This article is co-signed by Roberto Viola and myself and was originally published in an Italian online newspaper. If you want to read it in Italian, have a look at this version!
The European Digital Single Market is one of the priorities of the European Commission with a potential for economic growth equivalent to over 415 billion euros and the creation of hundreds of thousands of new jobs. In its Digital Single Market Strategy which was published last May, the Commission highlighted the importance of trust and security as critical factors for people, businesses and governments to go digital thus taking full advantage of innovation, convenience and opportunities offered by going digital.
Increasing trust in the digital world is not simple and requires greater transparency and high standards with regard to responsibility, security and the use of authentication and security services which have an increasingly transformative role in key sectors of our economy, such as the banking and financial sector, healthcare, the sharing economy, transport and public administration.
It is in this context that the eIDAS Regulation EU 910/2014 on electronic identification and trust services should be seen, as it provides the legal framework for the cross-border recognition of eID means and trust services, also ensuring their interoperability and legal certainty. With eIDAS, the European Union has laid the foundations for citizens, businesses (in particular SMEs) and public administrations to access and use on-line services in a more reliable, responsible and convenient manner.
Last September, another major step was accomplished with the adoption of all the implementing acts due by 18 September 2015. In order to foster the market and favour interoperability, these implementing acts take account of and promote the adoption of existing European or international standards. As for the technological infrastructure, the European Commission published as open source last 27 November, under the Connecting European Facility programme, the technical specifications and reference implementations of the interoperability nodes for the electronic identification mechanisms.
With the eIDAS Regulation, the implementing acts, the standards and the interoperability infrastructure, Europe is the first and only macro region in the world with a comprehensive legal and technological framework for electronic identification and trust services. Europe is undoubtedly also a leader with regard to technology, innovation and services.
But what are the next steps to fully leverage the eIDAS framework? The first extremely important step will be in just six months, on 1 July 2016, when the Regulation will repeal the eSignature Directive and the eIDAS rules related to trust services will apply in the same way everywhere in the European Union. Indeed, as eIDAS is a Regulation, it will apply directly in all member states thus providing unprecedented legal certainty across borders. An additional element of transparency will also be provided by the EU trust mark for qualified electronic trust services that will allow users to decide whether to trust an online service.
The second step will be to spread eIDAS and related services across all sectors, with the aim to create a digital single market that:
• simplifies access to public administrations
• promotes digital transformation of organisations and businesses
• stimulates the development of innovative and secure services
• helps reduce administrative burdens and cut red-tape for everyone
• improves user convenience and on-line experience and stimulates the provisioning of new innovative services
• makes the trust and authentication services' market more transparent and accountable, and more generally the services' market more respectful of citizens' privacy.
In this regard, the Commission has in the past organised a series of events focusing on priority areas for our economy and society, such as public administration, banks, e-health, the sharing economy, transport, etc.
The need to ensure consistency between existing or pending legislation to avoid misalignment of regulatory requirements has repeatedly emerged from the discussions. The Commission is working in this direction and some concrete examples bear witness to this commitment. For example, the direct reference to this principle - and the direct reference to eIDAS - in the Better Regulation "Toolbox" or the creation of a Commission internal working group composed of services from a number of DGs that work on initiatives with a direct or indirect link to eIDAS.
There are good prospects for leveraging eIDAS in the world of financial transactions. The European Banking Authority (EBA) analyses, in a consultation document on strong authentication for online payments, eIDAS solutions in relation to the security requirements under the Payment Service Directive (PSD2) which has been recently adopted. Another example is the recent green paper on retail financial services, where the role of eIDAS in easing distance payments is highlighted as is its role in sattisfying the requirements related to the "Know Your Customer" (KYC) requirements or strong authentication.
Given its inherently transformative nature, eIDAS is clearly an enabler in building a genuine digital single market, but there is still a long way to go which calls for the involvement of all interested parties in order to benefit from a real digitisation which goes across all sectors and beyond national borders.
These are only the first steps towards widespread everyday use of eIDAS services. The path is still very long, but the journey to to achieve a fully functioning Digital Single market is well worthwhile.