2010 - Summation

Electronic Forum on Electronic Signature 2010 Summary

On 9 – 11 June 2010 in Amber Baltic Hotel in Międzyzdroje took place the 10th edition of the European Forum on Electronic Signature – EFPE 2010, under the honorary patronage of the Minister of Economy, the European Committee for Standardization (CEN), the Polish Committee for Standardization (PKN) and the Polish Bank Association.
This Europe’s largest annual international conference on electronic signature and PKI was attended by 110 participants from 16 countries in Europe and Asia: Belarus, Belgium, Czech Republic, Germany, Hungary, Italy, Kazakhstan, Lithuania, Moldova, Netherlands, Russia, Spain, Switzerland, Ukraine, United Kingdom (together 51 participants from abroad) and Poland. Attendees represented certification authorities from different countries, software and hardware solutions suppliers, the European Commission, as well as national public administration representatives including the Polish Ministry of Economic, Ministry of Justice and Ministry of Interior and Administration.
The tenth, jubilee edition of EFPE became an occasion to summarize the activities related to electronic signatures and PKI issues since the past 10 years. The conference also allowed to estimate development of practical applications of e-signature and e-identification in Poland, in the European Union, as well as in Russia and other countries.
The main topic of the conference was “European plan on e-signature and e-identity”. A special emphasis in the conference agenda additionally to lectures, presentations and practical workshops was paid to discussions and polemics conducted during two roundtables with participation of representatives of government and business experts, namely:
Electronic signature, interoperability and general electronic services. Are we finally witnessing the beginning of a breakthrough on the European scale?” oraz Electronic identification of a citizen in public services systems – are local solutions leading to isolation or are we going to achieve cross border information exchange?”
As every year, there was an open exchange of views between the participants of the conference in the field of implemented concepts, technologies and solutions. In particular special attention was paid to interoperability problems and cross-border solutions designed for the use within a single country, the European Union, the CIS (Commonwealth of Independent States) and in the wider international scale. Representatives of EU countries agreed with the thesis that in recent years there has been clear progress in creating a legal framework for effective use of electronic communication in business and administration. Attention was also paid to the role of the new electronic signatures services, such as cross-border electronic signature verification or certificates attributes infrastructure.
However mostly discussed issues were related to the risks and barriers blocking the development of information society. Very high emotions aroused presentations and speeches about the need to harmonize acts in different countries with the directives and other EU regulations. As resulting from many speeches related to abovementioned harmonization many countries will have to face problems in adjusting legal systems, unfortunately including Poland. It has been also confirmed by the lively discussion on the draft of the new Polish act on electronic signatures and the draft of act on identity cards. Discussion participants pointed out preferred in our country local solutions of “insular” character which even could be seen as isolation in relation to the European Union.
Strongly discussed was also the necessity of a comprehensive approach in the field of legislative changes. Legal acts should not be created without not having estimated their impact on other regulations, and without the possibility of practical implementation of these laws.
Conference participants repeatedly remarked that according to the European Commission Decision of 16.10.2009 on the recognition of electronic signatures, basic and universally recognizable form of a legally binding signature should be the electronic signature based on a qualified certificate. Precisely in order to implement this idea there has been recently created the EU List of Lists, containing a list of qualified certification authorities operating in different EU countries (TSL lists).
EFPE 2010 Conclusions and recommendations
As a result of numerous discussions the main threats and demands have been identified, that as a final summary were made by a commission in the form of nine EFPE 2010 conference conclusions. Meeting those conclusions, according to the vast majority of the conference participants, should lead to the achievement of interoperability and cross-border exchange of electronic signatures and documents, and thus ensure the successful implementation of the European development plan for electronic signature and electronic identity, therefore:
Coordination of state e-government services, e-Goverment in each country should be conducted at the central level to avoid single departments solutions and lack of interoperability across the entire government.
Each implementation related to electronic communications should apply technology solutions which ensure certain level of security adequate to the identified level of risk. If a transaction requires the signature of the individual person an electronic signature, based on a qualified certificate should be used. This will ensure cooperation between different systems within the particular country and internationally.
Acts and regulations on electronic signatures and electronic documents should not contain detailed technical requirements, but should only refer to the norms and standards. In case of Poland the legitimacy of the inclusion of Polish Committee for Standardization in the legislative work relating to technical requirements has been submitted.
The level of confidence of certification services and other services related to electronic signatures, such as time stamping, verification of electronic signatures and issuing certificates of attributes should be clearly defined, so that the users of these services could be aware of their reliability. For entities providing services with the highest level of reliability similar criteria could be applied, as in the case of entities issuing qualified certificates.

Legal regulations and implementing projects are mainly aimed at solving the problems of public administration, and are not taking strong enough the requirements and expectations of business and individual users or consumers in the field of availability, scope and quality of electronic services into the account.
If we want to ensure electronic document cross-border exchange between the European Union (EU) and other countries special attention should be paid to the decisions of the Commonwealth of Independent States (CIS) on the common customs territory of Russia, Kazakhstan and Belarus, where the role of a trusted Third Party of certification services was indentified, in order to solve the problems related to the interoperability of systems operating in different countries.
There is a strong need for closer cooperation between the relevant committees of the EU and Russia as well as organizations representing the interests of other countries interested in creating legal and technical framework, that will allow to achieve the cooperation in exchanging electronic documents between all countries. It would be beneficial if the representatives participated in the meetings of working groups developing the legal and technical framework of e-documents and e-signature. It is required in order to achieve the possibility of electronic exchange between the UE and the countries of the CIS.
European Union countries creating national system of electronic documents, e-identity should comply with the standards and directives on electronic signatures and e-identification of the citizen in order to achieve interoperability of national systems in various EU countries, and above all, in order to avoid e-inclusion of citizens from different countries in terms of electronic document exchange within the Union.
EU countries should notify all drafts of acts concerning the use of electronic signatures and electronic identity as well as identification in order not to block by the Union the already adopted regulations in the particular countries, which have not undergone prior notification. This case had already happened in the past.
Międzyzdroje, Poland 11.06.2010

Asseco Poland is the largest IT company in Poland and in the region of Central and Eastern Europe. For 30 years, it has been creating technologically advanced software for companies in key sectors of the economy. The company is present in 60 countries worldwide and employs 27,500 people. It is growing both organically and through acquisitions, of which it has made nearly 100 since 2004. Asseco companies are listed on the Warsaw Stock Exchange, NASDAQ, and the Tel Aviv Stock Exchange.

Obserwatorium.biz is an independent Polish consulting company, operating on the market since 2015, specializing in the creation and implementation of digital strategies in companies, mainly from the financial and public administration sector.

It supports clients in particular phases of strategic development – diagnosis of internal situation, market environment, it helps to formulate new goals and products, taking into account social and business trends resulting primarily from technological changes, it supports implementation and execution processes, including for IT suppliers. It carries out a number of educational activities such as trainings and conferences in order to spread the knowledge about digital transformation, its consequences and conditions for optimal implementation in a given enterprise.

We have been developing digital security at Certum for over 20 years. We specialize in certification services that validate online identity and provide solutions to ensure the trustworthiness and security of documents, electronic data and devices.

We are committed to ensuring that our clients' businesses can thrive while remaining fully resistant to cyber attacks and other external threats. Using modern technological advances, we create solutions that help our clients navigate more efficiently, comfortably and safely in the virtual world.

Certum consists of a competent and experienced team of more than 150 specialists who have been trusted by hundreds of thousands of companies and institutions all over the world. Many years of experience combined with specialist knowledge allows us to implement even the most complex and technically advanced projects. We place particular emphasis on the compliance of our services with current legal conditions and standards. More information available at www.certum.pl

The Cloud Signature Consortium is a global group of industry, government, and academic organizations committed to driving standardization of highly secure and compliant digital signatures in the cloud. Inspired by the rigorous requirements of the European Union’s Regulation on electronic Identification, Authentication and Trust Services (eIDAS), our open technical specification helps ease solution interoperability, streamline compliance with e-signature regulations, and pave the way for uniform adoption of cloud-based digital signatures around the world.

NASK is a National Research Institute whose mission is to develop and implement solutions which facilitate the development of information and communication networks in Poland, in addition to improving their effectiveness and security. We carry out research and development projects as well as projects aimed at improving the security of Polish civilian cyberspace. Another of our important activities is educating users and promoting the concept of an information society, primarily with the goal of protecting children and young people from hazards posed by new technologies.

ZIPSEE Digital Poland is an industry employers’ organization – it brings together the largest digital and high-tech companies in Poland, including manufacturers, importers and distributors. The main goal of the organization is to care for the development of this sector in Poland

The Association actively follows and is personally involved in works on any regulations that may directly or indirectly affect the high-tech industry in our country.

One of the main objectives of ZIPSEE Digital Poland is to support and build a digital economy by, among others, spreading the idea of e-services or digitization. At the same time, Digital Poland makes sure that the development of e-solutions will be accompanied by an increase in their cybersecurity, which is related to constant improvement of social awareness and competence both among entrepreneurs and public administration.

The Committee of the Council of Ministers for Digitization (KRMC) is an auxiliary body of the Council of Ministers and the Prime Minister, established in 2012 to ensure the coordination of the implementation of IT projects of the government administration and the preparation of government documents related to computerization. KRMC is responsible for ensuring the consistency of IT projects with the strategic activities of the State.

The European Signature Dialog is a platform of major European electronic signature providers. The first European Signature Dialog took place on the 1st and 2nd of June 2017 in the heart of Europe – Vienna, attended by organisations from eleven countries. On the initiative of A-Trust, a qualified trust service provider in Austria, a joint voice of leading European stakeholders was created to tackle the need for consistency between EU and national requirements and to transform Europe into a strong player in authentication and cybersecurity.

The Polish Information Processing Society, PIPS (Polskie Towarzystwo Informatyczne, PTI) was established in 1981 as professional organization representing people who work in the IT. From its beginning the PIPS fosters links between experts from industry, academia and business promoting education, knowledge sharing, codes of conduct and skills frameworks. It voices the Society’s members opinions, needs, interests, and rights in relations with the general public, local and central government and with other associations in Poland and abroad. In 1992 PIPS was the first organisation from the post-communist countries to become a member of the Council of European Professional Information Societies (CEPIS).

ETSI is a not-for-profit Institute with more than 900 member organizations worldwide, drawn from 65 countries and five continents. Our members comprise a diversified pool of large and small private companies, research entities, academia, government and public organizations.
www.etsi.org

Samsung Electronics inspires the world and shapes the future with transformative ideas and technologies that give people the power to discover new experiences. With a constant focus on innovation and discovery, we keep redefining the worlds of TVs, smartphones, wearable devices, tablets, digital appliances, network systems, and memory, system LSI, foundry and LED solutions.

Samsung Electronics is committed to improving the global community and delivering ground-breaking innovations that enhance people’s everyday lives.

ARIADNEXT is the leading European provider of digital identification services. By providing solutions based on Artificial Intelligence, ARIADNEXT offers companies the opportunity to instantly build trusting relationships with their consumers. These solutions enable them to meet regulatory challenges and anti-fraud requirements while focusing on customer experience and digital transformation.

Entrust keeps the world moving safely by enabling trusted identities, payments and data protection around the globe. Today more than ever, people demand seamless, secure experiences, whether they’re crossing borders, making a purchase, or accessing corporate networks. With our unmatched breadth of digital security and credential issuance solutions, it’s no wonder the world’s most entrusted organizations trust us.

This website uses cookies to provide services at the highest level. By continuing to use the site, you agree to their use. If you do not agree to the use of cookies that are not necessary to use the website, you can change the settings in the browser you use

Subscribe to our newsletter