Identity · EUDI / eIDAS
Who are you? Europe's trust framework gives people and organizations verifiable digital identity — no single platform required.
Suveren keeps a named human behind every AI action: accountable, within defined limits, and backed by proof anyone can verify. Built on the open Human Agency Protocol.
Digital Humanism asks that humans remain responsible for the exercise of power. Suveren exists to ensure that responsibility survives automation.
For decades, two kinds of actor acted online: people and organizations. AI agents are a third — software acting on someone's behalf. When an AI agent sends a payment, files a permit application, submits a regulatory filing, or updates a citizen record, the question is no longer who the agent is, but who authorized it to act. Knowing an agent's identity doesn't decide what it may do right now, or make anyone accountable when it acts. So one question settles whether humans stay in control: when AI becomes the means of action, does the human remain the principal — or quietly become a bystander?
Europe has built an excellent answer to who you are — verifiable identity for people and organizations. But identity only says who something is. It does not decide what it is allowed to do at this moment, and it does not make anyone accountable when it acts.
The gap is often mistaken for an identity problem — “give the agent an account.” It isn't. The gap is authorization: who may do what, on whose authority, provably. Authority belongs to people; execution can belong to agents — but only if the link between them stays explicit, bounded, and verifiable.
Three layers, three questions. The first already exists in Europe. The second is what Suveren provides. The third is what they protect together.
Who are you? Europe's trust framework gives people and organizations verifiable digital identity — no single platform required.
What may act on your behalf? A named human delegates bounded authority to an agent — scope, limits, duration — signed and enforced before it acts.
Who stays responsible? When identity and authority stay connected, the human remains the principal even when software is the actor.
HAP (the Human Agency Protocol) is an open protocol for bounded delegation to software agents. A named human sets explicit limits — scope, recipients, spending caps, approvals, duration — and confers them as a cryptographically signed authorization. A Gatekeeper checks every action against that authority before it runs; if the action is within bounds, an Authority Server issues a signed receipt. No valid receipt, no execution.
Suveren is the HAP-compliant service. Its open-source Gateway runs on your own machine and acts as the Gatekeeper — business data never leaves it. The Authority Server is privacy-blind: it verifies on hashes and limits, never on content. The protocol is open, so an organization — or a city — can also run its own.
Before an agent acts, Suveren checks the action against the delegated authority. Outside the limits, it doesn't happen — no receipt, no execution. Inside them, it produces a signed receipt: who authorized it, within what limits, what happened — verifiable by anyone, without trusting us.
Prove what an agent did in your name was authorized — and prove what was not.
The receipt is the object that binds identity, authority, and action into one verifiable record: this named principal, holding this bounded authority, performed — or did not perform — this action. It is the connection between the layers, made durable, so accountability is a fact a third party can check rather than a promise.
We are deliberate about the limit of the claim. A receipt can prove who stood behind an action; it cannot prove the action was freely chosen or wise. It preserves the human's standing as principal — the structural precondition of agency — not agency in its full sense, which depends on rights, freedom and politics far beyond any protocol. That narrower claim is the honest one, and the one that holds.
“Decisions with consequences that have the potential to affect individual or collective human rights must continue to be made by humans. Decision makers must be responsible and accountable for their decisions. Automated decision making systems should only support human decision making, not replace it.”— Vienna Manifesto on Digital Humanism (Vienna, May 2019)
It began in 2019 with the Vienna Manifesto, signed by researchers around the world. Today its principles — human oversight, human agency, accountability — shape how cities and the EU govern AI. Our core line "Humans authorize. AI executes." is one infrastructure-level implementation of that principle.
| The question Digital Humanism asks | How the principle becomes enforceable |
|---|---|
| Is there a responsible party for every solution? (Accountability)„Gibt es für jede Lösung eine verantwortliche Stelle?“ | Accountability is cryptographically attached to every delegated action. |
| Is the final decision still made by a human? (Human Oversight, Human Agency)„Wird die letzte Entscheidung weiterhin von einem Menschen getroffen?“ | High-risk actions cannot execute without explicit human approval. |
| Are AI decisions traceable and transparent?„Sind (KI-)Entscheidungen nachvollziehbar und transparent?“ | Every action leaves a verifiable receipt — who approved, what limits, what happened. |
| Is data protected by default? (Privacy by default)„Sind die Daten per default geschützt?“ | Authority is verified on hashes, never content — the trust layer never sees the data. |
| Is the administration's IT independent and sovereign? (Open, no dependencies)„Open Source, Open Standards … ohne Abhängigkeiten“ | An open protocol anyone can run or verify — no dependency, no lock-in. |
And the honest boundary: the Manifesto is broader than any protocol. Its demands for democracy, inclusion, and freedom are political work no trust layer can perform — and Suveren does not claim to. A perfectly Suveren-compliant system could still automate an unfair decision a named human authorized; the mechanism would work, and Digital Humanism would still rightly object. Suveren is not equivalent to the Manifesto — it is the infrastructure that keeps its core principle enforceable when software acts.
Cities have always run the infrastructure that lets an economy work accountably — identity, land, and commercial registries. A public body can play that role for the agentic economy: a neutral trust anchor that vouches for who may act, while owning none of the activity and seeing none of the data.
Cloud hosts the compute. A city can anchor the trust.
Europe has built an identity architecture for people and organizations — eIDAS, the EUDI Wallet, the coming Business Wallet. It does not yet have a standardized, interoperable, identity-linked authority architecture for autonomous agents. That is the layer Suveren provides, anchored to the trust framework Europe already runs.
General delegation mechanisms exist — OAuth, GNAP, capability systems, attribute certificates. None is standardized, interoperable, and bound to the EUDI / eIDAS trust framework for agents acting under named human authority, with bounded limits, pre-execution enforcement, and verifiable receipts. That combination is the gap.
It also answers Article 14 of the EU AI Act structurally rather than on paper: human oversight becomes a property of how the system runs — the mechanism by which a wrong action is prevented — not a policy document describing one.
Suveren does one thing: it keeps a named human accountable when software acts. It does not make a decision fair, an AI model safe, or a policy just — those remain human, political work. What it guarantees is that they have someone accountable to attach to, and proof that anyone can check. That is the precondition for Digital Humanism to survive the move to autonomous systems — not a substitute for it.
Digital Humanism cannot exist where responsibility disappears. Suveren is infrastructure designed to ensure it does not.