The new legislative proposal for electronic identification and eSignatures

For Internet users and businesses electronic authentification technologies, such as eIDs and eSignatures, are essential to guareente secure online transactions and to protect data privacy. The Digital Agenda for Europe has foreseen under the Digital Single Market actions the revision of the existing eSignature Directive (Directive 1999/93/EC) given the fact that there is no comprehensive EU cross-border framework for secure and trustworthy online transactions that encompasses electronic identification, authentication and signatures.

Thus in June 2012 the European Commission published its enhanced proposal for a Regulation on “electronic identification and trust services for electronic transactions in the internal market” to enable cross-border electronic authentification services in the EU, to cover the mutual recognition and acceptance at EU level of notified electronic identification schemes and other essential electronic trust services. The proposal has been supported by several EU studies on the subject (see below) and by results from different large scale pilots projects co-funded under the Competitiveness & Innovation Programme (CIP).

For instance, a recent study from the EC provides a good snapshot on the legal, technical and trust components required to support the proposed EU framework.

The related EP file is 2012/0146(COD): The Committee report tabled for plenary A7-0365/2013  is awaiting 1st reading/single reading.

The European Council adopted conclusions on the Digital Agenda for Europe at its meeting on 24 and 25 October 2013, providing guidance towards the completion of the Digital Single Market by 2015, highlighting that  this proposal be adopted by the end of this Legislative term.

EU Legislation

Legislative overview / General information

• Proposal for a Regulation on electronic identification and trust services for electronic transactions in the internal market  and its impact assessment
• Electronic signatures in law: ebook , Mason, Stephen, Cambridge University Press, 2012

Current EC proposal to be disscussed in first reading in the EP.

• Legal basis: Article 114 of the Treaty on the Functioning of the European Union (TFEU).
• Directive 1999/93/EC of the European Parliament and the Council of 13.12.1999 on a Community framework for electronic signatures and Commission Decision 2003/511/EC of 14.7.2003 on the publication of reference numbers of generally recognised standards for electronic signature products    and  a Report on the operation of Directive 1999/93/EC on a Community framework for electronic signatures

Current main EU eSignature legislation in place and a report which reviews on its implementation

• Commission Decision 2009/767/CE of 16.12.09 setting out measures facilitating the use of procedures by electronic means through the ‘points of single contact’ under Directive 2006/123/EC of the European Parliament and of the Council on services in the internal market.
• Commission Decision 2011/130/EU of 25 February 2011 establishing minimum requirements for the cross-border processing of documents signed electronically by competent authorities under Directive 2006/123/EC of the European Parliament and of the Council on services in the internal market
• COM(2011) 315 of 1.6.2011 on a Proposal for a regulation of the European Parliament and of the Council on European Standardisation and amending Council Directives 89/686/EEC and 93/15/EEC and Directives 94/9/EC, 94/25/EC, 95/16/EC, 97/23/EC, 98/34/EC,  
• Commission Decision 200/709/EC of 16 October 2009 setting out measures facilitating the use of procedures by electronic means through the ‘points of single contact’ under Directive 2006/123/EC of the European Parliament and of the Council on services in the internal market  
• Council Resolution of 7.5.1985 on a new approach to technical harmonization and standards (OJC 136 of 4.6.1985). 

EU Institutions

European Parliament

• Completing the internal market for eCommerce  2010/2012(INI) INI: where the EP identified the need to create a public key infrastructure at pan-European level, and called on the Commission to set up a European validation authorities gateway to ensure the cross-border interoperability of eSignatures and to increase the security of online transactions.
• EP related questions: E-000357/2012 , E-4154/2010,  E-010124/2010,  E-002569/2012, H-0500/09, E-3273/07 E-3186/2010
• The related EP file 2012/0146(COD), including a summary on the key points presented in the proposal .

European Commission

• Single Market Act: stresses the need for boosting confidence in electronic transactions and restates the objective “to make secure, seamless electronic interaction possible between businesses, citizens and public authorities, thereby increasing the effectiveness of public services and procurement, service provision and electronic commerce (including the cross-border dimension)”.
• The Digital Agenda for Europe (DAE) identifies existing barriers to Europe’s digital development and proposes legislation on e-signatures (Key Action 3) and the mutual recognition of e-identification and authentication (Key Action 16), establishing a clear legal framework eliminating fragmentation and the lack of interoperability, enhancing digital citizenship and preventing cybercrime.
• Roadmap for stability and growth: underlines the key role of the future common legal basis for mutual recognition and acceptance of electronic identifications across borders for the development of the digital economy.
• Large scale projects STORK, PEPPOL, and SPOCS  (funded by the EC Competitiveness & Innovation Programme (CIP)) have looked into the implementation of cross-border tools and actions in the areas of electronic identification and authetification technologies
• eSignature – Study on the supply side of EU e-signature market – Final Study Report by Formit, May 2013
• Feasibility Study on an Electronic Identification, Authentication and Signature Policy (IAS), IAS study, SEALED, Time.lex, PwC and Studio Notarile Genghini, DLA Piper, 2013. This study commissioned by the EC has provided inputs for this EC legislative proposal, and aims to collect further feedback for its final adoption, including recommendations on how a complete and functioning legal, technical and trust framework for IAS services.
• Study on Impact assessment for legislation on mutual recognition andacceptance of e-Identification and e-Authentication across borders (SMART 2011/0075 Final Report)
• Study on Cross-Border Interoperability of eSignatures (CROBIES), A report to the European Commission from SEALED, time.lex and Siemens, 2010. 31 Pag.  This study commissioned has proposed solutions to remove barriers to cross-border interoperability of qualified eSignatures and advanced eSignatures based on qualified certificates
• Study on the standardisation aspects of eSignatures (DG INFSO) , by Sealed, DLA Piper and Accross Communications, 2007, 130 Pag. The study provided the European Commission with the necessary information and assessment for the review of the standardisation needs in the field of electronic signatures supporting the Directive 1999/93/EC
• Study of use identification methods in card payments, mobile payments and e-payments (DG MARKT)  , by Sealed, 2007, 14 Pag
• Preliminary study on mutual recognition of eSignatures for eGovernment applications ,Timelex and Siemens 2009, 169 Pag
• Study on eID Interoperability for pan-European government services  , Timelex and Siemens, 2010. Pag 228. This study commissioned by the EC has analysed the eID and authentication interoperability requirements.
• EU Study on the specific policy needs for ICT standardisation , DLA Piper, Uninova and TUDelft, 2007. 148 Pag
• Study on European Federated Validation Service (EFVS): Feasibility and Global Implementation Plan, Sealed and Timelex, 2010, 39 Pag. This study commissioned by the EC provided the framework for a European Federated Validation Service to provide a tool needed for the establishment of Trust between different issuers of certificates and for the technical validation of eSignatures.
• Rationalised framework for electronic signature, Mandate M/460 to CEN and ETSI Working groups, 2012: The document proposes a rationalised framework for electronic signature standardisation providing a basis for selection of standard appropriate to business needs. An inventory of existing standardisation at the International, European and national/sector level is also included
• The EC has just launched a tender for a study to support the implementation of a pan-European framework on electronic identification and trust services for electronic transactions in the internal market SMART 2012/0001

 Council

• Summary of the Debate in Council on 06/06/2013 (2012/0146(COD)

Committees

• OPINION  of the  European Economic and Social Committee  on the EC proposal

Stakeholder positions

• The EC launched a public consultation in 2011: The European Commission received more than 400 contributions from a wide range of actors, including Member States, EU and national organisations, regional and local authorities, business and professional federations, individual companies, NGOs, and many European citizens. In the following document there is a summary of these contributions
• CCBE position on electronic identification,  authentication and signatures, 2011, 4 Pag: In this submission, the Council of Bars and Law Societies of Europe (CCBE) responds to the public consultation launched by the Commission. But instead of responding to the specific questions, the CCBE comments on certain more general issues.
• 2015 – a connected and diversified Europe: eIDM vision paper, RAND, 2009 45 Pag: This paper is written to determine what demands and requirements there may be for a pan-European eIDM (electronic identity management) solution in 2015 and which services are likely to be developed based on this infrastructure.
• 12th Edition of the Conference EPFE, see: Memorandum 13 points: see the end of this web page for a summary on the outcomes
• Electronic Signatures as an Obstacle for Cross-Border E-Procurement in Europe: Lessons from the PROCURE-project, Institut für Informationsmanagement Bremen GmbH, 2009, 32  Pag : While eprocurement works on national levels, cross-border eprocurement in Europe does not. This is mainly due to lacking technical interoperability and legal harmonisation in particular concerning the use of e-signatures. By a comparative study of the different legal provisions in the Czech Republic, France, Germany, Spain and Sweden this article provides an overview of the current state-of-play and makes suggestions on how to overcome the remaining obstacles to pan-European e-rocurement.
• Results from a stakeholder workshop on the issue that took place under the Digital Agenda Asembly 2011 ( see the Summary report of the workshop and thePresentations).

International organisations

•  “National Strategies and Policies for Digital Identity Management in OECD Countries”,OECD Digital Economy Papers, No. 177, 2011, 90 Pag

Statistics

• Digital Agenda scoreboard 2013: in this link it is possible to see latest EU progress on ecommerce indicators
• Survey and Analysis of EU ICT Security Industry and Market for Products and Services, IDC, 2009, 101 Pag. Provides a snapshot analysis of the network and information security market and its evolution.