IP/99/915
Brussels, 30 November 1999
Commission welcomes new legal framework to guarantee security of electronic signatures
The European Commission has welcomed the adoption of a new legal framework guaranteeing EU-wide recognition of electronic signatures (at the 30 November Council of Telecommunications Ministers). The Electronic Signature Directive is a first example of the Commission's flexible and integrated approach towards developing a European framework for the development of electronic commerce. In the past only hand-written signatures have been legally valid but this legislation extends that recognition to electronic signatures and applies the Internal Market principles of free movement of services and home country control to E-commerce. It constitutes an important element in the Commission's on-going efforts to drive forward the rapid development of electronic commerce so as to capitalise on its potential to generate business and create jobs. This framework provides the security that the market for online transactions demands and strengthens the EU's position in the face of international competition in this new global market.
"Doing business electronically is increasing rapidly both for companies and for consumers. But without security and trust, there won't be a notable shift towards commercial and financial transactions on the Internet," said Erkki Liikanen, Commissioner responsible for the Information Society. Internal Market Commissioner Frits Bolkestein noted that the legislation is a foretaste of how the Commission intends to help develop the whole area of electronic commerce. "We can expect half of the European population to be connected to the Internet by 2005 and our integrated approach to electronic commerce - an effective mix of government regulation, self-regulation that allows for technological development - is designed to put Europe in the forefront of this revolution," he said.
Electronic signatures allow someone receiving data over electronic networks, via the Internet for example, to determine the origin of the data and to check that that data has not been altered. The Directive is not designed to regulate everything in detail but defines the requirements for electronic signature certificates and certification services so as to ensure minimum levels of security and allow their free movement throughout the Internal Market.
Its main elements are:
- Legal recognition: the Directive stipulates that an electronic signature cannot be legally discriminated against solely on the grounds that it is in electronic form. If a certificate and the service provider as well as the signature product used meet a set of specific requirements, there will be an automatic assumption that any resulting electronic signatures are as legally valid as a hand-written signature. Moreover, they can be used as evidence in legal proceedings.
- Free circulation: all products and services related to electronic signatures can circulate freely and are only subject to the legislation and control by the country of origin. Member States cannot make the provision of services related to electronic signatures subject to mandatory licensing.
- Liability: the legislation establishes minimum liability rules for service providers who would, in particular, be liable for the validity of a certificate's content. This approach ensures the free movement of certificates and certification services within the Internal Market, builds consumer trust and stimulates operators to develop secure systems and signatures without restrictive and inflexible regulation.
- A technology-neutral framework: given the pace of technological innovation the legislation provides for legal recognition of electronic signatures irrespective of the technology used (e.g. digital signatures using asymmetric cryptography or biometrics.)
- Scope: the legislation covers the supply of certificates to the public aimed at identifying the sender of an electronic message. In accordance with the principles of party autonomy and contractual freedom it does, however , permit the operation of schemes governed by private law agreements such as corporate Intranets or banking systems, where a relation of trust already exists and there is no obvious need for regulation.
- International dimension: so as to promote a global market in electronic commerce the legislation includes mechanisms for co-operation with third countries on the basis of mutual recognition of certificates and on bilateral and multilateral agreements.
The full text of the Directive will be available on:
