The electronic signature Fernando Galindo Philosophy of Law University of Zaragoza Bologna University Bologna April
The electronic signature zProblems: communications in Internet and threatened Rights zSolution zThe mark for a regulation zNormative solutions zThe norms in the practice zConclusion
Communications in Internet (1) zFirst.- Internet as exception solution: communication in military crisis (nuclear war) zSecond.- Partial solution: scientific and academic communications zThrid.- Global solution: electronic trade and security of the State
Communications in Internet (2) zThe users' identification of the telematic messages zIt is not easy to know who sends them, to who they are sent or when they are sent zIntegrity of the messages zThe messages can be modified by another person zConfidentiality of the messages zThey can be seen by other people
The threatened Rights (1) zJuridical security (Cons. art.9.3): " it doesn't exist when there is a document in a municipal file of which is ignored who presents it, when presents it, on behalf of who presents it and for what reason presents it..." (TS 3.ª S, 17 Jul Presenter: Mr. Martín Herrero). In the same way it doesn't exist when the electronic messages that consist on a simple electronic testimony of their mere emission and reception, are not reliable
The threatened Rights (2) zThe person's dignity and their inviolable rights that are inherent (Cons. art. 10): they cannot be respected when the real data of the originator or the receiver of the message are not known
The threatened Rights (3) zPrivacy and secret of the communications (Cons. art. 18): "they imply the existence of an own and reserved environment in front of the action and knowledge of the other ones, necessary according to the rules of our culture to maintain a minimum quality of humane life"(TC 2.ª S, 231/1988 of 2 Dic. - Presenter: Mr. López Guerra)
The threatened Rights (4) zMarket freedom (Cons. art. 38): it cannot exist when there is not security in the mercantile traffic and it is not known, with certainty, the name of the buyers neither, therefore, there is guarantee with regard to their payment capacity
The threatened Rights (5) zThe consumer’s and user’s defense (Cons. art. 51), it cannot be carried out when one doesn't know who are the consumers or the salespersons
The threatened Rights (6) z"The police action in the functions of verification and discovery of the crime and the criminal's prosecution" (Cons. art. 126). It cannot put into practice in case forecasts don't exist for the legal interception of the ciphered communications
Solution zCiphered zCryptography of public key zElectronic signature zPreserves the identification and the integrity zCiphered of confidentiality zGuarantees the secret of the content zCertification entities zMake public the keys and their holder's attributes
The mark for a regulation zLaw of digital signature of the State of Utah (1995) zGerman law to regulate the general conditions of the Services of Information and Communication (1997) zItalian regulation about the approaches and modalities for the formation, the file and the transmission of documents with computer and telematic instruments (1998) zFrench regulation on cryptography (1998 and 1999) zSurvey of the Department of Trade and Industry of the United Kingdom on cryptographic legislation (1999). Parlament Bill (in discussion) zProposals of the European Union (from 1997)
Normative solutions zSPANISH LEGAL CONTEXT zGeneral Law of Telecommunications (1998) zOrganic Law of the Judicial Power (1994) zLaw of Civil Procedure (2000) zLaw of the Public Administrations (1992) zLaw of Accompaniment to the Budgets of 1998 zSentence of the High Court of 3 Nov zContracts between users and certification entities z Reglament of the Tax on the Incomes of Physical People of 1999
Normative solutions (electronic signature) zRoyal Decret Law 14/1999 September 17 on electronic signature zDirective 1999/93/ec of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures(DOCE 19.I.2000)
General Law of Telecommunications (1) zArts. 49 at 53: z1. It is remembered the principle of the secret of the communications regulated in the Constitution (arts and 55.2) and in the Law of Criminal Prosecution (art. 579). The principle is of forced execution by the operators that gives services or exploit nets of telecommunications. z2. It is settled down the possibility of using the ciphered of the messages as mean of protection of the same ones. It is made the forecast that the norms in development of the law will be able to settle down «conditions for the procedures of ciphered».
General Law of Telecommunications (2) zArts. 49 at 53: z3. It is settled down that in that referred to the ciphered that guarantees the confidentiality the Government «will be able to impose the obligation of notifying well to an organ of the General Administration of the State or to a public organism, the used algorithms or any procedure of ciphered to effects of their control, in correspondance with the effective normative». z4. The operators of nets or services «that use any procedure of ciphered, will facilitate to the General Administration of the State without cost some for this and to effects of the opportune inspection, the decodifier device that use».
Organic Law of the Judicial Power (1) zArt. 230, 1994 reform: z1. The Tribunals will be able to use any technical, electronic, computer and telematic means, for the development of their activity and exercise of their functions z2. The documents emitted by the previous means, whichever it is their support, will enjoy the validity and effectiveness of an original document whenever it is guaranteed their authenticity, integrity and the execution of the procedural requirements.
Organic Law of the Judicial Power (2) zArt. 230, 1994 reform: z3. The cases that are processed with support computer means will guarantee the identification and the exercise of the jurisdictional function... as well as the confidentiality, privacy and security of the data of personal character that contain... z4. People that demand the judicial protection of their rights and interests will be able to be related with the Administration of Justice through the technical means to that the first section refers when they are compatible with those that prepare the Tribunals and they respect the guarantees and requirements foreseen in the procedure.
Law of Civil Procedure zArt. 152 zThe processal communication acts made by electronic, computers and similar means are possible zArts. 299 and from 382 to 384 zThe means and tools that can reproduce words, date, numbers and mathematics operation are evidence
Law of the Public Administrations (1992) (1) zArt. 38, regulation of 1999: zThe registrations will be in computer support zThe Public Administrations will have «intercomunicación systems and coordination of registrations that guarantee their computer compatibility, as well as the telematic transmission of the seats registers them and of the applications, writings, communications and documents that are presented in anyone of the registrations»
Law of the Public Administrations (1992) (2) zArt. 45: incorporation of technical means zThe art. establishes the use of technical and electronic, computer and telematic means for the Public Administrations zThe citizens will be able to use them in relationships with PPAA. zTheir use will guarantee the identification zThe documents generated by these means will have validity... whenever it is guaranteed their authenticity, integrity and conservation zR.D. 263/1996, 16 February regulates the use of electronic, computer and telematic techniques for the General Administration of the State
Law of Accompaniment to the Budgets of 1998 zArt. 79: authorizes to the National Factory of Currency and Bell and to the Public Entity of Mail and Telegraphs to the benefit of necessary technical and administrative services to guarantee the security, validity and effectiveness of the emission and reception of communications and documents through technical and electronic, computer and telematic means. zAuthorization to be constituted as suppliers of certification services
Sentence of the High Court of 3 Nov z«In consequence, although, the same as in the case of the common documents, it can have electronic documents without signature, the electronic document (and, especially, the electronic document with function of mercantile turn) it is firmable, in the sense that the requirement of the hand signature or equivalent ican be substituted, for the side of the cryptography, by means of figures, signs, codes, bars, keys or other alpha-numeric attributes that allow to assure the origin and truthfulness of their responsibility and the authenticity of their content».
Contracts between users and certification entities zVeri Sign zAgency of Electronic Certification (ACE) zSISCER (System of Certification) zNational factory of Currency and Bell (FNMT) zFoundation for the Study of the Security of the Telecommunications (FESTE)
Spanish Royal Decree zOn electronic signature zIt gives legal effects to the electronic signature zRegulation of the certification services providers zRegister for the certification services providers zAdministrative inspection of the cert. ser. prov. zRegulation on the expedition and loss of legal validity of the certificates zInfractions and sanctions
Directive zLegal Mark for the certification services proviiders zDefinition of the European requirements for the certi. ser. prov. and the certificates zAcknowledges different techniques of electronic signature zPromotes the free offert of services, without need of previous authorization zAccepts the introduction of voluntary systems of accreditation zPromotes the juridical validity of the electronic signatures zIntroduces norms on liability zIntroduces mechanisms of international cooperation
Directive: technical features zRequirements for qualified certificates zRequirements for certification service providers issuing qualified certificates zRequirements for secure signature creation devices zRecommendations for secure signature verification
The norms in the practice zThe telematic declaration of tax (societies and incomes) zThe telematic transmission of notifications between Courts and Procurators zThe contracts of purchases by telephone (Royal Decree December ) zThe exchange documents in electronic format (PISTA) zThe development of technical standards: European Electronic Signature Standardization Initiative (EESSI) zThe application of the electronic signature zThe certification from legal institutions
Criptography in the Courts (1) zProject Aequitas Procuradores (1998) zParticipants: zGeneral Council of the Procurators from Spain (through the School of Zaragoza) zGovernment from Aragon zMinistry of Justice zGeneral Council of the Judicial Power zPSINet zUniversity of Zaragoza
Criptography in the Courts (2) zObject of the project: zTelematic transmission of notifications zFrom the Courts to Procurators zFrom Procurators to the Courts zTo other institutions, jurists and citizens
Certification (1) zFESTE (November 1997): zGeneral Council of the Corridors of Trade zGeneral Council of the Notaries zGeneral Council of the Legal profession zUniversity of Zaragoza zPSINet
Certification (2) zFunctions: RULES HOMOLOGATION PROVIDER INTRANETS STUDIES FORMATION CERTIFICATES (PROOF)
Certification (3) zCertificates: proof
Conclusion zThere are enough references for the use of the basic mechanisms that are lighting the installation of the society of the telecommunications. zIn short: there are solutions for the use of the cryptography as mechanism of projection of the electronic trade in the widest sense in the expression: sale and purchase of products and communication among the citizens and the Public Administrations.