank you
E. Nickisch
Reply
- Markus Schall
  
  30. November 2025 at 10:18
  
  Dear Mr. Nickisch, thank you very much for your comment and your words of praise for the article - I am delighted.
  
  As far as your comment on the distinction between citizens and residents is concerned, you are of course right from a legal perspective: in the strict sense of constitutional law, „citizens“ refers to those who also have citizenship of a country - for example with rights and obligations such as the right to vote or compulsory military service. In the article, however, I used the term in a more general sense, i.e. as „people who live within the EU and would be affected by the digital ID“.
  
  Regarding your question: No, citizens from non-EU countries such as the USA or Canada do not automatically receive an EU Digital ID. The EIDAS 2.0 digital identity is primarily intended for people residing in an EU country. Whether and how third-country nationals can obtain such an ID depends on whether they live in an EU country, are registered there and have access to administrative services. In such a case, they can be assigned an ID - but by a single EU member state. A multiple ID (e.g. „Canadian“ plus „EU“) is not currently envisaged.
  
  I don't see your questions as a provocation - on the contrary. It is important to keep these differentiations in mind.
  Reply
Reuter

26. December 2025 at 21:05

Dear Mr. Schall,
First of all, I would like to thank you for your informative article. In your opinion, is it advisable to use a personal cell phone only for the digital ID? As well as a private cell phone that is used for social media and communication? Is it possible to blur one's digital footprint and prevent data collection and misuse?
With kind regards
S.Reuter
Reply
- Markus Schall
  
  27. December 2025 at 07:07
  
  Good and valid question - and to be honest, one that can only be answered with restrictions at the moment. Although a separate device can increase personal order and your own sense of security, it is probably still not a reliable protection against profiling or data collection. The decisive factors lie less in the device itself than in the system architecture, legal framework, interfaces and the subsequent practical design of the digital EU ID. It is precisely these points that have not yet been clarified transparently. In short: two smartphones cannot reliably „blur“ the digital imprint, but can at best separate them organizationally. Whether and to what extent misuse or merging of data is prevented will not be decided at user level, but at system and legislative level - and this is still in flux. A certain degree of skepticism and a wait-and-see approach is therefore entirely reasonable from today's perspective.
  Reply

Leave a Comment Cancel reply

Why do conflicts often escalate even though neither side actually wants them to? What would have happened if Europe had consistently opted for cooperation in the early 2000s? Game theory allows us to ask precisely this question - without ideology or moralizing. The article shows how rational decisions based on mistrust can lead to irrational overall results. A long-term analysis over 25 years that helps to better classify today's developments. #Game theory #Europe #Geopolitics #Strategy #Analysis #Security dilemma

28.12.2025 - @MarkusSchall

Looking back on 2025, there were many loud debates - but rather few conversations with substance. Dieter Bohlen's conversation with Dominik Kettner stood out: unusually open, reflective, almost uncharacteristically calm. Perhaps a sign that more plain speaking could be allowed in Germany again in 2026 - without show or moralizing...? The interview and classification in the article: #DieterBohlen #Kettner #Review2025 #Outlook2026 #Media #Society

27.12.2025 - @MarkusSchall

Loriot's humor was never loud, never aggressive, never lecturing. He showed people trying to do everything right - and failing at it. His comedy thrives on moderation, language and observation, not provocation. Perhaps this is precisely the reason why Loriot seems more relevant today than many loud contemporary voices. This portrait shows how attitude, moderation and precision make his work timeless. #Loriot #ViccoVonBülow #Humor #Culture #Timeless

26.12.2025 - @MarkusSchall

The Crimean Tatars are not a marginal topic, but part of European history. A separate khanate, annexation by Russia, deportation under Stalin, difficult return from 1990 onwards - and political uncertainty to this day. Anyone who wants to understand why language, homeland and identity are so sensitive here will find the historical context in this article. #Crimea #History #Crimean Tatars #Europe #Contemporary history

25.12.2025 - @MarkusSchall

Multiple Chemical Sensitivity (MCS) is often only seen as an environmental problem. However, many sufferers also have tinnitus, teeth grinding, neck or back pain. This article shows why the nervous system and functional factors such as CMD could play a central role in this - without any promises of a cure, but with comprehensible correlations. #MCS #Nervous system #CMD #Health #Hypersensitivity #Hypersensitivity

24.12.2025 - @MarkusSchall

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Others

↑