E-signatures in Europe: Crossing borders
This development follows a similar law in the US, where digital electronic signatures became legally binding last year.
The EU move is designed to encourage the growth of global e-commerce and the use of e-security technologies. But some analysts pointed out that the expense and complexity of current e-security systems means that progress may not be as rapid as governments hope.
Tim Pickard, strategic marketing director for encryption specialist RSA, said legal recognition of digital sign atures is important for the progress of e-commerce. "The EU has taken a positive step here and companies now have a legal framework within which to make transactions," he said, adding that the UK government plans to deal with 70 percent of businesses digitally by 2003.
A boost to global e-commerce?
Electronic signatures employ strong encryption, authentication and non-repudiation technologies in order to ensure that each signature is unique and can only come from an authorized source, and that the signatory cannot deny having signed.
However, analysts said that laws alone will not encourage widespread use of digital signatures: they argued that vendors have to develop systems that are easier and cheaper to use. "Companies still see encryption as a large overhead," said Clive Longbottom of analyst firm Quocirca. "It's not presently easy to administer and is time-consuming to implement, but I think vendors are toning down their aggressive sales pitches."
Research from industry watcher Infonetics predicted that sales of security products, including managed security services and public key infrastructure encryption systems, will grow from $1.5bn to $7.7bn in Western Europe between 2001 and 2005.
Peter Judge, a senior analyst at Infonetics, welcomed the findings and said European firms were acting responsibly to build IT security. "Too often users have seen [IT security] as too complex, but we see major growth in almost all managed security between now and 2003."
Quocirca's Longbottom urged IT managers to carry out risk assessment to decide if digital signature technology is required, and seek the advice of a reputable vendor.
The EU move comes as the European Parliament and industry experts warn firms to encrypt all emails and faxes for protection against the alleged Echelon spy network, which may be intercepting European communications on behalf of the US. A select committee of the parliament urged firms to routinely encode their emails, and even their faxes, if they want them to remain private.