Tag - Digital Identity

Concentration of Power in Swiss E-ID
Switzerland’s federalist tradition delegates significant autonomy to its 26 cantons, allowing them to tailor policies and services to local needs. The introduction of a nationwide electronic identity (e-ID) system, however, represents a marked shift in digital governance: by vesting authority over identity issuance and verification in the federal state, the new e-ID law centralizes power and diminishes cantonal prerogatives. While a unified e-ID promises interoperability and enhanced security, the concentration of competence at the Confederation level undermines subsidiarity, stifles local innovation, and risks a democratic deficit in a system historically grounded in cantonal and people’s self-determination. Swiss Federalism and Cantonal Autonomy Under Article 3 of the Swiss Constitution, all future powers belong to the cantons, unless the Swiss people and the cantons decide, by constitutional amendment, that they shall be attributed to the federation. This principle enshrines the subsidiarity norm: matters best handled locally remain within cantonal competence, ensuring policies reflect regional languages, legal traditions, and administrative capacities. In practice, cantons exercise broad authority over education, healthcare, policing, and civil registers and identity documents, areas where proximity to citizens fosters trust and responsiveness. The E-ID Law and the Centralization of Digital Identity On December 20, 2024, the Swiss Federal Assembly passed the Federal Act on Electronic Identity Credentials and Other Electronic Credentials, establishing a state-recognised e-ID to be rolled out by 2026. Unlike earlier, canton-driven pilots, the new scheme mandates that all public authorities—confederation, cantons, and municipalities—accept the federal e-ID alongside physical ID for electronic identification purposes. While private providers may operate wallets, the Confederation retains exclusive authority over the trust framework, credential schemas, and revocation registries. Consequently, cantonal solutions will be superseded by a one-size-fits-all model dictated by federal technical and policy choices. Erosion of Subsidiarity and Local Tailoring By reallocating identity-management powers from cantons to the federal state, the e-ID law breaches the subsidiarity ethos. Cantonal administrations lose autonomy over design and implementation—functions they have long performed in tandem with local stakeholders. This top-down approach risks producing a monolithic system that may not align with linguistic and procedural variations across cantons. For instance, user interface elements or data-disclosure workflows optimized for German-speaking urban centres may prove cumbersome in rural, French- or Italian-speaking cantons. Hindering Innovation and Experimentation Cantons have historically acted as laboratories of democracy, piloting digital services—such as e-voting, local health portals, and municipal e-administration platforms—before scaling them nationally. Centralizing identity issuance under the Confederation risks stifling this dynamic: any significant alteration or enhancement to the e-ID framework will require federal approval, elongating development cycles and dampening the incentive for localized experimentation. Moreover, private-sector innovators that previously partnered with individual cantons face higher barriers: they must navigate federal procurement processes and standardized certification regimes, reducing flexibility and increasing costs. Complexity, Incoherence, and Privacy Concerns Centralized identity provisioning introduces its own technical pitfalls. A major critique of a state- run, single identity provider is that no central actor can serve all user groups coherently—voluntary adoption means some citizens will decline the e-ID, necessitating parallel systems and eroding transparency. Services catering to non-Swiss or partially registered residents would require separate identity providers, creating confusion and administrative overhead. Furthermore, having the Confederation mediate every authentication event concentrates sensitive metadata—access logs, usage patterns, and verification requests—within a single national database, heightening the risk of mass surveillance. Furthermore, the notion of a single identity gateway also creates a tempting target for adversaries: rather than spreading their efforts across thousands of sites and services, attackers can focus on subverting one system to harvest credentials en masse. A breach of the central provider—even a transient outage or misconfiguration—could effectively lock every user out of their online accounts, from banking and healthcare to social media and e-government services. Worse yet, such concentration makes it trivial to compile comprehensive activity logs, enabling sophisticated profiling, unsolicited marketing, or politically motivated surveillance at a scale previously impossible. Phishing campaigns would only need to mimic one login flow, increasing their success rate and reducing the cognitive load on the victim. And because the e-ID would be used ubiquitously, there’d be no “dark spaces” left for whistleblowers, dissidents, or vulnerable populations to maintain anonymity when they really need it. In short, replacing the polycentric patchwork of today’s digital identities with a single monolithic system risks undermining both individual security and societal freedoms, trading fragmentation for fragility and opacity. Democratic Accountability and the Referendum Safeguard Switzerland’s direct-democracy mechanisms offer a check against unilateral centralization: opponents of the e-ID law have gathered sufficient signatures to force a nationwide referendum, likely scheduled for autumn 2025. Yet, in the interim, cantonal administrations must adapt to the new federal framework, incurring integration costs and reengineering existing digital processes. If the referendum overturns the law, this transitional burden will represent wasted resources and damaged trust between the Confederation and cantons. Conclusion The e-ID law exemplifies the tension between the efficiencies of a centralized digital infrastructure and the principles of Swiss federalism. While a unified identity system may streamline cross-border and inter-cantonal digital services, the shift of power from cantons to the Confederation compromises subsidiarity, curtails local innovation, and risks democratic disconnect. As Switzerland navigates its referendum, policymakers should consider hybrid approaches: granting cantons a participatory role in governance bodies, enabling localized interface customization, and ensuring interoperability standards rather than monolithic platforms. Such measures could preserve the dynamism of cantonal digital experimentation while achieving the interoperability and security goals that underpin a national e-ID. The post Concentration of Power in Swiss E-ID appeared first on ISOC Switzerland Chapter.
May 27, 2025 / ISOC Switzerland Chapter