360 likes | 509 Views
The electronic signature. Fernando Galindo Philosophy of Law University of Zaragoza Bologna University Bologna April 28 2000. The electronic signature. Problems: communications in Internet and threatened Rights Solution The mark for a regulation Normative solutions
E N D
The electronic signature Fernando Galindo Philosophy of Law University of Zaragoza Bologna University Bologna April 28 2000
The electronic signature • Problems: communications in Internet and threatened Rights • Solution • The mark for a regulation • Normative solutions • The norms in the practice • Conclusion
Communications in Internet (1) • First.- Internet as exception solution: communication in military crisis (nuclear war) • Second.- Partial solution: scientific and academic communications • Thrid.- Global solution: electronic trade and security of the State
Communications in Internet (2) • The users' identification of the telematic messages • It is not easy to know who sends them, to who they are sent or when they are sent • Integrity of the messages • The messages can be modified by another person • Confidentiality of the messages • They can be seen by other people
The threatened Rights (1) • Juridical security (Cons. art.9.3): " it doesn't exist when there is a document in a municipal file of which is ignored who presents it, when presents it, on behalf of who presents it and for what reason presents it..." (TS 3.ª S, 17 Jul. 1987.- Presenter: Mr. Martín Herrero). In the same way it doesn't exist when the electronic messages that consist on a simple electronic testimony of their mere emission and reception, are not reliable
The threatened Rights (2) • The person's dignity and their inviolable rights that are inherent (Cons. art. 10): they cannot be respected when the real data of the originator or the receiver of the message are not known
The threatened Rights (3) • Privacy and secret of the communications (Cons. art. 18): "they imply the existence of an own and reserved environment in front of the action and knowledge of the other ones, necessary according to the rules of our culture to maintain a minimum quality of humane life"(TC 2.ª S, 231/1988 of 2 Dic. - Presenter: Mr. López Guerra)
The threatened Rights (4) • Market freedom (Cons. art. 38): it cannot exist when there is not security in the mercantile traffic and it is not known, with certainty, the name of the buyers neither, therefore, there is guarantee with regard to their payment capacity
The threatened Rights (5) • The consumer’s and user’s defense (Cons. art. 51), it cannot be carried out when one doesn't know who are the consumers or the salespersons
The threatened Rights (6) • "The police action in the functions of verification and discovery of the crime and the criminal's prosecution" (Cons. art. 126). It cannot put into practice in case forecasts don't exist for the legal interception of the ciphered communications
Solution • Ciphered • Cryptography of public key • Electronic signature • Preserves the identification and the integrity • Ciphered of confidentiality • Guarantees the secret of the content • Certification entities • Make public the keys and their holder's attributes
The mark for a regulation • Law of digital signature of the State of Utah (1995) • German law to regulate the general conditions of the Services of Information and Communication (1997) • Italian regulation about the approaches and modalities for the formation, the file and the transmission of documents with computer and telematic instruments (1998) • French regulation on cryptography (1998 and 1999) • Survey of the Department of Trade and Industry of the United Kingdom on cryptographic legislation (1999). Parlament Bill (in discussion) • Proposals of the European Union (from 1997)
Normative solutions • SPANISH LEGAL CONTEXT • General Law of Telecommunications (1998) • Organic Law of the Judicial Power (1994) • Law of Civil Procedure (2000) • Law of the Public Administrations (1992) • Law of Accompaniment to the Budgets of 1998 • Sentence of the High Court of 3 Nov. 1997 • Contracts between users and certification entities • Reglament of the Tax on the Incomes of Physical People of 1999
Normative solutions (electronic signature) • Royal Decret Law 14/1999 September 17 on electronic signature • Directive 1999/93/ec of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures(DOCE 19.I.2000)
General Law of Telecommunications (1) • Arts. 49 at 53: • 1. It is remembered the principle of the secret of the communications regulated in the Constitution (arts. 18.3 and 55.2) and in the Law of Criminal Prosecution (art. 579). The principle is of forced execution by the operators that gives services or exploit nets of telecommunications. • 2. It is settled down the possibility of using the ciphered of the messages as mean of protection of the same ones. It is made the forecast that the norms in development of the law will be able to settle down «conditions for the procedures of ciphered».
General Law of Telecommunications (2) • Arts. 49 at 53: • 3. It is settled down that in that referred to the ciphered that guarantees the confidentiality the Government «will be able to impose the obligation of notifying well to an organ of the General Administration of the State or to a public organism, the used algorithms or any procedure of ciphered to effects of their control, in correspondance with the effective normative». • 4. The operators of nets or services «that use any procedure of ciphered, will facilitate to the General Administration of the State without cost some for this and to effects of the opportune inspection, the decodifier device that use».
Organic Law of the Judicial Power (1) • Art. 230, 1994 reform: • 1. The Tribunals will be able to use any technical, electronic, computer and telematic means, for the development of their activity and exercise of their functions • 2. The documents emitted by the previous means, whichever it is their support, will enjoy the validity and effectiveness of an original document whenever it is guaranteed their authenticity, integrity and the execution of the procedural requirements.
Organic Law of the Judicial Power (2) • Art. 230, 1994 reform: • 3. The cases that are processed with support computer means will guarantee the identification and the exercise of the jurisdictional function... as well as the confidentiality, privacy and security of the data of personal character that contain... • 4. People that demand the judicial protection of their rights and interests will be able to be related with the Administration of Justice through the technical means to that the first section refers when they are compatible with those that prepare the Tribunals and they respect the guarantees and requirements foreseen in the procedure.
Law of Civil Procedure • Art. 152 • The processal communication acts made by electronic, computers and similar means are possible • Arts. 299 and from 382 to 384 • The means and tools that can reproduce words, date, numbers and mathematics operation are evidence
Law of the Public Administrations (1992)(1) • Art. 38, regulation of 1999: • The registrations will be in computer support • The Public Administrations will have «intercomunicación systems and coordination of registrations that guarantee their computer compatibility, as well as the telematic transmission of the seats registers them and of the applications, writings, communications and documents that are presented in anyone of the registrations»
Law of the Public Administrations (1992)(2) • Art. 45: incorporation of technical means • The art. establishes the use of technical and electronic, computer and telematic means for the Public Administrations • The citizens will be able to use them in relationships with PPAA. • Their use will guarantee the identification • The documents generated by these means will have validity... whenever it is guaranteed their authenticity, integrity and conservation • R.D. 263/1996, 16 February regulates the use of electronic, computer and telematic techniques for the General Administration of the State
Law of Accompaniment to the Budgets of 1998 • Art. 79: authorizes to the National Factory of Currency and Bell and to the Public Entity of Mail and Telegraphs to the benefit of necessary technical and administrative services to guarantee the security, validity and effectiveness of the emission and reception of communications and documents through technical and electronic, computer and telematic means. • Authorization to be constituted as suppliers of certification services
Sentence of the High Court of 3 Nov. 1997 • «In consequence, although, the same as in the case of the common documents, it can have electronic documents without signature, the electronic document (and, especially, the electronic document with function of mercantile turn) it is firmable, in the sense that the requirement of the hand signature or equivalent ican be substituted, for the side of the cryptography, by means of figures, signs, codes, bars, keys or other alpha-numeric attributes that allow to assure the origin and truthfulness of their responsibility and the authenticity of their content».
Contracts between users and certification entities • Veri Sign • Agency of Electronic Certification (ACE) • SISCER (System of Certification) • National factory of Currency and Bell (FNMT) • Foundation for the Study of the Security of the Telecommunications (FESTE)
Spanish Royal Decree • On electronic signature • It gives legal effects to the electronic signature • Regulation of the certification services providers • Register for the certification services providers • Administrative inspection of the cert. ser. prov. • Regulation on the expedition and loss of legal validity of the certificates • Infractions and sanctions
Directive • Legal Mark for the certification services proviiders • Definition of the European requirements for the certi. ser. prov. and the certificates • Acknowledges different techniques of electronic signature • Promotes the free offert of services, without need of previous authorization • Accepts the introduction of voluntary systems of accreditation • Promotes the juridical validity of the electronic signatures • Introduces norms on liability • Introduces mechanisms of international cooperation
Directive: technical features • Requirements for qualified certificates • Requirements for certification service providers issuing qualified certificates • Requirements for secure signature creation devices • Recommendations for secure signature verification
The norms in the practice • The telematic declaration of tax (societies and incomes) • The telematic transmission of notifications between Courts and Procurators • The contracts of purchases by telephone (Royal Decree December 17 1999) • The exchange documents in electronic format (PISTA) • The development of technical standards: European Electronic Signature Standardization Initiative (EESSI) • The application of the electronic signature • The certification from legal institutions
Criptography in the Courts (1) • Project Aequitas Procuradores (1998) • Participants: • General Council of the Procurators from Spain (through the School of Zaragoza) • Government from Aragon • Ministry of Justice • General Council of the Judicial Power • PSINet • University of Zaragoza
Criptography in the Courts (2) • Object of the project: • Telematic transmission of notifications • From the Courts to Procurators • From Procurators to the Courts • To other institutions, jurists and citizens
Certification (1) • FESTE (November 1997): • General Council of the Corridors of Trade • General Council of the Notaries • General Council of the Legal profession • University of Zaragoza • PSINet
Certification (2) • Functions: • RULES • HOMOLOGATION • PROVIDER • INTRANETS • STUDIES • FORMATION • CERTIFICATES (PROOF)
Certification (3) • Certificates: proof http://www.feste.com
Conclusion • There are enough references for the use of the basic mechanisms that are lighting the installation of the society of the telecommunications. • In short: there are solutions for the use of the cryptography as mechanism of projection of the electronic trade in the widest sense in the expression: sale and purchase of products and communication among the citizens and the Public Administrations.