The European Union's electronic signature directive, which will come into force in July, aims to encourage the take-up of electronic signatures, one of the cornerstones of e-commerce.
But IT users warned this week that some of the data protection provisions in the directive could prove an administrative nightmare for companies trying to implement digital signatures.
The wording of the directive suggests that companies may have to ask all of their employees for explicit permission before they issue them with digital certificates.
"It could mean that the directive makes it damn near impossible for companies to introduce digital signatures," said Philip Virgo, secretary general of IT lobby group Eurim.
The directive could also pose problems for companies supplying digital signatures to user organisations, telecoms operators warned.
"Telecoms operators would have a problem if we have to provide digital signatures to our customers," said a policy advisor in one large telecommunications company. "When customers come to us for e-signatures they are going to have to get explicit consent from all their staff. That is really going to affect the take-up of e-commerce."
The DTI, which is consulting on the directive until 18 June, has decided to take a minimal approach to implementing the regulations in the UK.
Eurim is urging IT directors to support the DTI's interpretation of the directive and to bolster its case against any suggestions that the directive should be enforced more rigorously in the UK.
"Electronic signatures are just like any other services or product. They are either fit for purpose or they are not. If they are not fit for purpose, you complain to trading standards. There is no need for special regulations," said Virgo.
"If IT directors agree with what the DTI is doing, they should let it know why they agree. There is a concern that the DTI might be pushed into doing more than it should do with the regulations."