Professional Documents
Culture Documents
2 Years After The Directive: Patrick Van Eecke
2 Years After The Directive: Patrick Van Eecke
3. Main principles
Everybody is free to run a CSP (CA) Electronic signatures may not be denied legal effect Technology neutral legislation Rules not meant for closed user groups
Accreditation and supervision procedures not activated yet (exc. Austria, Germany, France, Lux, Spain) QC CSPs ?
Public sector initiatives
Country overview
Literal/non-literal transposition
Legal value articles / other articles
Copy of the directive (Austria) Free interpretation of the directive (UK)
Status of implementation
Country overview
Austria
Act 1999, amended 2000 Ordinance 2000 Ordinance on 3(4) bodies 2000 Literal transposition Annex 4 transposed No public sector rules QC CSPs
Belgium
Act 2000 + Act 2001 Draft ordinance 2002
Country overview
Denmark
Act 2000 Executive Order 2000 Literal transposition No Annex 4 No specific public sector rules QC CSPs?
Finland
Still draft bill (expected 12003) literal transposition No annex 4 No specific public sector rules QC CSPs
Country overview
France
Act 2000 Decree 2001 Decree 2002 (on accreditation and SSCD)
Germany
Act & Ordinance 2001 Acts on legal form
Civil (2001) Public (draft) Court proceedings
Literal transposition No annex 4 Specific public sector rules (e.g. taxes) QC CSPs
literal transposition Annex 4 transposed Specific public sector rules (e.g. invoice) Accredited QC CSPs
Country overview
Greece
Decree 2001 Regulation 2002
Ireland
Electronic Commerce Act 2000 Still need for implementing decrees (superv./accred.) No literal transposition No annex 4 Public sector rules? QC CSPs?
QC CSPs?
Country overview
Italy
Testo Unico 2000 (digital signature) Decree nr.10 2002 (implementing directive 99/93) Regolamento (to be published) literal transposition Annex 4? (regolamento?) Public sector rules (digital signature, etc) QC CSPs (a lot)
Luxembourg
Law of 2000 on Ecommerce Law of 2000 on accreditation 3 Regulations of 2001
Country Overview
The Netherlands
Electronic Signature draft bill (in Parliament) Literal transposition No annex 4 Public sector initiatives QC CSPs?
Portugal
Law 1999! No literal transposition Requirements for CSPs similar to directive Public sector initiatives? QC CSPs?
Country Overview
Spain
Law 14/99 of 1999 Orden of 2000 NEW DRAFT law No literal transposition (additional requirements!) Annex 4 Public initiatives (CERES) QC CSPs (Feste, Camerfirma,
Sweden
Act on Q. electronic signatures of 2001 Act on technical conformity assessment of 2001 literal transposition (less stringent) No annex 4 Public initiatives One QC CSP (PKI partner)
Country overview
United Kingdom
Electronic Communications Act (2000) E-sign regulations (2002) literal (discussion on 5.1 a) No annex 4 Public sector? QC CSPs?
Legal value of ES
1. Contracts do not need a signature in order to be valid 2. If a signature is needed, an electronic (qualified) signature will do
Case law
First cases on electronic signatures
Italy (High Court - 2001) Germany (BVerfG - 2002) France (2001) Belgium (2002)
Supervision
More or less same procedures in the MS Notification
to telecom ministry (A, DK, D, GR, Sp, Sw) or economic affairs (B, Lux) or special technology/security division (Fr, It) or independent telecom authority (NL) Technical information (A, DK, GR) or basic information (B, FR) Spain: All CSPs need to register!
Supervision
More or less same procedures in the MS Notification
to telecom ministry (A, DK, D, GR, Sp, Sw) or economic affairs (B, Lux) or special technology/security division (Fr, It) or independent telecom authority (NL) Technical information (A, DK, GR) or basic information (B, FR) Spain: All CSPs need to register!
Voluntary Accreditation
Close to Supervision procedures Same body as Supervision (A, B, DK, D, Ir) No accreditation (Fin)
Secure SCD
Conformity with Annex III HOW?
Conformity test in one Member State enough for whole of Europe Comm.Decision on minimum criteria used in Austria, Greece, ...
or
Use the published EU criteria nothing published yet
Concerns
Concerns
Misuse of the directive
Example: E-invoicing directive See next slide
Reaction Commission: the requirement of the AES is not a legal requirement (alternative for h-wr sign.) but a technical requirement (i.e. enhancing the security of electronic invoice)
Member States are allowed to require a qualified electronic signature (See Germany)
Future
Review of the directive: 2 years after implementation, i.e. july 2003.
Further reading
Report The implementation of the European directive on electronic signatures Status report: September 2002
Questions