European Digital Identity Wallet in Poland – industry calls for amendments to the draft law
Organisations representing the digital and new technology sector – the Digital Poland Association, the Polish Chamber of Information Technology and Telecommunications (PIIT), and the Polish Information Processing Society (PTI) – have submitted a joint position to the Ministry of Digital Affairs regarding the draft amendment to the Act on trust services and electronic identification. This regulation will be of key importance for the implementation of the European Digital Identity Wallet (EUDI Wallet) and the further development of digital services in Poland and across the European Union.
The signatories emphasise that the direction of the proposed changes should be assessed as important and necessary from the perspective of the development of the digital economy and the implementation of the eIDAS2 Regulation. At the same time, however, as representatives of the digital and new technology sector, they point out that the current draft requires substantial revisions to ensure that the potential of the new system is not limited already at the design stage.
Centralisation vs. a competitive market
In particular, the organisations highlight the adopted system model, which concentrates key competences largely within public administration. Combining the roles of regulator, infrastructure operator, and service provider within a single entity creates a risk of conflicts of interest and undermines the principle of independent oversight. In the industry’s view, such an approach may negatively affect trust in the entire digital identity ecosystem.
It is also noted that the draft does not create sufficient conditions for the development of a competitive and interoperable market for trust services. Limiting the role of qualified trust service providers and the lack of effective mechanisms for cooperation with the private sector may hinder the development of scalable solutions and slow down implementation. The organisations stress that the success of the European Digital Identity Wallet depends on the involvement of multiple market players and the ability to build services based on common standards and open architecture.
The industry also points to the risk of monopolisation of state infrastructure and the emergence of so-called implementation bottlenecks. According to the authors, experience from other areas of digitalisation shows that excessive centralisation may lead to reduced innovation, lower service quality, and increased exposure to operational and cybersecurity risks. In the context of digital identity – a particularly sensitive area – this is of fundamental importance.
Recommendations and the industry’s voice
The position also highlights the need to strengthen interoperability and ensure real mechanisms for market development, including broad participation of qualified trust service providers in the issuance of attribute attestations. According to the industry, without such an approach it will be difficult to achieve the necessary scale of adoption of the wallet in both public and private services.
“The European Digital Identity Wallet is a huge opportunity for Poland – both for citizens and for the economy. However, to fully unlock its potential, we need an open, interoperable model based on cooperation with the market. The law should define clear rules for the functioning of the system, rather than build a solution based on excessive centralisation,” said Michał Kanownik, President of the Digital Poland Association.
The industry stresses that the draft law should be supplemented with a clear separation of supervisory and operational functions, a departure from the default centralised model of issuing attribute attestations, and the introduction of mechanisms supporting dialogue with the market, standardisation, and interoperability. It is also crucial to establish transparent liability rules and ensure a level playing field for all participants in the ecosystem.
According to the organisations, the law should focus on setting stable legal frameworks and rules for system operation, while leaving room for technological development and market competition. Only such an approach will enable the creation of a modern, secure, and resilient trust services ecosystem aligned with European regulations and user needs.