Germany stack: the backbone of public services in the digital world

Contents

The importance of the German stack outlined by Federal Digital Minister Karsten Wildberger (CDU) for the modernization of public administration can hardly be overestimated. This was emphasized by Kim Nguyen, Head of Innovation at Bundesdruckerei, at the Smart Country Convention e-government trade fair in Berlin on Wednesday. The planned standardized IT infrastructure with clearly defined interfaces, cloud services, and standards is the “backbone of government services and services of general interest in the digital world.” Ultimately, this “great ambition” makes it clear that we are talking about digital public community facilities.

Nguyen considers the electronic identity linked to the digital EU wallet (EUDI), which is to be available in all member states by 2026 at the latest, to be an important building block for the “D-Stack.” This field has been regulated by the eIDAS Regulation for many years. In Germany, the debate about providing a qualified e-signature for all citizens has been going on for even longer. This idea will also become a reality with the EUDI wallet and the eIDAS amendment behind it.

The former head of the qualified trust service provider D-Trust admitted to heise online that most citizens would not be able to relate to the term “stack.” The word is more likely to send a message to the tech community that the state wants to reposition itself online. Consumers, on the other hand, will focus on applications: “We need to start with citizen interaction,” Nguyen says, referring to portals and specialized procedures that are better known today as apps. Ultimately, these must offer the user benefits, for example, when re-registering, applying for an ID card, or storing a driving license virtually.

“End-to-end thinking”

However, the D-Stack should be “more than an app store” with individual new digital tools, emphasizes Nguyen. Rather, what is needed is an interplay of functionality, regulation, infrastructure, and operation. In addition to trust services, interaction services such as a payment solution and data exchange services, aka platforms, must also be included. The latter are crucial for enabling applications with AI. At the same time, it is important to consider the European dimension with the Euro stack and to include “end-to-end thinking.” This is the only way the D-Stack can be seamlessly integrated into existing and future IT architectures.

The aforementioned trust services in particular are “more than just a bit of cryptography and software,” says the manager. A provider must be able to handle ongoing operations within a tight regulatory framework, for which certification and the next elementary steps alone would take two to three years. Only then could the further infrastructure and operating systems be based on the elementary trust services relating to e-signatures and eID. Ngyuen emphasized that Bundesdruckerei could contribute some experience from large projects in this area.

Thilak Mahendran from the think tank Agora Digital Transformation fleshed out the vague idea of the D-Stack in June. Although Germany has many building blocks with elements such as BundID or the e-payment platform Bund-Länder (ePayBL), according to him, a functioning digital infrastructure can only be created through a regulatory framework that ensures the reuse of services, clear responsibilities, and secure operation across all federal levels.

Government as a platform

The key to this lies in a platform-based approach, the expert explains: Government as a Platform (GaaP) sees digitalization not as a mere sum of technical projects but as a central government infrastructure task. A core element of this approach is the Germany stack, a strategically organized platform core consisting of basic services for authentication, data exchange, and transactions. However, this should not stand in isolation: It is part of an overarching “Germany architecture” that is being developed as part of the federal digital strategy.

A task force must stabilize existing central components for the D-Stack, close security gaps, and provide interfaces and self-service access, demands Mahendran. Focus services associated with the Online Access Act should be made connectable. The Bundestag must also secure targeted funds for the operation and further development of these basic components in the budget. The D-Stack should be anchored as a product of the IT Planning Council and managed operationally by the Federal IT Co-operation (Fitko). As soon as the core has been consolidated, the platform ecosystem must be opened up to external partners via documented interfaces and standards.

An important part of the modernization agenda

The D-Stack also plays a prominent role in the German government's new modernization agenda, which Wildberger has launched. According to this, it is to be a “secure, interoperable, European-connectable, and sovereign technology platform for the digitalization of the entire administration.” New elements would be built modularly on existing ones and “implemented quickly with a high degree of automation and AI support.” The implementation would take place step by step. The federal government is commissioning basic components such as digital legitimization, the payment function, and the once-only principle, according to which citizens only have to provide their data to the administration once. The state also provides “the marketplace and the AI-supported planning and authorization platform.”

According to the agenda, the modernization of registers, the German Administration Cloud, including Identity Access Management (IAM), and the EUDI wallet are to use the D-Stack or be implemented on it. The executive has envisaged periods of between 12 and 36 months for this. One advantage of this is that companies can be set up within 24 hours. The BundID will serve as online identification for applications and notarizations. Other tasks, such as digital company registration or the creation of tax and commercial register numbers, are handled via the stack and associated interfaces.

(mho)