The eIDAS Regulation creates a pan European market for electronic Trust Services (eTS). This includes things like electronic signatures and seals, electronic service delivery, website authentication and time stamps. The major thrust of the Regulation is towards ensuring that these mechanisms, when used, get the same legal status as conventional paper-based alternatives - across borders, throughout the EU.

The creation of a digital Single Market requires that these electronic means of conducting business and providing services be on the same legal pedestal as the traditional methods.In order to achieve these goals, the eIDAS Regulation provides various guidelines and sets criteria that must be met. However, there are certain key principles behind all of these guidelines which collectively form the essence eIDAS. In this article, we look as some of these key principles for trust services as envisaged by the developers of eIDAS.

Transparency and Accountability

The transparency and accountability in the operation of trust service providers is of paramount importance. eIDAS provides a well-defined minimum set of obligations for these trust service providers along with defining their liability. The ultimate objective is to foster greater transparency and provide the ability to differentiate qualified trust providers from other Trusts Services.

Non-mandatory technical standards ensuring presumption of compliance

The eIDAS Regulation empowers the Commission to adopt a number of technical standards. The adoption of these standards is not mandatory but doing so does provide the presumption of compliance with the regulation. This means that although eIDAS is technology-neutral, the Commission can still identify / recommend technical standards and the solutions using those standards would be considered compliant with the regulation. These technical standards therefore go a long way in communicating the intent of the Regulation.

Specific legal effects associated to qualified trust services and Non-discrimination in Courts of eTS versus their paper equivalent

This is perhaps one of the most important aspects of electronic Trust Services which has been covered under eIDAS. The different legal regimes within member states makes the cross-border delivery of certain services challenging from a legal perspective. With eIDAS, the focus is to standardize the practice across all EU member states. For the creation of a true digital single market, it is also important that these electronic methods of signing and authentication must be treated on-par with other traditional paper-based mechanisms.

Risk management approach

The qualified trust service providers have certain specific risk management and security obligations applicable to them under eIDAS. This is complemented with a clear liability regime to ensure compliance at various levels. The risk management approach covers things like operations, conduct and procedures.

Technological neutrality

Placing restrictions in terms of specific technologies ultimately stifles innovation. For eIDAS to truly succeed, it had to adopt the principle of technological neutrality. The necessary security requirements should be able to be achieved using different technologies. With such a neutral approach, innovators should be able to improve upon service delivery and even create new services that uses the underlying mechanisms of eIDAS.

Conclusion

These key principles reflect the intent of the developers and framers of eIDAS. The Regulation has laid down the foundation for creating a true digital Single Market which provides legal certainty to its participants in addition to security and trust. The system provides for seamless and convenient cross-border delivery of services, secured with best-in-class safety mechanisms.

Download white paper

References and Further Reading

 Image: Geelong Scandia passage race Jan 2009, courtesy of  jojo , Flickr (CC BY 2.0) enhanced with the eIDAS letters by VentureSkies

Other Related Articles: # Digital Signatures # eIDAS

Want to know how we can help ?

Get in touch to better understand how our solutions secure ecommerce and billions of transactions worldwide.