The time is coming for new trust services
The EU’s eIDAS Regulation enters into force on 1 July 2016. The importance of this somewhat mysterious act is not yet widely appreciated. It opens up new possibilities and creates space for very interesting new services.
Its full name is Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC. The eIDAS Regulation should be examined from the perspective of processes underway in contemporary economies and the strategic aims of measures pursued by the European Union. We are witnesses to a highly dynamic process of passage of the economy from the tangible realm to the virtual realm. More and more transactions exist only in digital form and do not require any action in three-dimensional space. The digitisation of commerce generates such huge benefits that it has become one of the EU’s strategic goals. Transferring numerous legal and administrative tasks to virtual space should make administrative procedures more efficient, reduce costs, and eliminate many barriers to accessing services.
Despite various attempts to create legal frameworks to appropriately regulate digital legal transactions, so far it has not been possible to create a universal solution guaranteeing the development of a uniform European market for the digital economy: the Digital Single Market. This is the gap the eIDAS Regulation attempts to fill. It addresses two principal issues that are key to realisation of the Digital Single Market: electronic identification systems and trust services.
Digital trade, like the brick-and-mortar trade of the past, requires the creation of instruments ensuring proper identification of market participants. Under traditional solutions, this is typically an identification document in tangible form. In digital trade, the substitute for a physical ID will be “electronic identification means,” a concept defined in the eIDAS Regulation. There are three key elements here that are worth highlighting. The definition of electronic identification means is to a large extent technologically neutral, enabling various technological solutions to be applied in practice. They must meet the requirements set forth in the detailed provisions of the regulation, however. A second key element is related to the fact that electronic identification means can also be issued by the private sector—so long as they meet the specified requirements. This opens up entirely new possibilities for entities from the private sector. Third, electronic identification means issued in one EU member state must be recognised in other member states for the purpose of performance of services by public-sector entities. This last element is vital for ensuring the uniformity of the Digital Single Market (but this obligation does not enter into force until 2018).
Another major area governed by the eIDAS Regulation is trust services. The regulation itself enumerates several types of trust services, such as creation of electronic signatures or electronic time stamps and authentication of websites. In practice, it is easy to imagine many other types of trust services, or services containing various elements of the services mentioned in the regulation. Another vital category is “qualified trust services.” These are trust services that can generate specified legal consequences once they undergo the relevant certification procedures provided for such services by the eIDAS Regulation. For example, the regulation provides that a qualified electronic signature has the same legal effect as a handwritten signature. Similarly, when a qualified electronic registered delivery service is used, there will be a legal presumption of the integrity of the data, sending by the identified sender, and receipt by the identified addressee.
The eIDAS Regulation creates only a very broad legal framework for the digital economy. The degree to which this framework is employed will largely depend on the creativity of market players and the attitude of public authorities. The openness of the public administration to external systems of electronic identification and the use of trust services supplied by external entities could generate dynamic growth of such services, increase the level of digitisation of public services, and also greatly cut the costs of digitisation borne by public entities.
In upcoming issues of the bulletin we will examine various elements of the eIDAS Regulation more closely. We believe it creates an opportunity for development of interesting and innovative services, streamlining commerce as well as the functioning of the public administration.
Krzysztof Wojdyło, New Technologies Practice, Wardyński & Partners
The article is a part of the New Technologies Newsletter, May 2016