EBSI embraces Web3 innovative technology with EU citizens’ rights in mind. With every new opportunity come new risks. This is why we design EBSI with respect for privacy, freedom of choice, inclusion and safety in mind. These are the Commission’s Digital Rights Declaration’s core principles. Find out how EBSI embeds these principles at the very heart of how we use Blockchain technology and Verifiable Credentials, to usher in a new Web3, where people can enjoy the rights and opportunities brought by the Digital Decade without compromising on privacy nor on security.
People at the centre:
Web3 fundamentally changes how data is exchanged. Web 2.0 was the era of Big Platforms and centralisation of data through social logins as a form of authentication. Web3 promotes decentralisation and self-sovereign information sharing. This new pattern of information sharing, where data holders (people) are at the centre and in control of what they reveal and to whom, is underpinned by EBSI’s new trust model and verification technology. By default, data is no longer hoarded by big market players, and people can better defend their rights to privacy, autonomy and choice, while still being able to conveniently move around the world without suffering a heavy administrative burden.
Solidarity and inclusion:
With the help of EBSI, any user with an internet connection and a smartphone will be able to easily install an EBSI-conformant wallet and request any type of credential (e.g. university diploma, social security documents, driver’s licence, etc.) from a Trusted Issuer (e.g. Ministry, university, regional public administration, etc.). This credential or specific parts of it (respecting the data minimisation principle of GDPR) can then be easily presented to a Verifier (person or organisation requesting the information). With this, EBSI contributes to a more open, transparent and privacy-preserving data ecosystem, while simultaneously making citizens’ lives more convenient.
Freedom of choice:
EBSI provides freedom of choice in several ways:
- In the way we build EBSI. The EBSI project is built on open-source software and is referencing open standards such as W3C Verifiable Credentials. We want to encourage a fair online environment by ensuring built-in interoperability with other initiatives, so that the ecosystem can grow organically.
- In the way we work with our stakeholders. EBSI does not distribute its own wallet or applications. Instead, we take an inclusive and user choice-driven approach by letting any small, medium or large market player that wants to contribute to Europe’s digital transformation pass our Conformance Testing . This service is open and free for all companies that build digital wallets and want to test their conformance with EBSI’s Verifiable Credentials specifications. That way, citizens have options to choose from, and wallets can compete freely to provide the best service to their users.
Safety and security:
Blockchain technology is notorious for being hard - almost impossible - to tamper with, in the sense that its decentralised ledger is updated by all authorised nodes based on consensus. The copies of the ledger, with information on all previous transactions, are stored in many places at once, which makes it much harder to tamper with the data, avoids the existence of a single point of failure and makes the ecosystem much more resilient and resistant to cyberattacks.
EBSI’s blockchain network is made up of nodes operated by trusted and endorsed organisations all across Europe, that comply with the state-of-the art security requirements. They are approved by their Member States and associated countries through the European Blockchain Partnership (EBP), which sponsor their admission to the network. EBSI also performs KYC on prospective node operators in order to see whether they are indeed sponsored by a national authority, and whether they comply with EBSI technical requirements.
The EBSI node software image, that allows node operators to set up a node, is designed and developed by the European Commission, and undergoes rigorous testing before any version of it is released.
Third party software providers who want to provide services to citizens using EBSI have to pass our conformance testing and show compliance with our specifications. When we design specifications for a particular use case of EBSI, we make sure to apply privacy by design principles and minimise personal data required for operations.
Finally, EBSI is committed to users’ privacy. As such, none of EBSI’s use cases allow the storage of personal data on the ledger. This is important, because information on blockchain ledgers cannot be changed or deleted, which would violate citizens’ data rights to rectification and the ‘right to be forgotten’ (erasure).
Participation:
We believe that individuals should have full custody over their own data, controlling which information they show, to whom and for how long. We ensure this by providing a trust model that enables the exchange of Verifiable Credentials in a self-sovereign way.
However, beyond our own design ethos, we also believe in the significant positive impact of participative design when working with innovative technology to serve citizens. This is why, at each stage of EBSI’s development, we have been in constant contact with end-users, be it universities, software providers, or other organisations or individuals who will end up benefiting from EBSI. We designed EBSI’s Verifiable Credentials framework together with these ‘Early Adopters’. All Early Adopters are also given early access to a test environment of EBSI and get the opportunity to test early versions of our specifications, suggest changes, and test their pilot projects in order to ensure that EBSI meets real and not imaged needs of its prospective users. By applying such a user-centric design process, EBSI not only benefits from the creative ideas of Early Adopters but also strengthens the trust of EU citizens in innovative technologies, as well as positively adding to the democratic participation of persons in the creation of a safe, diverse and accessible online environment.
Sustainability:
Blockchain technology has a bad reputation when it comes to sustainability – and for good reason. This is mostly because in typical blockchains, based on Proof of Work consensus mechanisms, writing on the ledger requires high computing power to reach consensus. Instead, at EBSI we implemented a Proof of Authority mechanism - a version of consensus mechanism that ranks lowest in terms of energy consumption. It requires almost no computing power, and therefore significantly less electricity for its operation1.
Beyond blockchain, EBSI seeks to tackle use cases that improve efficiency in digital verification processes. Estimates from our Early Adopters in the educational sector revealed that the issuance and verification of university diplomas in the traditional paper way takes exponentially more time, effort, and ultimately, energy, than the near instant verification of a Diploma Verifiable Credential. We will continue to strive to improve the lives of citizens and address the challenges of our time with innovative pan-European, secure and privacy-protecting technology.