Faculty of Science, Technology and Medicine
Faculty of Law, Economics and Finance
Faculty of Humanities, Education and Social Sciences
Interdisciplinary Centre for Security, Reliability and Trust
Luxembourg Centre for Systems Biomedicine
Luxembourg Centre for Contemporary and Digital History
Luxembourg Centre for European Law
Luxembourg Centre for Socio-Environmental Systems
The Doctoral School in Science and Engineering is happy to invite you to Pol HÖLZMER’s defence entitled
Legal Digital Identity as bounded Socio-Technical Design Space
Supervisor: Prof Gilbert FRIDGEN
The self-sovereign identity movement popularised a vision of digital identity centered on user control, privacy, and decentralisation. However, once digital identity must produce legal effect, these ideals cannot be treated solely as technical features. Legally effective digital identity operates within a socio-technical system arrangement shaped by public authority, regulatory oversight, trust-service infrastructures, and human use in practice, expressing their rights and obligations. This dissertation, therefore, examines how legal digital identity should be designed as a bounded socio-technical information system, whose bounding properties and tensions shape its feasible design space, and which design principles can be derived from those.
To this end, this dissertation adopts an information systems (IS) perspective and uses action design research (ADR) as a programmatic logic to structure the accumulated design knowledge across the publication portfolio. This research is primarily anchored in the European Union, specifically in the European Digital Identity (EUDI) and related trust services under the revised eIDAS Regulation (EU/2024/1183) and the Architecture and Reference Framework (ARF). Across the portfolio, the synthesis moves from the user’s exposure and constraints, through the institutional and infrastructural conditions of legal effect, to the system-level tensions that make design trade-offs unavoidable.
The dissertation shows that the feasible design space of legal digital identity (LDI) is shaped more by socio-technical interactions than by technical choices. In this sense, self-sovereign identity principles, such as user sovereignty, shift from absolute autonomy to governed agency, which fundamentally changes the perspective on identity systems: trust is not just cryptographic but also institutional; identifiability and correlation remain necessary for assurance and accountability; and achievable data minimisation is constrained by protocols, standards, and trust-service infrastructures. This dissertation formalises this by contributing an information systems design theory for legal digital identity: a bounded socio-technical design space and a corresponding set of normative design principles for designing and evaluating legally effective electronic identification systems. These principles are anchored in fundamental rights and formulated at a level intended to remain transferable beyond the European Union to comparable rights-respecting jurisdictions.