rolling out eidas regulation (eu) 910/2014 · rolling out eidas regulation (eu) 910/2014 boosting...
TRANSCRIPT
Rolling out eIDAS Regulation (EU) 910/2014
Boosting trust & security in the Digital Single Market
Trust in the Digital World 2016 Conference 15 June 2016 – The Hague (NL)
Andrea SERVIDADG CONNECT, European CommissionHead of eIDAS Task [email protected]
Where does eIDAS have an impact?
UMM&DS - Uniform User Management and Digital SignatureseHGI - eHealth Governance InitiativeECI - European Citizens' InitiativeESSN - European Social Security Number
SUP - Directive on single-member private limited liability companies PSD2 – Revised Directive on Payment Services AML4 - 4th Anti-Money Laundering Directive 4
Countries with nationally supported eID schemes
Nearly all Member States (will) have a nationally supported eID scheme in place
Preliminary data from the ongoing CEF eIDStakeholder Analysis Report by Deloitte
•Countries with eID schemes:AT, BE, DE, DK, EE, ES, FI, HR, HU, IT, IS, LT, LU, LV, MT, NL, NO, PT, RO, SE, SK, TR, UK
•Countries setting-up national eID schemes: BG, CY, CZ, EL, FR, SI
•Countries to be confirmed:IE, PL
Information provided by MSs (as of 1 January 2016):eID cards in 15 MSs (6 planned), other eID means in 24 MSs
25 MSs having either an eID card or other eID means
Notification - expectations
7
• 23 MSs of the EU and EEA presented informally their intention (often still tentative ones) to notify their eIDs, as follows:• Notification by end of 2016: 7 MS;• Notification in 2017 or later: 6 MS;• Intention to notify, without date: 6 MS;• No decision yet: 4 MS.
2015 2016 2017 2018 2019
29/09/2015Voluntary cross-border recognition
1.07.2016Date of application of eIDAS rules for trust services
29/09/2018Mandatory cross-border recognition
Timeline
eID
17.09.2014Entry into
force of the eIDAS
Regulation
Trust services
eSignature Directive rules
8
26.11.15 - eID DSI v.1 eIDAS compliant
2014
CEF Call launchedCall for proposal under CEF (Connecting Europe Facility) toconnect services to the eIDAS interoperability framework for crossborder transactions• Primary focus on a few selected private sector areas presenting potential
high volume cross-border transactions (i.e banking, electronic/Internetpayment services, other financial services, insurance and aviation)
• Call launched: 12 May 2016• Call deadline: 15 September 2016, 17:00.00
(Brussels time)• Consortium composition: minimum of 4 entities from one
or more Member States• Co-financing: 75% of the eligible costs of the action• Indicative duration: 12 months
9
Promoting eIDAS Regulatory fitness in other sector specific legislations
• Better Regulation Toolbox (Tool 23: ICT assessment, the digital economyand society) – explicit reference to eIDAS
• Close bilateral cooperation between the eIDAS-TF and other DGs on specificregulatory initiatives
Examples:• Cooperation with DG FISMA and the European Banking
Authority (EBA) on the role of notified eID to meet therequirements under the PSD2Discussion paper on strong customer authenticationand secure communication under PSD2 - eIDAS ispresented as a possible solutionGreen paper on retail financial services and related public consultation - eIDAS featured with respect to the cross border benefits of e-signature and eID.
• Cooperation with DG JUST on supporting the transpositionof the AMLD4 Directive at national level to ensureconsistency with eIDAS
11
EU e-Government Action Plan 2016-2020. Accelerating the digital transformation of government (COM(2016) 179 final)
Underlying principles:
References to eIDAS: Policy priority 1 ("Modernise public administration with ICT,using key digital enablers") - actions:
• "Further efforts by all administrations are needed to accelerate the take up ofelectronic identification and trust services for electronic transactions in the internalmarket [...] actions to accelerate cross-border and cross-sector use of eID(including mobile ID) in digitally enabled sectors (such as banking, finance,eCommerce and sharing economy) and in the public sector namely on the Europeane-Justice Portal. The Commission will also explore the need to facilitate the usageof remote identification and secure authentication in the retail financialservices"
• "The Commission will gradually introduce the 'digital by default' principle wheninteracting online with external stakeholders, using eIDAS services (in 2018),eInvoicing (in 2018) and eProcurement (in 2019)."
Digital by
Default
Once only
principle
Inclusivenessand
accessibility
Openness and
transparency
Cross-border by
default
Interoperability by
default
Trustworthiness and
Security
12
Communication on Priorities of ICT Standardisation for the Digital Single Market (COM(2016) 176 final)
Sets a comprehensive strategic and political approach to standardisation for 5priority ICT areas: 5G communications, cloud computing, the internet ofthings (IoT), (big) data technologies and cybersecurity.
Action in the area of Cybersecurity (section 3.1.4):
"The Commission will:• Invite ESOs and other SDOs and relevant stakeholders to develop standards
by the end of 2018 that support global interoperability and seamlesstrustworthy authentication across objects, devices and natural andlegal persons based on comparable trust models. This work should bebased on technical standards aligned with the eIDAS regulatoryframework."
13
Online Platforms and the Digital Single Market Opportunities and Challenges for Europe (COM(2016)288)
Reference to eIDAS:
IMPLEMENTING MAIN PRINCIPLES FOR PLATFORMDEVELOPMENT IN THE EU:
iii) Fostering trust, transparency and ensuring fairness
• "In order to empower consumers and to safeguard principles ofcompetition, consumer protection and data protection, theCommission will further promote interoperability actions,including through issuing principles and guidance on eIDinteroperability at the latest by 2017. The aim will be toencourage online platforms to recognise other eID means — inparticular those notified under the eIDAS Regulation — thatoffer the same reassurance as their own". 14
Stakeholder engagement - eIDAS ObservatoryPurpose• Help facilitate the use of cross-border electronic identification and trust
services• Foster transparency and accountability by identifying market hurdles
and good practices, promoting knowledge-sharing and developing initiativesfor innovation
• Contribute to the enhancement of trust and security of digitaltransactions thus to the building of the Digital Single Market
• Act as a virtual network of stakeholders to exchange ideas and goodpractices as well as recommend actions and initiatives to ease the uptake ofeID and trust services
Timeline• Setting up: first half of 2016• Launch: to be officially announced at the event with VP Ansip: "A new
leap in the eIDAS journey: new trust services for a Digital SingleMarket" (30 June 2016, Brussels) 15
EU the first and only region in the world to have:- Policy- Regulation - Rules- Technology- Interoperability infrastructure
In EU we have: World-class hardware,
software and service providers, and administrations at the forefront of eGovernment
25 MS have eID means (3 planned) – 15 MS have eID cards (6 planned)
Large Scale Pilot Projects to ensure interoperability
eIDASA world premiere!
Proposal of few EU Member States to UNCITRAL
Joint proposal of the governments of Austria, Belgium, France, Italy and Poland
On Legal issues related to identity management and trust services Building upon the principles stemming from the eIDAS Regulation 48th session of the Commission (29 June - 16 July 2015, Vienna) –
Interregional consensus on the importance of the topic Set up an informal group of experts:
To support the Secretariat in preparing legislative proposals in order to start discussions in the Working Group
Open to all delegations. If there is a need to collect additional information, possible organisation of a
symposium
UNCITRAL Colloquium on Identity Management and Trust Services, Vienna 21-22 April 2016 (see programme and presentations) 17
For further information and feedback
Web page on eIDAShttp://ec.europa.eu/digital-agenda/en/trust-services-and-eid
Online eIDAS Participatory Platformhttp://europa.eu/!qc98fX
Text of eIDAS Regulation in all languageshttp://europa.eu/!ux73KG
Connecting Europe Facility – Catalogue of Building Blockshttp://europa.eu/!DN99RQ
eIDAS functional mailbox & twitter [email protected]
@EU_eIDAS18