The end of regulatory conservatism
Since the 1980s, companies have gradually automated their processes without worrying too much about government intervention. There were deadlines to meet, of course. Processes that touched on taxation and other government matters often had to remain in the realm of paperwork.
This period of freedom without digital bans has created ecosystems of semi-automated physical and financial commercial supply chains, in stark contrast to the inclination of the public sector, which has held back on precautionary grounds and because of the deliberate nature of the political decision making.
Those who thought that this digital asynchronicity between businesses and governments would last forever have “got the finger in the eye”. It took governments time, but once proven that e-invoicing, for example, posed no audit risks, and instead could create significant tax collection benefits (if sufficiently parameterized by the authorities), regulatory conservatism quickly gave way to digital adventurism within States.
Challenges, but not only…
Forward-thinking business leaders must assess this tremendous opportunity in the race for digital transformation. In addition to the traditional list of public policy objectives (protecting vulnerable people, creating jobs, ensuring sustainable development, etc.), one must consider how the Covid-19 pandemic and the evolution of the geopolitical context have completed place the digitization of society, sovereignty and resilience as top political priorities.
The era of states that remained stuck in an awkward analogue world is now officially over, which means that the digital transformation of companies has become one of the parameters in a larger societal and political equation, aimed at establishing a digital social contract. entirely new holistic.
In the private sector, the future belongs to those who fully appreciate the challenges and opportunities that come with this new era. The challenges are obvious: companies must adapt in record time to a world where decisions have an impact on data and information systems. This means that almost all decisions are limited by a new generation of rights and obligations defined in hard law. States will work to root out fraud and evasion, enforce open legal frameworks and ubiquitous access, break down barriers to competition, and enforce ongoing data sharing with regulators charged with enforcing comply with these laws.
The central role of digital identity
This new digital social contract is at the center of the flurry of activity by authorities around the world to re-legislate on digital trust, starting with a complete overhaul of digital identity. By controlling identity in cyberspace, governments are laying the groundwork for a fairer and more resilient digital economy that combines modern concepts of permissions, decentralization, and user-controlled attribute disclosure to reconcile the dual objective of achieving transparent transactions between public and private sector stakeholders, on the one hand, and the rigid application of security perimeters, to confront the complex and evolving geopolitical and criminal challenges of our time, on the other hand .
In short, the key to enforcing the new digital social contract is a pervasive and robust digital identity for individuals, businesses and any other real or virtual object that must be identifiable to exist in a society governed by the rule of law. . The data attached to these identities and the processes by which this data and the corresponding rights or objects are owned, recorded, archived, accessed, transferred, deprecated, combined or destroyed, must be able to remain intact throughout their lifetime in order to give rise to applicability, legal certainty and compliance for all players in the digital economy.
Is Europe a pioneer of a global paradigm shift?
The proposal for a next iteration of the EU eIDAS regulation is a clear manifestation of a government’s desire to capitalize on the lessons learned from Covid-19 and the last decades of technological progress.
This EU directive builds on previous generations of trust services legislation, which has long been the preserve of a small group of security and privacy experts and which, until recently , found relatively few spontaneous applications in the private sector. Now, eIDAS may well become the cornerstone of an emerging new digital order, anchored in a borderless electronic identity wallet and associated digital “attributes”, which are expected to become ubiquitous in almost all online procedures, from paying at the cash register in the supermarket to voting in the elections.
In addition to revolutionizing digital identity, the next generation of eIDAS also offers a comprehensive suite of functions that essentially form an end-to-end uninterruptible chain of digitized processes – with enforceable rights and obligations from the generation and transmission of digital data up to their long-term archiving, through the provision of evidence. eIDAS will likely follow the General Data Protection Regulation (GDPR) by setting a standard that will influence most countries around the world. These two laws are therefore called upon, directly or indirectly, to become the beacons of a vast global framework of data governance – the yardstick by which the reliability of the actors of digital ecosystems will be measured, and the way in which the new geopolitical borders will be enforced as political alliances and conflicts open and close access to markets and resources.
Cradle-to-Grave Data Governance
Too few business leaders realize that the path to thriving in this new era of government-led digital transformation lies in how these services can work together to create chains of evidence and enterprise data governance. unprecedented strength.
When using the “qualified” version of these services, users benefit from a level of legal certainty and enforceability that can only be compared to having each of the companies’ notarized business documents stored in a bank safe. The new digital social contract means that bona fide businesses have no choice but to align themselves with the trust and security standards that governments set for their companies and their own services. Digital ecosystems will be imbued with concepts from the public sphere, with governments requiring processes to be able to share real-time data and continuously enforce the law, and know-your-customer rules mandating strong authentication for each digital transaction.
A specific area that companies need to pay attention to in this context is the evidentiary value of their records. It is no coincidence that the text proposed for eIDAS#2 introduces for the first time archiving as a supervised trust service. No company can afford to let governments collect colossal amounts of authenticated data from their processes and not back it up with equally strong proof of the integrity and authenticity of their historical data.
Next-generation trust attributes are semantic
Following state regulatory standards and capabilities goes beyond the core legacy trust concepts of integrity, authenticity, privacy, confidentiality, and non-repudiation. Governments have learned to use emerging technologies and influence their adoption. The proposed changes to the eIDAS regulations already include recognized distributed ledger services, and it is easy to see how blockchain-based frameworks, such as self-sovereign identity, are at the heart of the proposed digital wallet.
Elsewhere, the European Commission has started working to create semantic definitions and standard syntaxes for key business documents, such as invoices, and the OECD Standard Audit File for Taxes (SAF-T) increasingly allows various regulatory bodies to view your accounting books effortlessly and instantly. Different types of law enforcement agencies are already making great strides in applying advanced analytics to the business and market data they have, and future iterations of eIDAS may well include models of “semantic trust” in which standardized checks on complex data sets become verifiable benchmarks to massively improve corporate transparency, revolutionizing public knowledge of social responsibility, creditworthiness, environmental practices and much more .
See the forest, not just the trees
It would be dangerous, even potentially lethal, to consider the initiatives of tax authorities and other bodies as isolated and opportunistic elements of States finally using digital technologies to their advantage.
A much bigger revolution is underway. Sensing leadership and adjusting its digital transformation strategy to embed the ideologies of trust that will govern the new digital social contract will become a prerequisite for business success in a rapidly changing post-Covid world.