[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

EU Draft Directive fur Use of DigSig

Die EU-Kommission hat gestern einen Vorschlag fuer eine Direktive zur 
Digitalen Signatur verabschiedet:


------------------------------ CUT ----------------------------------

     Electronic commerce: Commission proposes
     electronic signatures Directive 

     A proposal for a Directive establishing a legal framework for the
     use of electronic signatures has been put forward on 13 May 1998
     by the European Commission, on the initiative of
     Telecommunications Commissioner Martin Bangemann and Single
     Market Commissioner Mario Monti. By laying down minimum rules
     concerning security and liability, the proposal would ensure
     electronic signatures were legally recognised throughout the EU
     on the basis of the Single Market principles of free movement of
     services and home country control. The proposal would therefore
     create a framework for secure on-line transactions throughout the
     Single Market and so stimulate investment in electronic commerce
     services with ensuing benefits for the EU in terms of growth,
     competitiveness and employment.

     Electronic commerce has the potential to become a key stimulus
     for the world's economy into the next century. But secure
     transactions are essential if this potential is to be realised in
     Europe. Once adopted, this Directive will remove one of the main
     remaining obstacles to the widespread take-up of electronic
     commerce. The proposal is timely because most Member States have
     yet to set up a legislative framework for electronic signatures.
     It will therefore ensure a harmonious legal framework for the
     Single Market from the outset rather than having to counter
     potentially disparate national initiatives.

     Electronic signatures allow someone receiving data received over
     electronic networks to determine the origin of the data
     (identity) and to verify whether the data has been altered or not
     (integrity). The data is accompanied by a certificate, issued by
     a certification service provider, which allows the recipient of a
     message to check the identity of the sender.

     The main elements of the proposed Directive are the following: 

          Essential requirements: the proposal would define essential
          requirements for electronic signature certificates and
          certification services so as to ensure minimum levels of
          security and allow their free movement throughout the Single
          Market. These requirements would include personal
          reliability, use of trustworthy systems and a ban on storing
          private signature keys. Liability: the proposal would
          establish minimum liability rules for service providers, who
          would in particular be liable for the validity of a
          certificate's content. This approach will ensure the free
          movement of certificates and certification services within
          the Single Market, build consumer trust and stimulate
          operators to develop secure systems and signatures without
          restrictive and inflexible regulation. Legal recognition:
          the proposal would stipulate that an electronic signature
          could not be legally discriminated against solely on the
          grounds that it is in electronic form, as the legal effects
          of electronic signatures are essential for an open and
          trustworthy system for electronic signatures. If a
          certificate and the service provider met certain essential
          requirements, electronic signatures based on their service
          would benefit from an automatic assumption that they were
          legally recognised in the same manner as hand-written
          signatures. Furthermore they could be used as evidence in
          legal proceedings. A technology-neutral framework: given the
          pace of technological innovation, the proposal provides for
          legal recognition of electronic signatures irrespective of
          the technology used (e.g. digital signatures using
          asymmetric cryptography or biometrics). Scope: the proposal
          concerns the supply of certificates to the public aimed at
          identifying the sender of an electronic message, but does
          not apply to closed user groups such as corporate Intranets
          or banking systems, where a trust relation already exists
          and where there is therefore no obvious need for regulation.
          Certification: certification services could be offered in
          principle without prior authorisation, in view of the fact
          that technology and the market are evolving rapidly and as
          market forces will encourage high levels of security to
          satisfy consumers' concerns. Member States would be free to
          set up voluntary accreditation schemes for certification
          service providers in order to indicate special security
          measures or levels. Certification service providers wishing
          users of their certificates to benefit from a legal
          recognition of signatures based on their certificates would,
          however, have to fulfil certain essential requirements.
          International dimension: in order to facilitate electronic
          commerce at the world level, the proposal includes
          mechanisms for co-operation with third countries on mutual
          recognition of certificates on the basis of bilateral and
          multilateral agreements. 

     The proposed Directive comes as a follow up to the Communication
     on "Ensuring security and trust in electronic communication -
     Towards a European framework for digital signatures and
     encryption", adopted by the Commission in October 1997. The
     Communication identified the lack of security on electronic
     networks as being one of the major obstacles impeding the rapid
     development of electronic commerce. The proposal was also
     foreseen under the Action Plan for the Single Market endorsed by
     the Amsterdam European Council. 

------------------------------ CUT ----------------------------------

Der Volltext des Proposals findet sich unter


Axel H. Horns