EIDAS 2014/0910 EN

With a view to ensuring the proper functioning of the internal market while aiming at an adequate level of security of electronic_identification means and trust_services this Regulation:

(a)	lays down the conditions under which Member States recognise electronic_identification means of natural and legal persons falling under a notified electronic_identification scheme of another Member State;

(b)	lays down rules for trust_services, in particular for electronic transactions; and

(c)	establishes a legal framework for electronic_signatures, electronic_seals, electronic_time_stamps, electronic_documents, electronic_registered_delivery_services and certificate services for website authentication.

Article 5

Data processing and protection

1. Processing of personal data shall be carried out in accordance with Directive 95/46/EC.

2. Without prejudice to the legal effect given to pseudonyms under national law, the use of pseudonyms in electronic transactions shall not be prohibited.

CHAPTER II

ELECTRONIC IDENTIFICATION

Article 11

Liability

1. The notifying Member State shall be liable for damage caused intentionally or negligently to any natural or legal person due to a failure to comply with its obligations under points (d) and (f) of Article 7 in a cross-border transaction.

2. The party issuing the electronic_identification means shall be liable for damage caused intentionally or negligently to any natural or legal person due to a failure to comply with the obligation referred to in point (e) of Article 7 in a cross-border transaction.

3. The party operating the authentication procedure shall be liable for damage caused intentionally or negligently to any natural or legal person due to a failure to ensure the correct operation of the authentication referred to in point (f) of Article 7 in a cross-border transaction.

4. Paragraphs 1, 2 and 3 shall be applied in accordance with national rules on liability.

5. Paragraphs 1, 2 and 3 are without prejudice to the liability under national law of parties to a transaction in which electronic_identification means falling under the electronic_identification scheme notified pursuant to Article 9(1) are used.

whereas

(1) Building trust in the online environment is key to economic and social development.
Lack of trust, in particular because of a perceived lack of legal certainty, makes consumers, businesses and public authorities hesitate to carry out transactions electronically and to adopt new services.

- = -

(2) This Regulation seeks to enhance trust in electronic transactions in the internal market by providing a common foundation for secure electronic interaction between citizens, businesses and public authorities, thereby increasing the effectiveness of public and private online services, electronic business and electronic commerce in the Union.

- = -

(3) Directive 1999/93/EC of the European Parliament and of the Council (3), dealt with electronic_signatures without delivering a comprehensive cross-border and cross-sector framework for secure, trustworthy and easy-to-use electronic transactions.
This Regulation enhances and expands the acquis of that Directive.

- = -

(7) The European Parliament, in its resolution of 21 September 2010 on completing the internal market for e-commerce (4), stressed the importance of the security of electronic services, especially of electronic_signatures, and of the need to create a public key infrastructure at pan-European level, and called on the Commission to set up a European validation authorities gateway to ensure the cross-border interoperability of electronic_signatures and to increase the security of transactions carried out using the internet.

- = -

(17) Member States should encourage the private sector to voluntarily use electronic_identification means under a notified scheme for identification purposes when needed for online services or electronic transactions.
The possibility to use such electronic_identification means would enable the private sector to rely on electronic_identification and authentication already largely used in many Member States at least for public services and to make it easier for businesses and citizens to access their online services across borders.
In order to facilitate the use of such electronic_identification means across borders by the private sector, the authentication possibility provided by any Member State should be available to private sector relying parties established outside of the territory of that Member State under the same conditions as applied to private sector relying parties established within that Member State.
Consequently, with regard to private sector relying parties, the notifying Member State may define terms of access to the authentication means.
Such terms of access may inform whether the authentication means related to the notified scheme is presently available to private sector relying parties.

- = -

(58) When a transaction requires a qualified electronic_seal from a legal person, a qualified electronic_signature from the authorised representative of the legal person should be equally acceptable.

- = -

(63) Electronic documents are important for further development of cross-border electronic transactions in the internal market.
This Regulation should establish the principle that an electronic_document should not be denied legal effect on the grounds that it is in an electronic form in order to ensure that an electronic transaction will not be rejected only on the grounds that a document is in electronic form.

- = -

keyboard_tab EIDAS 2014/0910 EN

EIDAS 2014/0910 EN