EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

The impact of zero-knowledge proofs on data minimisation compliance of digital identity wallets

Emanuela Podda, Pol Hölzmer, Alexandre Amard, Johannes Sedlmeir and Gilbert Fridgen

Internet Policy Review: Journal on Internet Regulation, 2025, vol. 14, issue 3, 1-29

Abstract: The recent amendment to the European eIDAS Regulation has established the European Digital Identity Framework, which introduces electronic attestations of attributes. Technically, these attestations involve auxiliary information to ensure their verifiability, leading to the generation, processing, and storage of more than just personal data. In particular, this auxiliary information contains globally unique information that can be misused as personal identifiers and poses risks to the privacy of individuals engaging in transactions using a European Digital Identity Wallet. As such, they create tension with the principle of data minimisation under the General Data Protection Regulation (GDPR). On the positive side, privacy-enhancing technologies, especially zeroknowledge proofs (ZKPs), are rapidly advancing and capable of addressing this tension. In this paper, we analyse the impact of the availability of these techniques on legal compatibility in the European electronic identification context and explore the tension field between the technical requirements of the digital identity wallet and the GDPR's data minimisation principle. We illustrate this dynamic through the specific examples of cryptographic data processed to ensure the authenticity and integrity of attributes' electronic attestations and shed light on how ZKPs can support legal compliance. This paper contributes to the privacy-oriented electronic identity management literature by providing policy and technical recommendations for achieving data minimisation compliance. We emphasise the necessity for regulatory bodies to enforce the use of advanced solutions like ZKPs to achieve unlinkability and unobservability. Accelerating the standardisation of these technologies is crucial for safeguarding user privacy and achieving seamless regulatory compliance in digital identity systems.

Keywords: Electronic attestation; Electronic identification; eIDAS; GDPR; Zeroknowledge proofs (search for similar items in EconPapers)
Date: 2025
References: Add references at CitEc
Citations:

Downloads: (external link)
https://www.econstor.eu/bitstream/10419/324162/1/1933553294.pdf (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:zbw:iprjir:324162

DOI: 10.14763/2025.3.2019

Access Statistics for this article

More articles in Internet Policy Review: Journal on Internet Regulation from Alexander von Humboldt Institute for Internet and Society (HIIG), Berlin
Bibliographic data for series maintained by ZBW - Leibniz Information Centre for Economics ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-08-23
Handle: RePEc:zbw:iprjir:324162