Jacques Bus

Secretary General Digital Enlightenment Forum

Jacques Bus received his PhD in Science and Mathematics at the University of Amsterdam. He worked as a researcher for 12 years and subsequently as research program manager for 5 years at CWI/NWO in Amsterdam (NL).

From 1988 he worked at the European Commission in leading positions in various parts of the Research programmes ESPRIT and ICT, including IT infrastructure, program management, software engineering and since 2004 in trust and security. He has been strongly involved in the establishment of the Security Theme in FP7, the EC Research funding programme.

Since 2010 he works as an independent advisor on Trust, Security, Privacy and Identity in the digital environment. He has been 3 years business director of the Dutch Privacy and Identity Lab (www.pilab.nl) He is co-founder and Secretary General of Digital Enlightenment Forum.

Recent Activity


Wednesday, September 25 2019

Tuesday, July 23 2019

  • 5:53pm

    Short Report:

    In his presentation, Andrea Servida starts with quoting Andrus Ansip, VP of the EC for the Digital Single Market: “Building trust in the online world is crucial to accomplish the Digital Single Market. Coupling mobile authentication credentials, such as Mobile Connect, with the identity security provided by eISs under the eIDAS Regulation is the way towards this goal.”

    eIDAS provides a consistent set of rules for digital ID management throughout the EU. On this moment 65% of EU citizens is covered by (pre-)notified eIDs.

    eIDAS gives the opportunity to citizens to:

    -          Control and selectively disclose ID data when accessing online services cross border,

    -          Limit collection of ID data to those strictly needed for the transaction, ensuring full accountability .

    It reinforces existing regulation, incl. on data protection, privacy, cyber security and is important for various other policy initiatives.

    eIDAS can bring Citizens, Public Administrations, ID and Attribute Providers, and Service Providers together in one cross border eID ecosystem for verified IDs.

    Elly Plooij – van Gorsel presented some of the problems and successes of The Netherlands making use of notification under eIDAS. It showed some of the complexities and political problems in doing so.

    Then three speakers followed, each presenting an approach to responsible eID management within an eIDAS-based eID ecosystem.

    Bart Jacobs presented the IRMA attribute-based authentication system originating from the Radboud Univ in Nijmegen (NL). IRMA is freely available and gains traction in NL (mainly in local government and health care). It is an Open Source community effort and will not lead to a monopoly.

    Ghassan Karame presented the use of Block Chain in eID to ensure privacy preservation, customer control of their data and the ability to verify and let it be re-used.

    Stephan Krenn presented Self-Sovereign ID systems, based on attribute-based authentication (examples are Idemix and U-Prove) which allow privacy preserving ID management with: multicredential presentations, revocation, inspection and controlled linkability.

    The discussion was sometimes technical, sometimes more general.

    Essential for trusted use of eID systems is the ability to bring all stakeholders (citizens, public administration, ID and attribute providers and service providers) together in a broad cross-border eIDAS based ecosystem that preserves privacy, gives the citizen control on his/her data and is convenient in use. It also made it clear that ID management as a service must be independent from the general service providers using it for authenticated access to their services. This is all the more important as behavioural data is in fact the bulk of data being collected from citizens by certain service providers. Companies (including...

    Read more

Sunday, May 26 2019

  • 12:57pm


    After many years of research, demonstration and limited implementations, digital identification and authentication is still not user-friendly, privacy respecting and broadly usable, except in some small states, or industry sectors. Even in banking, where good authentication is crucial many different systems are around and is not symmetrical: the client authenticates to the bank and not vice versa.

    Last year the European eIDAS regulation came to effect, which allows cooperation between identification systems of governments for their own services. But this does not change easily authentication for banking, shopping, proving one’s age or education. This all still needs different methods and credentials.

    In this workshop we bring together people to discuss the steps needed on top of eIDAS, to make identification and authentication on the Internet easy and trustworthy.

    We will start with a presentation on eIDAS and its foreseen future developments. This will be followed by presentations of private systems existing or under development that are privacy respecting and easy to use and which can build on existing government or otherwise backed ID data. It will include attribute-based systems, Self-Sovereign ID and Block Chain based ID.

    It will be complemented by a presentation on the problems of governments to make progress to develop citizen-friendly eID systems.

    Speakers are:

    Andrea Servida (HoU EC CNECT/eGovernment and Trust): eIDAS, its status and future developments.

    Elly Plooij – van Gorsel (Chair of the Dutch Government Committee on eID) eID developments in The Netherlands

    Bart Jacobs (prof Radboud Univ Nijmegen, NL): IRMA, a privacy respecting and user friendly eID system

    Ghassan Karame (NecLab, DE): Block Chain for ID management

    Stephan Krenn (AIT, AT): Privacy preserving Self-Sovereign ID management.

    This Workshop has been organised by DigEnlight in cooperation with Trust in Digital Life and hosted by the Representation at the EU of the German State of Hessen. 


Friday, April 12 2019

Sunday, March 17 2019

Thursday, January 31 2019

Tuesday, January 8 2019

  • 9:58pm

    In a blog: Block Chain's Occam Problem  Mckinsey expresses doubts on the usefulness of applications of Block Chain, in particular in financal industry, but also on the potential in many other application areas.The blog is a worthy reading.
    Particularly also the conclusions that there can nevertheless be real potential in specific cases which would shift ownership on data from corporations to consumers. An excellent example seems to be private Block Chains that give members control (by having the crypto key on the ledger) over who can read the ledger, which could be an extending set of Identity or personal data, personal medical data etc.

    Suggestions have been made already on ID management by Kim Cameron (see his "Laws of Identity on the Block Chain" of 27 May 2018 on his BLOG).

    Similar ideas can be worked out for e-Portfolios, i.e. ledgers of personal education and experience badges.

    The conclusion might indeed be as stated HERE that Block Chain becomes mature and ... boring.

Monday, December 31 2018