eIDAS: “Bringing down barriers to unlock online opportunities”
How can you transition to 100% paperless operations quickly and efficiently while staying in compliance with eIDAS and local regulations?
The regulation at a glance
eIDAS is an EU regulation on electronic identification and trust services for electronic transactions that applies as law within the whole of the EU. The overarching goal of the regulation is to support the development of a Digital Single Market (DSM) for EU Member States, one of the European Commission’s 10 priorities for the period 2015-2019.
Specifically, eIDAS provides a clear legal framework for the formalisation of a wide range of digital transactions, including the use of electronic signatures, other trust services and electronic identity (eID).
Electronic signature definitions
The eIDAS regulation defines three levels of electronic signature: (Basic) Electronic Signature, Advanced Electronic Signature, and Qualified Electronic Signature. Understanding these levels can help in choosing an e-signature solution that best suits the needs of your organisation.
According to eIDAS, “electronic signature” is defined as “data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign”.
BASIC ELECTRONIC SIGNATURE
In practice, a basic electronic signature can be any kind of signature made in an electronic environment where the signatory has manifested their intent (e.g., by clicking a button or checking a box) to become bound by the contents of the document thus signed.
ADVANCED ELECTRONIC SIGNATURE
According to eIDAS, “An advanced electronic signature shall meet the following requirements:
it is uniquely linked to the signatory;
it is capable of identifying the signatory;
it is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and
it is linked to the data signed therewith in such a way that any subsequent change in the data is detectable”.
In practice, these elements of unique identity, sole control and integrity of the signed document can be achieved through different means regardless of what technology is used.
QUALIFIED ELECTRONIC SIGNATURE
According to eIDAS, “‘qualified electronic signature’ means an advanced electronic signature that is created by a qualified electronic signature creation device, and which is based on a qualified certificate for electronic signatures”.
A Legal Framework for Electronic Signatures
The basic legal principles that support the use of electronic signatures are not defined by eIDAS. Rather, they are found in contract law, where an offer to enter into an agreement followed by the acceptance thereof constitutes a binding agreement. Thus, in the absence of legal requirements specifying the form of a contract, level of signature or method of authentication, a contract can be entered into by any means, including on paper, orally, or with a basic electronic signature.
The eIDAS regulation is a legal framework governing the use of electronic signatures, but it doesn’t mandate their use per se, nor does it have any impact on contract law. The regulation states:
“This Regulation does not affect national or Union law related to the conclusion and validity of contracts or other legal or procedural obligations relating to form.”
In fact, a basic electronic signature is sufficient and indeed legally valid for the vast majority of private transactions, B2B, B2C, and between private persons. To dispel any doubts in this respect, eIDAS explicitly states this fundamental principle:
“An electronic signature shall not be denied legal effect and admissibility as evidence in legal proceedings solely on the grounds that it is in an electronic form or that it does not meet the requirements for qualified electronic signatures.”
Note that in some cases, national laws may require more than a basic electronic signature, e.g., when specific KYC (know your customer) requirements apply. Or, although it is not a legal requirement for a valid signature, a party might want to authenticate the counterpart with a certain level of security when the transaction entails a high business risk.
Learn more at LegalEx
If you are interested in implementing electronic signatures and digital identity solutions in your organisation’s systems and services, come hear Scrive Chief Legal Officer Peter Carlstedt speak on “eIDAS implementation in local jurisdictions: challenge or opportunity for digitalisation?” at LegalEx on Wednesday March 18, at 14.45 in Theatre 5. Or learn more about how to map out a swift and compliant digital journey by visiting the Scrive team at Stand 600.