Community Research and Development Information Service - CORDIS

Commission adopts policy framework for Internet security

The European Commission adopted a communication which sets out a European policy for ensuring trust and security in electronic communications on 8 October 1997.

Open networks, in particular the Internet, are increasingly being used for communications in society, with substant...
The European Commission adopted a communication which sets out a European policy for ensuring trust and security in electronic communications on 8 October 1997.

Open networks, in particular the Internet, are increasingly being used for communications in society, with substantial opportunities - for doing business (electronic commerce), sending private communications by e-mail, as well as organizing public services such as electronic tendering - opening up. However, because these networks are open, communications are insecure, and messages may be intercepted or even manipulated, validity of documents can be denied and private data can be collected illicitly. The greater efficiency brought to business by the Internet risks being lost if adequate security structures cannot be put in place to ensure that users trust the medium.

Two technologies, digital signatures and encryption, have emerged as the principle means to improve security. The Commission wishes to ensure that such technologies do not develop piecemeal, leading to incompatibility between Member States, or that standards are not developed outside Europe and then imposed internationally. To avoid this, it is essential that a full debate takes place in Europe.

The second danger foreseen by the Commission in piecemeal development of encryption technologies is the legal aspect. Firstly, if digital signatures are to have legal force equivalent to written signatures, then they will need to be recognized internationally. Secondly, law enforcement and criminal investigation agencies fear that unregulated development of encryption technologies will lessen their abilities to fight crime, particularly international fraud and smuggling.

The Commission proposes to put forward a number of measures, following consultations on the basis of the communication. These will include:

- A Community framework for digital signatures, to be introduced in the first half of 1998;
- Common European certification requirements for third-party certification authorities, which validate electronic transactions;
- Changes in national legal systems to ensure recognition of digital signatures;
- Development of Community positions for international dialogue;
- Ensuring that any national restrictions on encryption are compatible with European law;
- Adaptation of the Dual-Use Regulation in its aspects related to trade in cryptographic products;
- Enhancing cooperation of police forces at European and international level;
- Conclusion of international agreements between the Community and third countries;
- Encouragement for the development of harmonized standards;
- Establishment of a Community programme for the development of overall strategies for security of electronic communications;
- Within the Fifth RTD Framework Programme, a key action on electronic commerce is proposed;
- A European Internet Forum will be established by the end of 1997, as a means to inform and exchange information.

A hearing on digital signatures and encryption will be organized in early 1998, in order to ensure wide consultations on the communication. The hearing will be attended by governments, industry and consumers.
Follow us on: RSS Facebook Twitter YouTube Managed by the EU Publications Office Top