3 min read

Exploring eIDAS - The Key Principles for Trust Services

Exploring eIDAS - The Key Principles for Trust Services

The eIDAS Regulation creates a pan-European market for electronic Trust Services (eTS). This includes electronic signatures and seals, service delivery, website authentication, and time stamps. The major thrust of the Regulation is towards ensuring that these mechanisms, when used, get the same legal status as conventional paper-based alternatives - across borders, throughout the EU.

The creation of a digital Single Market requires that these electronic means of conducting business and providing services be on the same legal pedestal as the traditional methods. To achieve these objectives, the eIDAS Regulation establishes various guidelines and requirements. However, there are certain key principles behind all of these guidelines which collectively form the essence of eIDAS. In this article, we look at some of these key principles for trust services as envisaged by the developers of eIDAS.


Transparency and Accountability

Transparency and accountability are of the utmost importance in the operation of trust service providers. eIDAS provides a well-defined minimum set of obligations for these trust service providers along with defining their liability. The ultimate goal is to promote greater transparency and provide the ability to differentiate qualified trust providers from other Trusts Services.


Non-mandatory technical standards ensuring presumption of compliance

The eIDAS Regulation empowers the Commission to adopt several technical standards. The adoption of these standards is not mandatory, but doing so does provide the presumption of compliance with the regulation. This means that although eIDAS is technology-neutral, the Commission can still identify/recommend technical standards, and the solutions using those standards would be considered compliant with the regulation. These technical standards, therefore, go a long way in communicating the intent of the Regulation.


Specific legal effects associated to qualified trust services and Non-discrimination in Courts of eTS versus their paper equivalent

This is perhaps one of the most essential aspects of electronic Trust Services which has been covered by eIDAS. The different legal regimes within member states make the cross-border delivery of certain services challenging from a legal perspective. With eIDAS, the focus is to standardize the practice across all EU member states. For the creation of a true digital single market, it is also important that these electronic ways of signing and authenticating must be treated the same as traditional paper-based methods.


Risk management approach

The qualified trust service providers have certain specific risk management and security obligations applicable to them under eIDAS. This is complemented by a clear liability regime to ensure compliance at multiple levels. The approach to risk management includes operations, conduct, and procedures.


Technological neutrality

Placing restrictions in terms of specific technologies ultimately stifles innovation. For eIDAS to truly succeed, it had to adopt the principle of technological neutrality. The necessary security requirements should be able to be achieved using different technologies. With such a neutral approach, innovators should be able to enhance service delivery and even develop new services that utilize the eIDAS mechanisms.



These key principles reflect the intent of the developers and framers of eIDAS. The Regulation has laid down the foundation for creating a true digital Single Market that provides legal certainty to its participants in addition to security and trust. The system facilitates seamless and convenient cross-border delivery of services, secured with best-in-class safety mechanisms.



Download white paper



References and Further Reading

 Image: Geelong Scandia passage race Jan 2009, courtesy of  jojo, Flickr (CC BY 2.0) enhanced with the eIDAS letters by VentureSkies