The Commission has just issued a Draft Regulation on "electronic identification and trust services for electronic services in the internal market".
Practical Law summarised the proposal as follows: " The Regulation will replace the existing Electronic Signatures Directive (1999/93/EC), but will re-enact a number of the Directive's provisions. The aim is to enhance the previous legislation and to expand it to cover the mutual recognition and acceptance at EU level of notified electronic identification schemes and other related electronic trust services, such as the provision of electronic seals, time stamping, electronic document acceptability, electronic delivery and website authentication.
The Regulation will require mutual recognition between various national electronic identity systems, with the aim of making existing electronic identities functional across EU borders. One key proposal is that a member state participating in an electronic identification scheme will be liable for the correctness of its identification data.
On an initial assessment of the draft Regulation, it is difficult to see how more detailed and extensive framework proposals will promote greater use of digital trust services, given the fact that that interested parties have been free to take advantage of various technical solutions available on the market for some time, but have not done so"
It is not clear who was actually involved in the "extensive consultation" claimed in the preamble to the draft but
the removal of government
immunity from liability for error may lie behind current attempts to build UK
ID policy round privately
issued electronic identities. But , HMG appears unable to force us to pay for electronic identities when we contact it to pay tax or claim benefit. Therefore
those bidding to supply ID services for the DWP Universal Credits system will have no guarantee of business because, without controversial primary legislation, there will have to be a bypass routine for those who do not wish to use their services
This directive also needs to be scrutinised in the context of a whole series of overlapping EU regulatory initiatives (including on Data Protection, Payments and Ubiquitous Computing) as well as the impending global fight between ITU and ICANN over Internet addressing and the transition from IPV4 (dynamic address re-use, supposed anonymity and crumbling security) and IPV6 (with the potential for locked down device level identities and security fit for the Internet of things when everything is on-line).
addresses - and the international stand-off between the IGF (Government - Industry co-operative agreement approach) and ITU (Inter-government treaty approach)
signatures - and the conflict between those running existing international trade on the basis of common law judgements going back to the days of cable authentications and those seeking a brave new world for their (usually IPV4 -based) view of the Internet.
identities - and the many conflicts between current vested interests and would-be new entrants, with differing business models and cultural assumptions, few of which allow for genuinely informed customer choice
trust - with a fundamental split between those trusted because they accept liability when things go wrong and those who would like to be trusted but will not accept liability. The latter includes most governments, regulators, ISPs and technology suppliers.
urge those serious about wanting to see the UK to be globally competitive in the on-line 21st Century,
(whether within the EU or not), to join the Information Society Alliance (EURIM) and
help my successor, Dr Edward Phelps, to structure well-informed debate and scrutiny on such issues.
On Monday (11th June) I am due to attend a round table organised by EURIM and UK
Payments to assemble material on the Payments Directive for use, alongside
material from previous meetings on the proposed Data Protection Regulation at a
European Internet Foundation meeting on the eve of the Digital Assembly ( June 21st
The bigger objective is, however, to assemble team that will subject these to joined up scrutiny and lobby until their concerns are heard and action is taken. On Friday I was looking at possible invitation lists for a similar round table on the Identities Regulation.
These are not mere "techie issues".
They are part of the regulatory malaise that has helped destroy UK and EU
competitiveness and caused the Chinese sovereign wealth funds to be the latest
to start taking their money out of the eurozone.
They are the cause of
tens, perhaps hundreds of £billions of taxable online transactions to be routed
via the US, Switzerland, Singapore or anywhere else that is outside the EU and
politically and economically stable.
We will not see economic or employment recovery
until we take such issues very much more seriously.
P.S. It has been said to me that there is (as yet) no compulsion to go on-line to access government services but that is not quite correct. If you are VAT registered you can no longer do manual returns or pay by cheque. If you run charity you can no longer get advice sent to you in the post. If you live in a rural area and your Post Office has closed down or you wish to use chip and signature to collect your benefit ... etc