There have been many developments and innovations in online commerce over the past decade. It is for this reason that EU Regulation No. 910/2014 on electronic identification and trust services for electronic transactions in the internal market (“eIDAS Regulation”) comes into force on 1 July 2016. The eIDAS Regulation will repeal Directive 1999/93/EC (the E-signatures Directive) which was implemented in Ireland by the Electronic Commerce Act 2000 (the “2000 Act”). As the eIDAS Regulation will directly apply across all EU Member States, it does not require national law to implement it.
How will the eIDAS Regulation affect Irish law?
- The eIDAS Regulation sets out to facilitate a smoother environment for online business and commerce by building on the 2000 Act which allowed for online signatures to be recognised in Irish law while also taking into account the potential for advances in this area. However the eIDAS Regulation goes a step further as it takes into account advances such as as electronic time stamps and electronic identity services.
- All EU Member States will be obliged to recognise and accept electronic identification “eID" issued in another Member State which has been notified to the Commission. While notification is voluntary, the recognition of notified schemes by Member States will be mandatory.
- E-signatures will have the same legal effect as a standard signature but the eIDAS Regulation divides e-signatures into three different categories - simple e-signatures (e.g. typed signatures); advanced e-signatures (e.g. unique signatures) and qualified e-signatures (namely e-signatures created by qualified electronic creation devices and based on a qualified certificate e.g. a smart card).
- Ireland will be required to designate a supervisory body whose task will be to grant qualified status to providers of “trust services” (namely, electronic service normally provided for remuneration consisting of (a) the creation, verification, and validation of electronic signatures, electronic seals or electronic time stamps, electronic registered delivery services and certificates related to those services; (b) the creation, verification and validation of certificates for website authentication; or (c) the preservation of electronic signatures, seals or certificates related to those services). The body will also supervise Irish qualified trust service providers; and take action (where necessary) in relation to Irish non-qualified trust service providers when informed that they do not meet the requirements laid down in the Regulation.
- The eIDAS Regulation introduces an EU “Trust Mark” for qualified trust services. Once a trust service provider has acquired a “qualified” status from an EU national supervistory body, it may use the EU Trust Mark to indicate a high standard of security.
The eIDAS Regulation is certain to create greater confidence in cross-border online transactions, thereby increasing trade.