What could possibly go wrong with the Swiss E-ID? (a short summary)

On Friday 18 September a small group of people gathered at L200 (and online) to analyze certain important risks associated with the new law on the Swiss E-ID. The discussion was very lively and productive and the main outcomes relevant for keeping a critical attitude with the fast digital transformation that is happening everywhere.

We identified 3 major “risk areas” that need to be better understood especially now that the outcome of the referendum was positive, and the Swiss E-ID will be eventually implemented:

1) Unnecessary dependence on technology in everyday life.
2) Extended exposure of one’s private data.
3) Increased potential damage by identity theft, device hacking or failure.

Some of these risks could be better addressed by the current law, most notably the lack of clear measures that ensure its optional character. And others, like the increased exposure to surveillance and various forms of attacks or accidents, are questioning the necessity of a Swiss E-ID in the first place.

The main goal of our discussion was not to repeat the main arguments that prioritize those risks in comparison to the respective benefits mostly related to convenience and law enforcement. The goal was to discuss the most effective ways of communicating those risks to raise the awareness and engagement levels toward a wise digital transformation.

1) The optional character of the Swiss E-ID is an empty promise

This is a key point to communicate properly:

A digital E-ID stops to be “optional” when it is obligatory for an activity that is really important for someone.

If the E-ID is required for me to have an operation for a serious disease it stops being optional for me. It is obligatory.

And if for people that have an ID, the compromise to have also an E-ID to access vital services might not seem such a disaster, it becomes one for those without an ID in the first place. If you are not one of those that believe that such people should be exterminated, you should make sure that the E-ID stays truly optional. The law does not guarantee this, but the people can still fight for it.

Related to this topic, you can read a recent publication by the Computer magazine titled “How much technology is needed to build a smart community space?“, by Panayotis Antoniadis, which explains why it is important to maintain a wide set of more or less technological options for addressing social problems and why FLOSS software is a key ingredient for enabling local communities to make the right choices.

2) Stronger identity means more powerful surveillance

Simple narratives around surveillance capitalism like the “age verification with restricted data” case study, as promoted of the “pro” campaign for the Swiss E-ID, can be dangerous.

The threats to privacy caused by the avalanche of digitization cannot be addressed only through protection measures. It is a complex issue that requires complex thinking, not an easy task for communication specialists.

The intention of the Swiss E-ID law has a positive dimension. It aims to minimize the amount of personal data shared with private companies when they need to verify certain aspects of our identity, most notably our age. This is a good design, but it underestimates the power of big corporations to extract more than necessary information in the same way that nudge people into accepting their cookies.

Moreover, it adds one more actor that has full access of one’s digital life, the government. Big companies still collect the same amount of personal data they did before and in addition have access also to our official identification information. And the government that was not aware of our online activities, it will now has also access to a significant part of it.

Of course, we trust more our government than Facebook. This is clear. But even a benign state can fail sometimes, can become the victim of attacks, or change in light of a big crisis.

Finally, even if we do our best to protect our privacy online, this success can cause important side-effects. A more trustworthy digital world can increase our addiction and dependence on digital services and the power of those having access to this information for producing knowledge on human behavior.

3) Increased digitization increases vulnerability to attacks or failures

Accidents or failures happen always, with the examples of blackout in Spain and the airport ransomware still present in our memory, we can only hope that we will not be among the victims of the next natural disaster, malicious attack, or internal failure.

Moreover, the danger of identity theft is another reason why the optional character is highly compromised.

Here, the Swiss E-ID law cannot do much. It is a matter of implementation and the advantage is always to those that wait in the back instead of leading the process. The fact that the proposed solution is not fully open source can only make us worry.

The more we depend on digital devices for our everyday life the more vulnerable we depend on potential failures and accidents. If we get used to our Swiss E-ID and we leave its physical counterpart always at home, the more harmful it will become if we fall from the bicycle and break our phone or if we lose it before going to an important event or trip that requires it.

Final note: the critical role of Free/Libre and Open Source Software

The result of the referendum was remarkably close despite the fact that the majority of political parties were in favor. This means that the Swiss people are really concerned by the risks of digitization and thus it is really important to discuss and debate about specific details of its implementation.

For this, the role of Free/Libre and Open Source Software is critical, and ISOC-CH is a communication partner of the more ambitious funding programmes for supporting FLOSS software worldwide, the NGI0 Commons Fund.

Our forthcoming “what does digital sovereignty mean for … ” series, will include this key dimension in the overall debate taking the perspective of different actors and focusing on what can be actually done, now.

Just waiting the European industry to fight the American Big Tech on its own field is not very productive. There is a lot we can all do to protect ourselves from actors that abuse their power and from technologies that do not serve our real needs.

Become an ISOC-CH member and/or join our announcements list by sending a message to contact@isoc.ch to stay tuned!

What could possibly go wrong with the Swiss E-ID? (a short summary)

Consolidation in the DNS resolver market – how much, how fast, how dangerous?

Important step for Network Neutrality in Switzerland

Geplante VÜPF-Revision bedroht Grundrechte und kompromittiert Verschlüsselung

NGI0: Teach the Teachers on Dangers of (Mass) Datafication

NGI0 Commons Fund update and 6th call for funding

ISOC-CH is a partner of the NGI0 Commons Fund

Similar Posts