Alan Kelly (Tipperary North, Labour)
Link to this: Individually | In context | Oireachtas source

Apologies have been received from Deputies Joanna Byrne and Brian Brennan. Today's meeting has been convened on the topic of consideration of EU COM (2025) 838. I welcome from the Department of Culture, Communications and Sport Mr. Eamonn Confrey, principal officer, electronic communications policy and regulation; Ms Rachel O'Neill, assistant principal officer, electronic communications, policy and regulation; and Ms Jennie McBride, assistant principal officer, electronic communications policy and regulation.

The format of the meeting is that I will invite the Department to deliver an opening statement, which is limited to seven minutes. That will be followed by questions and answers and the statement will be published on our webpage.

Before we move to today's discussion, I will clarify some limitations in relation to parliamentary privilege and the practice of the Houses as regards references witnesses make to other persons in their evidence. The evidence of witnesses physically present or who give evidence from within the parliamentary precincts is protected pursuant to both the Constitution and statute by absolute privilege in respect of the presentations they make to this committee. This means they have an absolute defence against any defamation action for anything they say at the meeting. However, they are expected not to abuse this privilege and it is my duty as Chair to ensure this privilege is not abused. Therefore, if their statements are potentially defamatory in relation to an identifiable person or entity, they will be directed to discontinue their remarks. It is imperative that they comply with any such direction.

Members are reminded of the long-standing parliamentary practice to the effect that they should not comment on, criticise or make charges against a person outside the Houses or an official, either by name or in such a way as to make him or her identifiable.

I now invite Mr. Confrey to deliver his opening statement.

Mr. Eamonn Confrey:

I thank the committee for the opportunity to present on the European business wallet regulation, which is being negotiated at European level at present. I am principal officer at the electronic communications policy and regulation section in the Department of Culture, Communications and Sport. I am joined today by Ms Rachel O’Neill and Ms Jennie McBride who are both assistant principal officers on my team.

The European business wallet is one of the key deliverables of the digital package and is intended to address long-standing fragmentation in the way businesses identify themselves, share credentials and interact with public administrations and other economic operators across the EU. The wallet is designed to be accessible to businesses of all sizes, including SMEs and microenterprises, as well as public bodies, with the overall aim of modernising and simplifying economic activities within the Single Market. It will be founded on four core principles, namely, seamless interoperability, data sovereignty, security by design and efficiency for all. We will get into some of the detail around that a little later.

As regards implications for Ireland, the business wallet proposal has the potential to offer Irish businesses a simplified method to transact and conduct trade across the European Union. It is intended to support the development of Ireland’s digital economy by enabling secure online interactions and it aims to provide a range of benefits across the public and private sectors. Using the wallet, Irish businesses will be able to simplify cross-border trade; speed up customer due diligence, such as know your customer, KYC, and know your business, KYB, processes; use trusted digital signatures and verified data to reduce the risk of identity fraud and simplify compliance; and support the once-only principle of simplification, allowing businesses to streamline how they interact with public bodies.

Turning to next steps, the European business wallet has been in negotiation under the Danish and Cypriot Presidencies through the telecommunications working party since December 2025. It is a key priority for the Cypriot Presidency to agree a general approach at the formal telecoms Council in Luxembourg by June. If a general approach is achieved by Cyprus, Ireland will then have to negotiate, through trilogues with the European Commission, European Council and the European Parliament, to agree a final text that can be published in the Official Journal of the European Union. Ireland has been generally supportive of the proposals for a digital wallet.

Given the horizontal nature of this file, our Department is working collaboratively with our colleagues in the Departments of Finance, public expenditure and enterprise, along with some of the key agencies with a future role in this, namely, the Companies Registration Office and the Revenue Commissioners, to ensure the final proposal is workable and can be seamlessly implemented in an Irish context.

The business wallet is designed to facilitate businesses of all shapes and sizes to securely and efficiently transact with customers, other businesses and governments and will be a tangible example of the digital simplification agenda being driven at European level by the Commission.

We have prepared a short slide presentation and my colleague, Ms Rachel O'Neill, will be happy to briefly take the committee through the key points. Otherwise, I look forward to addressing any questions members of the committee might have.

Ms Rachel O'Neill:

I have been the person in the Department looking at this proposal, analysing it and taking it through negotiations. Basically, the EU strategic agenda between 2024 and 2029 looks for an ambitious reduction and simplification to reduce bureaucratic and regulatory burdens and move to a more digitalised version of administrative procedures. We have seen a variety of proposals in this area, particularly around the digital simplification package for AI, GDPR and data. The European business wallet proposal is to complement that. Put simply, it is a digital solution that businesses can use to securely share and sign documents, prove their identity through credentials that are based on what are called authentic public sources, basically a registry such as the CRO's registry for businesses or tax clearance certificates, for example. The aim of this is to reduce fragmentation across the EU and to allow businesses to operate more easily within the EU.

As Mr. Confrey mentioned, there are four key features, namely, seamless interoperability, data sovereignty, security by design and efficiency. Seamless interoperability means that this wallet should work across the Union and it will be built to standards that are agreed by member states. It ensures that the wallet can interact with other wallets across the Union and make things as simple as possible. It should be noted here that member states are not asked to build their own business wallet. The Commission expects that there will be ones provided by the market, essentially, but they will all have to be built to the same technical standards. For data sovereignty, this means that the owner of the wallet shares the data with who they want to. It is data minimisation and complies with GDPR.

Security by design means that it is both cyber secure and secure in a data protection capacity. Efficiency just means the reduction in administration and regulatory burdens, mostly for SMEs. The wallet can check the identity of others' wallets and immediately improve their own; instantly create, store and share documents; digitally sign, time-stamp or seal documents; delegate somebody to act in a legal capacity on behalf of the business; communicate with other businesses and public administrations; complete actions remotely; communicate across borders and access data at any time. As the committee can see, it is basically to reduce fragmentation. One of the main-use cases given by the Commission is that a business could onboard its in-house legal team and delegate it to perform legal actions through a business wallet, and it can then sign documents it may need to in a capacity for the business. It reduces in-person requirements and makes things easier.

The key thing here is that there are two different wallets currently. There is the citizen wallet, which is looked after under the eIDAS regulation, and there is the business wallet. They are built on similar technical standards but the audiences are different. The business wallet is aimed at legal entities, public bodies, companies, sole traders, organisations, and the citizen wallet clearly is just for citizens. They both have similar capacities in that they are privacy preserving, have voluntary usage and selective disclosure. A business does not have to use the business wallet but a public sector body must be able to perform the actions that a business wallet asks for, otherwise it will have to have its own. The key thing to get across is that the business wallet is purely for corporate entities and the citizen wallet is for citizens.

The slide on display is just a quick timeline. We anticipate that the regulation will be put into the Official Journal of the European Union in early 2027 but will not take full effect until 2030 at current negotiation times. The key intention for the business wallet is to increase the speed between business-to-business interactions and business-to-government interactions. A business that needs to do some kind of EU reporting could do so through the wallet to that European institution. The whole idea is that it is secure and quicker. The aim essentially is to reduce regulatory burdens across the EU. It will make it easier for someone to open a branch of a business, say in Germany, by having all attestations and documents ready to go and to be exchanged. That is essentially the business wallet, so I am happy to take any questions.

Alan Kelly (Tipperary North, Labour)
Link to this: Individually | In context | Oireachtas source

This is interesting in many different ways. I used to be an IT manager. We will now take questions from members.

Evanne Ní Chuilinn (Fine Gael)
Link to this: Individually | In context | Oireachtas source

I was thinking about the business wallet and the cybersecurity piece, particularly in the business-to-government interactions. After what we saw with the HSE breach in 2021 and the damage done, how much more secure are public bodies now and how ready are they to deal with that data and secure it in the context of the business wallet when it comes into play?

Mr. Eamonn Confrey:

In terms of cybersecurity, there is a lot of European regulation such as the network and information systems directive, NIS2. Public bodies are now mandated to have much more detailed plans in place and ability to respond to incidents and all of that at a general level. While that is being led out by our colleagues in the Department of justice, it will apply across the various different sectors.

The business wallet will be built on a common architecture in terms of its technical specifications. Our colleagues in the Office of the Government Chief Information Office, as part of the Department of public expenditure, will be building the systems to support it. That will be under common standards and technical specifications being adopted at European level. What is called the comitology, essentially those standards for the citizen wallet that Ms O'Neill mentioned, are still being negotiated. As we outlined in terms of the business wallet, once the proposal is formally published, there will be about a two-year timeline to make sure that the technical standards supporting the business wallet will be negotiated and again, there will be those common standards. In sum, there will be a high level of encryption and multifactor authentication to ensure that only designated users with the necessary clearance will be able to engage in terms of the wallet. As the committee will appreciate, the wallet will contain unique business identifiers to that business, whether that be VAT registration or company registration. Clearly, that is sensitive information which we want to ensure is secure.

Evanne Ní Chuilinn (Fine Gael)
Link to this: Individually | In context | Oireachtas source

Is there a difference between how ready businesses are compared to State bodies? In some of the literature we got, State bodies were said to be prime candidates for malicious actors just because of the amount of data. Are businesses better set up at the moment than State bodies? Do State bodies have a bit of catching up to do? Why are they more vulnerable?

Ms Rachel O'Neill:

The reason is the data they contain. We cannot speak about the readiness of every business. It is also important to remember that the wallet is voluntary for businesses to use. If a business feels it has a more secure platform it does not have to use the business wallet. The onus is more on the public sector bodies. As Mr. Confrey alluded to, this proposal has to align with NIS2. Those public sector bodies are already under those cybersecurity requirements. One of the key things in the business wallet is what is called a secure communication channel. This will allow the business to communicate and is built to extremely specific standards. It is basically a trust service and has to reach extremely high levels of security and standards. There is an assurance there and the fact that it is built to a common architectural framework is also important. The whole idea is that this is secure and trusted for businesses to use.

Evanne Ní Chuilinn (Fine Gael)
Link to this: Individually | In context | Oireachtas source

Also, if it is voluntary that immediately reduces the risk, if businesses are looking at it on paper. Yes, I get it now. For smaller businesses is there a cost to adopting the digital wallet and would that turn businesses off the idea?

Ms Rachel O'Neill:

That is still being worked out.

Mr. Eamonn Confrey:

We are broadly well positioned in terms of our level of digital maturity. There is a good degree of consumer adoption of digital payments and all of that so people are generally familiar, specifically around the costs. We can expect initial investment costs for businesses. That would be things like the IT systems, the software, the databases, and training and stuff that they will have to do. It is fair to say savings will be garnered from using the wallet, because as we outlined, it will reduce in-person requirements.

People will be able to authenticate their seal or whatever electronically. It would be single over the term. Those costs would be outweighed by the savings that you would be able to achieve.

Evanne Ní Chuilinn (Fine Gael)
Link to this: Individually | In context | Oireachtas source

Obviously it is not voluntary for State bodies. What is the timeframe? Do they have 24 months to get up to speed?

Ms Rachel O'Neill:

The final requirements are still being negotiated, but we anticipate that if the Cypriot Presidency gets an agreed position between the Council on a general approach, we would then be in the chair for the trilogues with the European Parliament and Commission. There would then be a final text. We estimate that would be published in early 2027, depending on whether the trilogues go into the Lithuanian Presidency. From then, there is about a year for the comitology, where all the member states come together with the Commission and iron out those technical standards. Once those are agreed, they have to be published in the official journal, and then there are 24 months for public sector bodies to get ready. We are estimating roughly early 2030 at the moment.

Evanne Ní Chuilinn (Fine Gael)
Link to this: Individually | In context | Oireachtas source

So it is two years after all that admin is done.

Ms Rachel O'Neill:

Yes.

Evanne Ní Chuilinn (Fine Gael)
Link to this: Individually | In context | Oireachtas source

Okay. Grand. I thank the witnesses.

Sinéad Gibney (Dublin Rathdown, Social Democrats)
Link to this: Individually | In context | Oireachtas source

I thank the witnesses for the information. It is helpful. To build immediately on it, it is helpful to hear that timeline, because I was also under the impression that the 24-month deadline was for implementation, but it is post that. That is a little bit of a relief. I have concerns about it overall, however. I have a bit of an allergic reaction to the word "simplification" at the moment. It seems to be absolutely valid that small to medium businesses are seeing ways in which they are required to duplicate compliance mechanisms and submit documentation under multiple directives, and I get that there is a need for simplification. I fully recognise that. However, I have concerns that that simplification and harmonisation agenda has been hijacked by big tech for deregulation purposes. Even some of the wording in the witnesses' slides about relieving that regulatory burden and that kind of message is problematic for me at a time when we are seeing issues such as that with Grok at the beginning of this year. I do not buy that we have an overburdensome regulatory framework, because the issue with Grok happened and we had no recourse on it.

This is an interesting time to discuss this in the wake of the Mythos announcement from Anthropic in the last couple of weeks. Claude Mythos is technology that exists that we know is going to increase cybersecurity risks. Just a few hours ago, The Guardian reported that that technology has been leaked, so we now know that there is technology in the hands of rogue actors that can not just threaten but implement cybersecurity attacks. My concern is that I do not think we are ready for this. Therefore, I appreciate that timeline being laid out very clearly, and that the discussions Ms O'Neill mentioned are in hand and that we will be a participating party. My message is very much that we go in with a sceptical and cybersecurity-aware head on our shoulders, push back against deregulation and make sure that we are actually ready to implement these, because as far as I can tell, these are incredibly sensitive business documents. The witnesses mentioned the concept whereby legal processes can be conducted online. I know lawyers. They are not going to like that idea much, and rightly so, because it speaks to the governance of how any business is run if the in-person element is removed and online software is created that allows for some of that to be done by AI.

Having said all that, I get it and I like that things being online can bring efficiency and development. Could I get the witnesses' reactions to Mythos and Anthropic? Do they have concerns about that? Are they familiar with it?

Mr. Eamonn Confrey:

Broadly, from what has come through from the media. AI as a concept and its regulation is being negotiated, as I am sure the Deputy is aware, as part of the broader digital omnibus and simplification packages. Our colleagues in the Department of enterprise are leading out on that. As I was describing with regard to the network information security directive, it will be a federated approach across all the different sectors. We, like other Departments, are analysing where the AI Act is at the moment, particularly for high-risk use cases. I absolutely understand the concerns for citizens and businesses with regard to deploying these tools, but as ever, for every bad or negative story you may hear in respect of AI, there are also many good uses that it can hopefully be deployed for.

On the issue of the wallet, whether it is the citizen wallet or business wallet, it is voluntary. There will be no mandatory requirements.

Sinéad Gibney (Dublin Rathdown, Social Democrats)
Link to this: Individually | In context | Oireachtas source

I know Mr. Confrey mentioned the voluntary system, but he is saying that public sector bodies have to use it and to have certain services available to it.

Ms Rachel O'Neill:

They have to be able to demonstrate that they can carry out the four main aspects of it, which are accepting documents, signing and sealing documents, and proving identification. If they already have a technical solution that allows for that, they do not have to take the wallet.

Sinéad Gibney (Dublin Rathdown, Social Democrats)
Link to this: Individually | In context | Oireachtas source

I know the witnesses are saying it is voluntary but will it become difficult for a business to operate without it in 2030? Do they see what I mean? I know they are saying it is voluntary but it is like online-first versus online-only. There are public services that are supposed to be online-first but it is very hard for people who are not digitally literate as citizens in this country and world to engage with public services and participate in society, and increasingly so. Is this the same for businesses? I ask that because we have indigenous craft businesses, for example, tourism businesses and so many different sectors where there is not the digital literacy to engage with it at that level. The witnesses mentioned costs. The costs for small to medium businesses should be a huge question because we are getting so much feedback about the additional costs that those small businesses are having to absorb, with the idea that they have to develop the technologies or the capability to use relevant technologies. I have concerns that this might be named as voluntary but essentially create a system whereby it becomes completely obligatory.

Mr. Eamonn Confrey:

At this moment, there is no discussion at European level that I am aware of to say it will be wallet-only at a point in time. It is designed to give that option for businesses.

Sinéad Gibney (Dublin Rathdown, Social Democrats)
Link to this: Individually | In context | Oireachtas source

If a public sector body such as Revenue adopts this, which it will have to do under the directive, can a business engaging with Revenue still opt for non-digital?

Mr. Eamonn Confrey:

Yes.

Sinéad Gibney (Dublin Rathdown, Social Democrats)
Link to this: Individually | In context | Oireachtas source

That is helpful. Mr. Confrey mentioned the good versus the bad. I get what he is saying, that for every bad case there is a good one, but the issue is that the risks for the bad cases are so devastating that they cannot be dismissed. It cannot be the case that we have to take the good with the bad. We have to go at it with that scepticism. Mr. Confrey mentioned the governance of the AI space. At this committee and the AI committee, I have put forward my concerns multiple times that we are developing our governance both at domestic and European level for AI through an enterprise lens only. I said this yesterday in the committee and got academic feedback that they have the same concerns. We are setting up our AI office in the Department of enterprise. I am told that it will be popped out of the Department of enterprise. That is the language that was used. I do not know at what stage that will happen. Regardless, I have concerns, because the same thing happened with the Data Protection Commission and Coimisiún na Meán, where they were started in Departments and then moved out of those Departments. I have run a State agency. I was the chief commissioner and inaugural director of the Irish Human Rights and Equality Commission, which arguably enjoys the greatest independence of any State agency in the country. It is governed by the Paris Principles, a UN-accredited source.

If the office is established in a Department, it will be imbued with the values and expertise of that Department. The Department of enterprise is here to help businesses use AI. We are designing a regulatory framework, including a sandbox, with the same people who are advocating for businesses to gain in the areas of competitiveness, innovation and enterprise from AI being charged with building the structures to govern that. I see massive conflicts of interest here. Increasingly, other voices are joining mine in expressing that concern.

The witnesses mentioned NIS2, which is under the Department of justice. It is not there yet, by any stretch of the imagination. It has to happen at a pace that will match any ambition for an initiative like this. I have so many concerns. That governance is replicated at EU level too, where, for example, the EU AI Act is governed by a board on which there are representatives from member states comprising only officials from departments of enterprise and finance, yet the competence of that board is supposed to oversee the rights and protections of citizens affected by AI. They do not have the skills.

I am sorry. I went on a bit of a rant.

Alan Kelly (Tipperary North, Labour)
Link to this: Individually | In context | Oireachtas source

The Deputy is okay.

Micheál Carrigy (Longford-Westmeath, Fine Gael)
Link to this: Individually | In context | Oireachtas source

I welcome the witnesses. I work with An Post. I am a postmaster and deal with anti-money laundering legislation. I have a top-up card and must comply with data protection, etc. I cannot get my head fully around this matter. How will it help anti-money laundering compliance by companies such as An Post, or me, that deals with data? With business wallets, where will the data be stored? Is it being stored in Ireland?

Mr. Eamonn Confrey:

On anti-money laundering, the wallet, conceptually, will be designed in such a way that there will be a privacy feature to ensure that, for example, it is only the specific data that is required for a certain transaction. If I was trying to prove my VAT registration, then the wallet would only make that data available without revealing anything unnecessary or superfluous to that request. Take age verification as an example. Age verification will tell you what age I am but it will not necessarily disclose my date of birth. I must confess that I am not overly familiar with anti-money laundering but I suppose there will be very secure private data held within the wallet, which is expected as a business, on its company number, VAT registration and tax details in a context where the business would be transacting with another entity that is seeking a very specific piece of information for that particular transaction. The wallet will only disclose that information. Does my reply help to answer the Deputy's question?

Micheál Carrigy (Longford-Westmeath, Fine Gael)
Link to this: Individually | In context | Oireachtas source

Where will the data be stored?

Ms Rachel O'Neill:

The data is based on what is called authentic sources, so registries. For example, a company registration certificate is based on the database of the CRO. I presume that the data is stored here, but I am not completely familiar with it.

One of the interactions that the wallet will have is with the business register interconnection system, BRIS, and the beneficial ownership registers interconnection system, BORIS, which I believe are managed at a European level.

The wallets are not creating new data. They are just creating digital versions of already existing data and pulling from those databases.

Micheál Carrigy (Longford-Westmeath, Fine Gael)
Link to this: Individually | In context | Oireachtas source

Will the technology bring the information into one wallet or point and only use what is needed?

Ms Rachel O'Neill:

Yes.

Mr. Eamonn Confrey:

Yes.

Micheál Carrigy (Longford-Westmeath, Fine Gael)
Link to this: Individually | In context | Oireachtas source

I am sure everyone is aware of the recent breach in security experienced by the HSE.

Mr. Eamonn Confrey:

Yes.

Micheál Carrigy (Longford-Westmeath, Fine Gael)
Link to this: Individually | In context | Oireachtas source

There was a cost to that. Is this wallet secure? I presume the witnesses cannot answer that question either. Someone will always come up with a way of getting around something. What extra security features will be on this if all of this information is going to be at one point?

Mr. Eamonn Confrey:

I will answer in a couple of ways. At an individual level of data, the business wallet we are describing here today will be fully compliant with GDPR, so there will be that privacy by design feature as part of the wallet roll-out.

To answer the earlier questions on hacking, a very strong feature of the business wallet will be security by design. That means each wallet will be certified to a very high level of technical specification, which means it will include things like encryption and multifactor authentication. If a person wants to make a payment today, typically, an additional request will be sent to the person's phone to authenticate who is doing the transaction and that it is for an express purpose. There will be a high level of that. As Ms O'Neill has outlined, the databases that information will be pulled from will be secure in their own right, whether that is the Companies Registration Office or the Revenue Commissioners. There will be layers of security around this. It is not that this will be sat out in the cloud or whatever. It will pull from already verified secured sources.

There will be a lot of validation around the data and authentication to ensure that, say, Eamonn Confrey Enterprises is what I purport it to be and only my unique business identifiers will be transacted or made available.

Micheál Carrigy (Longford-Westmeath, Fine Gael)
Link to this: Individually | In context | Oireachtas source

How can that be verified?

Ms Rachel O'Neill:

What they are intending to create is a digital directory. Each user of a business wallet will get some kind of unique ID based off a business unique identifier that is already in existence within the European Union, or if the business does not have one, it will get a new number. That database is a way for users or providers of business wallets to check. Basically, it is like a digital address book to say a company exists. There is a proposal for a directory that can pull that data to ensure that there is some level of security. That they are who they say they are is probably a better way of putting it.

Micheál Carrigy (Longford-Westmeath, Fine Gael)
Link to this: Individually | In context | Oireachtas source

Until somebody finds a way of getting around it. No comment.

What are the future implications of the use of that? What other uses are envisaged? Can some of the compliance work or other work that businesses are doing now be taken away or lessened by using this technology?

Mr. Eamonn Confrey:

I will give some practical examples. First, it will reduce the need for in-person presentations. An obvious example is an in-person call or visit to the local tax office or similar.

Second, there is public procurement. In some cases, it can take 90 days before an award because of all of the documentation that is required. The expectation is that there would be pre-qualified credentials for procurement and automatic validation. That, I suppose, is designed to lead to faster contract awards and higher SME participation. It will reduce the amount of paperwork.

Third, the technology will mitigate the need for what are called "wet signatures", those being, handwritten signatures. They can be done and verified electronically, and authenticated electronically.

Micheál Carrigy (Longford-Westmeath, Fine Gael)
Link to this: Individually | In context | Oireachtas source

I can see the benefit for public procurement. With eTenders, people have to upload-----

Mr. Eamonn Confrey:

Waves of documents, yes.

Micheál Carrigy (Longford-Westmeath, Fine Gael)
Link to this: Individually | In context | Oireachtas source

Someone just has to type in the identifier of their business wallet and whatever information contained within it that is necessary is then pulled rather than the person having to-----

Mr. Eamonn Confrey:

Yes.

Micheál Carrigy (Longford-Westmeath, Fine Gael)
Link to this: Individually | In context | Oireachtas source

-----generate that and upload it, with someone going through it on the far side. I can definitely see how this can speed up public procurement.

Ms Jennie McBride:

As it is selective disclosure, only the data that needs to be disclosed is disclosed for each individual case.

Micheál Carrigy (Longford-Westmeath, Fine Gael)
Link to this: Individually | In context | Oireachtas source

I can see a positive from that point of view.

Alan Kelly (Tipperary North, Labour)
Link to this: Individually | In context | Oireachtas source

What stage is expected to be reached by the end of the Irish Presidency?

Mr. Eamonn Confrey:

As Ms O'Neill has outlined, if the Cypriots get to a general approach by June, the expectation is that we would then enter the trilogue stage, which is the Council, the Commission and the Parliament. We hope that the Parliament would have its position agreed around autumn. It would be tight to reach a general approach by Christmas, that is, the end of the Irish Presidency, but that is our expectation.

Alan Kelly (Tipperary North, Labour)
Link to this: Individually | In context | Oireachtas source

We will try to get to a general approach.

Mr. Eamonn Confrey:

Yes.

Ms Rachel O'Neill:

No, we are trying to get to a final agreement between the three.

Mr. Eamonn Confrey:

Sorry, excuse me.

Ms Rachel O'Neill:

Hopefully, it would then be published in the Official Journal later on.

Alan Kelly (Tipperary North, Labour)
Link to this: Individually | In context | Oireachtas source

Before I made the crazy decision to get involved in politics, I was an IT manager for a State body and I did European interoperability projects for what was then called Bord Fáilte and is now called Fáilte Ireland. I know how long such projects take, although the time is probably longer now since the world is much more complicated.

I get it that there are two different wallets. The citizen wallet, or whatever you want to call it, is much more out there. There is very little information about this available to people. Even googling it will provide a lot of European commentary but very little practical information. The timeline of 2030 is a bit advanced. From an architecture point of view, I am all into technical standards.

That is what I did for years. Who is actually building it at the moment?

Ms Rachel O'Neill:

Member states do not have to build their own. The Commission is hoping a provider will step in. At the moment there is-----

Alan Kelly (Tipperary North, Labour)
Link to this: Individually | In context | Oireachtas source

Member states do not have to build their own and the Commission is "hoping". What does that mean?

Ms Rachel O'Neill:

There is a pilot going on with the European digital wallet consortium. I think there is some Irish engagement in that by the private sector. There is a group currently working on developing a wallet which it hopes to have-----

Alan Kelly (Tipperary North, Labour)
Link to this: Individually | In context | Oireachtas source

Is that tendered for?

Ms Rachel O'Neill:

I do not know.

Mr. Eamonn Confrey:

As far as I know, it was based on the know your customer consortium. We mentioned that in terms of business but as regards its exact status, I am not sure.

Alan Kelly (Tipperary North, Labour)
Link to this: Individually | In context | Oireachtas source

Do we not have somebody on the group co-ordinating and doing the actual building of this from an Irish perspective?

Mr. Eamonn Confrey:

At a European level there are co-operation groups around digital identity. As regards the wallets, whether the citizens' wallet or business wallet we are discussing here, we work across a number of Departments. The Office of the Government Chief Information Officer, based in the Department of public expenditure, is working on this. It is the technical expert. It negotiates with other member states around the likes of the architecture framework I mentioned earlier, as well as standards and all of that, to ensure they are interoperable, secure and capable of being deployed in terms of wallets that will be rolled out.

Alan Kelly (Tipperary North, Labour)
Link to this: Individually | In context | Oireachtas source

I am all into this but I just think it has a long way to go. It is voluntary, so you do not have to do it as long as you meet other standards. I do not think that is going to work.

Mr. Eamonn Confrey:

In the Department of public expenditure, since the Government was established there has been much greater focus on digitalisation. Public service transformation is a central objective for the Department, in other words, to bring all of the public sector with it to digitalise as much as we can. I hope that will drive adoption. If the public sector can in some way lead out on that, one would hope-----

Alan Kelly (Tipperary North, Labour)
Link to this: Individually | In context | Oireachtas source

Is it planned that there will be interoperability between the business wallet and the citizens' wallet?

Ms Rachel O'Neill:

They are built on similar standards. eIDAS 2.0, which governs-----

Alan Kelly (Tipperary North, Labour)
Link to this: Individually | In context | Oireachtas source

It makes sense.

Ms Rachel O'Neill:

It has been mentioned that sole traders in particular should be able to have seamless interoperability between the citizens' wallet and the business wallet. There has to be interoperability between the two.

Alan Kelly (Tipperary North, Labour)
Link to this: Individually | In context | Oireachtas source

That is planned.

Ms Rachel O'Neill:

It is planned. It is my understanding that it is in the regulation.

Alan Kelly (Tipperary North, Labour)
Link to this: Individually | In context | Oireachtas source

Having listened and asked questions, I think our best approach is to bring the witnesses back in at the end of the EU Presidency. We will see where this is at then. It is not the Department's fault - I have been that soldier. The pace of this is not something the Department has control over. The interoperability, standards and all of that need to be set. There is a big milestone as regards the three relevant authorities agreeing it. Once that agreement is in place, we will have the Department in and get into the detail. There will probably be more public and business awareness of where this is going across Europe. We will leave it at that. We will talk to the witnesses again in about nine months. I thank them for coming because this is a very important topic and they have brought a greater awareness to what it entails.