The European Union proposal to give digital signatures legal recognition across all member states reached an impasse on Friday, when a small cluster of countries maintained that only digital signatures generated – effectively – by smart card technology should stand up in court. The agreement faltered over the level of security for generating signatures which different countries were prepared to accept before recognizing them as legally binding. Germany, France and Italy are seeking very strict security standards, which currently only smart cards can meet, according to a European Union spokesperson. Countries in the liberal camp including the UK, Denmark and the Netherlands, are backing a set of recommendations that only go as far as to outline basic requirements for IT manufacturers. These broad recommendations asked that the act of generating data used in the creation of digital signatures, can occur only once and that the signature cannot be forged. Had these and a number of other broad recommendations been accepted then the result would have been that … the requirements would be met by 99% of all products, said an EU spokesperson. However, France and Germany stuck to their guns and called for higher levels of security. Germany, which is one of the few countries in the EU whose courts recognize digital signatures on contracts, requires digital signatures to meet the ITSEC E4 level of security and would like the EU to do the same. Although Germany has not spelt out that it wants the EU member states to use smart-card generated digital signatures, by calling for ITSEC Level 4, it is pushing to make it impossible to use software alone to generate signatures. France, the birthplace of the smartcard, also has good reason to back ITSEC 4, as it is home to most of the large smartcard manufacturers, including Gemplus SA, Bull SA and Schlumberger SA. The EU commission, a backer of the proposal that would allow for a wider range of digital signature generating technology, sees digital signatures as a means of kick-starting e-commerce in sectors such as insurance.
