New regulations regarding the use of digital trust services across the EU become UK law today (1st July 2016). This important new regulation is today enshrined in the UK/EU statutes, yet few UK businesses are even aware of its existence and the threats and opportunities it contains.
There's no real need to panic, of course, but todays new regulations both update the 1999 Electronic Signature Directive and transform certain areas of the use of digital trust services across the EU. To help you understand more about eIDAS, we've answered some of the more frequently asked questions below.
What is eIDAS?
eIDAS is the new European Union regulation that governs the use of electronic means of identification in digital transactions, referred to as "Trust Services". Based on the eSignature Directive, eIDAS extends coverage to remote server‐centric signing reducing the need for smartcards and associated hardware. The idea is that it will allow commercial business and public bodies to deliver services and functions to citizens digitally, safely and efficiently with mutually assured trust for all parties in online transactions.
The regulations cover the use of all digital means of identification, verification and assurance regarding documented identification and verification, such as using eSignatures, timestamps and electronic seals. Additionally, eIDAS provides assurance of authenticity and integrity through regulation of website authentication and the legal admissibility of electronic documents. Amongst other things, server based eIDs will now be easier to accept.
How will this affect my business?
If you're planning on developing your digital offering with documents or content that needs contractual agreement or consent, particularly for remote completion, then it's likely that eIDAS will come into play. The idea driving the regulation is to promote access to the digital single market across all EU countries by ensuring that EU companies and public bodies can offer services to customers digitally with high levels of trust: essentially, it allows an interface between the real world and digital world that facilitates 'natural interaction'.
The regulation will enable you, for example, to develop your online purchasing processes by allowing customers to verify and electronically sign contracts and agreements in a way that is recognised in law - providing both parties with the assurance that they will be protected by the associated relevant legislation that applies to their transaction. A signature recognised in one EU country is legally recognised as the equivalent in every other EU country. One process, not multiple, is a significant efficiency play and the ability even to transact certain types of business remotely via the web in a legally assured manner can be transformational for some uses.
Of course, the specific detail of how it will affect your business depends of course on the nature of your business. But the fact that Notaries are now allowed to use digital signatures for many purposes is significant. Contact us for an informal discussion about how our eIDAS-compliant solutions can benefit your business.
What do I need to do?
Not using digital identity management systems? You can be worry-free now you've found us! If you're not using systems to enhance your workflows, provide digital identity assurance and generate significant cost savings and other efficiencies in your business, then you probably ought to consider your options now. eIDAS opens the door to a new digital market - join now and be ahead of the curve and your competitors; leave it too long and you might just find that your outdated processes will eventually frustrate your customers into leaving! Especially if they are across many countries! Talk to us today.
If you're using digital identity management systems, it's possible you might need to review how your software works to make sure it is compliant with the obligations placed on you by eIDAS. If you've previously issued qualified certificates to legal persons under the provisions of the eSignature Directive, it's worth noting that these are no longer valid and can't be used to created legally valid signatures (as of 1st July). Those certificates issued under Directive 1999/93/EC, however, will be subject to 'transitional measures' and remain valid under eIDAS until they expire. Read more here.
Again, if you're already a user of such digital identification systems, you may wish to display the EU Trust Mark to your customers and colleagues to raise awareness of your systems' ability to comply with eIDAS. You can find out more details and full guidance for the EU Trust Mark on the EC website.
The elephant in the room...what about Brexit?
The UK electorate opted to leave the EU on 23rd June 2016, but as we're sure you'll already know, we're not out of the EU just yet. The process of negotiating our way out of the European Union could take a number of years (read more) and in the time between now and our exit, all European law and regulation remains in force across the UK, with eIDAS being no exception.
Until we are officially and legally separated from the EU, this will continue to be the case. That said, the terms of our departure from the Union could be negotiated in such a way that certain legislation or practices continue post-exit in the same way as they do today and, in that case, UK business might still be subject to eIDAS. Even if we negotiate an exit that doesn't result in eIDAS and other regulation still applying, it's possible (and likely) that Parliament may pass similar legislation anyway. This may be one good enough to 'cherry pick'.
Either way, the future of commerce is digital and the use of digital identity management solutions is going to play a significant part in how firms conduct their business in years to come. Exploring your options now is a great way to start (or perhaps complete) the process of digital transformation - speak to our expert team today.
Other Useful Information
Trust Services and eID - https://ec.europa.eu/digital-single-market/en/trust-services-and-eid
The eIDAS Observatory - https://ec.europa.eu/digital-single-market/en/eidas-observatory
eIDAS (Wikipedia) - https://en.wikipedia.org/wiki/EIDAS
eIDAS (on EUR-lex) - http://bit.ly/29qq3OT
Understanding eIDAS - http://bit.ly/29qqlVT
eIDAS Becomes Law - http://bit.ly/29qqFE9
If you have any other questions, we'd be happy to give you the answer!
Get in touch by email () or phone 0203 150 1081.