Edoardo Giardino è avvocato e professore associato nonché abilitato alle funzioni di professore ordinario di…
Building online trust and confidence: Electronic signatures, seals and trust services now valid throughout EU
In 2014 the European Council and Parliament agreed on new rules so that people and businesses can use their own national electronic identification schemes (eIDs) to access public services in other EU countries where eIDs are available. The eIDAS Regulation also helped to create a European internal market for electronic Trust Services – electronic signatures, electronic seals, time stamps, electronic delivery services and website authentication – by ensuring that they will work across borders and have the same legal status as traditional paper based processes.
The eIDAS Regulation entered into force on 17th September 2014, and on 1st July 2016, the provisions become applicable to trust services.
Trust services
Electronic trust services guarantee secure and legally valid electronic transactions. They include:
- Electronic signature, i.e. the electronic equivalent of a written signature
- Time stamping, i.e. the date and time on an electronic document which proves that the document existed at a point-in-time and that it has not changed since then
- Electronic seal, i.e. the electronic equivalent of a seal or stamp which is applied on a document to guarantee its origin and integrity
- Electronic registered delivery, i.e. a service that, to a certain extent, is the equivalent in the digital world of registered mail in the physical world
- Website authentication, i.e. trusted information on a website (e.g. a certificate) which allows users to verify the authenticity of the website and its link to the entity/person owning the website
- Legal admissibility of electronic documents to ensure their authenticity and integrity
The eIDAS Regulation introduces the principle of non-discrimination in the legal effects and admissibility of electronic documents in legal proceedings, and ensures that they work across borders.
It is only by providing certainty of the legal validity of all these services, that businesses and citizens will confidently go digital.
eSignature
The eSignature Directive, the legal instrument preceding eIDAS, will be repealed and new rules will be introduced at EU level for additional trust services which have emerged in a number of Member States since the eSignature Directive was adopted in 1999. Under the new rules, an eSignature can only be used by a natural person to “sign”, i.e. mainly to express consent on the data the eSignature is put while the eSeal can only be used by a legal person to ensure the origin and integrity of the data to which it is linked.
This represents a difference from the eSignature Directive where the eSignature – which could also be used by legal persons – was defined as a means for authentication.
Trust services you can trust
Under the eIDAS each Member State has to establish, maintain and publish a list of qualified trust service providers and the qualified trust services provided by them. These lists have a constitutive effect as of 1st July. This means that a provider/service will be qualified only if it appears in the Trusted Lists. Consequently, the users – citizens, businesses or public administrations – will benefit from the legal effect associated to a given qualified trust service only if the latter is listed (as qualified) in the Trusted Lists.
To prove their status, all qualified trust service providers can use the EU trust mark logo which tells users that they can trust a certain service online to carry out their online transactions in a safe, convenient and secure way which complies with the rules set out in the eIDAS Regulation.
eIDAS Observatory
The Commission is also launching the eIDAS Observatory, for individuals, businesses and public administrations interested in eIDAS to exchange views and positions, share ideas and good practices. The aim is to build a common understanding of the issues relating to the implementation and uptake of the eIDAS Regulation and to facilitate the use of cross-border electronic identification and trust services.
The Commission hopes that public and private sector participants will use their experience, technical skills and knowledge to provide evidence-based and data-driven policy support for the EU. It also hopes that representatives of economic sectors, especially those where sector-specific legal and policy instruments foresee the need for electronic identification and/or trust services will join in the discussions.
Q&A: trust services under eIDAS
1 luglio 2016