The European Commission runs a public consultation until 15 April on e-signatures and e-identity to review the 1999 e-signature Directive. E signature is needed to enable online mutual recognition, authentication and digital identity of the different parties. Online verification of the signatures is an especially complex process, which is a hurdle for people to trust the diigrtal economy.
The aim is to collect a set of best practices in all fields where secure authentication is needed: purchases, payments, but also confidential administrative procedures and exchanges. The Commission expects to receive feedbacks from the various players and sectors of the economy, notably on mobile uses and on the validity of electronic consents in one click. Opinions regarding the underlying principles of mutual recognition are welcome too. It also hopes to receive contributions on the possible alternatives to the current use of PKI infrastructures.
The Commission supports the STORK project, (standing for “Secure idenTity acrOss boRders linKed”), the aims of which is to ensure cross-border recognition of e-ID systems and accessibility of online public services in 18 European countries.
The use of e-signatures is an underlying condition for many productivity
gains, notably for remote consent between two individuals (contracts).
It is also core to the internal IT organisation of an international
company: sensitive collaborative work, rights management, etc.. The
widespread of reliable and convenient solutions is hindered by a lack of
interoperability of both deployed and on-the-shelf solutions.
As with electronic money (See September 2009 Watch), the Commission
admits that it tried to anticipate as best it could in 1999, but finally
has legislated in a too restrictive way (requirement of advanced
e-signature to equal hand-written ones, specific certification of
signature service providers, etc.). To this point, the envisaged
possibilities stretch from full liberalisation (conditions in which a
single or double click could be considered as a binding agreement) to
utter innovation (use of new conceptual schemes).
Online signature will then be made easier, probably aligning the law to
de facto admitted practices. It will certainly however have to comply
with various modalities depending on the interaction context and
security issues at stakes.