What is the eIDAS Regulation?
The acronym eIDAS stands for electronic IDentification, Authentication, and trust Services. It is the EU Regulation No. 910/2014 of the European Parliament. In Germany, the term IVT is often used as an alternative. It is derived from the term “electronic identification and trust services for electronic transactions”.
The regulation, which was already adopted by the Council in 2014, officially came into force in Europe in July 2016. Mutual recognition of electronic identities has been mandatory since 2018.
The aim of the eIDAS Regulation is to give electronic transactions a similar legal status as transactions on paper. To this end, technical procedures and standards are defined for electronic certificates, seals, time stamps, and signatures that allow electronic documents to be sent securely and consistently.
The eIDAS Regulation is directly applicable law in the entire European Economic Area and in all 28 EU member states. The regulation is concretized by so-called implementing acts.
Contents of the eIDAS Regulation
The central content of the eIDAS Regulation is a set of binding rules for electronic trust services and electronic identification that are valid throughout Europe. Among other things, the regulation defines so-called qualified electronic signatures (QES) and advanced electronic signatures (AdES).
Qualified electronic signatures and advanced electronic signatures are intended to prove the identity of a signatory of an electronic document beyond doubt. They are equivalent to a handwritten signature in paper-based transactions. Other contents of the regulation include requirements for the storage of certificates, seals, time stamps, and signatures.
Advantages of eIDAS
eIDAS will render the old signature directive from 1999 and the German Signature Act obsolete. The regulation creates a uniform, binding standard for electronic signing and identification that is valid throughout Europe. Further advantages are:
- Clear guidelines for the creation, verification, and retention of electronic signatures
- Possibility of digital remote signatures via mobile devices
- Creation of legal certainty for cross-border electronic transactions
- Reduction of the need to exchange paper documents
- Simplification of processes
- Secure digital processes and simplified workflows
- Reduction of bureaucracy and more convenient services provided by public authorities
- More transparency in the EU internal market
- Creation of clear liability regulations
- No obligation for contractual partners to be present
- No risk of loss of paper documents during postal dispatch
Areas of application of the eIDAS Regulation
Examples for the application of the eIDAS Regulation are:
- Signing of contracts
- Cross-border real estate transactions
- Certified electronic documents
- Signed e-mail traffic
- Provision of secure authentication for websites
- Electronic registered mail
- Electronic signature via tablet or smartphone
The implementation of eIDAS in Germany
In Germany, the eIDAS Implementation Act of 2017 governs the implementation of the eIDAS Regulation. There is a Trust Services Act (VDG) and a Trust Services Ordinance specifying the VDG in more detail.
The German Federal Office for Information Security (BSI) was involved in the creation of the EU eIDAS Regulation. It represents the German state in the EU’s expert bodies and uses its expertise to support the implementation of projects and the design of national regulations.