Navigation path: European Commission > Information Society

POLICIES:: eSignature :: Legislation

European legislation on eSignature

The main objective of the Directive on eSignature is to create a Community framework for the use of electronic signatures. It allows electronic signature products and services to flow freely across borders and ensures the legal recognition of electronic signatures.

The Directive addresses three forms of electronic signatures:

1. Basic electronic signature: understood in the simplest and broadest sense of electronic signature i.e. as a means to identify and authenticate data. It can be as simple as signing an e-mail message with a personal name.

To be a signature the authentication must relate to data and not be used as a method or technology only for entity authentication. For instance, when a person uses a PIN code to identify himself in order to get access to an electronic bank account, it is not an electronic signature. However, entering the same code in order to confirm a financial transaction and, in doing so authenticating this transaction, is an electronic signature. There are many applications making use of electronic signature technology, which do not qualify as electronic signatures according to the Directive when they are only used for entity authentication.

It should also be noted that the notion of signature used in the Directive refers to a legal concept and not to a technical one. This means that the definition is intended to cover all current and future technologies for electronic signatures as well as all possible interpretations of the term signature in the law of the Member States.

2. Advanced electronic signature(as defined by the Directive). This second form of signature has to meet the requirements defined in Article 2.2 of the Directive. In particular, this form of electronic signature is capable to be uniquely linked to the signatory and to identify the signatory, is created using means that are under the signatory's sole control and is linked to the data in such a way that any subsequent change in the data can be detected. The Directive does not favour a particular technology but in practice, this definition refers mainly to electronic signatures based on a public key infrastructure (PKI). This technology uses encryption technology to sign data, which requires a public and a private key.

3. "Qualified electronic signature": this third form is mentioned in Article 5.1 and consists of an advanced electronic signature based on a qualified certificate and created by a secure signature creation device which need to comply with the requirements in Annexes I, II and III.

Main publications

Legislation

• Directive 1999/93/EC on a Community framework for electronic signatures

  This Directive establishes the legal framework at European level for electronic signatures and certification services. The aim is to make electronic signatures easier to use and help them become legally recognised within the Member States.

• Commission Decision 2003/511/EC of 14 July 2003 on the publication of reference numbers of generally recognised standards for electronic signature products in accordance with Directive 1999/93/EC of the European Parliament and of the Council.

  This Decision gives the references of three generally recognised standards for electronic signature products which presume compliance with the qualified electronic signature.

• Commission Decision 2000/709/EC of 6 November 2000 on the minimum criteria to be taken into account by Member States when designating bodies in accordance with Article 3(4) of Directive 1999/93/EC of the European Parliament and of the Council on a Community framework for electronic signatures [Official Journal L 289 of 16.11.2000].

  This Decision sets out the criteria that Member States must take into account when designating national bodies to evaluate the conformity of secure signature-creation devices.

Communications and related documents

• Digital Agenda for Europe Communication COM(2010) 245 final/2 Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions. A Digital Agenda for Europe
  
   
• The Action Plan on e-signature & e-identification COM(2008)798 of 28.11.2008 addresses new issues raised by the adoption of the Services Directive 2006/123/EC and issues identified in the Commission report on the operation of the directive (see below).
• Report on the operation of the Directive COM(2006) 120 final

  As foreseen in article 12.2 of Directive 1999/93/EC, the Commission reported on 15 March 2006 on the operation of the Directive COM(2006) 120 final.

  The report indicates that EU Member States have implemented the general principles of the Directive. The Commission noted that transposition of the Directive into the legislation of the Member States has met the need for the legal recognition of electronic signatures. It therefore considers that the Directive's objectives have been fulfilled and that no need for its revision has emerged at this stage. The Commission nonetheless plans to consult the Member States and relevant stakeholders to address a number of issues, particularly on interoperability problems, technical aspects and standardisation.

  The Commission noted that, in the event, there has been far less use of qualified electronic signatures than expected. The main reason for this is economic, in that service providers have little incentive to develop a multi-application electronic signature and prefer to offer solutions for their own services. A number of applications in the future might nonetheless trigger market growth, particularly in relation to eGovernment services.

• Study on the legal and market aspects of electronic signatures (2003)

  The study analyses legal and practical issues concerning the implementation of Directive 1999/93/EC and on the practical usage of electronic signature and related services in the European market.
   

• Proposal for a European Parliament and Council Directive on a common framework for electronic signatures /* COM/98/0297 final - COD 98/0191, COM(1998)297 of 13.5.1998.

  This Proposal aimed at ensuring the proper functioning of the Internal Market in the field of electronic signatures by creating a harmonized and appropriate legal framework for the use of electronic signatures within the Community and establishing a set of criteria which form the basis for legal recognition of electronic signatures.

• Ensuring Security and Trust in Electronic Communication. Towards a European Framework for Digital Signatures and Encryption. Communication from the Commission to the Council, the European Parliament, the Economic and Social Committee and the Committee of the Regions. COM(1997)503 of 8.10.1997

  This Communication represents the first step towards the establishing of a common framework for digital signatures.

 

 

 

Last updated: 02.4.2011

 

Home | News | Calendar | Library | RSS | XML | Search | Contact | Help