Electronic identification (eID) and electronic Trust Services (eTS) are key enablers for secure cross-border electronic transactions and central building blocks of the Digital Single Market.
The eIDAS Regulation is incorporated into Norwegian law, and came into effect on 15 June 2018.
The eIDAS Regulationis a milestone to provide a predictable regulatory environment to enable secure and seamless electronic interactions between businesses, citizens and public authorities.
The eIDAS Regulation:
- ensures that people and businesses can use their own national electronic identification schemes (eIDs) to access public services in other EU countries where eIDs are available.
- creates an European internal market for eTS - namely electronic signatures, electronic seals, time stamp, electronic delivery service and website authentication - by ensuring that they will work across borders and have the same legal status as traditional paper based processes. Only by providing certainty on the legal validity of all these services, businesses and citizens will use the digital interactions as their natural way of interaction.
The Regulation aims to enhance trust in electronic transactions between businesses, citizens and public authorities by providing a common legal framework for the cross-border recognition of electronic ID and consistent rules on trust services across the EU.
On 8 September 2015 the European Commission completed the adoption of all the implementing acts due by 18 September 2015.
For more information on the eIDAS Regulation and relevant binding implementing decisions adopted by the European Commission, visit the Commission webpages on trust services and eID.
The European Union Agency for Network and Information Security (ENISA) also provides expert advice and recommendations on the implementation of the eIDAS Regulation.
What does the eIDAS Regulation cover?
Chapter II of the Regulation provides a framework, which will allow European citizens to use electronic ID to access online public services in other EU member states by September 2018.
Chapter III of the Regulation sets out requirements for trust services. It also sets out what trust service providers need to do in order to gain qualified status, which entitles them to be listed on a trusted list and to use an EU trust mark.
What is the role of the Norwegian Communications Authority?
The Norwegian Communications Authority (Nkom) is the supervisory body for the trust service provisions of the eIDAS Regulation. Nkom is also the responsible authority as the scheme operator to establish, maintenance and publish the trusted list of Norway. Nkom can grant and revoke qualified status for trust service providers established in Norway, report on security breaches and take enforcement action.
Nkom also cooperate with supervisory bodies in other EU member states, and submit annual reports to the European Commission and to The European Union Agency for Network and Information Security (ENISA).