Regulation on electronic identification and trust services for electronic transactions in the internal market



Similar documents
Commission s proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market

A7-0365/133

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 114 thereof,

Implementation of eidas through Member States Supervisory Bodies

LEGAL FRAMEWORK FOR E-SIGNATURE IN LITHUANIA AND ENVISAGED CHANGES OF THE NEW EU REGULATION

NIST-Workshop 10 & 11 April 2013

Qualified Electronic Signatures Act (SFS 2000:832)

Guidelines for the use of electronic signature

DS : Trust eservices. The policy context: eidas Regulation

COMMISSION OF THE EUROPEAN COMMUNITIES

Security framework. Guidelines for trust services providers Part 1. Version 1.0 December 2013

EUROPEAN PARLIAMENT AND COUNCIL DIRECTIVE. on a common framework for electronic signatures

Federal law on certification services in the area of the electronic signature

REPUBLIC OF LITHUANIA. LAW ON ELECTRONIC SIGNATURE

STANDARDISIERUNG FÜR EIDAS IM MANDATE/460

eidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke

ELECTRONIC SIGNATURES AND ASSOCIATED LEGISLATION

Merchants and Trade - Act No 28/2001 on electronic signatures

ETSI SECURITY WEEK EIDAS Overview CEN/ETSI esignature Standardization including standards for TSP Compliance. ETSI All rights reserved

LAW. ON ELECTRONIC SIGNATURE (Official Gazette of the Republic of Montenegro 55/03 and 31/05)

Electronic Documents Law

on Electronic Signature and change to some other laws (Electronic Signature Act) The Parliament has hereby agreed on this Act of the Czech Republic:

Digital signature and e-government: legal framework and opportunities. Raúl Rubio Baker & McKenzie

Legal Status of Qualified Electronic Signatures in Europe

ACT. of 15 March 2002

Federal Electronic Signature Law. (Signature Law - SigG)

ETSI TC ESI PRESENTATION TO CAB FORUM. ETSI All rights reserved

UNCITRAL United Nations Commission on International Trade Law Introduction to the law of electronic signatures

Legal aspects of electronic signatures in Bulgaria

Questions & Answers. on e-cohesion Policy in European Territorial Cooperation Programmes. (Updated version, May 2013)

Submitted to the EC on 03/06/2012. COMPETITIVENESS AND INNOVATION FRAMEWORK PROGRAMME ICT Policy Support Programme (ICT PSP) e-codex

Audit of the control body through the monitoring of compliance with control plan. Measures for the irregularities

INTEROPERABILITY UNIT

CERTIFICATION PRACTICE STATEMENT UPDATE

National Authority for Electronic Certification. Electronic Signature in Albania by Eris Asllani- Head of Department

Georgios Katsarakis Europäische Kommission

2002 No. 318 ELECTRONIC COMMUNICATIONS. The Electronic Signatures Regulations 2002

ETSI TS V2.1.1 ( ) Technical Specification

SUBSIDIARY LEGISLATION ELECTRONIC COMMERCE (GENERAL) REGULATIONS

ETSI TS V1.1.1 ( ) Technical Specification

SSLPost Electronic Document Signing

Explanatory notes VAT invoicing rules

Memorandum of Understanding

Ericsson Group Certificate Value Statement

As simple as and as secure as postal mail.

Council of the European Union Brussels, 5 March 2015 (OR. en)

Qualified Time Stamping and eregistered Delivery Services Overall considerations

LAW ON ELECTRONIC TRANSACTIONS

4. Laying of orders and regulations before Houses of Oireachtas.

UNCITRAL legislative standards on electronic communications and electronic signatures: an introduction

Overview of the national laws on electronic health records in the EU Member States National Report for Lithuania

View from a European Trust Service Provider Server Signing: Return of experience and certification strategy

E-signature in the Austrian cadastral process

Law of the Republic of Azerbaijan on Electronic Signature and Electronic Document

Amendments and Modifications to Internal Procedure Rules of AS Talveaed.

5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES

of 28 September 2007 (Status as of 1 April 2010)

esignature building block Introduction to the Connecting Europe Facility DIGIT Directorate-General for Informatics

ELECTRONIC SIGNATURE LAW

Rolling out eidas Regulation (EU) 910/2014. Boosting trust & security in the Digital Single Market

BUDGET HEADING INFORMATION, CONSULTATION AND PARTICIPATION OF REPRESENTATIVES OF UNDERTAKINGS CALL FOR PROPOSALS

ELECTRONIC TRANSACTIONS ACT

Assessment Strategy for. Audit Practice, Tax Practice, Management Consulting Practice and Business Accounting Practice.

LAW FOR THE ELECTRONIC DOCUMENT AND ELECTRONIC SIGNATURE

COMMISSION OF THE EUROPEAN COMMUNITIES. COMMISSION REGULATION (EC) No /..

ELECTRONIC TRANSACTIONS LAW N0 (85) OF Article (1)

STATUTE OF THE POLISH ACCREDITATION COMMITTEE

Client Assets. Chapter 7. Client money rules

Digital Signature Regulation and European Trends

ROADMAP. A Pan-European framework for electronic identification, authentication and signature

Digital Signatures The Law and Best Practices for Compliance. January 2014

Minister Shatter presents Presidency priorities in the JHA area to European Parliament

ACCReDITATION COuNCIL OF TRINIDAD AND TOBAGO ACT

Signature policy for TUPAS Witnessed Signed Document

Transcription:

Informationsgesellschaft, Telekommunikation Regulation on electronic identification and trust services for electronic transactions in the internal market Meaning of the EU-Regulation for the national legal framework for esignatures in Germany - A view from a member state - www.bmwi.de CA Day - 16. 01.2014

Draft provided by the COM 04. Juni 2012 Negotion started September 2012 Proceeding Progress reports from the CYP (20. December 2012) and IRE Presidency (6. Juni 2013). European Parliament (IMCO, ITRE) Amendments 14. October 2013 First informal Trialog (Council, COM, Parliament), 26.11.2013 Coreper 11.12.2013: Mandat to start Trialogue with the EP 16.12.2013 about Art. 1 to 19 (= first part) on the basis of a common position of the council concerning this articles. January/February 2014 Trialog and Negotions about Art. 20 to 42 Target: First reading agreement bevore the end of the legislation (April 2014); Negotiations have to be finished February 2014!!

State of the negotiation

Chapter I - General Provision (Art. 1 to 4a) Art. 3 (Definitions) (10) certificate for electronic signature means an electronic attestation which links electronic signature validation data to a natural person and confirms the name or the pseudonym of that person; (12) trust service means electronic services consisting in: - the creation, verification, and validation of electronic signatures, electronic seals or electronic time stamps [electronic delivery, website authentication] and certificates related to these services or - the preservation of electronic signatures, seals or certificates related to these services,

Chapter I - General Provision (Art. 1 to 4a) Art. 3 (Definitions) (13a) conformity assessment body means a body defined in point 13 of Article 2 of Regulation 765/2008 which is accredited in accordance with that Regulation as competent to carry out conformity assessment of qtsp and qts it provides; (15) qualified trust service provider means a trust service provider who provides one or more qualified trust services and is granted the qualified status by the supervisory body;

Chapter II - Electronic Identification (Art 5 to 8) - state of the negotiation proposals discussed - 1. Three assurance levels: Low substantial high 2. Services provided by public sector bodies which require the assurance level substantial or high have to accept notified eid means from other MS if their assurance is equal or higher than the assurance level required by the service. 3. Time for the Implementation Art. 42: 3 years (tbd) after the deadline for adoption of all implementing/delegated acts necessary for the application of chapter II (esp. important for local and regional public sector bodies) 12 month after publication by the COM

Chapter III Trust Services (Art. 9 to bis 37) 1. General provisions Art. 9 (Liability and burden of proof) - all TSP are liable for damage caused intentionally or negligently due to failure to comply with the obligations under the Regulation. - for qtsp: shifting of the burden of proof - application in accordance with national rules on liability

Supervision (Art. 13 bis 19) part 1 Art. 13 (supervisory body) - Member States shall designate a supervisory body (how? 3 SigG?) - (ex ante/ex post) Supervision of qtsp - ex post supervisory activities, when informed of other TSP (no monitoring!) - MS may provide that SB shall establish, maintain and update a trust infrastructure according to the conditions set by national law. Art. 15 (Security requirements applicable to TS s) - all TSP shall take appropriate measures to mage the risk posed to the security of the trust services they provide. Art. 16 (Supervision of qtsp s) - qtsp shall be audited at least every 24 month (every year?) at their own expense by a conformity assessment body (tbd) : - audit following any significant technological or organizational changes? - audit every three years if the audit reports in the past raised no concern?

Chapter III Trust Services (Art. 9 bis 37) Supervision (Art. 13 to 19) Part 2 Art. 17 Initiation of a qualified trust service: - TSP have to submit to the supervisory body a notification of their intention together with a conformity assessment report issued by a conformity assessment body - The supervisory body shall verify the compliance of the TSP with the requirements of the regulation and grant the qualified status to the TSP and the trust services it provides and the updation of the TSL not later than 3 month after notification - qtsp may start to provide the quakified service after the status has been indicated in the TSL Art. 18 Trusted list (TSL)

Chapter III Trust Services (Art. 9 to 37) 1. Electronic Signature (Art. 20 to 27, Annex I and II) Art. 20 Legal effects of electronic signatures 1) e-signatures shall not be denied admissibility as evidence in court 2) qes shall have the equivalent effect of a handwritten signature 3) qes issued in one MS shall be recognised as qes in all other MS Art 20a (electronic signature in public services): Par. 1 If an advanced e-signature is required in one MS for the usage in a publicly available service online, advanced e-signature based on a qualified certificate for e signatures and qualified e-signatures issued in another MS shall also be recognised. Par. 3 MS shall not request for the cross-border usage in a publicly avalable service online offered by a public sector body an e-signature at a higher security level than qualified e-signature.

Chapter III Trust Services (Art. 9 to 37) 1. Electronic Signature (Art. 20 to 27, Annex I and II) Art. 21 qualified certificates for electronic signatures Par. 1: requirements laid down in Annex I Par. 2: no mandatory requirements exceeding the requirements in annex I! Par. 2a: Qualified certificates may include non-mandatory additional specific attributes. Those attributes shall not affect the interoperability and recognition of qes. Attributes are essential for many services (ehealth, Justice, etc.)!

2. Electronic Seals (Art. 28 to 31, Annex III) - New, positiv! - for legal person 3. Electronic time stamp (Art. 32 to 33) 4. Elektronic documents (Art. 34) - not a trust-service - problematic! 5. Electronic delivery service (Art. 3 No. 28, Art. 35 to 36) - Impact unclear - De-Mail, epost-brief, etc? 6. Website-authentication (Art. 3 No. 30, Art. 37, Annex IV).

Discussion. Harmonisation/ Flexibility/ How much is needed? Interoperability on Innovation/ EU-Level EU-Regulation Individual on eid needs and Trust Services eid Systems/TSP (egovernment-) Application Who has to serve whom? Regulation National Law Which aspects can/should still be regulated by national law?

Stefan Altmeppen, LL.M. Federal Ministry of Economics and Energy Scharnhorststr. 34-37 10115 Berlin Stefan.altmeppen@bmwi.bund.de

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information