Yivi at the Common Ground FieldLab: putting data sovereignty into practice
← Back to Knowledge Base

Yivi at the Common Ground FieldLab: putting data sovereignty into practice

Yivi Team 6 min read
common ground fieldlab data vault notifications postguard open source privacy digital identity municipality open standards

Yivi is participating in two promising initiatives within the Common Ground FieldLab. Both projects share a core belief: citizens should be in control of their own data. One project focuses on delivering government documents securely via end-to-end encrypted notifications. The other explores a future in which every citizen has a personal data vault that works across sectors. This article introduces both initiatives and explains the role Yivi plays in each.

Common Ground: open standards as a foundation

Common Ground is a movement modernising Dutch municipal information systems through open standards, reusable components, and data at the source. Instead of monolithic systems that copy and store data everywhere, Common Ground solutions use standardised interfaces so that data stays in one place and remains up to date. New functionality is built as independent, reusable components that municipalities can adopt together.

The FieldLab is the practical environment of Common Ground: a place where municipalities, vendors, and knowledge institutions collaborate on proof-of-concepts that bring its principles to life. Yivi fits naturally into this ecosystem: open source, privacy-by-design, built on open standards, and centred on the citizen as the party who decides what happens with their data.

Initiative 1: information-rich notifications with PostGuard and NotifyNL

Worth Gemeente Nijmegen

The problem

Municipalities send sensitive documents to citizens every day: decisions, permits, tax assessments. The current practice is concerning. Many organisations depend on commercial, closed solutions that have recently received negative press for privacy and security issues. Zivver was acquired by the American company Kiteworks, potentially placing Dutch government data under foreign jurisdiction. WeTransfer introduced terms granting the company a near-unlimited licence over shared files. Municipalities deserve better.

The approach

Together with Gemeente Nijmegen, the NotifyNL team from Worth, and the PostGuard team from Yivi, we are building a proof-of-concept for information-rich notifications. The use case is concrete: a building permit granted by the municipality is sent via NotifyNL with PostGuard end-to-end encryption. The citizen receives a notification and can securely download the document, but only after reliably identifying themselves via Yivi in an eIDAS 2.0 compliant manner.

The technology stack consists of:

  • Open Message Component (OMC): the open source messaging component of Gemeente Nijmegen, used as the test environment
  • NotifyNL: for creating and managing notifications to citizens
  • PostGuard: the open source end-to-end encryption library applying Identity-Based Encryption
  • Yivi: for reliable citizen authentication, eIDAS 2.0 compliant

The strength of this combination lies in the identity layer. PostGuard encrypts the document so that only the legitimate recipient can decrypt it. Yivi delivers the identity proof in an eIDAS 2.0 compliant way: the citizen presents a cryptographic attribute without exposing sensitive personal data to a third party. The server confirms identity without storing a copy of personal information.

Common Ground in practice

This project is a textbook example of Common Ground thinking. All components are open source and reusable. There is no dependency on closed commercial services. Data stays at the source and is only shared at the moment of explicit authentication. The deliverable is a working demo plus a one-pager that enables other municipalities to implement the same solution.

A next step under consideration is integration with other wallets via Ver.id, making the solution wallet-agnostic.

Initiative 2: the personal data vault as a digital home for every citizen

Gemeente Rotterdam Schluss Anoigo Doccle

A new relationship between government and citizen

The second initiative, led by Gemeente Rotterdam, asks a fundamentally different question: what if every citizen had their own digital space where government documents, healthcare data, and financial information come together, fully under their own control?

Municipalities produce decisions, documents, and messages every day. Yet citizens have little say over how, where, and by whom that information is stored and shared. The personal data vault reverses that relationship.

The concept

In this model, every citizen has a data vault of their choice. Governments and other organisations can make data available to that vault via open standards and agreements. The citizen:

  • decides which data is stored
  • decides who gets access
  • and decides for what purpose data is shared

Access is provided via a digital identity (the wallet, in this case Yivi) and standardised APIs. Data is stored end-to-end encrypted. Access is only possible with the citizen’s explicit consent.

More than storage

The data vault is more than a digital storage space. Data is enriched with provenance, timestamp, and version number, and linked to a consent history. This creates a verifiable data chain: information is traceable, trustworthy, and increasingly capable of carrying legal weight.

The vault works across sectors: municipal services, healthcare, financial services. The same principle, the same open standards, and the same citizen control, regardless of the domain.

Within this federated ecosystem, the initiative also explores macro-orchestration: how can smart services automatically exchange data, support applications, or signal life events, always within the boundaries set by the citizen themselves?

Yivi as the digital key

Yivi plays the role of digital identity in this initiative: the wallet through which citizens access their data vault and grant permission for data sharing. This aligns seamlessly with what Yivi stands for: an open, privacy-by-design identity solution in which the user decides what to share, with whom, and when.

The initiative also connects to the broader movement around the European Digital Identity Wallet (EUDI Wallet). The principles explored here, digital identity under citizen control, end-to-end encryption, and open standards, are precisely the principles the European digital identity regulation pursues.

Two projects, one direction

At first glance the two initiatives look very different: one is about a building permit landing securely in a citizen’s inbox, the other about a complete digital living environment for citizens. But the underlying direction is identical.

Both projects refuse to build on closed, commercial infrastructure. Both place the citizen as the party who grants consent, not as a passive recipient. Both build on open standards so that any municipality can join. Not every partner is open source, but all parties conform to the open standards that guarantee interoperability and independence. And in both projects, Yivi is the layer that delivers identity: trustworthy, privacy-friendly, and entirely in the hands of the user.

That is exactly the future Common Ground is working towards. Yivi is ready.

Connect with us

We would love to connect! Do you have questions about the projects, want to share ideas, or are you curious how Yivi can help your organisation? Feel free to reach out.

Ruben Hensen
Ruben Hensen
Open source developer at Yivi
Connect on LinkedIn →
 Dibran Mulder
Dibran Mulder
CTO at Yivi and Caesar Groep
Connect on LinkedIn →

More information and getting involved

Both projects are being carried out within the Common Ground FieldLab. Are you a municipal official, vendor, or policymaker and would you like to know more about the progress, the demos, or the possibilities for joining?