Be part of the conversation and help shape a safer digital future. Join our Discord server to connect with others, ask questions, share ideas and stay updated on the latest developments. Everyone is welcome.
What is the
The EUDI (or EU Digital Identity) Wallet is an EU system for digital identification, but without strong legal
safeguards it risks enabling tracking, profiling and centralised control.
Issuance 🪪
A trusted authority – such as a national government, a university, a licensing office or a bank, creates a verifiable credential containing verified information about you. This might be your national ID, your driving licence, a diploma, or an age-attestation. The issuer digitally signs the credential so it can later be verified without contacting them again.
Storage 💾
The digital credential is securely stored inside the user’s EUDI Wallet app on their device. The Wallet is designed to keep credentials protected using local encryption and device security features. Only the user can unlock and access their documents, typically through biometrics or a PIN.
Sharing 🔗
When a service asks for information, the Wallet displays exactly what data is being requested. The user chooses which attributes to share – for example, confirming “over 18” instead of revealing a birthdate. The Wallet then generates a cryptographic proof containing only the approved information.
Verification ✅
The selected data is sent to the service, which checks the cryptographic proof against EU trust lists to confirm it is authentic and hasn’t been altered. The service can verify this without contacting the original issuer. The process is designed to ensure interoperability across all EU countries, so credentials issued in one Member State work everywhere.
Sounds good. But there are
A Single System That Sees Too Much
The EUDI Wallet risks becoming a tool that quietly logs where you go, what you access and when. When the same ID is used everywhere, even small traces can turn into a detailed behavioural profile.
Age Checks That Turn Into Checkpoints
Age verification sounds simple – but tied to a central ID, it can reveal identity, track browsing behaviour or be used to control what people can see online. Protection must not become censorship.
One App, One Failure
By bundling ID, licences, signatures and maybe payments into one wallet, Europe creates a single point of failure. A hack, glitch or wrongful restriction could lock people out of essential services.
Encryption Under Political Control
New rules could let governments decide which security certificates browsers must trust. That opens doors to interception and weakens the independent encryption the internet relies on.
“Voluntary” Today, Unavoidable Tomorrow
Once banks, agencies and big platforms adopt the wallet, it becomes hard to live without it. People without smartphones, with disabilities or strong privacy needs risk practical exclusion.
Hidden Expansion Without Public Oversight
Without strict rules, the wallet can grow into areas never intended. Only full open-source code, independent audits and a public veto can prevent quiet feature creep and unwanted monitoring.
Any
How can age checks track my browsing behaviour?
Age verification requires the wallet to communicate with each website you visit. Even if only “yes, this person is old enough” is shared, the process still creates metadata such as which site requested the check and at what time. These small data points can reveal your browsing patterns and can turn age checks into an identity checkpoint.
Why is a single digital wallet a single point of failure?
The wallet can contain your identity card, driving licence, health data, digital signatures and more. If the app breaks, gets hacked or is restricted by mistake, you may lose access to many essential services at once. This concentrates risk in one place and increases the impact of every possible failure.
Why might the wallet not remain voluntary in practice?
Although described as optional, such systems often become practically unavoidable once banks, public agencies and large online platforms adopt them. People without modern smartphones, people with disabilities and people who value privacy can end up excluded when the alternatives become inconvenient or costly.
Can the wallet really create a profile of my daily life?
Although described as optional, such systems often become practically unavoidable once banks, public agencies and large online platforms adopt them. People without modern smartphones, people with disabilities and people who value privacy can end up excluded when the alternatives become inconvenient or costly.
How could government influence over encryption be dangerous?
If governments are allowed to decide which security certificates browsers must trust, they can introduce certificates that allow the interception of encrypted communication. This undermines the independence of encryption and weakens the security of the internet as a whole.
Why does we insist on decentralisation?
When all credentials sit inside one system, whoever controls that system gains disproportionate insight and power. Separating identity, licences, signatures and any future payment functions reduces this risk. It also ensures that compromising one credential does not expose everything else.
Why is transparency and open source so important?
Only fully open code allows independent experts to verify that no hidden tracking or unauthorised features exist. Without transparency, the wallet can quietly expand its purpose. Public oversight and open source software help prevent unwanted monitoring and uncontrolled growth of the system.
What is #stopEDI?
#StopEDI is a European civil society campaign that highlights the risks in the planned European Digital Identity Wallet. The campaign supports the idea of secure digital identification but warns that the current design could threaten privacy, personal autonomy and digital freedom. Its goal is to inform the public, encourage debate and push for a safer and more privacy-protecting approach to digital identity.
What is the
The EUDI (or EU Digital Identity) Wallet is an EU system for digital identification, but without strong legal
safeguards it risks enabling tracking, profiling and centralised control.
Issuance 🪪
A trusted authority – such as a national government, a university, a licensing office or a bank, creates a verifiable credential containing verified information about you. This might be your national ID, your driving licence, a diploma, or an age-attestation. The issuer digitally signs the credential so it can later be verified without contacting them again.
Storage 💾
The digital credential is securely stored inside the user’s EUDI Wallet app on their device. The Wallet is designed to keep credentials protected using local encryption and device security features. Only the user can unlock and access their documents, typically through biometrics or a PIN.
Sharing 🔗
When a service asks for information, the Wallet displays exactly what data is being requested. The user chooses which attributes to share – for example, confirming “over 18” instead of revealing a birthdate. The Wallet then generates a cryptographic proof containing only the approved information.
Verification ✅
The selected data is sent to the service, which checks the cryptographic proof against EU trust lists to confirm it is authentic and hasn’t been altered. The service can verify this without contacting the original issuer. The process is designed to ensure interoperability across all EU countries, so credentials issued in one Member State work everywhere.
Sounds good. But there are
A Single System That Sees Too Much
The EUDI Wallet risks becoming a tool that quietly logs where you go, what you access and when. When the same ID is used everywhere, even small traces can turn into a detailed behavioural profile.
Age Checks That Turn Into Checkpoints
Age verification sounds simple – but tied to a central ID, it can reveal identity, track browsing behaviour or be used to control what people can see online. Protection must not become censorship.
One App, One Failure
By bundling ID, licences, signatures and maybe payments into one wallet, Europe creates a single point of failure. A hack, glitch or wrongful restriction could lock people out of essential services.
Encryption Under Political Control
New rules could let governments decide which security certificates browsers must trust. That opens doors to interception and weakens the independent encryption the internet relies on.
“Voluntary” Today, Unavoidable Tomorrow
Once banks, agencies and big platforms adopt the wallet, it becomes hard to live without it. People without smartphones, with disabilities or strong privacy needs risk practical exclusion.
Hidden Expansion Without Public Oversight
Without strict rules, the wallet can grow into areas never intended. Only full open-source code, independent audits and a public veto can prevent quiet feature creep and unwanted monitoring.
Any
How can age checks track my browsing behaviour?
Age verification requires the wallet to communicate with each website you visit. Even if only “yes, this person is old enough” is shared, the process still creates metadata such as which site requested the check and at what time. These small data points can reveal your browsing patterns and can turn age checks into an identity checkpoint.
Why is a single digital wallet a single point of failure?
The wallet can contain your identity card, driving licence, health data, digital signatures and more. If the app breaks, gets hacked or is restricted by mistake, you may lose access to many essential services at once. This concentrates risk in one place and increases the impact of every possible failure.
Why might the wallet not remain voluntary in practice?
Although described as optional, such systems often become practically unavoidable once banks, public agencies and large online platforms adopt them. People without modern smartphones, people with disabilities and people who value privacy can end up excluded when the alternatives become inconvenient or costly.
Can the wallet really create a profile of my daily life?
Although described as optional, such systems often become practically unavoidable once banks, public agencies and large online platforms adopt them. People without modern smartphones, people with disabilities and people who value privacy can end up excluded when the alternatives become inconvenient or costly.
How could government influence over encryption be dangerous?
If governments are allowed to decide which security certificates browsers must trust, they can introduce certificates that allow the interception of encrypted communication. This undermines the independence of encryption and weakens the security of the internet as a whole.
Why does we insist on decentralisation?
When all credentials sit inside one system, whoever controls that system gains disproportionate insight and power. Separating identity, licences, signatures and any future payment functions reduces this risk. It also ensures that compromising one credential does not expose everything else.
Why is transparency and open source so important?
Only fully open code allows independent experts to verify that no hidden tracking or unauthorised features exist. Without transparency, the wallet can quietly expand its purpose. Public oversight and open source software help prevent unwanted monitoring and uncontrolled growth of the system.
What is #stopEDI?
#StopEDI is a European civil society campaign that highlights the risks in the planned European Digital Identity Wallet. The campaign supports the idea of secure digital identification but warns that the current design could threaten privacy, personal autonomy and digital freedom. Its goal is to inform the public, encourage debate and push for a safer and more privacy-protecting approach to digital identity.
Be part of the conversation and help shape a safer digital future. Join our Discord server to connect with others, ask questions, share ideas and stay updated on the latest developments. Everyone is welcome.