Berlin 5.0

The Berlin 5.0 DARTE session took place on November 11th, 2025, at Soho House Berlin, in collaboration with the European Commission, Project Catalyst, and the Cardano Foundation. This edition was part of the 2025 Cardano Summit and focused on the evolving intersection of digital identity, privacy, and compliance, continuing DARTE’s trajectory of exploring legal clarity within emerging regulatory frameworks.

The roundtable brought together regulators, legal experts, technologists, and protocol leaders to critically assess the future of identity in both permissioned and decentralized environments. The session opened with keynote remarks by Frederik Gregaard, CEO of the Cardano Foundation, and Dr. Joachim Schwerin, Principal Economist at the European Commission, who both highlighted the strategic relevance of trustworthy digital identity systems in the broader push for innovation, inclusion, and regulatory coherence across Europe.

Florian Daniel (Westernacher) opened the discussions with an analysis of the risks inherent in centralized eID architectures under the amended eIDAS regulation, warning against coercive design, surveillance potential, and the dangers of concentrating sensitive user data. Nicolas Jacquemart (Cardano Foundation) followed with a presentation on reconciling GDPR with public blockchains, focusing on the role of Key Event Logs (KELs) within the KERI framework and the debate between absolute and relative approaches to identifiability. Mariana de la Roche (BlackVogel) closed the session by examining the tensions between AML/KYC obligations and user privacy, proposing a shift toward reusable credentials, proportional access, and cryptographic attestations as compliance tools.

The Berlin edition deepened DARTE’s mission of bridging regulatory, technological, and ethical perspectives to shape interoperable, rights-preserving infrastructure. As digital identity becomes a cornerstone of both public services and financial regulation, the session reinforced the urgency of designing frameworks that support innovation without undermining trust, autonomy, or fundamental rights.

Download the Report

Risks of eID

The session explored the systemic risks associated with centralized electronic identity systems under the amended eIDAS regulation. Participants raised concerns about coercive design, the consolidation of sensitive data, and the potential for surveillance and social exclusion. Comparative international examples underscored how centralized identity schemes—when mandatory or poorly governed—can undermine democratic values. Discussions emphasized the importance of privacy-by-design alternatives such as selective disclosure, unlinkable credentials, fragmented identities, and decentralized trust issuance. Participants stressed that regulatory frameworks must remain flexible enough to support these safeguards and avoid locking in architectures that compromise user autonomy.

Call to Actions

Develop a taxonomy and proportionality matrix to assess identity use cases, distinguishing between low-risk and high-risk implementations to inform governance models.
Promote privacy-preserving architectures through standardization initiatives (e.g. DIN, ISO), enabling fragmented and revocable digital identities across sectors.

Digital IDs on Public Blockchains & GDPR

This session focused on the compatibility of decentralized identity systems with GDPR requirements, particularly around data minimization, the right to erasure, and identifiability. Public blockchains, while transparent and immutable, present challenges for compliance due to their permanent, append-only nature. Participants examined models such as Key Event Logs and Autonomic Identifiers that allow for verifiable identity control without exposing personal data. The group debated the absolute vs. relative interpretations of identifiability under GDPR and emphasized recent CJEU rulings that support a contextual, processor-specific approach. Harmonizing GDPR with blockchain design requires clarity on roles, data scopes, and risk thresholds.

Call to Actions

Advocate for a relative, risk-based standard of identifiability under GDPR to ensure that processors lacking re-identification capabilities are not subject to disproportionate obligations.
Standardize selective disclosure and revocation mechanisms through recognized bodies (ISO, DIN) to support privacy-aligned identity verification on public blockchains.

Digital Identity in AML/KYC

This session addressed the intersection of digital identity and financial crime prevention, exploring how current AML and KYC rules often conflict with privacy norms. Participants criticized the inefficiency of data-heavy compliance models and questioned the sustainability of centralized identity repositories. Alternatives such as reusable credentials, selective disclosure, and “identity on demand” were proposed to fulfill regulatory requirements without exposing full identity profiles. The industry was recognized for pioneering compliance-enhancing solutions early on—not due to legal obligation, but because such measures improved security and usability. There was consensus on the need to shift from data collection to verifiable attestations, especially in high-frequency transactional contexts.

Call to Actions

Pilot decentralized compliance models based on cryptographic attestations and credential reuse to enable privacy-preserving KYC and Travel Rule adherence.
Initiate structured collaboration between regulators and industry actors through innovation sandboxes to co-develop AML frameworks that align with GDPR and support technical interoperability.