Your digital identity is more important than you think 

Every click, every online purchase and every interaction on social media leaves a trace that, over time, builds or links to your digital identity. In the digital era we live in, the amount of personal information we share while browsing the internet is astonishing, often without being fully aware of it. This digital footprint not only defines our online presence but also shapes our online reputation. Managing this information is crucial, as it requires a delicate balance between the benefits of personal exposure and the inherent risks of digital life. 

What is the digital identity and how is it built? 

Digital identity is the set of data, in electronic format, that uniquely represents a natural or legal person. Associated with this identity is our digital footprint, that is, all the information we publish or provide through several online services: who we are, where we live, where we work, our hobbies, preferences, interests, photos, videos, and much more. This is how Spain’s National Cybersecurity Institute (INCIBE) defines digital identity. 

To empower citizens in this digital environment, the European Union is establishing a European Digital Identity Framework. The goal is to provide EU citizens and residents with a reliable, voluntary, user-controlled digital identity, recognized throughout the Union, that allows them to manage their data during online interactions. To this end, each Member State will provide at least one European Digital Identity Wallet (EUDI Wallet). 

Member States will ensure that the wallet is provided with a high level of security and that its use remains voluntary, without restricting access to public or private services for those who choose not to use it. 

Common risks and real threats 

Poor privacy management in the digital environment can have serious and often irreversible consequences. According to institutions like INCIBE, some of the most common risks include identity theft or impersonation, where criminals exploit exposed online information to make fraudulent purchases, open bank accounts, or even apply for credit in the victim’s name. 

Unconsented surveillance is also common, carried out by both companies and cybercriminals who collect and analyze personal data for profit or manipulation, often without our knowledge. 

In more extreme cases, this exposure can lead to extortion, harassment, or defamation, using private information to threaten or humiliate people on social media or other public channels. Misuse of personal data can also fuel discrimination based on gender, race, sexual orientation, ideology, physical condition, or economic status. 

Practices like sexting, although consensual at first, can turn against those involved when the content is shared without permission; the same applies to doxing, which involves publishing someone’s personal information online without consent, exposing them to a wide range of negative consequences. Finally, the mass collection of data through OSINT (Open Source Intelligence) tools enables highly personalized fraud: the more an attacker knows about their victim, the more believable the deception becomes. 

TrustED: enhancing privacy, security, and user control 

In this context, European initiatives like TrustED (TRUSTworthy Enabling Trustworthy European Data Spaces through Self-Sovereign Identity and Privacy Preserving Technologies) are essential. Led by Gradiant, TrustED aims to design and develop a robust method for managing self-sovereign identity and a suite of advanced privacy-enhancing technologies (PETs). 

TrustED focuses on enabling two key services: 

Firstly, the team is developing a scalable and reliable self-sovereign identity management service. This includes AI-based document validation methods, verification tools, and selective disclosure techniques based on zero-knowledge proofs (ZKPs). These functionalities will enable secure electronic identification, credential revocation, and the sharing of specific identity attributes, all while preserving user privacy. 

Secondly, the consortium is working on a trustworthy federated learning service, combined with various PETs, to enable privacy-preserving AI-based studies on isolated datasets. 

TrustED is committed to exceeding the privacy standards set by the General Data Protection Regulation (GDPR), the eIDAS Regulation, and the European Digital Identity Wallet (EUDI Wallet). 

Data-driven innovation holds great promise, from identifying disease causes to enabling identity attribute sharing for social or educational participation. However, compromised identity security and data leaks or misuse pose significant threats that could undermine these opportunities. Initiatives like TrustED are essential to address these challenges, giving citizens greater control over their digital identity and data. 

Most importantly, TrustED helps build public trust and encourages the widespread adoption of secure, privacy-respecting digital solutions. 

This project has received funding from the European Union’s Horizon Europe research and innovation programme under grant agreement No. 101168467