Legality

Introduction

The objective of the European Union is to create a single digital market. To achieve this, it has developed different laws in which to lay the legal bases that every Trust Service Provider must comply with, and be able to gaurantee, secure electronic transactions.

All Uanataca services and solutions comply with European regulations and international standards, guaranteeing our clients the legal security of all their electronic transactions.

Uanataca, as a Trust Service Provider qualified in accordance with the eIDAS Regulation, ensures full legal validity and maximum security of all electronic transactions of your business.

The eIDAS Regulation

The eIDAS Regulation was created with the objective of strengthening electronic transactions in the internal market, providing a common basis for secure electronic interactions between citizens, businesses and public administrations. It aims to increase the effectiveness of both public and private online services, electronic businesses and in general electronic commerce within the European Union.

This regulation is constituted as the unique framework for electronic identification and establishes the so-called trusted services, thus facilitating commercial transactions within the EU and favoring interoperability between the member states of the Union, as regards the use of trust services and solutions.

Electronic Identification and Trusted Services

The eIDAS Regulation establishes reliable electronic services that make electronic transactions safer. There are different types of services and they have different purposes:

  • Electronic signatures.

  • Electronic stamps.

  • Web Authentication Certificates.

  • Time Stamping.

  • Certified Electronic Delivery.

  • Conservation of Electronic Signatures.

  • Validation of electronic signatures and seals.

Qualified trust services and unqualified trust services

The indication of the term “qualified” guarantees that those trust service providers provide electronic services that meet the requirements established in the eIDAS Regulation, ensuring a standard of quality in their provision. These providers appear on the European Commission's Trust List and are subject to periodic audits.

In addition, qualified Trust Service Providers are clearly identified with the European Union trust label.

On the contrary, the services provided by an unqualified provider cannot be guaranteed regulatory supervision under the eIDAS Regulation and its technical standards, not being able to ensure the reliability and security of your transactions. Likewise, in the event that an unqualified trust service is questioned in a judicial process, the judge will be responsible for determining the veracity of the solution in question.

The electronic signature

The eIDAS Regulation establishes 3 levels of electronic signatures:

  • Electronic signature (known as simple or basic)

  • Advanced electronic signature

  • Qualified electronic signature

(i) Simple electronic signature

The simple electronic signature is the most basic signature and is defined as: “electronic data attached to other electronic data or logically associated with them that the signer uses to sign.” It is the most primitive type of signature and its use in society is common, we talk about actions as simple as: enter a password, a pin, the signature on a Tablet, etc.

Even if it is the signature of the lowest level of guarantees, in accordance with the legal effects it cannot be discriminated against and its legal effects or its admissibility cannot be denied as evidence in judicial proceedings for the mere fact of being electronic or not Have a sufficient level. Notwithstanding the foregoing, its probative quality may be very weak and its effects may be denied as a result of the technology used for the firm not being sufficiently secure, does not guarantee the signer's identity or is easily reproducible.

(ii) Advanced electronic signature

The advanced electronic signature is the signature which meets the following characteristics:

a) It must be linked to the signer only;
b) Must allow the signer's identification;
c) It must have been created using electronic signature creation data that the signer can use, with a high level of trust, under their exclusive control, and
d) It must be linked to the data signed by it in such a way that any subsequent modification thereof is detectable.

As far as its legal effects are concerned, the standard grants them the same as the simple electronic signature. However, the probative quality of the same is greatly reinforced as long as the advanced electronic signature enjoys characteristics and guarantees superior to the simple electronic signature.

If it is based on a qualified certificate issued by a Trusted Service Provider, its probative force is reinforced and guaranteed.

(iii) Qualified electronic signature

The qualified electronic signature could be considered the highest level of electronic signatures. It is that advanced electronic signature that is created by means of a qualified electronic signature creation device and that is based on a qualified electronic signature certificate.

The legal effects are reinforced with respect to the previous signatures, so that the eIDAS Regulation itself gives it the same legal effect as a handwritten signature (principle of functional equivalence). In addition, a qualified electronic signature based on a qualified certificate, by interoperability principles, must be admitted in all Member States, without the need for regulatory development by them.

Notwithstanding the foregoing, the member states with their internal regulations may add legal effects to the signature levels, as is the case in Spain and the qualified firm. In accordance with the Electronic Signature Law when the authenticity of the qualified electronic signature is challenged, the burden of proof is reversed and it is appropriate to prove the authenticity of the signature to the person who signed electronically.