Geeks of the world, unite
I am an e-identity geek, pale and closeted in my bedroom, unable to raise my eyes from the screen - I must be, since I write more often about this topic than any other. But the European Union has just published major new legislation, a draft regulation 'on electronic identification and trusted services for electronic transactions in the internal market'. This is one of those fields where being a member of the EU is an advantage, since the EU, whatever people might say about its other manifestations, can be the master and innovator of good cross-border practice on IT matters - see, for instance, the recent implementation of the Electronic Privacy Directive, which has forced websites to inform us about their cookie policies.
The EU is able to concentrate on matters which single nation states cannot achieve, a positive advantage when dealing with a borderless cyber-universe. Alright, cyberspace does not end at the EU’s borders, but the EU can initiate templates for easy communication between different countries and legal systems. In time, it is likely that the EU’s templates, tried and tested across borders and languages, will become a model for the world, as it catches up with us in virtual in cross-border dealings. Even the UK government seems to understand that now, since it has recently become a member of the e-CODEX justice project, which is attempting to link up national e-justice systems.
The e-regulation just published is intended to be a comprehensive cross-border and cross-sector framework for secure, trustworthy and easy-to-use electronic transactions, encompassing electronic identification, authentication and signatures. Among other things, the new framework will:
- Ensure mutual recognition and acceptance of electronic identification across borders;
- Give legal effect and mutual recognition to trust services, including enhancing current rules on e-signatures and providing a legal framework for electronic seals, timestamping, electronic document acceptability, electronic delivery and website authentication.
All countries in the EU currently have legal frameworks for e-signatures, but these diverge and make it impossible to conduct cross-border electronic transactions. The same holds true for trust services (timestamping and the like) which lack European interoperability. Therefore, the regulation proposes common rules and practices. For e-identity, the regulation provides for legal certainty by the mutual recognition and acceptance principle, through which member states accept national e-IDs which have been officially notified to the European Commission. (It will not be obligatory for member states to register their national eIDs, but the commission hopes that many member states will choose to do this.) The commission and EU member states have already proven that cross-border mutual recognition of e-identification works, through the STORK project involving 17 states.
Examples of the kind of people the commission is trying to help with the new regulation are, for instance, students registering for a foreign university online; citizens arranging a move to another EU country or a marriage abroad; patients needing medical assistance abroad; and companies tendering online for public sector contracts anywhere in the EU. This kind of technology and recognition will also be useful in time for lawyers conduction legal transactions electronically across borders, which the e-CODEX project is trying to achieve.
It is a sign of the times that the commission’s press release begins with a list of what the new regulation will not do, as if to pacify the Eurosceptics (who are growing everywhere in the EU). Some are clearly aimed at UK Eurosceptics. So: 'The proposed regulation will not:
- oblige EU member states to introduce, or individuals to obtain, national identity cards, electronic identity cards or other eID solutions,
- introduce a European eID or any kind of European database,
- enable or require the sharing of personal information with other parties.'
Geeks of the world: our time has come. Questions of e-identity are now central to our lives as Facebook, Twitter, i-Phones, e-commerce and the rest dictate how we relate to others. I shall now return to my bedroom, with the curtains drawn, and play several hours of some computer game or other.
Jonathan Goldsmith is secretary general of the Council of Bars and Law Societies of Europe, which represents about one million European lawyers through its member bars and law societies. He blogs weekly for the Gazette on European affairs