Articles

The new Regulation on electronic identification and trust services – eIDAS

The new Regulation on electronic identification and trust services – eIDAS

The new Regulation on electronic identification and trust services – eIDAS

17.12.2014

The European Parliament and the Council adopted Regulation (EU) No. 910/2014 on electronic identification and trust services for electronic transactions in the internal market (the “eIDAS Regulation”) on 23 July 2014. This eIDAS Regulation repeals the E-Signatures Directive 1999/93/EC and creates a comprehensive legal framework for both electronic identification and authentication services.

This Regulation seeks to create a system of mutual recognition among Member States with regard to their national identification systems and thereby aims to enhance trust and effectiveness within the European internal market for public and private cross-border online services and e-commerce.

The first part of the Regulation sets up a legal framework to ensure, for the purpose of cross-border identification, a harmonized recognition of the numerous electronic identification means (“eIDs”) used by Member States for natural and legal persons. However, the primary target is the public sector, and Member States have only the obligation to recognize those eIDs that are contained in a list published by the Commission based on the Member States’ notifications. Member States remain free to decide which of their national existing eIDs they want to submit to notification, and the Regulation lays down the conditions under which the other Members States must recognize those eIDs. Moreover, Member States must cooperate with each other to ensure the interoperability of the multiple national electronic identification schemes.

The second part of the Regulation focuses on trust services (electronic identification and signatures, i.e., eIDAS). Whereas the E-Signatures Directive only dealt with electronic signatures and had gaps in its framework, especially regarding cross-border interoperability issues and technological updating, the new eIDAS Regulation is much broader in scope. Indeed it now regulates a wide range of trust services such as electronic signatures, among others, but it also regulates electronic seals, electronic time stamping, electronic delivery service, electronic documents admissibility, and website authentication. The framework is based on the Member States’ reciprocal obligation to recognize such trust services if those services are based on a qualified certificate issued in one Member State.

This new Regulation is an important step towards the enhancement of a trustworthy and secure online environment within the EU internal market. Most of it will enter into force by 1 July 2016 and thereby repeal with effect the E-Signatures Directive. Like all EU Regulations, it will not only apply directly to the services it regulates but also have an impact on some related existing national legislation. For instance, the inconsistent provisions of various national laws to implement the former E-Signatures Directive will automatically be replaced by the new Regulation’s provisions.

 

Click here to see a printable version of this article

All rights reserved. Care has been taken to ensure that the content of this e-bulletin is as accurate as possible. However the accuracy and completeness of the information in this e-bulletin, largely based upon third party sources, cannot be guaranteed. The materials contained in this e-bulletin have been prepared and provided by Stibbe for information purposes only. They do not constitute legal or other professional advice and readers should not act upon the information contained in this e-bulletin without consulting legal counsel. Consultation of this e-bulletin will not create an attorney-client relationship between Stibbe and the reader. The e-bulletin may be used only for personal use and all other uses are prohibited.

Team

Related news

19.08.2019 EU law
Enable “likes” and bear joint-controllership

Articles - The Court of Justice of the European Union recently ruled, in Case C-40/14 Fashion ID GmbH & Co. KG v Verbraucherzentrale NRW eV,  that a website operator that features “Like” social-media plugin from Facebook likely qualifies as joint-controller with Facebook for its website visitors’ personal data collection and transmission to Facebook.

Read more

08.08.2019 BE law
Regulating online platforms: piece of the puzzle

Articles - The new Regulation no. 2019/1150 of the European Parliament and of the Council of 20 June 2019 on promoting fairness and transparency for business users of online intermediation services, applicable as of 12 July 2020, is another piece of the puzzle regulating online platforms, this time focussing on the supply side of the platforms.

Read more

23.07.2019 LU law
The Revised CSSF Cloud Circular

Articles - On 27 March 2019, the Luxembourg supervisory authority for the financial sector (the Commission de surveillance du secteur financier or CSSF) published the long-awaited CSSF Circular 19/714 amending the CSSF Circular 17/654 on IT outsourcing relying on a cloud computing infrastructure (the Revised Cloud Circular).

Read more

Our website uses functional cookies for the functioning of the website and analytic cookies that enable us to generate aggregated visitor data. We also use other cookies, such as third party tracking cookies - please indicate whether you agree to the use of these other cookies:

Privacy – en cookieverklaring