The eIDAS regulation is a key foundational stone in the creation of the pan-European Digital Single Market. It provides the essential elements to build a robust and secure electronic identification system and reliable trust services. Without the tools that eIDAS enables, a number of other EU directives and initiatives would not be able to function effectively - or at all.
eIDAS regulates electronic identification, electronic signatures, electronic seals, qualified digital certificates and a whole host of authentication mechanisms and tools. It provides a hitherto unprecedented level of transparency and interoperability that is fundamental to the creation of a true digital market. In this two-part series, we examine how the eIDAS Regulation impacts and enables other key EU initiatives.
PSD2 - Revised Payment Services Directive
PSD2 is meant to revolutionize the way electronic payments are made and received. It allows for independent third-party app developers and FinTechs to tap into the core systems of banks using open APIs and potentially provide an infinite number of new and useful applications to manage banking products and services. Conventional logic dictates that any such initiative would need a rock-solid system for client identification and authentication. This is where eIDAS comes into the picture. eIDAS provides the tools and the mechanisms which allow for the effective use of PSD2 at a fundamental level.
ECI - European Citizen’s Initiative
The ECI is a direct democracy initiative which allows citizens to participate in the legislative process within the EU. Once a proposal has one million signatories, the European Commission can initiate a legislative proposal. Some of the challenges of this pan-European direct democracy experiment are addressed by eIDAS. It has the ability to provide unique identification to voters across the EU. The benefits of such a system to initiatives like the ECI are obvious.
eHGI - eHealth Governance Initiative
The demographic and lifestyle changes of the last few decades, combined with the increasing cost of medical care, have ensured that the debate about healthcare remains at the fore. The eHealth initiative is a step to remedy the situation by providing greater coordination between national eHealth initiatives and promoting best practices across Europe. Whenever the issue of cross border service delivery comes into the picture, eIDAS has a role to play. In this case, eIDAS can provide for reliable identification of patients which can help in faster and seamless delivery of healthcare service across national boundaries.
UMM & DS - Uniform User Management and Digital Signatures
The UMM and DS project is being undertaken to simplify the customs process across EU member states. Traders will be able to use a single interface for customs rather than relying on a different one for each member state. eIDAS will play a role in user identification and authentication as well as the implementation of digital signatures for use in custom related activity.
The above list provides but a taste of the vast potential and universal applicability of eIDAS. In Part 2 of our series we look at some more interesting cases like the European Social Security Number and the role of eIDAS in preventing money laundering.
References and Further Reading
- REGULATION (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC (2014) by the European Parliament and the European Commission
- Selected articles eIDAS (2014-today), by Gaurav Sharma, Guillaume Forget, Stefan Hansen, Michal Tabor , Peter Landrock, Torben Pedersen, Dawn M. Turner, and more
- Selected articles on Electronic Signing and Digital Signatures (2014-today), by Ashiq JA, Guillaume Forget, Jan Kjaersgaard , Peter Landrock, Torben Pedersen, Dawn M. Turner, Tricia Wittig and more
- REGULATION (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (2016), by the European Parliament and the European Council
Proposal for a REGULATION concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications), (2017), by the European Parliament and the European Council
eIDAS & 4th Anti-Money Laundering Directive - a short update(2017), by Andrea Servida
Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (2015), by the European Parliament and the Council of the European Union
- Recommendations for the Security of Internet Payments (Final Version) (2013), by the European Central Bank
- Draft NIST Special Publication 800-63-3: Digital Authentication Guideline (2016), by the National Institute of Standards and Technology, USA.
- NIST Special Publication 800-63-2: Electronic Authentication Guideline (2013), by the National Institute of Standards and Technology, USA.
- Security Controls Related to Internat Banking Services (2016), Hong Kong Monetary Authority