After two-thirds of Swiss voters rejected the government’s proposed e-ID system in 2021, a slightly revamped “Digital Passport Act (E-ID Act)” is back on the political agenda.
In March 2021, Switzerland was the scene of a rare exercise in popular democracy, and one that is unlikely to be repeated in other “liberal” democracies. A public referendum was held on the government’s plans to roll out a digital identity program, which would have allowed it to control and license an identity data verification system essentially run by private companies.
But in January 2021, Swiss civil society groups lobbied against the proposed law and collected enough signatures to force a referendum. Almost two-thirds (64.4%) of voters rejected the proposed e-ID program, which should have been enough to put paid to the government’s plans. At the time, Swiss Info described the result as a “blow” for the government “amid fears about data protection.” A previous attempt to set up a public-private e-identity solution, known as SuisseID, had failed more than ten years earlier.
But instead of accepting defeat, the Swiss government went back to the drawing board, and got creative. After the vote, Justice Minister Karin Keller-Sutter urged parliament and critics of the e-ID measure to rethink their approach in order to avoid a potential drag on Switzerland’s digitization efforts.
“We have no choice and must work towards a new solution, even if it takes several attempts. It is key for Switzerland to catch up with other countries when it comes to digitalisation.”
There are few better examples of TINA (Margaret Thatcher’s “There is No Alternative”) in operation today than digital identity, and the central bank digital currencies (CBDCs) to which they are inexorably tied. It seems that more or less every country on the planet, from the most advanced economies to the most impoverished, from democracies to theocracies, is either in the process of creating such a system or has already done so, often with the assistance of the World Bank and/or the UN Development Program, and their partner companies and NGOs.
“A Legal Identity for All”
Even if two-thirds of a country’s voters reject it in a referendum, the plan must proceed.
There is an obvious reason for this: one of the UN’s Sustainable Development Goals (SDG #16.9) is to provide “a legal identity for all” by 2030. And that identity will ideally be of a digital nature — not just for the hundreds of millions who currently do not have legal identity, but for everyone on the planet.
The SDGs were adopted by the UN in 2015 as a “universal call to action to end poverty, protect the planet, and ensure that by 2030 all people enjoy peace and prosperity” — all laudable goals that show little sign of materialising in five years’ time. In fact, for the past two years, the Doomsday clock has been set at 90 seconds to midnight, the closest it has ever been to midnight — a reflection of the unprecedented dangers the world faces from nuclear war, environmental disaster and other threats.
One area in which governments have overdelivered in recent years is digital identity.
In 2016, a little-known private-public consortium called ID2020 was established to help promote (emphasis my own) “privacy-protecting approaches to digital identity”, with seed money from Microsoft, Accenture, PricewaterhouseCoopers, the Rockefeller Foundation, Cisco and Gavi, the largely Gates Foundation-funded vaccine alliance. Other participants include Barclays, BlackRock, Bloomberg, BYN Mellon, Deloitte, Ernst & Young, Facebook, Google, IBM, JP Morgan Chase, Mastercard and Infosys, the Indian company that helped design Aadhaar, the world’s largest digital ID system.
At the same time, the World Bank has been driving global efforts to build an inclusive and trusted digital ID framework across the Global South through its Identification for Development (ID4D) initiative, which the NYU School of Law’s Center for Human Rights and Global Justice (CHRGJ) has warned risks “paving a digital road to hell”:
Through the embrace of digital technologies, the World Bank and a broader global
network of actors has been promoting a new paradigm for ID systems that prioritizes what
we refer to as ‘economic identity.’ These systems focus on fueling digital transactions and
transforming individuals into traceable data. They often ignore the ability of identification
systems to recognize not only that an individual is unique, but that they have a legal status
with associated rights.
One of the main reasons why there is (seemingly) no alternative to digital identity is that there are simply too many powerful interests aligned behind it. It is the keystone of the new panopticon of digital public infrastructure (DPI) being constructed around us.
For governments and national security agencies, the benefits are clear: expanded power and control at a time when economic conditions are about to get significantly worse for the vast majority of the population. For big tech companies, it will mean new opportunities to amass even more data over our lives, which they will then be able to transform into even more revenues and profits. For central banks and the TBTF banks whose interests they predominantly serve, it will mean even more financial power.
A New System “Taking Shape”
In November of 2023, the Swiss government unveiled plans for a new digital ID system. This time it would be the federal government, not private sector partners, who would be responsible for issuing the e-ID and offering the infrastructure necessary for its operation. By September of last year, both of Switzerland’s legislative houses had approved the legal basis for a slightly revamped system. As Netzwoche reported in December, the federal government’s latest digital ID scheme “is taking shape”, despite public opposition (machine translated):
On 6 December 2024, the Federal Council adopted the principles for the technical implementation, which is to take place in two phases. The goal is to provide the e-ID by 2026 (NC: coincidentally, the same year that all EU Member States are supposed to provide digital identity platforms to all of their citizens). The e-ID is intended to enable citizens to provide digital proof of identity securely and in compliance with data protection regulations.
At the same time, the federal government’s electronic wallet, in which the e-ID and other digital evidence can be stored, has been given a name: “Swiyu”. The artificial word is made up of the elements “SWI” for Switzerland, “I” for I, identity and innovation, and “YU” for you (you) and unity (unity), according to a statement from the federal government.
This time, the system will be largely state-run. Supporters of the initiative claim the right lessons have been learnt from the 2021 failure. A Swiss government commission has recommended that e-ID data be kept exclusively in a government digital wallet. However, private-sector wallet makers will be able to store and present electronic IDs in the future so long as they comply with council regulations. In other words, private sector participation will still be critical, especially when it comes to building the infrastructure.
It is hoped that these steps will help assuage citizens’ concerns about data security. But not everyone is convinced. Last Thursday, the Mass-Voll group, an organisation that emerged during the protests against the government’s COVID-19 measures, has already begun collecting signatures for a new referendum. The group argues that the Swiss people have already put a stop to this, having already rejected e-ID in 2021 with a 64% no vote.
“In total disregard of the will of the people, Parliament still wants to introduce the e-ID. This is unacceptable,” said Mass-Voll.
The group began gathering signatures last Thursday, and has until April 19 to collect the requisite 50,000 signatures to trigger a nationwide referendum. One of the group’s main arguments against the latest e-ID proposal is the danger it poses to personal data security (machine translated):
The Swiss Digital Passport Act (E-ID Act) promotes the misuse of sensitive personal data: it does not provide sufficient protection against the increasing number of cyberattacks. And it exposes citizens’ data to private companies, which analyse it with the help of AI and make a profit from it. In doing so, the law undermines people’s privacy and endangers their democratic freedoms.
One of the ironies of the Swiss government’s latest attempt to launch a digital ID system is that in its previous attempt it argued that the public sector does not have the necessary technical expertise to launch and maintain a functional, efficient digital ID system, which is why it proposed outsourcing the lion’s share of the project to private-sector players. But this was also one of the reasons why the original project faced so much public opposition — the fear that private corporations cannot be trusted with so much sensitive personal data.
Data security, or lack thereof, is one of the most important risks posed by digital identity systems. India, which is home to the world’s largest biometric-based digital ID system, Aadhaar, has suffered huge security problems, from identity theft to innumerable data breaches, including two in which the data of roughly a billion people were compromised. “Aadhaar, one of the world’s single largest caches of data about citizenship details, leaks like a sieve,” thundered a 2023 editorial in the New Indian Express.
Much of the compromised data, including, in some cases, people’s biometric identifiers (i.e. their iris and fingerprint scans), ends up for sale on the dark net. If this data is hacked, there is no way of undoing the damage. You cannot change or cancel your iris or fingerprint like you can change a password or cancel a credit card.
These security issues are not unique to India. In fact, at the end of last year, InfoCert, one of the leading Italian companies providing digital identity services, suffered a cyberattack that resulted in the theft of personal data belonging to over 5 million digital identity holders. The stolen information included full names, tax codes, phone numbers and email addresses and data relating to communications with customer support, all of which is now put up for sale on the dark web.
Infocert claimed the leak was the result of a systems breach of a third-party supplier, to which customers were registered, and that “illicit activity” had been committed against this supplier. The company was at pains to stress that neither its own systems nor its service access credentials or passwords had been compromised.
However, if governments cannot guarantee the integrity and security of the data held on the digital identity systems they and their armies of private sector partners are building, why are they creating more and more silos of sensitive, and often inadequately protected, personal data?
Lack of security is just one of the many issues thrown up by digital identity systems. Others include the threat they pose to privacy and anonymity, especially online; their inherently exclusionary nature (in India, for example, millions of people are unable to access the most basic of services, including welfare programs, either because they do not have the 12-digit UDI number or due to biometric authentication errors); their unprecedented potential as tools of government surveillance and control; and the fact that without them, central bank digit currencies would almost certainly not be possible.
The campaigners that have called for a referendum on the Swiss Digital Passport Act (E-ID Act) warn that the proposed system “would promote the misuse of sensitive personal data” while failing to provide “sufficient protection against the increasing number of cyberattacks”. It would also expose citizens’ data to profiteering private companies, “which mine it with the help of AI.” Ultimately, it would “undermine people’s privacy and endanger their democratic freedoms.”
It remains to be seen whether the campaigners will be able to gather enough signatures this time round (my guess is they will), and if so, whether or not the newly proposed system will also be voted down — and if that happens, what the government will do in response. But as the German financial journalist Norbert Häring notes, the Swiss government’s determination to launch digital identity in the face of overwhelming public opposition makes one thing crystal clear: “this is not about citizens’ interests.”
These f’ers have to destroy the concept of representative government for people including the non-wealthy.
90% to 100% of the people could have voted down this dystopian, rentier trash policy and the cretins would still be trying to get it passed.
You see this same dynamic at the local level, too. There have been a few issues in my area in recent years where voters or the city council will vote something down, only to see those who stand to gain bring it back in slightly different form, or to a new council that is unaware of what happened previously. They just keep at it until they get what they want, the public be damned.
If all politics is local, then we are in very bad shape. It would be nice to be rid of the oligarchs peacefully, but other than the New Deal, I’m hard pressed to think of a time when that actually happened.
Was in Switzerland several times for extended stays and I found the people to be very conservative and not ones for radical experimentation. In a referendum they actually turned down working less hours. This set-up was reflected in the structure of their government where the Cantons had considerable power with the remainder given to the Federal government. Referendums enabled a people’s veto on unpopular measures.
Now? The people may still be conservative but the government sounds like that it has been taken over by WEF types. The Swiss were organizing a referendum to not buy the F-35 fighter so the government signed all the contracts before it could go ahead. It is just as well that the Swiss are not already in the EU as when they rejected the SuisseID, the government might have cancelled that vote on the grounds of Russian influence via Chinese Tik Tok videos. Instead they are going to make the people vote a second time like the EU did with Ireland.
The Swiss people are going to be in for a helluva fight as the Swiss government wants that country to join NATO because it is so powerful, join the EU as everybody wants to join a winning organization and put the people under the thumb of a digital ID that everybody knows will be hacked sooner or later. I have not been to Switzerland for many years so do not know if the character of the people has changed but guess that time will tell.
Last time I was there, they had a large Ukrainian flag on Buerkliplatz. They’ve changed….
“The SDGs were adopted by the UN in 2015 as a “universal call to action to end poverty, protect the planet, and ensure that by 2030 all people enjoy peace and prosperity””
LOL! Definitely a laudable goal, but if the legal identities are supposed to be digital how is that helping poor people. Now they need a digital device and those consume power which now means they need to consume and pay for electricity. It just seems much more like one more part of a person that is being privatized for someone else’s economic rent seeking benefit.
We must have digit IDs TO PROTECT THE CHILDREN!!!
LOL! Yeah, to protect the children of those rich blood suckers at the other end who need a good flow of asset income for the family trust they just set up.
We must have vaccine to protect the elderly
I refuse government direct deposit because it cannot be trusted, here’s but one example:
In mid November 2024 the abused Canada Post workers went on strike. In mid December 2024 all 55,000 of them were ordered back to work. My November 2024 BC government cheque did not arrive. My December 2024 BC government cheque did arrive. I have emailed the minister and his deputy minister 3 times about the missing cheque. In a couple of days I will file a formal notice of claim at the BC court registry to litigate this failure of undertaking by that ministry because I have had no response and no cheque.
One of these days the cheque will not be issued because there is no way I will accept digital ID, because the control freaks cannot be trusted.