workshop on registered electronic mail policies and implementations ankara, 16-17 march 2015 davide...
Post on 14-Dec-2015
214 Views
Preview:
TRANSCRIPT
Workshop on registered electronic mail policies and implementationsAnkara, 16-17 March 2015
Davide Mulad.mula@agcom.it
The use of electronic signatures and its infrastructures within the REM framework
A few words on AGCOM
2
AGCOM is an independent and convergent regulatory authority established in 1997 by Law 249/97 for the whole communications system in Italy.
AGCOM is one of the first convergent regulators established in Europe, designed to tackle the challenge posed by the continuous technological developments of the communications sector.
A few words on AGCOM
• AGCOM has the task to regulate the markets, monitor the operators’ compliance to the obligations, enforce its decisions also through the imposition of penalties in the following sectors:
3
• Audiovisual sector
• Electronic communications sector
• Press
• Postal services (following Decree 201/11)
E-Signature and REM
1. Why sign digitally a document that will be sent by REM?
2. Interoperability between e-signature and REM.
3. Legal value and evidential effectiveness of informatics writing.
4
Registered E-Mail (REM)
• Enhanced form of e-mail which provides evidence relating to the handling of an e-mail including proof of submission and delivery.
5
Legal value of REM
• What is proved by a REM receipt?1. That an email (text and documents
attached) has been sent by the sender’s account to its provider.
2. That the email was received by the addressee’s server.
3. That the email was displayed by the addressee.
6
Legal value of REM
• What is not proved by a REM receipt?1. The identity of the signatory of the
document sent.2. The time (place) of the signature. 3. The integrity of the document from time
of signature to moment the document is sent.
7
Identity of the signatory
• Reg. 910/2014, art. 44: «Qualified electronic registered delivery services […] ensure with a high level of confidence the identification of the sender».
• But doesn’t prove that the signatory has the legal power to bind company/public administration to respect the agreement/decisions.
8
Time (place) of the signature
• Reg. 910/2014, art. 44: «Qualified electronic registered delivery services […] ensure with a high level of confidence the date and time of sending, receiving».
• But doesn’t prove the time and the place of signature that could be relevant.
9
Integrity of the document
• Reg. 910/2014, art. 44:«Qualified electronic registered delivery services […] preclude the possibility of the data being changed undetectably».
• But doesn’t prove that the document has not be changed after the signature and before it is sent.
10
E-Signature in Italy
Italy was one of the first countries in the world to equate the legal effects of an electronic document, subscribed with a digital signature, to documents written and subscribed on paper.
11
E-Signature in Italy
• The legislative position is controlled by the Codice dell’Amministrazione Digitale (Digital Administration Code, (CAD)), introduced into law by Law Decree 82/2005.
• This legislation served to enable information technology to be used to improve efficiency in the public administration, but its implementation has proceeded very slowly.
12
E-Signature in Italy
• The EU Directive 1999/93/EC caused changes to be made to the Italian legislation.
• The Directive aimed to facilitate the use of electronic signatures and contributed to their legal recognition within the Member States of the European Union.
13
• In Italy, the legislation implemented before the adoption of the Directive referred exclusively to public-key encryption.
E-Signature in Italy
14
4 types of e-Signature in Italy
1. Electronic signature: the set of data in electronic form attached to or logically associated with other electronic data,
used as method of identification.
15
4 types of e-Signature in Italy
2. Advanced electronic signature: the set of data in electronic form allowing the identification of the
signatory of the document and providing a unique connection to the signatory.
16
4 types of e-Signature in Italy
3. Qualified electronic signature: a particular type of advanced electronic signature based on a qualified certificate and created by a secure device for the
creation of the signature.
17
4 types of e-Signature in Italy
The certificate in this case does not ‘manifest and verify the origin and integrity of an electronic document’, since the sender does not intend to ‘sign’ a document, but simply identify himself.
18
4 types of e-Signature in Italy
4. Digital signature: a particular type of advanced electronic signature based on a qualified certificate and
a system of cryptographic keys.
19
4 types of e-Signature in Italy
• Electronic signature
• Advanced electronic signature
• Qualified electronic signature
• Digital signature
20
E-Signature and REM
1. Why sign digitally a document that will be sent by REM?
2. Interoperability between e-signature and REM.
3. Legal value and evidential effectiveness of informatics writing.
21
Interoperability e-signature & REM
• Interoperability describes the extent to which systems and devices can exchange data, and interpret that shared data.
• For two systems to be interoperable, they must be able to exchange data and subsequently present that data such that it can be understood by a user.
22
Interoperability e-signature & REM
• E-signature standard: ETSI TS 101 733 V1.8.1 (2009-11)– Europe: .p7m– International: .xml
23
Interoperability e-signature & REM
• A range of REM services are established across Europe and the number of services are set to grow significantly.
• The lack of standardization might affect interoperability between REM based systems implemented on the basis of different models.
24
Interoperability e-signature & REM
• Anyway, the lack of standardization in REM would have no direct affect on e-signature standard or interoperability.
• E-signature could be included in a .p7m file as well as .xml file, and so could be sent as an attachment in a different way.
25
E-Signature and REM
1. Why sign digitally a document that will be sent by REM?
2. Interoperability between e-signature and REM.
3. Legal value and evidential effectiveness of informatics writing.
26
Legal value of informatics writing
Concerning value in law, it is necessary to distinguish the following: 1. Writings in which the requirement of written
form under penalty of invalidity2. All other writings, in which the written form
is required only for evidentiary purposes
27
Legal value of informatics writing
• The probative value of: – an electronic document subscribed with an
electronic signature– an electronic document subscribed with an
advanced, digital or qualified electronic signature
28
Legal value of informatics writing
• Documents that are signed by digital and qualified electronic signatures are presumed to be signed by the owner of the signature device, unless he proves the contrary.
29
E-Signature and REM
Example
30
E-signature & REM in AGCOM
• AGCOM use e-signature and REM in order to apply the Regulation on Copyright on the Internet.
31
E-signature & REM in AGCOM
• The intellectual property rights holder sends a claim to AGCOM via the web site www.ddaonline.it filling in a form.
32
E-signature & REM in AGCOM
• The decision is signed by the President and by the Commissioners of AGCOM and then access providers are notified to block the DNS code of the illegal web site.
• Notifications are done using Italian REM (PEC).• If access providers do not respect the AGCOM
order, AGCOM has the power to impose a sanction on them.
33
Thank you for the attention
Avv. Davide Mula d.mula@agcom.it
34
top related