The EU introduced the Regulation, which is commonly known as eIDAS, as a part of the Commission’s Digital Agenda. The aim is to foster digital growth, drive technological innovation, and improve information security, transparency, and interoperability across the EU.
As far as Cyprus is concerned, the authorities hope that the Regulation will boost the local banking and finance sectors. The new rules should also make the conduct of business easier and more streamlined across the board.
The Three Electronic Signatures
Among other things, the Regulation introduces three types of electronic signatures. These pave the way for increased digitalization in the areas of state administration, business, law, finance, and more.
- Electronic signature, or data in electronic form that is either attached to or logically associated with other electronic data and is used by signatories to sign.
- Advanced electronic signature, which is an electronic signature with a unique link to and capable of identifying the signatory. Advanced electronic signatures are created by way of electronic signature creation data. Signatories can, with a high degree of confidence, utilize them under their sole control. What’s more, any subsequent change in the data is detectable.
- Qualified electronic signature, which is an advanced electronic signature that is (1) generated by a qualified electronic signature creation device and (2) based on a qualified certificate for electronic signatures.
Legal Effect and Admissibility of Electronic Signatures
Prior to the advent of electronic signatures, the law only provided for handwritten ones. That, however, has changed. As per Article 25 of the Regulation, an electronic signature may not be denied legal effect and admissibility as evidence in legal proceedings solely because it is in an electronic format or does not fulfill the requirements for a qualified electronic signature.
Article 25 further stipulates that qualified electronic signatures shall have the same legal effect as handwritten ones.
The national legislation reflects that position. According to Article 9 of Law 55(I)/2018, subject to the provisions of the Evidence Law, electronic signatures are now admissible in all civil or criminal proceedings before the Cyprus courts. That is the case regardless of whether or not they meet the specific requirements for qualified electronic signatures.
Changes to the Legal Definition of Document
The introduction of electronic signatures also meant that the definition of what constitutes a document had to change.
Therefore, the definition of document in the Evidence Law (CAP.9) was amended to cover electronic documents, as well as any document bearing electronic signatures, seals, or time stamps.
Furthermore, Article 37A(1) of the Companies Law (CAP.113) provides that any certificate, form, minutes, or another document that is issued by the Registrar of Companies or is sent or delivered there for filing and requires affirmation, certification, or a signature, may now be signed electronically.
The National Plan for Electronic Identities
On 8 May 2020, Cyprus’s Deputy Ministry of Research, Innovation, and Digital Policy formally announced the implementation of the so-called National Plan for Electronic Identities. The Plan seeks to govern the issuance of electronic identities.
According to the Plan, an electronic identity is a state-issued tool that allows:
- The identification of citizens’ data.
- The effective and secure conduct of legally enforceable electronic transactions.
In either case, the law no longer requires the physical presence of the signatory.
In particular, the Plan introduces the use of two certificates:
- Electronic identification, which will allow access to information systems and is due to be implemented by 2021.
- Qualified electronic signature, which has the same legal effect as handwritten signatures and is currently available to citizens.
Qualified Electronic Signatures: A Brief Overview
A qualified electronic signature is an encrypted sequence of letters and numbers that is associated with the holder of a qualified certificate for electronic signature.
Who Will Use Them?
Qualified electronic signatures can be used by the organs of the state but also in personal transactions, banking, business, and more. These signatures can be placed on all types of agreements, applications, and other official documents.
Who Will Issue Them?
Qualified electronic signatures will be issued by banking institutions or qualified trust service providers. The issuing organ will also be responsible for carrying out the identification procedure of certificate holders.
Currently, qualified certificates for electronic signatures issued in 2020 are valid for one year from the date of issue.
That will change upon the full implementation of the Plan in 2021. From that point onward, qualified certificates for electronic signatures will be valid for three years from the date of issue, subject to renewal.
How to Use Them
Qualified electronic signatures are to be inserted on electronic documents using an electronic device such as a computer, laptop, smartphone, or tablet. Users will need to access an online platform and upload the documents that they would like to sign.
The holder of the electronic signature certificate will then have to approve the placement of their signature on the document via a smartphone application. Once they have granted their approval, they will be able to access the now-signed electronic document.