E-ID-Act: People’s will ignored

by Michael Straumann,* Switzerland

(2 February 2025) In 2021, the Swiss rejected the e-ID Act. The Federal Council and parliament are now trying to push the electronic identity through with a new Act. – It is not the citizens who are delegitimising the state, it is the state itself.

The most recent example is the planned e-ID Act in Switzerland, which was passed by the National Council and Council of States in the winter session on 20 December.¹ The aim is for all Swiss citizens to receive an electronic digital certificate (e-ID) in addition to their passport and ID card in the future. The national government is planning to introduce the law as early as 2026 – which raises the question: why the rush?

Referendums no longer binding for politics

The Swiss already voted on the e-ID Act four years ago.² It was then rejected crushingly! Some 64.4 per cent were against an electronic identity. Instead of simply accepting the will of the people, the Swiss government is now daring to make a second attempt. This is not the first case in which the Federal Council has not implemented a referendum. The mass immigration initiative,³ which was accepted by 50.3 per cent of the people in 2014, comes to mind. The initiative demanded that Switzerland should again control immigration independently through maximum numbers and quotas. In 2016, the parliament decided on an implementation that provided for preferential treatment for domestic job seekers in certain professional groups without introducing quotas. The demands of the initiative were not implemented.⁴

The same is now happening with the e-ID Act. In 2021, a vote was held on an electronic identity that was to be issued by private companies. Now the Federal Council is trying to implement the e-ID through state channels. The federal government is brazenly claiming that the e-ID Act was rejected because the population did not want the e-ID to be issued by private companies.⁵

Anyone who looks at the VOX analysis of this referendum will see that this is not true. Since 1977, the VOX analysis⁶ has been examining the voting behaviour of the Swiss population after referendums to determine the reasons for their decisions. The analysis found⁷ that the No camp’s motives for the e-ID Act vote were twofold: data protection and the role of the state. Scepticism about the role of private e-ID issuers was only expressed in isolated cases. So, it was generally about data protection concerns – not about whether private companies or the state should issue the e-ID.

The mass immigration initiative and the e-ID Act show that Swiss politicians only act in accordance with the will of the people when it suits their own agenda.

So much for “voluntary”

The Federal Council asserts that the e-ID will be “voluntary” – the same Federal Council that claimed at the beginning of the Corona vaccination campaign in spring 2021 that the Covid certificate would be voluntary. Subsequently, the 3G rule was introduced throughout Switzerland and the 2G rule was implemented in the winter after the second referendum against the Covid law.

However, scepticism is not only warranted based on experiences during the coronavirus pandemic. The planned e-ID Act contains a provision according to which the electronic identity must be accepted wherever a conventional ID card is required today. This means that citizens can continue to identify themselves with a physical ID in these places. However, this protection is anything but sufficient. This is because it only applies to those places where a conventional ID card must already be shown today. However, this does not apply to future places where the e-ID will be used. In addition, Art. 31 of the e-ID Act contains problematic fee provisions:⁸

Cantons may charge additional fees if people wish to obtain services on the spot rather than using the e-ID. In other words, people will be financially discriminated against if they do not wish to present an e-ID.

At the same time as the e-ID Act was passed, the Swiss Council of States approved a motion according to which signing initiatives or referendums will only be possible with the e-ID in the future.⁹ In other words, Swiss citizens will be forced to use an electronic identity to exercise their democratic rights.

Insufficient data protection

Another point of criticism of the e-ID envisaged by the Federal Council is data protection. The so-called liveness check is used to issue this e-ID.¹⁰ This procedure checks whether the person identifying themselves is actually a living person present and whether it is not an imitation or an attempt at fraud. The liveness check¹¹ goes beyond a simple face match with a low-resolution image from the Swiss Federal Office of Police (fedpol), which is used for e-IDs and passports. However, thanks to artificial intelligence, deep fake recordings are now widespread. When issuing the e-ID, the face is the decisive criterion, which is extremely problematic.

In the age of social media, where everyone posts photos of themselves, images of almost every person can be found on the internet. These images can be misused for deep fakes or even for professional masks. With such an unsecure issuing procedure, obtaining an e-ID by fraudulent means is very easy. It opens the floodgates to identity theft.

The federal government is well aware that the issuing procedure it has chosen is not secure. This is evident in the law itself: data from the issuing process is to be stored for 20 years, and biometric data is not deleted until five years after the e-ID expires (see Article 27).¹² The long storage period is explained by the fact that possible identity fraud can be investigated. The federal government thus admits that someone could use an e-ID under a false identity for years.

Incidentally, the World Economic Forum (WEF) also warns of identity theft through deep fake recordings:¹³

“With the increasing availability of sophisticated AI tools for fraudsters, the problem is dramatically intensifying. AI-driven deep fake technology enables criminals to imitate the appearance of individuals in a deceptively realistic way. This allows them to bypass verification systems and gain access to sensitive resources.”

Data protection is not only at risk when the electronic identity is issued. Every time you show your e-ID, the corresponding data is stored on servers. However, many companies do not have cyber security systems that adequately protect these servers. This makes both the companies and the sensitive data of citizens an attractive target for cybercriminals. However, the e-ID Act does not require any additional security standards to protect e-ID holders from such cyber-attacks.

Transparency? Missing!

Is the electronic identity at least being introduced transparently? Not at all! For the federal government to be able to guarantee that the e-ID actually protects privacy, the software must be open-source nature. However, this is not provided for in the e-ID Act. The law allows the source code to be kept secret for reasons of third-party legal protection or security (see Article 12).¹⁴ The e-ID software is therefore not based on open-source principles.

Instead, the federal government is pursuing the concept of security through obscurity,¹⁵ which attempts to ensure the security of a system by keeping its functioning secret. The National Institute for Standards and Technology strongly discourages this approach.¹⁶ Thus, the Swiss government is ignoring the current state of IT security research.

Surveillance and control

In addition to the supposed voluntary nature of the e-ID, insufficient data protection and a lack of transparency, the potential for abuse through surveillance is another key point of criticism. With the e-ID, the state is given the opportunity to track its citizens at every turn. In contrast to e-IDs, physical ID cards leave hardly any digital traces. They are rarely requested in everyday life and the data is usually not stored. With the e-ID, it is completely different. Whenever you present the electronic digital proof, personal data is stored.

Switzerland would not be the first country with an e-ID. In some countries, the infrastructure of the electronic digital proof is already being used to monitor and control the population. A prominent example is China’s social credit system. Such social credit systems are also already being tested in Austria and Italy.¹⁷ The e-ID could provide the state with a surveillance tool that far exceeds the control capabilities of totalitarian systems of the last century. The e-ID therefore poses a significant threat to the fundamental rights of citizens in Switzerland. In this regard, reference is made to the message of the Federal Council on the e-ID Act, where it is stated under the content of the draft:¹⁸

“The state trust infrastructure created for the purpose of the e-ID should also be able to be used by cantonal and municipal authorities and by private individuals who wish to issue electronic evidence. This means that official documents such as residence confirmations or debt collection register extracts, but also diplomas, tickets or membership cards, can also be issued as digital evidence using the planned state trust infrastructure and securely managed in the application provided by the federal government or another application of its choice.”

Does this mean that vaccination cards and certificates will also be issued via the e-ID in the future? The dispatch also states the following in the “Main features of the proposal” section under the “Proposed regulation” subsection:¹⁹

“The state will operate the necessary basic system (basic register, trust register) and provide a state electronic wallet in the form of a mobile application that can contain the e-ID and other electronic proofs. Wallet holders can use it to present their e-ID and other electronic proofs securely and transparently.”

Is this “government wallet” a trojan horse for all kinds of documentation – be it a vaccination certificate or a CBDC account? One thing is certain: with the e-ID, the state gains far-reaching possibilities to monitor, control and manage its citizens.

How state-run is the e-ID really?

The e-ID is operated with proprietary software.²⁰ Unlike open-source software, the provider strictly controls how the software may be used and distributed.

In implementing the e-ID, fedpol relies on cooperation with a private company. Fedpol itself is only responsible for storing and managing the data. In February 2024, a call for tenders for the online verification of applicants in the e-ID issuing process was published.²¹ The contract was then awarded to ELCA Informatique SA,²² a company based in Pully in the canton of Vaud. Although the Swiss rejected the first e-ID Act with private companies as issuers, the new state e-ID continues to rely on them.

Furthermore, the planned electronic proof of identity will initially only run on Apple and Google operating systems. This was admitted by Rolf Rauschenbach, the federal government’s e-ID information officer, at an event held by the data protection organisation “Digitale Gesellschaft”. When asked whether the Federal wallet app, in which the e-ID is stored, would also be available outside the Google Play Store or Apple App Store, he replied:²³

“Not at the beginning, no. And that’s precisely because we want to ensure that the e-ID is stored in a federal wallet and not in any other wallet. And when it comes to showing that the e-ID that has been presented has been issued in a federal wallet, this can be cryptographically proven again. And to do that, we also must rely on certain infrastructures of device manufacturers and app store providers. Unfortunately, there is no other way.”

In other words, to obtain an e-ID, Swiss citizens are completely at the mercy of the big tech companies. This shows how “state-run” the e-ID is.

Why an e-ID?

The question arises as to why a digital proof of identity is needed at all. What is the purpose? On the one hand, the federal government states that the e-ID is necessary for dealing with the authorities.²⁴ However, you don’t need an e-ID for this because an official authority login already exists.²⁵

On the other hand, the federal government argues that the digital proof of identity is intended for age verification in everyday life.²⁶ For example, in the supermarket or at the kiosk. However, the physical ID card is sufficient for this purpose and is more suitable in terms of data protection anyway, since no data is stored on it. The conventional ID cards are clearly superior to the e-ID in terms of both security and data economy.

Civil rights organisations launch referendum

At the beginning of January, several organisations announced that they would launch a people’s referendum against the e-ID Act – including the civil rights movement MASS-VOLL!, of which I am a member and on the board of for two years. The Teachers Network Switzerland, the police officers’ association Wir für euch, Mouvement Fédératif Romand, Action Suisse, HelvEthica Ticino, the Pirate Party Switzerland, the Friends of the Constitution and Upright Switzerland are also collecting signatures against the Act.

* Michael Straumann, born 1998, studied political science and philosophy at the University of Zurich and worked as an editorial intern for the magazine “Schweizer Monat”. He is the editor of “StrauMedia”.

Source: https://www.straumedia.ch/p/der-ignorierte-volkswille, 21 January 2025

(Translation “Swiss Standpoint”)

1 https://www.eid.admin.ch/de/parlament-verabschiedet-das-e-id-gesetz-d

2 https://de.wikipedia.org/wiki/Eidgen%C3%B6ssische_Volksabstimmung_%C3%BCber_das_E-ID-Gesetz

3 https://www.ejpd.admin.ch/ejpd/de/home/themen/abstimmungen/2014-02-09.html

4 https://www.swissinfo.ch/ger/demokratie/presseschau_nicht-umsetzung-einer-volksinitiative-wirft-hohe-wellen/42759520

5 https://x.com/barbouillech/status/1878881144013500489?mx=2

6 https://vox.gfsbern.ch/de/

7 https://vox.gfsbern.ch/wp-content/uploads/2021/04/d_vox_schlussbericht_def.pdf

8 https://www.fedlex.admin.ch/eli/fga/2025/20/de

9 https://www.parlament.ch/de/services/news/Seiten/2024/20241211101944914194158159026_bsd056.aspx

10 https://www.klippa.com/de/blog/informativ/was-ist-liveness-detection/

11 https://x.com/i/spaces/1OwGWNwPDApKQ/peek?clipID=e71ebd44-9fa1-4116-9975-80f215bbb05e

12 https://www.fedlex.admin.ch/eli/fga/2025/20/de#art_27

13 https://www.weforum.org/stories/2025/01/how-ai-driven-fraud-challenges-the-global-economy-and-ways-to-combat-it/

14 https://www.fedlex.admin.ch/eli/fga/2025/20/de#art_12

15 https://de.wikipedia.org/wiki/Security_through_obscurity

16 https://en.wikipedia.org/wiki/Security_through_obscurity

17 https://www.derstandard.at/consent/tcf/story/2000137200820/belohnung-fuer-umweltfreundliches-verhalten-was-bringen-oekotokens

18 https://www.fedlex.admin.ch/eli/fga/2023/2842/de

19 https://www.fedlex.admin.ch/eli/fga/2023/2842/de#lvl_4/lvl_4.1

20 https://www.egovernment.de/was-ist-proprietaere-software-a-880466/

21 https://www.eid.admin.ch/de/fedpol-publiziert-ausschreibung-zur-online-verifikation-der-antragsstellenden-im-e-id-ausstellungsprozess

22 https://x.com/LangstrumpfPipo/status/1879546390814261345

23 https://www.digitale-gesellschaft.ch/event/netzpolitischer-abend-zu-stand-der-entwicklung-der-staatlichen-e-id/

24 https://www.fedlex.admin.ch/eli/fga/2023/2842/de

25 https://www.agov.admin.ch/de

26 https://www.fedlex.admin.ch/eli/fga/2023/2842/de