Jun 2026
This article was originally published in Decoding, our monthly briefing on the latest trends in government technology. Sign up here to receive future editions directly in your inbox.
.png)
Digital identity is moving from policy to infrastructure, and by the end of 2026, every EU member state must offer a certified digital identity wallet. The deadline is a legal obligation under eIDAS 2.0 and a concrete expression of Europe’s commitment to building sovereign digital infrastructure.
This issue of Decoding looks at the challenges and opportunities of harmonising digital identity systems across Europe, how the infrastructure of the EU Digital Identity (EUDI) Wallet still depends on platforms it does not control, and what that means for the EU’s digital sovereignty.
In this edition, you’ll read about:

By the end of 2026, all EU member states must offer a certified digital identity wallet to their citizens and businesses. Readiness trackers published by eIDeasy and Namirial show preparedness levels ranging from “Almost certain” to “Unlikely” across member states, indicating the launch will not be unified.
The Danish digital wallet AltID launched this June, making Denmark one of the first member states to make a wallet publicly available. It currently includes proof of age and a digital ID card, with more digital documentation to be added over time. The Danish Agency for Digitalisation recommends that Danish authorities issue certificates using AltID before developing their own apps or issuing their own digital certificates.
In parallel with the rollout of the EUDI Wallet, the conversation about digital sovereignty is becoming more mainstream. EUDI Wallets are public infrastructure intended to enable access to critical public services and to give citizens sovereign control over their digital data. However, deploying them on US-dominated mobile platforms creates a paradox: while the data remains locally governed and private, the underlying hardware and security infrastructure rely heavily on US Big Tech. Several member states have embedded Google or Apple’s “remote attestation” services directly into their wallet architecture, routing device verification through US-controlled systems.
On 13 June, the US Commerce Department issued an export control directive restricting access to Anthropic’s AI models, Claude Fable and Mythos, for all foreign nationals, overnight, without legislative process. This mechanism is the same one that governs app store distribution, and digital public infrastructure that can be switched off by a foreign government is not sovereign infrastructure.
Dependency is not a problem by default; we are all dependent on one another in a globalised world. But the global economy is not an evenly woven net; it has choke points where so much converges that whoever controls them can monitor or cut off flows as they see fit. Political scientists Henry Farrell and Abraham Newman call this weaponised interdependence. The US currently holds several such choke points simultaneously: cloud services, advanced chips, payment systems, and the most capable AI models. What happened on 13 June should be read in that light, as it signals that the distance between US Big Tech and the White House has nearly disappeared.
The EU’s Architecture Reference Framework currently recommends that governments use Google and Apple attestation in their wallet architecture. In light of recent events, it should instead highlight other available solutions and mandate open, hardware-based alternatives. At the moment, the concerns raised are limited to a narrow technical audience, but the EU Commission's Technological Sovereignty Package signals that a shift is underway.

A recent study by e-Boks and Copenhagen Economics has assessed whether a universal digital mailbox can be used as a shared digital infrastructure for essential digital communication. The study presents the structural challenges and opportunities associated with digital communication systems, including the societal costs of fragmented digital communication and the policy options that can support the development of a more universal, trusted and accessible digital communication infrastructure.
The white paper makes the case that the physical mailbox, serving as a universal access point for written communication, has not been replaced by a digital equivalent but rather by a fragmented model operating through parallel systems, including email, public-sector inboxes, and customer portals. Today, the sender determines the channel, format and availability while the recipient must navigate and monitor multiple platforms.
No country has fully replicated the universality of the physical mailbox, and fragmentation varies substantially between countries, with Denmark among the most universal systems. The study highlights that, although Denmark has established a universal mailbox, fragmentation persists due to the use of parallel digital communication channels. Against this background, the paper examines whether digital communication can replicate the universality once provided by physical letter exchange – and offers policymakers a framework to assess when a universal mailbox system is likely to emerge and endure.
→ Download the white paper here.

🇪🇺 EU: Commission signs US-led Pax Silica declaration on AI chip supply chains
The European Commission has, on behalf of the 27 EU countries, signed the Pax Silica initiative; a US-led non-binding declaration aimed at excluding China from AI-capable semiconductor supply chains. Several member states, including the Netherlands, Finland, and Sweden, have also signed bilaterally. The declaration has no concrete proposals, and its objectives remain unclear, but its political signal is significant: the EU is aligning with Washington on chip supply chains at the same time it is pushing for digital sovereignty and reducing dependence on US-controlled infrastructure. The EU needs Nvidia chips to build its AI compute infrastructure, while the US relies on Dutch ASML machines, Swedish Ericsson, and Finnish Nokia for chip manufacturing and 6G.
🇬🇧 UK: Digital identity trust framework reaches version 1.0
The UK’s Office for Digital Identities and Attributes published the final version 1.0 of the Digital Verification Services Trust Framework on 10 June, coming into force on 1 September 2026. The framework sets the rules and standards that digital identity services must meet to become certified, and is the foundation for the UK's broader digital ID ecosystem, including the planned GOV.UK Wallet. The UK’s approach is deliberately different from the EU’s: rather than a state-issued wallet, it relies on a certified private-sector ecosystem operating within a statutory framework.
🇸🇪 Sweden: Parliament passes law establishing state digital identity
The Swedish Riksdag has passed the Act on Government Electronic Identification, establishing Sverige-ID as a state-backed alternative to BankID. The voluntary eID will launch on 1 December 2026, meeting the highest eIDAS assurance level and enabling cross-border identification in line with the EUDI Wallet framework. With BankID holding a 99.7 per cent penetration rate among Sweden’s 10 million residents, the Riksbank has flagged single-operator dependency as a systemic risk, citing resilience, competition, and accessibility as the core rationale for a public alternative.
🇩🇪 Germany: Government passes Digital Identities Act
On 20 May, the German cabinet approved the Digital Identities Act, establishing the legal framework for Germany's EUDI Wallet. The wallet will allow citizens to identify themselves and store official documents on their smartphones, and will be recognised across the EU. The government is targeting a December 2026 launch, in line with the EU deadline, with full rollout starting in January 2027. Use will be voluntary, and both a state-issued wallet and privately developed alternatives will be permitted. The law still requires approval from the Bundestag and the Bundesrat.
🇫🇷 France: Intelligence agency replaces Palantir with domestic alternative
France’s domestic intelligence agency, the DGSI, will replace US firm Palantir with French company ChapsVision for large-scale data processing. Prime Minister Lecornu framed the decision in terms of sovereignty, citing the need to avoid dependence on partners “capable of turning off the access tap” to AI – a direct reference to Washington’s recent restrictions on foreign access to Anthropic’s models.
For questions, comments, or suggestions regarding this article, please contact Emilia Lindén Guíñez.
Enjoyed this edition of Decoding? Subscribe here to receive future insights on digital public services directly in your inbox.