US embassy cable - 00THEHAGUE1937

Disclaimer: This site has been first put up 15 years ago. Since then I would probably do a couple things differently, but because I've noticed this site had been linked from news outlets, PhD theses and peer rewieved papers and because I really hate the concept of "digital dark age" I've decided to put it back up. There's no chance it can produce any harm now.

THE NETHERLANDS: EU DIGITAL SIGNATURE DIRECTIVE

Identifier: 00THEHAGUE1937
Wikileaks: View 00THEHAGUE1937 at Wikileaks.org
Origin: Embassy The Hague
Created: 2000-06-27 13:44:00
Classification: UNCLASSIFIED
Tags: ECPS EINT ETRD EUN
Redacted: This cable was not redacted by Wikileaks. 
This record is a partial extract of the original cable. The full text of the original cable is not available.


UNCLAS THE HAGUE 001937 
 
SIPDIS 
 
 
E.O. 12958: N/A 
TAGS: ECPS, EINT, ETRD, EUN 
SUBJECT: THE NETHERLANDS: EU DIGITAL SIGNATURE DIRECTIVE 
 
 
REF: STATE 84614 
 
 
1. Summary.  Emboff met with Ministry of Economic Affairs 
official Martin Buys to discuss Dutch implementation of the 
directive.  The GON is drafting legislation, therefore no 
public version is available.  Buys said that the GON wishes 
to limit government involvement in electronic signatures, 
allowing market forces to be the largest determinant. End 
summary.  Responses follow in the same order as the questions 
in paragraph 9 of Reftel. 
 
 
2. The GON is drafting legislation, therefore no public 
version is available.  Principle drafters include a judicial 
advisory board, the Council of State (Raad van State), the 
Ministry of Transportation, Public Works and Water 
Management, and the Ministry of Justice.  The main concern of 
the Ministry of Transport (which deals with 
telecommunication) is the implementation of Article 3(3). 
This article requires member states to establish a system for 
supervision of certification-service-providers.  According to 
Buys, the GON finds it difficult to implement Article 3(3) 
because Article 3(1) states that provision of certification 
services requires proper authorization.  The GON is unsure of 
its legal authority, therefore it is attempting to implement 
Article 3(3) on a lower level, only requiring supervision of 
certification-service-providers offering advanced digital 
signatures. 
 
 
3. The Ministry of Justice is working to implement Article 
5(1), concerning the legality of electronic signatures. 
Digital signatures are already admissible in Dutch courts, 
due to previous legislation and what the Dutch term "freedom 
of evidence," giving wide scope to what is admissible in a 
court of law.  The GON is more concerned with making digital 
signatures legally equal to handwritten signatures. 
 
 
4. Recital 16 sets forth basic guidelines for the regulatory 
framework needed on intranet and internet.  In the 
Netherlands, the discussion surrounding Recital 16 centers 
around the ability of the GON to place higher standards on 
government use than the directive requires. The GON 
determined that the private sector may choose to go beyond 
guidelines given in the directive, but that the government 
should not. 
 
 
5. The Netherlands already has a voluntary non-licensing 
scheme through Trusted Third Party Group, TTP, a nationally 
operating IT service provider managed by the Dutch 
association for electronic commerce, ECPN (Electronic 
Commerce Platform Netherlands). This can be accessed via the 
website ecp.nl. The GON is concerned with keeping 
accreditation of certification-service-providers 
market-based, and is attempting to limit government 
involvement to the registration of certification service 
providers. 
 
 
6. Article 9 committee members include Martin Buys, Ministry 
of Economic Affairs, and Ronald van der Luit, Ministry of 
Transportation, Public Works and Water Management. Buys said 
that the meeting of the Article 9 Committee in March was 
mostly "window dressing," and said that nothing substantive 
was discussed.  The GON believes more important discussions 
are taking place in the standards environment, particularly 
EESSI. 
 
 
7. Buys said that at the initiative of the UK 
representatives, representatives from Sweden, Germany, France 
and the Netherlands have agreed to meet the evening before 
the next Article 9 Committee meeting in June. 
 
 
8. Most active participation in ETSI and CEN stems from 
private companies involved in the standardization process. 
Currently, advisory companies such as KPMG, Price 
Waterhouse-Coopers and others are involved. 
 
 
9. The GON is considering implementing internationally 
recognized guidelines contained in Common Criteria (CC), 
developed by the Information Security Systems Organization. 
However, the GON is concerned with enforcement of Article 
3(4).  The Article deals with the conformity of secure 
signature-creation devices.  Buys said that the GON remains 
uncertain regarding its ability to adequately address 
enforcement on this issue because it requires enforcement on 
a user-level. 
 
 
TOKOLA

Author: Radek "Mrkva" Pilar, Twitter, Mail/XMPP: mrkva twistedThing mrkva.eu

Latest source of this page is cablebrowser-2, released 2011-10-04