- Access the pilots
- News & events
- Contact us
What is STORK?
STORK is a platform which allows people to use their national electronic ID to establish new e-relations with foreign electronic services, which may be operated by public or private service providers. STORK 2.0 extends the STORK platform by allowing legal persons (such as companies) to be represented by natural persons.
Does STORK create a European electronic identity or a European identity database?
No. STORK only interconnects national infrastructures and allows you to use national electronic identities to identify yourself towards any services that have chosen to use STORK. It does not create European electronic identities or European identity databases; it only ensures that your national electronic identity (if you have one) can be used whenever you want to, independent of national borders. You could compare it to your driver’s license: it is issued in your home country, but still allows you to drive your car across the EU. STORK aims to ensure that your eID has that same option.
Does STORK oblige me to obtain a STORK compliant electronic identity if I don’t want one?
No, STORK does not oblige citizens or businesses to have an electronic identity such as an electronic identity card or mobile phone eID. To use STORK supported services, you would of course need to have an electronic identity that’s supported by the STORK infrastructure, but it is up to you (or your country’s national laws) to decide whether you will get any electronic identity. This is the principle of choice: STORK only creates new possibilities, not new obligations.
Does STORK require countries to put in place national identity databases?
No, STORK does not impact national identity databases. STORK has been built to also support decentralized identity management systems, or even private sector operated identity systems.
Does STORK oblige me to identify myself on the Internet? Isn’t anonymity important?
You are never obliged to use STORK, and STORK does not require you to identify yourself when using the Internet. STORK does not impact your rights to anonymity. You can use STORK if and when you want to.
Isn’t it risky to require all citizens to have a single electronic identity? Shouldn’t I be able to have multiple electronic identities that I can keep completely separate?
STORK does not require citizens to have one single electronic identity. Each country decides for itself how it wants to address electronic identities within its own borders, and STORK does not impact this; it only sets up a trustworthy interoperability layer. Countries that support multiple distinct electronic identities for their citizens are free to do so, and STORK supports and respects this choice. It does not link those identities together in any way. It merely ensures that data sent via the STORK infrastructure is trustworthy. Thus, countries are still free to set their own policies on multiple identities.
Can STORK send my identity information to other countries or to companies without me knowing about it?
No. STORK works only and exclusively on the basis of your consent: you can choose if and when you identify yourself via STORK, and only you can authorize the sending of any identity information. Without your consent, STORK cannot do anything.
How can I know what information STORK will be sending when I give my authorization?
STORK has been built to explicitly tell you which information will be sent before sending anything. In fact, STORK cannot send identity information to anyone except you: after STORK retrieves your identity information, it sends it back to you, and you then decide whether you want to send it to any service provider in another country. If you changed your mind or are unsure, you can simply decide not to send it at any time.
Is it true that STORK sets up a network of national identity systems that can trace any use I make of STORK? Isn’t that a big privacy threat, since those servers can track everything I do when I use STORK?
STORK implementation varies from country to country: some have set up a national identification portal, whereas others rely on decentralized software. Countries that use a national identification portal only log usage data in an encrypted format. They cannot keep track of your identity information as such (such as your name, address, etc.), but only keep session data so that they can help you take action in case anyone abuses your identity information. This logging process is minimized to ensure that as little information as possible is logged, thus safeguarding your privacy. No personal data is logged during any transaction, but a so-called ‘hash value’ is stored, which can be used – only with the cooperation of you and the service provider – to determine later on if your data was transferred correctly. Other data, like date and time of the transaction, are stored without hashing. All logs are encrypted to ensure they cannot be abused.
Does that mean that those national identification portals can log which service providers I use, so that they can profile my behaviour?
Using identification portals makes it conceptually possible for your own national portal to link transactions of a single electronic identity together. However, STORK is designed so that no personal data is logged by the portals as noted above, so that the operators cannot profile you on the basis of your usage of the STORK infrastructure.
Does STORK require unique identification numbers? I don’t want to have any unique identification number assigned to me; they can be used to track my behaviour and link my transactions together!
STORK can generate unique identification numbers per session if countries require this, so that multiple sessions cannot be linked when this is inappropriate. This policy is determined on a country per country basis: if your country has strict rules on unique identification numbers (or considers them to be illegal altogether), then STORK will support this policy as well. In this way, applicable rules in your country will always be followed.
STORK doesn’t seem to support minimal data disclosure as well as other electronic identification projects. If I have to prove that I’m an adult, the system should only reveal that information, and not my name, address, etc.
Actually, STORK supports minimal data disclosure as well: it supports identification services that only require you to confirm e.g. whether you are over 18 or whether you have a particular nationality without revealing any further information on you. Service providers that use STORK are already legally required to ask only for the minimal amount of data that they need under European data protection rules. As explained above, you are also shown which data will be transferred, and you can refuse any requests for information that you believe to be excessive. In that respect, STORK is a significant improvement over many strictly national systems that reveal an entire dataset by default. Finally, countries can choose to control which service providers they support within their country, thus taking a stronger hand in supervising STORK use if they consider this to be necessary.
Are there any actual security requirements? How do I know all STORK processes are safe?
STORK has implemented security guidelines and requirements that all countries are required to adhere to. A Working Group continuously reviews these rules and ensures that they are applied nationally. Furthermore, since STORK infrastructure is established within Europe, countries are required to comply with European data protection rules, which include requirements to implement appropriate security measures.
Does STORK focus on identification or authentication? What’s the practical difference?
Identification aims to answer the question of who you are. Authentication on the other hand aims to verify whether the claims you’re making are true, without necessarily identifying you. To use a practical example: if you want to register yourself as a new citizen in a commune, you will have to show who you are (identification). On the other hand, if you need to prove that you are an adult, it is sufficient to authenticate the fact that your age is over 18 (authentication); it is not necessary to reveal exactly who you are (identification) in this case.
STORK can support both functions, as described above. This ensures that no excessive identity information is revealed.
More formally, ‘electronic identification’ can be defined as the process of using person identification data in electronic form unambiguously representing a natural or legal person; and ‘authentication’ can be defined as an electronic process that allows the validation of the electronic identification of a natural or legal person; or of the origin and integrity of an electronic data. See the definitions of the Proposal for a Regulation on electronic identification and trust services for electronic transactions in the internal market here.
What about transparency? How can I know what STORK does or how it works?
STORK outputs (including security requirements) are published on its website. The software is open source and published at the JoinUp page for STORK, so anyone can inspect what the infrastructure does. In this way, you can see exactly what the processes and requirements are. STORK has built-in support for any interested parties via the Member States Reference Group and the Industrial Monitoring Group, allowing you to engage even closer with ongoing development work. Finally, as noted above, at the transaction level STORK asks for your permission at every step of an identification process, revealing precisely what identity information will be revealed and to whom. In this way, transparency is optimally ensured.
What data does STORK log about me? Can I access it or delete it?
STORK does not log any information about you; there is no centralised infrastructure where any information could be logged. The only logs are kept at the national systems that you choose to use, and as noted above, these logs do not contain any identity information about you. They only aim to ensure that transaction data is logged in an encrypted format, so that action can be taken if any identity information was misused.
If my transactions are logged, then couldn’t my behaviour be traced whenever I use STORK?
You could be traced when you choose to use STORK provided that there is cooperation between a service provider and yourself. This is necessary to ensure that errors or cases of fraud can be detected; STORK is after all a platform that aims to provide reliable identity information to service providers whenever users decide they want to do this. However, without the cooperation of the service provider and yourself, the reference implementation as created by the STORK project is not designed to trace your activities. Member States and service providers can implement the STORK solution (including logs) in accordance with their business needs and the applicable national legal framework.
Is there any independent review mechanism? Is STORK supervised in any way?
Yes. STORK is developed and updated in continuous interaction with the European Article 29 Working Party, which is a group containing representatives of national data protection authorities. Furthermore, members of STORK are subject to the supervision of their own data protection authorities at the national level, who can intervene if you have any complaints.
Who is governing STORK? Who is responsible for it?
STORK is a pilot project carried out by 19 EU/EEA Member States. Its purpose was to gain practical experience in real applications to see where issues on cross-border electronic identification arise, and to explore how they can be solved. This experience was also helpful in the ongoing preparation of a European Regulation on electronic identification and trust services. It is expected that this Regulation will lead a shared responsibility model, where Member States remain responsible for their electronic identity system, and where the European Commission is responsible for coordinating the efforts of setting the standards that Member States have to fulfil to maintain high levels of security and data protection.
What if I think that my data has been misused? Where can I complain?
How can I contact STORK if I have further questions or issues?
We suggest using the "Contact Us" form at the STORK 2.0 Website. This allows us to route the question to the relevant experts within the project.