As streets, businesses, and public buildings emptied, other places took center stage. Electronic notifications were already doing so, but they are another of the protagonists of this period of State of Alarm due to the COVID-19 pandemic.
An electronic system of notifications allows any type of natural or legal person to receive the different notices and documents that the Public Administrations have issued in digital format.
The Tax Agency, the Directorate General of Traffic, and the Social Security are the main issuing bodies of this type of notification that allow public entities to make significant savings in terms of messaging and users to save travel time as they no longer have to be present when the notification is delivered.
The private sector has also developed reliable notification systems, which can now be adapted to the requirements of EU Regulation 910/2014 (EIDAS) and can thus be converted into certified delivery systems. This is provided for in Articles 43 and 44 of the EIDAS Regulation:
Article 43 – Legal effect of an electronic registered delivery service
1. Data sent and received using an electronic registered delivery service shall not be denied legal effect and admissibility as evidence in legal proceedings solely on the grounds that it is in an electronic form or that it does not meet the requirements of the qualified electronic registered delivery service.
2. Data sent and received using a qualified electronic registered delivery service shall enjoy the presumption of the integrity of the data, the sending of that data by the identified sender, its receipt by the identified addressee and the accuracy of the date and time of sending and receipt indicated by the qualified electronic registered delivery service.
Article 44 – Requirements for qualified electronic registered delivery services
1. Qualified electronic registered delivery services shall meet the following requirements:
(a)
|
they are provided by one or more qualified trust service provider(s);
|
(b)
|
they ensure with a high level of confidence the identification of the sender;
|
(c)
|
they ensure the identification of the addressee before the delivery of the data;
|
(d)
|
the sending and receiving of data is secured by an advanced electronic signature or an advanced electronic seal of a qualified trust service provider in such a manner as to preclude the possibility of the data being changed undetectably;
|
(e)
|
any change of the data needed for the purpose of sending or receiving the data is clearly indicated to the sender and addressee of the data;
|
(f)
|
the date and time of sending, receiving and any change of data are indicated by a qualified electronic time stamp.
|
In the event of the data being transferred between two or more qualified trust service providers, the requirements in points (a) to (f) shall apply to all the qualified trust service providers.
2. The Commission may, by means of implementing acts, establish reference numbers of standards for processes for sending and receiving data. Compliance with the requirements laid down in paragraph 1 shall be presumed where the process for sending and receiving data meets those standards. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 48(2).
Although the Commission has not published standards that provide a presumption of compliance, ETSI has published the following evaluation standards:
- EN 319 521 – Policy & security requirements for electronic registered delivery service providers
- EN 319 531 – Policy & security requirements for registered electronic mail (REM) service providers
At TCAB, we are in a position to assess trustworthy registered electronic delivery service providers. according to EIDAS and ETS Standards. Call us at +34 91 388 0789 to clarify your doubts.