Trust Service Providers
Ó An Roinn Comhshaoil, Aeráide agus Cumarsáide
Foilsithe
An t-eolas is déanaí
Teanga: Níl leagan Gaeilge den mhír seo ar fáil.
Ó An Roinn Comhshaoil, Aeráide agus Cumarsáide
Foilsithe
An t-eolas is déanaí
Teanga: Níl leagan Gaeilge den mhír seo ar fáil.
The present list is the trusted list including information related to the qualified trust service providers (TSPs) which are supervised by Ireland, together with information related to the qualified trust services provided by them, in accordance with the relevant provisions laid down in Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC.
The cross-border use of electronic signatures has been facilitated through Commission Decision 2009/767/EC of 16 October 2009 which has set the obligation for Member States to establish, maintain and publish trusted lists with information related to certification service providers issuing qualified certificates to the public in accordance with Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures and which are supervised/accredited by the Member States. The present trusted list is the continuation of the trusted list established with Decision 2009/767/EC.
Trusted lists are essential elements in building trust among electronic market operators by allowing users to determine the qualified status and the status history of trust service providers and their services.
The trusted lists of Member States include, as a minimum, information specified in Articles 1 and 2 of Commission Implementing Decision (EU) 2015/1505.
Member States may include in the trusted lists information on non-qualified trust service providers, together with information related to the non-qualified trust services provided by them. It shall be clearly indicated that they are not qualified according to Regulation (EU) No 910/2014.
Member States may include in the trusted lists information on nationally defined trust services of other types than those defined under Article 3(16) of Regulation (EU) No 910/2014. It shall be clearly indicated that they are not qualified according to Regulation (EU) No 910/2014.
The legal basis for electronic signatures in Ireland are the Electronic Commerce Act, 2000 and the statutory instrument issued Electronic Commerce (Certification Service providers Supervision Scheme) Regulations 2010, SI No 233 of 2010.
The Department of the Environment, Climate and Communications (DECC) supervises TSPs established in Ireland who issue Qualified Certificates.
Such TSPs must comply with the requirements of the Regulation (EU) No 910/2014, the Act and the SI 233 of 2010.
In the course of supervision, compliance with the requirements of the Regulation, the Act and the SI are determined. This also includes determination whether a CSP complies with the information presented in its security and certification policy (for example, compliance with certain technical standards).
Ireland's Trusted List is established, maintained and published by DECC.
The European Commission Trusted List Browser gives details of trusted lists for other EU member states.
Supervision of trust service providers established in the state who issue qualified certificates to the public.
The Minister is required under section 29(3) of the E-Commerce Act 2000 to prescribe a scheme of supervision of certification service providers (CSPs) established in the state who issue qualified certificates to the public. Regulations were made by the Minister on 31 May 2010. Under the eIDAS Regulation of 2014 (EU 910/2014), the term trust service providers is used in place of certification service providers.
These regulations require that TSP's/CSP’s who issue qualified certificates to the public notify the Minister when they commence providing certain E-Commerce sector services. These regulations also require that they provide evidence annually thereafter that the qualified certificates which they issue to the public meet the requirements of Annex I of the schedule of the E-Commerce Act 2000. A Trust/Certification Service Provider must itself meet the requirements of Annex II of the eIDAS Regulation/Annex II of the E-Commerce Act 2000.
The definitions in Artlcle 3 of the eIDAS Regulation apply.
The definitions in the E-Commerce Act, 2000 apply:
“certificate” means an electronic attestation which links signature verification data to a person or public body, and confirms the identity of the person or public body
“certification service provider” means a person or public body who issues certificates or provides other services related to electronic signatures
“electronic signature” means data in electronic form attached to, incorporated in or logically associated with other electronic data and which serves as a method of authenticating the purported originator, and includes an advanced electronic signature
“qualified certificate” means a certificate which meets the requirements set out in Annex I and is provided by a certification service provider who fulfils the requirements set out in Annex II
Currently, the Irish National Accreditation Board oversee any Irish certification bodies who certify that clients meet the requirements in Annex II of the E-Commerce Act 2000.
The Department lists those Trust Service Providers issuing qualified certificates who have provided to the Supervisory Body a conformance assessment report and have subsequently been granted qualified status.
All trust service providers established in the State who issue qualified certificates to the public are reminded that they should notify the Minister. They must also provide evidence of fulfilling the requirements in accordance with the Regulation and law in order to remain on the list.
Adobe Systems Software Ireland limited have been granted qualified status in relation to a Timestamp Service.
TrustPro QTSP Ltd have been granted qualified status in relation to e-Signature and s-Seal.
The intention of the eIDAS Regulation is to provide certainty and legal standing to trust services which can be recognised across the European Union. There is no obligation to used TSPs listed in the Irish trusted list. The European Commission Trusted List Browser gives details of trusted lists for other EU member states