From what I understand with my limited amount of knowledge about laws:

Someone has an account with an ISP. They want to change their ISP, but don't want to lose all the data they have stored on the server. The onliest way to get this data out is to contact the ISP and then have a lengthy conversation on why you want your data out. Google does this with "google takeout", but I know a lot of ISP providers will simply cut off your email account when you switch to another ISP (therefore force you to stay with that particular ISP).

On the context of eID, to identify yourself before you can even use a "personalized" email account (or even a personalized nickname) is cause for concern. Similar to asking for ID before you can buy a sim card. Its all "to prevent terrorism", but it does not solve anything other than forcing people to use their real identity or using a system that does not require you to use a real ID. This will only lead to providers of services asking for identification, which leads to more data leaks (with rather sensitive information this time), and people will need to use their ID card to log in (instead of using their private username/password).

I think that the whole eID thing can be useful for shopping and identification purposes (for example when you want to open an account at the bank), but the way I see it is that they want to enable you to send your passport information to sites like Facebook and Amazon to "enhance" your experience and to keep trolls out. This on the other hand goes against the nature of "privacy", where you have the right to be anonymous.

If eID is used, I would treat it as a "passport", and base the laws around the usage + storage of the data retrieved from that passport. I remember that Belgium was using an eID card in the form of a SIM card, and that it could be used in place of an "age coin" when you want to buy a pack of sigarettes or beer from the vending machines. The other way that it can go is that you need that eID to "identify" yourself if you want to use certain services, like accessing facebook. That one is a more tricky one, since it will force people to think about how much private personal information they are sharing with those websites. And if that website forces you to "sign" a legal document before you can enter the website, then many people will wonder why.

Its a question that you need to ask to the privacy guru's: What are the privacy implications of using an electronic ID card that can be read online using a simple smart card reader?

On Mon, May 2, 2016 at 6:19 PM Gordon Lennox <gordon.lennox.13@gmail.com> wrote:
Then I suggest you -  and Patrik?  and others? - read what they say about such services.

At one point they write: “In particular, many citizens complain about difficulties in switching email providers”. This is in the context of transferring "personal and non-personal data”.

No, I don’t know what this is meant to imply. Somebody has a Yahoo account and wants to switch to Gmail? And take their (IMAP) archives with them and their e-mail address?

I have heard Commission officials in the past talk about making e-mail addresses portable like telephone numbers.

More importantly it is not always for the Commission to interpret any regulations: others do that. You cannot got back to the Commission - or Council or Parliament! - and ask what they really meant. So effort now to help get it right can pay off.

Happy reading!

Gordon

> On 02 May 2016, at 15:52, Julius ter Pelkwijk <pelkwijk@gmail.com> wrote:
>
> I do run e-mail services for third parties...