Disparate Privacy Features Devalue ID Cards, Warns Eu Security Agency

It said, though, that though it was possible to create systems to deal with the problems, this was not always done, and even when done it was not always replicable on other countries' systems.

"A lot of very practical techniques exist to protect the citizen’s privacy and, from the survey of available techniques in this paper, it is possible to identify a set of best practice guidelines for the protection of personal data in national eID card schemes," said the report.

"European eID card specifications are very diverse in terms of their implementation of the privacy features we have identified. They are by no means universally implemented and where they are implemented, they are not always technically interoperable," it said.

ENISA said that the report was designed to give policymakers the information necessary to improve the situation.

"A clear statement of the status quo is an essential first step towards the important goals identifying best practice, improving the base-line of citizen privacy protection in eID cards throughout Europe and ultimately to improving interoperability and adoption by citizens," it said.