Liability of Certification Authorities: A Juridical Point of View
Liability is an essential but a non-resolved question of commercial and legal development of certification entities. The issuing, distribution and use of a certificate, together with an eventual revocation or suspension of same up to its expiration date, generate relationships between implicated parties (basically, the provider of certification services, the subscriber and the user of the certificate) which set up the need to limit and clarify respective rights, obligations and eventual liabilities of each party. We analyze liability of certification authorities from a juridical point of view; the study is centered mainly in the content of the European Directive and the Spanish Law on electronic signatures, but we also refer to other laws (such as Utah Digital Signature Law, and Italian law on electronic signatures). We conclude criticizing legal rules on liability because they are incomplete and excessive, without taking into proper account the necessary balance of all involved parties.
KeywordsCertification Authority Electronic Signature European Directive Qualified Certificate Certification Service
Unable to display preview. Download preview PDF.
- 1.ABA (American Bar Association), Digital signature guidelines, Legal infrastructure for Certification Authorities and secure electronic commerce, Information Security Committee, Electronic Commerce and Information Technology Division, Section of Science and Technology, August 1, 1996, USA.Google Scholar
- 2.Commission of the European Communities, Proposal of Directive of the European Parliament, and the Council for a common framework on electronic signatures (COM (1998) 297 final).Google Scholar
- 3.Commission of the European Communities, Amended proposal for a European Parliament and Council Directive on a common framework for electronic signatures, (COM(1999) 195 final).Google Scholar
- 4.European Parliament and European Council, Directive 1999/99/CE of the European Parliament and Council Directive on a common framework for electronic signatures, (13-12-1999).Google Scholar
- 5.Ford W.-Baum M. S., Secure electronic commerce, 1997 (second edition, 2001).Google Scholar
- 6.Real Deceto-Ley 14/1999, de 14 de septiembre, de firma electrónica, (Spanish Electronic Signature Law), 1999.Google Scholar
- 7.Regolamento contenente modalitá di applicazione dell’articolo 15, comma 2, della legge 15 marzo 1997, n. 59, in formazione, archivazione e trasmissione di documenti con strumenti informatici e telematici (Italian rules on digital signatures), 1997.Google Scholar
- 8.UNCITRAL (Commission of the United Nations for the International Commercial Law), Model Law on Electronic commerce, 1997.Google Scholar
- 9.Utah Digital Signature Law, 1995 (later modified in 1997 and 2000).Google Scholar