THIS YEAR should finally bring progress in using electronic signature in the business environment and in Slovak state administration bodies.
The National Security Office (NSO) began to issue the first accreditations for those who will be entitled to generate valid signature certificates. So far, however, there is only one certification authority in Slovakia and state administration bodies have difficulties reading e-signatures.
The Act on Electronic Signature came into effect in May 2002 and IT experts welcomed its adoption.
E-signatures, small attachments to electronic documents that verify the identity of the sender, are a key step towards creating functional electronic government and commerce systems, experts say.
Electronically signed documents sent digitally should carry the same legal weight as signed documents, facilitating a wide range of electronic civic and consumer services.
"In the commercial area we can replace the whole paper documentation with electronic forms. In public and state administration, e-signature enables the simplification of relations with state bodies not only for citizens but also commercial entities," said František Kaščák, general director of the Data Trust Certification Authority, which is waiting for NSO accreditation.
"Instead of submitting paper documents and physically visiting the state offices, it will be possible to use electronic communication and send electronic documents," he added.
However, so far it is only possible to use electronic signature in commercial relations between citizens or companies. Although supporters of the signature mainly emphasise its advantages for state administrative bodies, this is still not possible.
What is keeping the government offline? According to the law, state offices are only allowed to accept "certified electronic signatures", which can only be issued by a certification authority after obtaining the relevant accreditation from the NSO.
The NSO started the accreditation process at the beginning of this year. The Electronic Research and Project Office is the first certification authority entitled to issue such signatures. Another one or two should be authorised this year.
It is not possible for a computer to generate a certified electronic signature, as it is not secure enough. Instead, the digital form of the document to be signed is transferred to a chip card or USB token that signs it and returns it to the computer.
The private key that creates the certified electronic signature does not leave the chip card. A PIN code or, more likely, a more complicated form protects access to this device.
According to insiders, the main obstacle to the full implementation of e-signature in practice is a lack of software applications. They say state institutions are not equipped with an electronic mail room where they can process documents with e-signatures and prove their validity.
"The public and media concentrated their attention on law creation, and then certification authorities and accreditation; those are technical matters, however. They will be solved sooner or later. It was a mistake that there was not any pressure on applications," said Jana Lukáčová from the NSO's department of electronic signature.
She stressed, however, that the situation should significantly improve in 2004, when several testing systems will be introduced.
One solution could be for the NSO to, for example, initiate the creation of a working group of experts and certification authorities to solve this problem or even create such an application, Kaščák pointed out. "We offered such a solution to the NSO and representatives of other certification authorities and they welcomed it," he said.
The Tax Directorate was the first state body that showed willingness to develop this form of communicating with tax entities: "We have technologically progressed now, so we are testing the acceptance of tax documents with certified e-signatures through the internet," Róbert Merva, the spokesman of the Tax Directorate told Radio Twist.
"So far it is only a certain group of tax entities that was willing to cooperate on that test. We need to solve some details with certified authority like a clear and understandable identification tool for the needs of the Tax Directorate," he added.
Adding to the application problem, Kaščák says, is that state institutions are not required to accept documents with e-signatures as equal to paper ones. He also thinks that state officials and media often undervalue uncertified e-signatures.
"The problem is that, based on such allegations, tools that could be used in commercial relations even now are also awaiting certified signatures," he said.
The IT Association of Slovakia; the Ministry of Transportation, Post, and Telecommunications; and the NSO thus established an initiative for the equality of electronic documents this past March.
All those involved would like concrete legislative measures, directives, and standards by the end of this year.
13. Apr 2004 at 0:00 | Marta Ďurianová