The Government's failure to implement a European law governing
digital certificates has placed UK companies in an uncertain
position when claiming compensation for faulty certificates,
e-commerce experts have warned.
The European Union's Electronic Signature Directive, which came
into force in July, aims to encourage the use of electronic
signatures - one of the cornerstones of secure e-commerce.
However, unlike other European governments, the UK Government has
yet to implement the law. The directive outlines a clear framework
that makes certificate providers liable for damages in the event of
a security breach or inaccurate data in the digital
certificate.
Under the directive, providers of digital certificates, such as
Consignia and Identrus, must prove that they were not negligent if
a customer has a problem with one of their certificates.
Alison Welterveden, a partner in the IT and e-commerce group at law
firm Tite & Lewis, said the Government's failure to implement
the directive is bad news for digital certificate users and
suppliers. "If something goes wrong during an online transaction it
is rather uncertain what you could do to remedy it or what [the
solution] would look like," she said.
"The failure to implement the directive is yet another example of
the failure to encourage e-commerce in the UK."
A spokeswoman for the Department of Trade & Industry said the
Government had partly implemented the Electronic Signature
Directive when it introduced the Electronic Communications Act
2000.
However, she said the Government does not have a date for fully
implementing the directive. It is currently involved in a second
round of discussions with industry figures after an earlier
consultation period ended in June.
Business groups have warned that member states in the European
Union are taking wildly different approaches to the implementation
of the digital signature legislation.