Irrespective of Brexit, the new EU regulation for electronic
identification and e-signatures (the "eIDAS Regulation")
came into effect in the UK on 1 July 2016
repealing the e-signatures directive (Directive
The e-signatures directive only dealt with the validity of
electronic signatures and did not provide a complete framework for
secure transactions. In a bid to move ever more towards a Digital
Single Market and harmonise the rules, the regulations expand the
scope of the directive and cover, amongst others, trust services
(services which provide authentication), electronic seals,
electronic time stamps, electronic documents and website
Being a directive, the provisions of the e-signatures directive
did not have direct effect, thus all EU member states were required
to implement national legislation. The eIDAS Regulation shall aim
to harmonize the position of electronic identification and
e-signatures across Europe, whilst enhancing trust in electronic
transactions, by providing a more secure regime for businesses and
public authorities engaging in online trade.
The eIDAS Regulations sets out a legal framework for electronic
signatures, electronic documents, electronic time stamps and
certification for website authorisations; provides rules in
relation to trust services (specifically in relation to electronic
transactions) and outlines conditions for mutual recognition within
The main changes are outlined below:
The eIDAS Regulations acknowledge three different types of
e-signature: simple, advanced and qualified.
Simple electronic signatures means "data in electronic
form which is attached to or logically associated with other data
in electronic form and which is used by the signatory to
Advanced electronic signatures are required to meet a number of
conditions in order to qualify such as their uniqueness to the
signatory; the capability of identifying the individual from the
signature; and created under the sole control of the
Qualified electronic signature have to meet the same criteria
as an advanced e-signature but is one which is created by a
qualified electronic signature creation device.
A trust service is defined as an electronic service which
consists of the creation, verification and validation of electronic
signatures, electronic time stamps and electronic seals. The
providers of trust services will be liable if they fail to comply
with the security measures introduced by the regulations.
Each EU member states is required to establish a supervisory
authority to supervise and oversee the work of qualified trust
Under the eIDAS Regulations EU member states are required to
recognise and accept electronic signatures issued in other member
states which have been notified to the Commission. This is known as
mutual recognition. The aim is to encourage member states to notify
the Commission of national schemes, however the notification is not
mandatory. It shall be at the member states discretion whether or
not to notify all, some or none of the eID national schemes. Mutual
recognition shall only apply if the eID scheme in the notifying
member state meets the European Commission's standards.
Overall, the regulations seek to dismantle the barriers
associated with cross border use of electronic identification.
Businesses who use electronic signatures should ensure they
understand the changes now implemented to ensure compliance with
the new regulations and to benefit from their enhanced scope.
What about Brexit? The eIDAS Regulation applies in the UK until
such time as we are no longer part of the EU. On departure from the
EU, the existing UK rules on e-signatures will continue to apply
(but not the trust services contained in the eIDAS Regulation). If
UK companies are to continue to benefit from the trust services and
improved online trading, similar legislation would need to be put
The material contained in this article is of the nature of
general comment only and does not give advice on any particular
matter. Recipients should not act on the basis of the information
in this e-update without taking appropriate professional advice
upon their own particular circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Food blogger Jack Monroe has been awarded Ł24,000 in damages in a libel action against controversial columnist Katie Hopkins. The action stemmed from two tweets posted in May 2015 by Katie Hopkins asking Jack if she had "scrawled on any memorials recently".
Hotel proprietors are strictly liable, without proof of negligence, for the loss of property brought to the hotel by their guests, unless they can show that the loss resulted from the guest's own negligence.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).