mGov4EU Executive Board & General Assembly Meeting Krems/Austria

A joint Executive Board & General Assembly Meeting of the mGov4EU consortium took place at the Danube University Krems from 31st May-1st June 2022. During this hybrid meeting the partners met for two efficient days face-to-face and remote. The main focus of the meeting was on the technical and scientific project progress. Two workshops on “Sustainability & Governance” and “Transdisciplinary pilot evaluation” were organized and many essential discussions on the further progress of the project took place. The project partner Scytl has also started the pilot projects in WP4. The first day of the meeting was rounded off with a social event and at the end of the second day the three partners DUK, UTARTU and Fraunhofer met for a post-workshop meeting on sustainability and evaluation to recap the consortium meeting and to discuss the next steps. The next 18 months of the project will in fact focus on the implementation phase of the various building blocks and their validation on the basis of three project pilots. Watch the video to get some impressions from the meeting:

First project year (2021) of mGov4EU Project is completed

With the practical implementation of the “eIDAS regulation”, the European Union is simplifying the cross-border online identification process for citizens. In addition, the “Single Digital Gateway (SDG) regulation” for the establishment of a uniform digital access gate for administration in the EU entered into force. Today, citizens expect eGovernment services to always be conveniently usable via smartphone. Against this background, the mGov4EU (“Mobile Cross-Border Government Services for Europe”) project, funded by the European Union as part of the Horizon 2020 research and innovation program, started one year ago, with the objectives named below, to enable mobile cross-border administrative services in Europe. The 10 partners are proud to report on the achievements of the first mGov4EU year:

ObjectivesWork towards objective and status in period 1 (month 1 to 12
Enhancing the technical eIDAS interoperability solution and SDG infrastructure to make them compatible with mobile-only use casesThe technical architecture of eIDAS interoperability has already been enriched, and the work continues towards a more detailed designed technical architecture.
The SDG infrastructure has already been enriched, and the work continues towards a more detailed designed technical architecture.
Implementing enhanced eIDAS and SDG related architectures, concepts and building blocksInitial implementation activities have already been carried out. First results are available in the form of initial proofs of concept. These proofs of concept have assessed the feasibility of technical architectures obtained from precious work and hence pave of ready-to-use software packages.

Combining enhanced eIDAS and SDG related solutions to enable secure and user-friendly mobile use cases
By aligning regularly with other work packages ensures that developed software packages support the realization of secure and user-friendly use cases in a best possible way.

Integrating implemented solutions into pilots and testing them in real-world scenarios
During the first year of the project, the pilots and their use cases have been defined, and the definition of an initial architecture has started using C4 diagrams.
Evaluating relevant perspectives of designed, implemented, and operated architectures, concepts, building blocks, and pilotsThe implications and resulting requirements – both for the infrastructure and for the planned demonstrators – have been identified. In addition, the initial version of the transdisciplinary evaluation framework has been created, providing the foundation for the two-round evaluation of the pilots considering the design and implementation phase.
Implementing the once-only, digital-by-default, and mobile-first principles in a user-centric mannermGov4EU pushes forward the practical use of inclusive mobile Government services in Europe, bringing such services in line with EU citizens’ expectations for safe, resilient, and sustainable mobile communication, implementing the once-only and digital-by-default principle across Europe.
Implementing the appropriate legal frameworkAn  overview  of  the  legal  landscape  and  regulations was completed, analyzing the relevant legislation, and distilling applicable legal requirements resulting from the GDPR, SDGR, eIDAS Regulation, and other frameworks.
Evaluation and involvement of relevant stakeholdersInitial considerations regarding the stakeholders of the project were undertaken.
Ensuring the sustainability of project results and achievementsThe basis of the communication activities and thus the “tools” of the communication strategy were identified and implemented: website, social media channels, project brochure, newsletter and so on.

mGov4EU Executive Board & General Assembly Meeting

28th – 29th October 2021, Graz (Austria)

Great to have face-to-face project meetings again!

Last week, the 10 Gov4EU partners met face-to-face and digitally over two productive days, with many discussions, decisions, workshops, determining the next steps and a joint social programme.

The “physical team” of the mGov4EU Meeting!

The “digital team” of the mGov4EU Meeting!

Thanks to TU Graz for hosting the first physical consortium meeting after 10 months of working together virtually!

Personal mobile government – mixing legal frameworks to build privacy and control

The central objective of the mGov4EU project is to facilitate the use of inclusive mobile Government services in Europe. In order to do so, solutions are being created that allow citizens to take control over their personal data, by managing it on their own trusted mobile devices. They can choose to keep or delete their personal information, to keep it to themselves or to share it, and to make it accessible to public administrations when they want to.

On the surface, mGov4EU may seem to be a legal compliance dream, since it ticks all the right boxes. Citizens manage their own personal data safely and transparently, precisely as European data protection law – notably the well known GDPR – would have it. They have reliable tools to identify themselves and to sign documents in a trustworthy manner, as envisaged by the eIDAS Regulation that covers these topics. And document exchanges with public administrations are enabled only at the citizen’s individual request, in accordance with the European rules on once-only data exchanges in the Single Digital Gateway Regulation (SDGR). What’s not to love?

And yet, mGov4EU has some challenging legal knots to untie as well. Principally, these relate to the paradigm shift that’s introduced by putting information squarely in the hands of the citizens. In traditional e-government transactions, information remains firmly under the control of public administrations. Citizens may be able to get extracts, certificates, attestations and so forth for the purposes of specific procedures; but at the root of traditional e-government, public administrations act as data controllers, and as stewards of their citizens’ data. While this approach is perhaps slightly (and certainly unintentionally) patronising, it does have the benefit of ensuring that citizen data is in the hands of an organisation that should, in principle, be able to protect it – at least better than most citizens can.

Even the much more innovative information exchanges envisaged by the SDGR don’t fundamentally challenge that logic. The SDGR requires data to be exchanged directly between public administrations in certain e-government services, at the citizen’s request. The citizen is to some extent in control, in the sense that he must request the exchange before it can happen, and can even validate the information to be exchanged before it is sent. But the information fundamentally passes from one governmental body to another – an exchange from one controller to the next, with the citizen acting as a gatekeeper, but not as the holder of their own data.

And this is precisely where mGov4EU creates new possibilities, but also new challenges. The standard SDGR data flow doesn’t involve mobile devices, let alone data being held permanently by a citizen. Allowing citizens to keep their own data on their own device creates a lot of new options, but also raises a lot of new questions. Who determines which information will be stored on a phone? How can we be sure that the data is safely protected against theft while on the phone? Should all smartphones be supported? Should we validate the identity and competences of aspiring recipients of data? And how do we secure the exchanges between the different stakeholders?

All of these are critical questions to be examined in the course of mGov4EU. The answers will bring innovations and advances compared to the status quo. In order to execute the project in accordance with the EU’s high standards for data protection – including the principles of data protection by design and by default, as required by the GDPR – mGov4EU will have to ensure that sufficient protection capabilities are built into the application itself, and into the information exchanges enabled by the project. A naïve assumption that simply requires citizens to exercise their own diligence, and places all responsibility and risk squarely on their shoulders, would certainly be inadequate.

mGov4EU does not stand alone in examining this shift, however. After the project initiated, a new legislative proposal was published, this time aiming to amend the eIDAS Regulation. One of the innovations included a legal framework for a mobile identity wallet, allowing citizens to securely store and manage their data. If that sounds familiar, then that’s principally because the winds are blowing in a common direction: towards a digital and mobile environment that places greater data stewardship with the citizens themselves. Clearly, mGov4EU has a bright future ahead of itself!

mGov4EU mobilises European eGovernment

With the practical implementation of the “eIDAS regulation”, which has been fully applicable since July 2016, the European Union has made great strides in recent years in successfully simplifying the cross-border online identification process for citizens. In addition, in December 2020 a first part of the “Single Digital Gateway (SDG)” regulation for the establishment of a uniform digital access gate for administration in the EU came into force. After all, there is an unbroken trend towards the mobile and self-determined use of administrative services: Today, citizens expect eGovernment services to always be conveniently usable via smartphone. Against this background, the mGov4EU (“Mobile Cross-Border Government Services for Europe”, https://mGov4.EU) project, funded by the European Union as part of the Horizon 2020 research and innovation program, has recently started to enable mobile cross-border administrative services in Europe. The project is open to further pilot partners and cordially invites you to participate.

The mGov4EU project assembles leading European experts from government, business and science located in Austria, Belgium, Estonia, Germany, and Spain, to enable secure and privacy-friendly mobile government services across Europe. mGov4EU will put the citizen at the center of the considerations and offer them new, secure and privacy-protecting options for managing their identity and personal data – regardless of whether they or the eGovernment service are located in the home country or in another EU Member State.

mGov4EU combines eIDAS with a single digital gateway in a user-centric way

The regulatory framework for this project is provided by Regulation (EU) 2018/1724 on the establishment of a Single Digital Gateway Regulation (SDGR) for the cross-border provision of services together with the eIDAS Regulation (EU) No. 910/2014 for cross-border electronic identification and trust services for electronic transactions in the internal market. The mGov4EU project puts the requirements of self-sovereign and mobile citizens at the center of the considerations and integrates the existing eIDAS ecosystem with the new Single Digital Gateway to create a user-friendly overall system.

The mGov4EU-System at a glance

Figure 1: The mGov4EU-System at a glance

Within the mGov4EU project the existing and emerging possibilities of the eIDAS and SDG regulation will be used and the principles of “once-only”, “digital-by-default” and “mobile-first” will be implemented in practice. After a user-friendly mobile identification and explicit approval by the user, it will be possible to access data that is already available, so that the time-consuming filling out of complex forms can be dispensed with, as far as possible. Through the consistent use of the technologies available in modern smartphones, the solutions targeted in mGov4EU are not only expected to meet the highest security and data protection requirements, but also offer an excellent user-friendliness. The mGov4EU project aims at providing basic building blocks for secure and mobile eGovernment services that can be used throughout Europe and beyond. These modules will be tested in selected pilot applications in the field of electronic voting, smart mobility and, last but not least, mobile signature, before they will be made available to a broader group of users. In this way, based on the mGov4EU developments, a trustworthy federation of collaborative eGovernment platforms can emerge, which facilitates the joint provision and reuse of available and easy-to-use public services.

The mGov4EU project is carried out by an interdisciplinary team of experts

The mGov4EU project is fully funded by the EU research and innovation program Horizon 2020 with a budget of 3.9 million Euro. The mGov4EU project assembles top-class, internationally experienced, interdisciplinary experts from administration, business and science. In addition to the TECHNIKON Forschungs- und Planungsgesellschaft mbH as coordinator, the Center for Secure Information Technology Austria (A-SIT together with A-SIT Plus GmbH), Danube University Krems, ecsec GmbH, the Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V., go.eIDAS Association, Graz University of Technology, Scytl Election Technologies, TIMELEX and the University of Tartu work on this project.

During the three-year project period, several mGov4EU pilot applications will be designed and implemented in order to validate the solution modules and infrastructure services provided. The pilot applications include electronic voting, smart mobility based on subsidised taxi rides and mobile signature. Interested authorities across Europe are cordially invited to contact the mGov4EU project in order to participate in these pilot applications or to use the innovative technologies in their own applications at an early stage.