Developing Measures and Standards for the European Electronic Signatures Market

Abstract

The European Authorities have promoted a specific and innovative framework for the use of electronic signatures, allowing the free flow of electronic signature-related products and services cross borders, and ensuring a basic legal recognition of such facilities. The core aim was to promote the emergence of the internal market for certification products, mainly intending to satisfy various requirements for the proper use and immediate “adoption” of electronic signature applications related to e-government and personal e-banking services. Thus, a number of technical, procedural, and quality standards for electronic signature products and solutions have been developed, all conforming to the requirements imposed by the EU regulation and the relevant market needs. In the present work, we examine the role of standardization activities for the promotion of several needs of an “open” European market based on the effective usage of e-signatures, and being able to affect a great variety of technological, business- commercial, regulatory, and other issues. In any case, the transposition of legal requirements into technical specifications (or business practices) needs to be harmonized at a European member-states’ level in order to enable adequate interoperability of the final solutions proposed. Appropriate technical standards for the sector can help to establish a presumption of conformity that the electronic signature products following or implementing them comply with all the legal requirements imposed, in the background of the actual European policies. Thus we discuss recent European and/or national initiatives to fulfil such a fundamental option. The European Electronic Signature Standardization Initiative (EESSI) has been set up under the auspices of the European Commission for the carrying out of a work program aiming at the development of standards (be it technical specifications or policy practices) that would facilitate the implementation of the basic legal instrument (the “Electronic Signatures Directive”). Two major streams of possible standards-setting work have been determined, covering: (i) Qualitative and procedural standards for the provision of certification services and (ii) technical standards for product interoperability. We identify (and evaluate at a primary level) the basic components/modules of EESSI’s specific results, already developed and offered in the market either as technical regulations and/or as recognized standards, with respect to essential requirements imposed by the European regulation. We also discuss relevant “feedback” already gained from various market areas and we focus on challenges for further implementation, progress, adoption, and development, especially in the framework for the promotion of converged broadband (Internet-based) communications facilities. It is important for the market that expected standardization work takes into account new technological developments as, in the future, users will move their e-signature key from device-to-device in a connected world. The added value of standards in the e-signatures sector, for both end users and assessing parties (judge, arbitrator, conformity assessment body, etc.) is of extreme importance for the future of the European electronic communications market.