Menu
Cloud consortium says simpler EU electronic signature rules aren't simple enough

Cloud consortium says simpler EU electronic signature rules aren't simple enough

Common rules for accepting electronic signatures across EU borders enter force on Friday, but technical differences will still make life difficult for users and vendors

European Union rules for electronic signatures change on Friday to make a clear distinction between the identity of the person signing, and that of the authority guaranteeing the integrity of the data, but the technology needs to be still simpler, vendors say.

The new rules are intended to simplify the process of electronically signing contracts between businesses, or between businesses and persons, and across international borders where different and often incompatible electronic signature rules apply today.

But while the new rules will simplify the legal environment, today's technical environment makes it too difficult to create and securely manage digital identities, according to the Cloud Signature Consortium.

Defining an electronic signature that satisfies the laws of 28 countries is one thing, but creating one that is accepted seamlessly by desktop applications such as Adobe Acrobat Reader and Microsoft Office, and by enterprise applications such as Salesforce, Workday, Microsoft Dynamics CRM or Ariba, is entirely another, according to the consortium.

The newly founded organization, led by Adobe Systems, is drafting a new technical standard that it hopes to publish by year-end and implement early next year.

Existing legislation, derived from the 1999 eSignature directive, allows certificates for electronic signatures to be granted to natural persons (people) and legal persons (organizations), and makes little distinction between authenticating the content of a document and expressing consent to that content.

That will change on July 1, when the 2014 eIDAS Regulation enters force.

From that date, only certificates issued to natural persons will be able to make electronic signatures (eSignatures) that are legally binding. Those issued to legal persons will only be valid for guaranteeing the integrity of documents (eSeals).

The new legislation thus makes a clear distinction between the two colloquial uses of the term "digital signature," for the quite different processes of guaranteeing the integrity of a document and of agreeing to its content.

The eIDAS Regulation applies to businesses and not to European Union bodies such as the Commission or Parliament, despite their role in creating it. However, when the regulation was approved in October 2014, Neelie Kroes, then European Commission vice president, called on incoming Commission President Jean-Claude Juncker to make every transaction with the Commission and other EU institutions possible electronically.

"Whether you're bidding for an EU procurement contract or submitting your invoice for payment, it should be possible to do it completely online, without having to resort to piles of paperwork -- or indeed any -- from the beginning to the end of the process," she said.

Like other EU regulations, eIDAS automatically becomes directly applicable, without the need for new national laws, in all EU member states within two years of its approval.

That means it will apply in the U.K., too. And should the government there choose to heed the message of last week's referendum to end its EU membership, the regulation will continue to apply for two years from the date of the U.K.'s notification of its intention to leave the EU. After that, unless the U.K. government and the European Commission have agreed otherwise, it will not be possible to make legally binding agreements using eIDAS-compliant eSignatures between a U.K. person and an EU person.

Adobe and its consortium partners want their new specification to bridge far more than just the EU-U.K. divide. Their ambition is to have their specification adopted globally, by making it compliant with the most demanding electronic signature regulations in the world.

So far, though, Adobe seems the one most likely to profit from that ambition, as it is the only member of the consortium with a global reach. The others hail from EU member states Austria, France, Germany, Italy, Poland, and Spain, and from neighboring Norway and Switzerland, and include German state printer Bundesdruckerei, Infocert in Italy, and Docapost/Certinomis in France.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments