Electronic IDentification, Authentication, and trust Services (eIDAS) is the European Regulation 910/2014 for electronic identification and trust services for electronic transactions on the EU internal market. This is a truly crucial document because it provides a common regulatory basis for secure electronic interactions between citizens, businesses, and public administrations in the European Union. In addition, it deals with the security, transparency, and effectiveness of electronic services and e-business and e-commerce transactions.
The issue, as we understand, is sensitive, decisive, and unavoidable. Starting with the eIDAS regulation, therefore, unique standards are being created for everything from electronic signatures, digital certificates, time stamps, and digital preservation.
The ultimate goal? To reach the ambitious goal of complete digitization of relations between citizens, businesses and public administrations not only within individual states, but in the broader economic and social ecosystem of the European Union.
Please note: this is not just about dematerialization, but digitization. It’s good to dwell quickly on the difference between these two concepts in the next section, because it’s an indispensable premise to the topic of digital preservation and the novelties brought by the new eIDAS regulation. A preliminary point: the difference between digitization and dematerialization
Digitization and dematerialization: these two terms are sometimes used synonymously. But this is a mistake. In fact, there are decisive differences that also affect the legal and evidentiary level.
Therefore, let’s set the record straight. Dematerialization processes replace analog documents with their computerized counterpart: a contract in PDF/A instead of a paper one; an expense report scanned and digitally signed in accordance with the standard, before being electronically stored. In short, it’s about replacing paper with bits.
Digitization, on the other hand, goes further in that it involves the processes upstream of the creation of these same documents. It’s only through the digitization of processes that one can truly improve efficiency levels and reap all the benefits that innovation brings. In this way, paper documents and analog processes can be completely eliminated, as digital counterparts take on a
full legal and evidentiary value due to the fact that structured, secure and reliable processes are behind their creation, management and preservation. There are many benefits of digitization.
Time and money are saved. You improve the efficiency and fluidity of searching and sharing. Compilation errors are reduced. The risks of loss and tampering are eliminated. Security is increased. And all of this happens simultaneously, in a virtuous circle. But that’s still not all. Digitization offers a number of opportunities that go beyond simple fulfillment: opportunities that start with electronic filing and then positively impact CRM (Customer Relationship Management) and CCM (Customer Communication Management) processes.
We will focus on these opportunities in the final section of this post. But, now, let’s focus on what’s new regarding digital preservation in the new eIDAS regulation. New changes that aren’t yet official, but which we can see from the drafts that have begun to circulate.
New eIDAS regulation: Impact on digital preservation
June 3, 2021: This is the date when the European Commission proposed changes for the eIDAS regulation, 7 years after it was first published. There are many proposed changes, but the ones we are interested in here are those related to digital preservation. This is referred to in Articles 47 and 48, the texts of which we quote in full:
- Article 47:
Electronic storage: a service that enables the receipt, storage, deletion, and transmission of electronic data or documents in order to ensure the integrity, source accuracy, and legal characteristics of such data or documents throughout the storage period.
- Article 48:
“Qualified electronic storage service” is a service that meets the requirements of Article 45g. And here is what Article 45g, quoted above, states:
- Article 45g:
A qualified electronic document storage service may only be provided by a qualified trust service provider that uses procedures and technologies capable of extending the reliability of the electronic document beyond the period of technological validity.
Within 12 months after the entry into force of this regulation, the Commission, by means of implementing acts, shall establish the reference numbers of the standards applicable to electronic storage services. These implementing acts shall be adopted in accordance with the examination procedure referred to in Article 48(2).” Let us get out of the legislative language and try to isolate the decisive elements that emerge from these articles.
First, we see a distinction between simple “electronic filing” and “qualified electronic filing” services. This differentiation closely resembles that between SERC (Certified Electronic Delivery Service) and SERCQ (Qualified Certified Electronic Delivery Service), which we focused on in our previous post.
In both of these cases, the term “qualified” marks a decisive difference, in terms of guarantees and security; hence, procedures. In the specific case of qualified electronic storage, there is a crucial passage that explicitly states that you must use a “qualified trust service provider.” In short, the pathway is open for the possibility that digital preservation service will also become a qualified service, as is already the case with SERCQ services but also to those related to electronic signatures.
At the moment this is not the case: archiving, at least in Europe, is a much less regulated service and the margins of discretion for individual countries are still very wide. But that is not all; the Italian situation regarding electronic storage has peculiarities, which we will discuss in the next section.
Digital preservation in Italy: how does it fit into the European landscape?
Let’s start with a detail that has to do with terms. Mind you, these are not insignificant: when these kinds of regulations are at stake, the terminology is decisive. The draft eIDAS regulation refers to “digital archiving,” which is a concept that differs from the Italian concept of digital preservation.
In particular, the definition of electronic archiving can be seen as a larger whole that contains the subset of digital preservation. Digital preservation is described on the Agenzia per l’Italia Digitale website as “the activity of protecting and preserving archives of computerized documents and data over time.” The same site also states:
“The preservation system, as provided for in Article 44 of the CAD, guarantees authenticity, integrity, reliability, readability, and retrievability of computer documents. The Digital Italy Agency defines the operational methods for carrying out the preservation activity, namely:
- nature and function of the system;
- organizational models;
- roles and functions of those involved;
- description of the preservation process;
- professional profiles of managers employed in the preservation process.”
In conclusion, another topical issue should be brought out, which always concerns the same front. As of Jan. 1, 2022, the “Guidelines for the formation, management, and preservation of computer documents” and the “Regulations on criteria for the provision of computer document preservation services.” These are regulations with a significant impact on the processes of companies that provide services primarily to the public administration, but secondarily also to private individuals.
We have explored the main changes introduced by the new regulations in our white paper, specifically:
- the purpose and impacts of the new Guidelines;
- the new set of mandatory minimum metadata;
- how the changes impact the digital preservation system infrastructure;
- the introduction of process certification;
- the preservation of tax and fiscal documents in light of the new Guidelines.
Watch out, then, for what the European Commission itself notes in the introductory paragraph to the new eIDAS regulation: “This framework could also open up new market opportunities for trusted service providers in the Union.”
Opportunities that apply, all the more so, to the Italian context. And it doesn’t just concern service providers but also the businesses that make use of these services. We’ll close the post on this point.
Beyond compliance – the opportunities of mature digitization
When we talk about digitization, dematerialization, and digital preservation, we have to remember: these aren’t just requirements, but opportunities to be seized. Especially for businesses. Of course, there are great advantages in terms of security, transparency, convenience, sharing, increased efficiency, which we have already discussed above. But the real goal to aim for is digital maturity; which is about integrating all sides that are involved in dematerialization. A work that operates in breadth and depth.
With the tools offered by specialized companies such as Doxee, companies can integrate all qualified certification and authentication tools, with those related to digital preservation, all the way down to marketing and customer communication departments. To put it another way: you revolutionize CRM (Customer Relationship Management) systems in a digital sense, and as a result, you also have an extremely positive impact on CCM (Customer Communication Management) systems.
This is the real paradigm shift, the real change of mindset that every business must embrace to best meet the challenges of the present…and those of the future!