While some of the 2021 recommendations made it to the final draft, others were deemed unsuitable upon closer inspection. The following are those that have the biggest impact on people and organizations in the EU.
The Digital Identity Wallet for Europe
The agreed proposal mandates that member states create a European digital identification wallet (eID), which will cover “electronic attestations of attributes,” as the law puts it. To put it simply, eID will hold biometric and digital identification documents, such as diplomas, professional certificates, travel, medical, and banking credentials, and mobile driver’s licenses.
Services for Electronic Archiving
The idea of “qualified electronic archiving services” which seeks to guarantee that all electronic data and documents are created or maintained by a qualified trust service provider, would modernize digital vaults and the electronic archiving of electronic documents.
Moreover, during the conservation phase, the authenticity and precision of their legal characteristics and place of origin will be maintained. Lastly, the revised plan requires the precise documentation of the archiving process’s date and time.
The proposal advocates for the establishment of trusted digital identities through the use of digital identity wallets. These identities will be founded on common technical standards that have been adopted throughout the European Union, ensuring that the security and authenticity of electronic archiving will keep up with the constantly changing digital landscape.
Electronic Seals and Signatures
The proposal suggests additional Commission guidelines on certifying and recertifying certified creation devices for signatures and seals in order to guarantee uniform certification standards throughout the EU. The plan also asks for the cross-border acceptance of electronic signatures and seals that meet certain requirements.
At the moment, eIDAS supports three different kinds of eSignatures: qualified, advanced, and simple. Qualified Electronic Signatures need to be certified by a Qualified Service Trust Provider (QSTP) in order to be legally recognised as handwritten signatures on paper. The strictest EU regulations apply to QSTPs, and they have to go through frequent audits to ensure that regulations are being followed.
The use of electronic seals, which validate electronic documents with the same authority as traditional seals that verify the authenticity and integrity of official documents, is finally made possible by the provisions introduced by eIDAS.
Digital Time Stamps
Electronic data can be linked to other electronic data to show how long it has been there. The time stamps that are granted by each member state must be recognised across borders, just like with electronic signatures and seals, according to eIDAS 2.0.
Services for Electronically Registered Delivery
Similar to registered mail in a conventional postal system, this trust service offers assurance by proving that electronic data has been sent and received. Cross-border compatibility between approved electronic registered delivery services is ensured by eIDAS 2.0.
Services for Website Authentication
Website authentication, classified as a “qualified trust service,” creates a link between a website and the real or legal entity owning the certificate, a process where Docbyte plays a role. This ensures that users can have confidence in the identity of the website they are engaging with. Currently, website authentication is achieved through root certificates overseen by certificate authorities.
The new eIDAS 2.0 proposal’s Article 45 gives member states the freedom to choose whether to provide new root certificates. Cybersecurity experts, however, have strongly objected to this, and it is unclear if these modifications will be eventually passed into law.
The Question Regarding Electronic Ledgers
Initially, the eIDAS 2 proposal was approved by the ITRE Committee, but it did not include the Section on Electronic Ledgers as a regulated trust service. This was quite troubling because trust services these days heavily rely on electronic ledgers. Electronic ledgers were initially excluded for the sole purpose of upholding technological neutrality. In actuality, the committee disregarded the fact that electronic ledgers are fundamentally impartial, serving as a general category rather than a particular application.
Perhaps you’re wondering what the purpose of these is. Electronic ledgers are transparent, safe databases that hold various kinds of data, including financial data. Information is entered into the ledger in a manner that makes fraud and other mistakes impossible.
As a result, a group of well-known stakeholders banded together to voice serious concerns and urge lawmakers to add these vital clauses back into eIDAS 2.0. Despite popular belief, electronic ledgers do not undermine technological neutrality; rather, they guarantee that the law will continue to be flexible enough to accommodate new advancements.
Acknowledging the importance of electronic ledgers, they assist in building strong digital infrastructures across Europe, combating cyberthreats and satisfying social needs for increased digital trust, stimulating innovation throughout Europe, and bolstering the continent’s digital identity framework.
