Digital Agenda V: Digital Trust, the key to developing a competitive society

One of the six core objectives underpinning the Digital Agenda for Spain, green lit by the Cabinet last February, is to boost  confidence in the digital arena. Elsewhere, one of the nine plans sets in place to launch the Agenda also tackles this issue.

There is no mystery behind the government’s interest. Immersed as we are in a digital revolution, the ability of the EU and Spain to react to the onslaught of the economic crisis depends in large part on our ability to compete in the digital world and ensure we are not left trailing in the wake of the tech economy.

In order lay the groundwork for a digital society, it is essential to engage all sectors. The reluctance of the general public is understandable, accustomed as it is to a face-to-face world. The increasing prevalence of virtual relationships is met, during the transitional period, with some resistance. A state of affairs that makes digital confidence a key objective, essential if the government’s other goals are to be met.

The proposals set forth by the ministers involved in preparing the Agenda include a three-pronged line of attack in the field of digital confidence: (i) promoting the digital confidence services market, (ii) strengthening current capacity to promote digital confidence, and (iii) promoting excellence at organizations in the area of digital confidence.

With respect to the first of these (i.e., promoting digital trust services), the Agenda sets out the key statements under the Proposal for a Regulation on electronic identification and trust services for electronic transactions in the internal market, approved on June 4, 2012. These refer to services involving identification and electronic signature, electronic document storage and the obtainment and safekeeping of electronic evidence. The Spanish Agenda and the Proposal for a Regulation part ways in that the former also includes privacy management services, not doubt due to the country’s obsession with electronic privacy and personal data protection.  They also differ in that the Agenda includes several of the services specifically provided for in the proposal under one catch-all umbrella: “generation and safekeeping of electronic evidence”. It is worth noting here that this term includes such key services as certified electronic delivery or the electronic execution of agreements.

Two concrete measures have been proposed in order to get digital trust services up and running: (i) the development of a regulatory framework that does away with barriers, is stable and offers users legal certainty; and (ii) reinforcing the supervisory capacity of the authorities with a view to bringing domestic initiatives into line with those of other member states.

• The first of these refers to the provision of such services on a free competition basis, an issue that is limited simply to ensuring compliance with the provisions of the Information Society Services Law and an orderly transposition of the EU legislation in this area.

• As we see it, the second measure, regarding the supervisory capacity of the authorities, is somewhat more challenging, since many trust services have a bearing on evidence-related matters, which are the competence of the courts. This state of affairs casts doubt on the efficacy at court of the certificates referred to in this measure.

The second line of action put forward is aimed at strengthening digital trust capacity. The goal, in short, is to reinforce and coordinate the various public and private institutions promoting digital trust in any arena. With this in mind, it has been decided: (i) to consolidate Inteco as a center of excellence in digital trust, (ii) to set in place programs to provide awareness-raising, education and training in order to take an integral approach to the various areas involved in digital trust, and (iii) to promote the existing observatories in a bid to obtain reference indicators in order to launch medium- and long-term cyber-security and digital trust strategies.

The third line of action seeks to promote excellence at organizations in terms of digital trust in the form of codes of conduct and good practice. To this end, the decision has been taken to evidence compliance with such codes in the shape of audit and certification systems. The approved Agenda offers an advance overview of the required content of these codes: information security, guaranteed continuity of the service or business, identification of the information society service providers, access to conditions of use and consumer protection in the digital arena.

In short, the Agenda tackles a key issue to set Spain on the path to modernity and competitiveness: digital trust. The application of these and other measures will no doubt contribute to creating a climate of confidence to encourage the digital habits of society at large and drive investment in the digital arena, thus contributing to the emergence of the digital business models that have proven so fruitful in other countries that have gone down this route.

Garrigues Technology & Outsourcing Department