The EU is developing a single, European-wide legal framework to regulate all electronic identification, authentication and signatures (eIDAS services) and related ancillary Trust Services used for electronic transaction services within the EU. This forms the basis for a digital Single Market.
(UPDATE! eIDAS regulation now in place.)
Postal services are based on trust.
As posts extend their services into the internet, this trust is maintained by means of secure electronic identification, authentication and signatures (eIDAS services).
An open, barrier-free communications environment for postal services in the internet requires interoperability – only achievable through joint standards.
In this article, Walter Trezek summarises the outcome of a workshop at the European Commission (EC) in Brussels on 5 September 2012, attended by representatives from ministries, business associations, postal services, service providers and regulators. Full details here.
Currently the main obstacles to secure & seamless cross-border eIAS services are:
Service providers are subject to different rules for e-signatures, eID and ancillary trust services depending on the Member States they serve. National supervision requirements for e-signatures differ from one Member State to another, making it a challenge for parties relying on an e-signature to assess how a service provider is supervised.
The current tools and legal framework create the impression of fewer legal safeguards than for physical interaction. For eID and ancillary trust services, heterogeneous national legislation makes it difficult for users to feel secure when interacting online in cross-border scenarios.
The EC proposes a Regulation of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market.
The proposed regulation would overcome 4 main challenges:
The proposal chooses to overcome these current challenges by:
Providing a comprehensive framework by means of a single instrument would ensure that the legislation regulating the various aspects of eIDAS is consistent. A regulation provides immediate applicability without interpretation, and thus greater harmonization, and is therefore the most appropriate means of achieving the objectives of the proposed legislation.
The current national-based supervision schemes would be maintained, but with stronger harmonization through essential common requirements.
Due to the inherently non-territorial nature of eIDAS services, action at EU level is adequate and proportionate in order to implement the digital Single Market. Regulatory measures taken at Member State level cannot be expected to achieve the same outcome. EU intervention is thus required, appropriate and justified.
A detailed examination of the Proposal, and in particular the proposed supervision schemes for qualified trust service providers and trust service providers per se, is laid out in the Annex to this summary.
UPDATE! September 2014: the eIDAS regulation is now in force.