1 / 15

Legal Reflexions concerning Digital Archiving

Legal Reflexions concerning Digital Archiving. ECPRD twin seminar Brussels - The Hague 2002 ______ DIGITALISATION OF PARLIAMENTARY INFORMATION AND ARCHIVES. Jos Dumortier K.U.Leuven University – Belgium Interdisciplinary Centre for Law & ICT (ICRI). Introduction.

lucius
Download Presentation

Legal Reflexions concerning Digital Archiving

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Legal Reflexions concerning Digital Archiving ECPRD twin seminar Brussels - The Hague 2002 ______ DIGITALISATION OF PARLIAMENTARY INFORMATION AND ARCHIVES Jos Dumortier K.U.Leuven University – Belgium Interdisciplinary Centre for Law & ICT (ICRI)

  2. Introduction • The law is progressively adapted in order to take account of the electronic environment • Problem remains: how to guarantee securer and trustworthy archival of digital data • Most difficult problem: electronic signatures

  3. digital signatures electronic signatures Terminology electronic signaturesproduced with digital signature tool

  4. Terminology • Electronic Signatures: • “all kinds of (electronic) substitutes for hand-written signatures” • Digital Signatures: • one technical solution (public key cryptography) • many other applications besides electronic signatures (seals, envelopes, receipts, …)

  5. European legal framework • E-Signature Directive: • open EU market for e-signatures services and products • “qualified” e-signatures equivalent to hand-written signatures • E-Commerce Directive • obligation to remove all obstacles for electronic contracts

  6. InterPARES Authenticity Task Force “Digital signature and public key infrastructure (PKI) were never intended to be, and are not currently viable as a means of ensuring the authenticity of electronic records over time”

  7. Important distinction • Digital signatures used as “archivist’s seal”: tool to control the integrity of the archived data • Electronic signatures attached to data presented for archival: how to keep the signature intact?

  8. Major difficulty: “migration” • Problem: if the archived data change (even one bit) the signature is no longer valid • Proposed solution: • strip the signature before archiving the data and transform it into metadata • the archivist will guarantee the authenticity and integrity of the data (“trusted archival chain”)

  9. Why is this solution not acceptable? • not compatible with the recently created legal framework • the signature should often remain intact for legal purposes (non-repudiation) • the solution only “shifts” the problem: how to guarantee the archivist’s seal?

  10. Need for standardized solution for archiving digital signatures • First European attempts: • ETSI TS 101733: Electronic Signature Formats • ETSI TS 101903: XML Advanced E-Signatures • But need for dedicated standardization initiative with more involvement of professional record keepers

  11. ETSI TS 101733 Aim is: how to guarantee security of a signature over a long period of time?

  12. But what about “migration”? • Even if you have a very secured signature, strong enough to remain intact over a long period of time: if one bit in the signed data change, the signature is useless • Our view: even if there is not a “perfect” solution, we need to tacke this issue in the best possible way

  13. Possible measures • reduce need to migrate by using open standardized document formats (e.g. XML) • stimulate secure trusted archival services • possibly separate “normal” archival service and “signature keeping” • minimal legal framework (liability, stability, …) • develop standards (best practices) • supervision is necessary

  14. The debate remains open .. Jos Dumortier K.U.Leuven University Faculty of Law – ICRI jos.dumortier@law.kuleuven.ac.be http://www.icri.be

  15. The debate remains open .. Jos Dumortier & Sofie Van Den Eynde K.U.Leuven University Faculty of Law – ICRI jos.dumortier@law.kuleuven.ac.be sofie.vandeneynde@law.kuleuven.ac.be http://www.icri.be

More Related