Pages

IT professionals have sent out a letter to EU council warning them about the flaws in their new digital identity framework

Thirty-eight IT professionals around the globe have come together with EEF, which is a multinational NPO with the motive of promoting internet civil liberties. IT professionals have sent regulators of the European Union a letter warning them about a proposal that can expose people on the internet to cybercrime.

To be specific, the group has flared the problems and called for changes to be made in article 45 which is about inaugurating a framework for a European Digital Identity.

According to the proposal, internet browsers must accept QWACs which is a qualified digital certification under which browser developers are forced to ease their security stance.

Sites that have the use of Transport layer security certificates can assure security by encrypting the information shared between the user and the server’s end, hence exposing the owner’s identity.

One can now easily identify sites with the certificates by taking a look at the site’s URL, sites whose URL begins with HTTPS are the certified ones.

Changes made to Article 45, the European Union legislators have forced browser developers to accept the QWACs to enhance the authenticity of the web and establish a proper system of general data protection regulation, owner identity, and info guarantees.

The intentions of the legislator may be sincere but unfortunately, they lack knowledge about the technical world which means that the proposal was not properly planned.

The letter which meant a warning to the EU members highlighting the sat-back of the QWACs is one of the main reasons behind why it wasn’t fully adopted since the site authentication was introduced back in 2014.

According to the letter sent out to the legislators, the new digital identity framework forces internet browsers to have QWACs given by the TSPs, it does not matter if the distribution is affected by the security features of the certification.

The proposal also brings the flaws of the multinational ecosystem under the spotlight and will promote the growth of cybersecurity needed by the users.

However, the approach shows a troubling sign, as it forces the private sector to sacrifice their job for the people who are their customers and assume that the authorities assigned by the government will be taking care of it. The proposal forces clients to believe that the software they are using is secure enough even though it isn’t.


Read next: Kids And Social Media, What's The Ideal Age For A Child?

No comments: