Activities of Anna HEDH related to 2012/0146(COD)
Shadow opinions (1)
OPINION on the proposal for a regulation of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market
Amendments (15)
Amendment 43 #
Proposal for a regulation
Recital 1 a (new)
Recital 1 a (new)
(1a) Ensuring that all citizens have access to the technology and skills that enable them to benefit equally from digital offerings and electronic services is vital in order to ensure equal opportunities and inclusion of all parts of society.
Amendment 48 #
Proposal for a regulation
Recital 16 a (new)
Recital 16 a (new)
(16a) The cross border use of electronic identification means should not lead to disclosure of personal data that are not necessary for the service to be provided. The principle of data minimization should be respected.
Amendment 50 #
Proposal for a regulation
Recital 23
Recital 23
(23) In line with the obligations under the UN Convention on the Rights of Persons with Disabilities that has entered into force in the EU and in line the Commission proposal on the accessibility of public sector bodies' websites1, persons with disabilities should be able to use trust services and end user products used in the provision of those services on equal bases with other consumers. __________________ 1 Proposal for a Directive of the European Parliament and of the Council on the accessibility of public sector bodies' websites 2012/0340. COM(2012) 721 final.
Amendment 52 #
Proposal for a regulation
Recital 23 a (new)
Recital 23 a (new)
(23a) Under Article 9 of the Treaty on the Functioning of the European Union, in defining and implementing its policies and activities, the Union must take into account requirements linked to the promotion of a high level of employment, the guarantee of adequate social protection, the fight against social exclusion, and a high level of education, training and protection of human health. Accordingly, the concepts of accessibility and design for all should be mainstreamed in the development of legal measures on electronic identification at Union level.
Amendment 54 #
Proposal for a regulation
Recital 24 a (new)
Recital 24 a (new)
(24a) A high level of data protection through appropriate and harmonised safeguards is all the more important for the use of electronic identification schemes and trust services, as both will require the processing of personal data. Such processing will be relied upon, amongst other things, for identifying and authenticating persons in the most reliable manner; moreover the lack of appropriate safeguards could lead to significant data protection risks such as identity theft, forgery or misuse of the electronic medium.
Amendment 56 #
Proposal for a regulation
Recital 10
Recital 10
Amendment 56 #
Proposal for a regulation
Recital 29
Recital 29
(29) NA breach of security may, if not addressed in an adequate and timely manner, result in substantial economic loss and social harm for the individuals concerned, including identity fraud. Therefore notification of security breaches without undue delay and security risk assessments is essential with a view to providing adequate information to concerned parties in the event of a breach of security or loss of integrity, especially to give them the opportunity to mitigate potential adverse effects.
Amendment 91 #
Proposal for a regulation
Article 11 – paragraph 3
Article 11 – paragraph 3
3. Trust service providers shall guarantee the confidentiality and integrity of data related to a person to whom the trust service is provided. Pseudonyms shall nevertheless remain personal data and shall be treated as such.
Amendment 92 #
Proposal for a regulation
Article 3 – paragraph 1 – point 12
Article 3 – paragraph 1 – point 12
(12) ‘'trust service’' means any electronic service consisting in the creation, verification, validation, handling and or preservation of electronic signatures, electronic seals, electronic time stamps, electronic documents, electronic delivery services, website authentication, and electronic certificates, including certificates for electronic signature and for electronic seals;
Amendment 94 #
Proposal for a regulation
Article 11 a (new)
Article 11 a (new)
Article 11a Right of access and information for the user of trust services Trust service providers shall provide users with at least: (a) information on the collection, communication and retention of their personal data; (b) the means to check their personal data and exercise their data protection rights.
Amendment 97 #
Proposal for a regulation
Article 12
Article 12
Trust services provided and end user products used in the provision of those services shall be made accessible for persons with disabilities whenever possible.
Amendment 102 #
Proposal for a regulation
Article 15 – paragraph 2 – subparagraph 1
Article 15 – paragraph 2 – subparagraph 1
Trust service providers shall, without undue delay and where feasible not later than 24 hours after having become aware of it, notify the competent supervisory body, the competent national body for information security and other relevant third parties such as data protection authorities of any breach of security or loss of integrity that has a significant impact on the trust service provided and on the personal data maintained therein. Where such notification cannot be made within 24 hours, an explanation of the reasons for the delay should accompany the notification.
Amendment 105 #
Proposal for a regulation
Article 5 – paragraph 1 a (new)
Article 5 – paragraph 1 a (new)
Paragraph 1 only applies to specific cross border public services. In order to specify these cross border services the Commission shall, by means of an implementing act, draw up a list. This implementing act shall follow the article 8 and be adopted in accordance with the examination procedure referred to in Article 39(2).
Amendment 135 #
Proposal for a regulation
Article 8 – paragraph 1 a (new)
Article 8 – paragraph 1 a (new)
1a. Member States and the Commission shall in particular prioritize interoperability for such e-services with the greatest cross border relevance by: (a) exchanging best practices concerning the electronic identification means falling under a notified scheme; (b) providing and regularly update best practices on trust and security of the electronic identification means; (c) providing and regularly update on the promotion of the use of electronic identification means.
Amendment 237 #
Proposal for a regulation
Article 20 – paragraph 2
Article 20 – paragraph 2
2. A qualifiedn electronic signature shall have the equivalent legal effect of a handwritten signature.