1 / 10

Regulatory Considerations for the Establishment of a Global Public Key Infrastructure (PKI)

Learn about the regulatory aspects to consider when establishing a Global Public Key Infrastructure (PKI), including certification services, cryptographic product regulations, data protection legislation, consumer protection legislation, document retention requirements, and sector-specific regulations.

debbiecharles
Download Presentation

Regulatory Considerations for the Establishment of a Global Public Key Infrastructure (PKI)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Regulatory Considerations for the Establishment of a Global Public Key Infrastructure (PKI) Juan A. Avellán Chief Legal Officer WISeKey S.A. Email: juan@wisekey.ch

  2. The WISeKey Global PKI Main Characteristics • Global and Multi-Sectoral Deployment • Cooperation with the ITU for Deployment in Developing Countries • Seek Involvement of Private and Public Sector Entities

  3. The Fundamental Areas • Regulation of Certification Services • Restrictions on Cryptographic Products & Services • Data Protection Legislation • Consumer Protection Legislation • Document Retention Requirements • Sector-Specific Regulations

  4. Regulation of Certification Services • Licensing and Accreditation Regimes: • Liability Issues • Satisfaction of Evidence Rules and Form Requirements • Business Models defined by Regulation • Recognition of Foreign Certification Service Providers

  5. The Regulation of Cryptographic Products • The Wassenaar Arrangement and Divergent National Realities • Differences in the meaning of “Cryptographic Products” • Political Dimensions of PKI • The Logistics of Deploying Cryptographic Products Globally

  6. Data Protection Legislation • Data Subject Authorisation as a Means of Compliance • Distinction Between Public Data and Confidential Data • Distribution of the Burden of Compliance • Contracts as a Means of Ensuring Local Compliance

  7. Consumer Protection Legislation • The Problems of Providing Certification Services to Consumers Globally • The Contractual Chain as a Means of Achieving Local Compliance • The Certificate Validation Problem (vis a vis the credit card schemes)

  8. Record Retention Requirements • Certification Authority and their Record Retention Needs • Tax Law Requirements • Statute of Limitations / Prescription of Judicial Actions • Public Registries • Electronic Voting, E-Government,.... • Etc...

  9. Sector-Specific Requirements • Public Registries (Land, Trade, Civil, etc.) • E-Procurement • Electoral Systems • Administrative Law • Judicial Procedures • Health Services • Electronic Banking • Etc...

More Related