The European Commission's digital identity wallet framework claims privacy-by-design via selective disclosure and zero-knowledge techniques yet its age-verification specification leaves unlinkability optional. A technical issue filed in the official repository demonstrates that without mandatory constraints on attestation providers, issued proofs can contain linkable attributes beyond the defined portrait field and that storage of issuance bindings is not prohibited. Primary source analysis shows Sections 4.3 and 4.1.1 of the AV document omit explicit language barring additional attributes or post-issuance record retention (GitHub eu-digital-identity-wallet/av-doc-technical-specification issue 26, 2024).

Mainstream coverage from Euractiv and the Commission press office has portrayed the EUDI wallet as delivering GDPR-level data minimisation; those accounts omit the gap between architecture reference framework statements and concrete attestation-provider rules (Euractiv "EU Digital Identity Wallet", 2023; EC ARF v1.3, 2024). Similar optional ZKP language appeared in earlier eIDAS revisions and the UK NHS COVID-pass deployment, where voluntary cryptography led to de facto central logging. The GitHub author notes that collusion risk remains acute until BBS+ or zk-longfellow constructions are required rather than recommended, a point also raised in an ENISA technical report on selective disclosure credentials that the Commission has not incorporated (ENISA "Advanced Cryptography for Digital Identity", 2023).

Independent review by the European Data Protection Supervisor previously flagged that government-backed wallets risk function creep when relying-party and issuer logs are not strictly separated; the current AV spec does not close that vector. Making ZKP presentation mandatory would align implementation with the stated privacy properties, yet the absence of that requirement in the live documents leaves EU citizens exposed to tracking vectors that official fact sheets continue to describe as mitigated.