On 1 July 2016, the provisions on trust services in the eIDAS Regulation will apply. All the main actors in the European market, like trust service providers, supervisory authorities, conformity assessment bodies which will are affected by the eIDAS Regulation need to ensure that they will be ready by 2016, when the Regulation applies.

ENISA, in collaboration with the European Commission, launched in 2015 a Forum to bring together the three stakeholder communities in the qualified trust service market, namely: trust service providers, conformity assessment bodies and supervisory authorities. The creation of this Forum is motivated by the need for a place for open discussion which has arisen with the entry into force of the Regulation 910/2014 on electronic identification and trust services for electronic transactions in the internal market.

On 30 June, ENISA organised the first workshop for the Trust Services market in Brussels to

• share good practices and experience as well as views on various aspects of the implementation of eIDAS by the relevant stakeholders and their compliance to EU legislation
• understand the priorities and needs of trust service providers in the development of the eIDAS regulation.
• exchange ideas on the positions of the different stakeholders in aspects like standards, certification, qualification, etc.
• discuss strategies to promote the use qualified trust services in Europe.

With regard to the implementation of the Regulation, the eIDAS Regulation empowers the Commission to adopt secondary legal acts (i.e., 28 implementing acts (IA) and one delegated act (DA). There are 7 implementing acts to be adopted by the Commission by mid-September 2015 on issues related to Trust services (EU trust mark for qualified trust services; electronic signature formats to be recognised by public sector bodies, electronic seal formats to be recognised by public sector bodies, trusted lists) and eID (cooperation between Member States, interoperability framework, Levels of assurance).

The Commission is also working on an additional act on the notification of eID schemes to the Commission by the Member State for which there is no obligation but is complementary to reach interoperability.

A common message that emerged in the latest events was that implementing acts for the eIDAS regulation are needed to find the right balance between the market needs and security needs.

Related links:

https://ec.europa.eu/digital-agenda/en/news/eidas-private-sector-engagement-high-level-event-boosting-line-trust-and-convenience-business

https://www.enisa.europa.eu/activities/identity-and-trust/whats-new/trust-services-forum-2015

Forum minutes: https://www.enisa.europa.eu/activities/identity-and-trust/library/presentations/june2015/minutes