By Richard Oliphant, EMEA General Counsel, DocuSign
The new eIDAS Regulation (EU No.910/2014) is set to be enforced across the EU on 1st July. This new regulation not only learns from the lessons of the past, it promises to ease the cross-border use of electronic identification systems across the EU. As businesses get their heads around this, it will be important to understand what is changing and the reasons why.
So why the change?
On 1st July, eIDAS will repeal and replace the 17 year-old Electronic Signatures Directive (1999/93/EC). While the Directive originally intended to provide a legal framework to encourage and facilitate the use of electronic signatures across the European Community, it fell short of its ambition: the adoption of electronic signatures has been sluggish.
The European Commission observed that the Directive was implemented haphazardly by Member States and this has made it, in the words of the Commission, “de facto impossible to conduct cross-border electronic transactions.” As a Directive, it gave EU Member States discretion over implementation into local law, and this led to the promotion of local esignature standards which were not recognised by other Member States. Ultimately, the European Commission realised that the Directive was hampering its flagship Digital Single Market strategy – which is all about driving cross-border e-commerce – and this would require legal reform.
Additionally, the Directive was increasingly unfit for the digital age. It was drafted with hardware-based smartcard and handheld USB token technologies in mind and failed to account for new technologies that have emerged since 1999, including mobile technologies and the Cloud.
What effects will eIDAS have?
eIDAS will have mandatory, direct effect and apply uniformly across all 28 Member States. It borrows several innovations from the original Directive and takes them one step further to align with Digital Single Market strategy. One of these borrowed innovations is the creation of specific electronic signature types which are recognised across the EU, including:
- Electronic Signature: Any signature in electronic form used to sign an electronic contract.
- Advanced Electronic Signature: One type of electronic signature with more stringent requirements for verifying the signer’s identity and binding it to the document.
- Qualified Electronic Signature: Another type of electronic signature that meets all the requirements of an Advanced Electronic Signature, but must be backed by a certificate from an organisation certified as a “Qualified Trust Service Provider”, and produced using a “Qualified Signature Creation Device”.