Czech Republic: Act on Trust in Electronic Transactions


The Chamber of Deputies of the Parliament of the Czech Republic discussed the draft Act on Trust in Electronic Transactions.

This new legislation is to adapt the laws of the Czech Republic to Regulation (EU) No. 910/2014 of the European Parliament and of the Council, on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC, which is also referred to as eIDAS Regulation. The original Directive 1999/93/EC on a Community framework for electronic signatures had been interpreted in different ways, causing also different implementation in individual national laws within the EU. This situation often hampered the mutual recognition of qualified certificates, and thus also, for instance, advanced electronic signatures that are based on them. The eIDAS Regulation is to resolve these problems. Compared with the Directive, the eIDAS Regulation also deals with a wide range of other digital services, besides the electronic signature, in order to further strengthen their credibility and by that to support and encourage their use, including in cross-border transactions.

The Czech draft Act on Trust in Electronic Transactions contains provisions on those aspects which were left by the eIDAS Regulation to Member States for discretionary alteration. It further repeals some older regulations and avoids duplication of Czech legislation with the eIDAS Regulation.

Finally, the bill sets out an obligation of qualified providers of trust services to archive documents related to the issuance of qualified certificates for electronic signatures and electronic seals and authentication of websites, for a period of ten years. Additionally, these providers will have a mandatory period of 15 years for storing data that served as a basis for verification of the applicant's identity. The bill also sets out that a qualified provider of trust services is to render such qualified services under a written contract.

The draft of an accompanying act also envisages inter alia, an amendment of the Act on Identity Cards. The electronic signature should newly be included in the electronic chip of ID cards, which would enable their holders to acquire their data from official systems such as the citizens register or tax portal. The Ministry of the Interior plans to launch the free-of-charge introduction of such ID cards at the beginning of 2017. As usual, this step is being criticised for further strengthening the possibility of the state apparatus to interfere with citizens' privacy.

The Ministry of the Interior, labelled by the bill as a supervisory body, will mainly monitor qualified providers of trust services and take actions against unqualified providers of services if it becomes aware that they violate the obligations arising from the eIDAS Regulation.

The question remains how long the legislative process will last, but legislators should seek to ensure that the Act comes into force by this summer. Otherwise, the Czech Republic may face penalties from the European Commission and difficulties caused by the absence of Czech national legislation linked with the cited EU Regulation.