eIDAS Stakeholder event: Workshop on Website Authentication – opportunities and challenges for the market

08 March 2016
Brussels, Belgium

Website authentication is paramount in the effort to leverage trust services as key enablers of the Digital Single Market that must be built on reliable, trustworthy, high-speed, affordable networks and services that safeguard consumers' fundamental rights to privacy and personal data protection while also encouraging innovation.

The Digital Single Market (DSM) strategy opens up opportunities to further promote market digitisation, unleashing the potential of new business models and unlocking benefits to different sectors of the European market, while aiming at reinforcing trust and security in digital services. The rolling out of the eIDAS Regulation, adopted in July 2014, is a major step towards reaching DSM objectives: it offers a stable legal framework for electronic identification and trust services – like electronic signatures, seals, time stamps, electronic registered delivery services and website authentication - allowing EU citizens, businesses, and public administrations to confidently and conveniently go digital.

The provisions on trust services will apply as early as from 1 July 2016, just a few months away. In this regard, while some trust services – such as electronic signatures - have been regulated at EU level for a while, the eIDAS Regulation introduced new provisions for new trust services. Website authentication is one of these services.

Website authentication is paramount in the effort to leverage trust services as key enablers of the DSM that must be built on reliable, trustworthy, high-speed, affordable networks and services that safeguard consumers' fundamental rights to privacy and personal data protection while also encouraging innovation.

By providing clear requirements for website authentication certificates to be trustworthy together with minimal obligations for providers of such certificates with regard to the security of their operations, their liability and the (light-touch) supervision regime, the Regulation will ensure:

transparency of service quality offered to users as it ensures that users (in particular citizens and SMEs) are reassured that behind the website there is a person on which trustworthy information are provided.,
accountability of providers with regard to security of their services,
trustworthiness of the data associated to authenticated websites,
technological neutrality of services and solutions.

Under this framework, the Commission will organise a workshop on Website Authentication with the objective to give the opportunity to all actors to discuss the implementation of the new set of rules as well as to get ready to fully reap the benefits offered by qualified certificates for Website Authentication.

The workshop will be held on 8 March 2016 gathering key stakeholders such as national authorities, Certification Authorities, web browser manufacturers and representatives of sectors using website authentication certificates.

If you would like to take part in the event, please contact us by briefly stating your interest and pointing out any specific issues that you would like to be addressed. Please note that participation will be by invitation only and will be confirmed shortly after the above deadline.