Both businesses and public administrations are increasingly opting to communicate digitally. However, what happens when the information being exchanged is “sensitive” and requires legal safeguards? This is where digital certificates come into play. The certification of documents, one of LINK Mobility’s outstanding services, allows you to execute contracts, send notifications, demand payments and carry out many other procedures with their legal validity already certified. Since April 2013, when the Supreme Court confirmed the validity of email notifications sent to bad debtors, reliance on these types of communications has increased significantly.
But what does the law have to say about it? What legislative framework exists to regulate digital communications? The lawyer Víctor Martínez (www.victormartinezabogado.com), who specialises in Internet Law and New Technologies, explains it to us.
Our society’s process of digital transformation is unstoppable. The rate of growth of the digital economy in the EU is seven times higher than the rest of the economy. The current impact of high-speed broadband networks is comparable to that of electricity and transport networks a century ago. Furthermore, the way is being paved for innovations such as eHealth, smart cities and data-based manufacturing.
Within this process, the relationship between citizens and the administration and between citizens themselves is increasingly being played out through electronic media.
However, certain relationships, such as interactions with banks or the administration, or sending a certified demand for payment from a debtor require legal safeguards. We have to ensure that this communication between users is secure and that there is clear traceability of the information flow, so that we can be sure that it was not intercepted or tampered with.
This means that digital certification is essential. In Spain, the key legislation in this regard is Electronic Signature Act 59/2003, of 19 December, which outlines the different concepts of electronic signatures and also establishes the requirements and conditions that have to be met by providers of digital certification services and electronic trust services. This law was preceded by Royal Decree Law 14/1999, of 17 September, on electronic signatures, which incorporated Directive 1999/93/EC of the European Parliament and of the Council, of 13 December 1999, into Spanish legislation, establishing an EU framework for electronic signatures (a directive that was repealed by Regulation (EU) No. 910/2014 of the European Parliament and of the Council, of 23 July 2014, on electronic identification and trust services for electronic transactions in the internal market, in force since 1 July 2016).
As remarked above, on 1 July 2016, Regulation (EU) No. 910/2014 of the European Parliament and of the Council, of 23 July 2014, came into force, governing electronic identification and trust services for electronic transactions in the internal market, in compliance with the “EU eGovernment Action Plan” and the “Digital Agenda for Europe”.
The aim of this Regulation is to establish a clear legal framework to ensure the cross-border recognition of electronic identities, the interoperability of electronic signatures and other trust services such as electronic stamping and time stamping, thus enabling electronic communications between citizens, businesses and public administrations and improving electronic commerce and administration.
Based on these Spanish and European regulations, the Ministry of Energy, Tourism and the Digital Agenda is preparing a trusted list of electronic trust service providers (TSL) for qualified trust service providers that are based and managed in Spain.
That brings us to the need to certify digital communications for them to be valid in a court. Can we prove that the communications that we are providing are reliable, that they really took place and that they have not been tampered with? Article 162 of the Civil Procedure Act stipulates that notices between parties “may be served by electronic means that ensure the authenticity of the notice and of its content”.
It is virtually impossible to challenge a certified email, as the electronic certification companies include all kinds of proof of communication. These companies act as a trusted third party and they keep a notarised record of any notice of communication that proves that they were sent, the acknowledgement of receipt, the dates on which they were sent, the full contents of the email and the identities of the sender and the recipient and their IP addresses.
As well as with emails, electronic communication certification platforms also offer this type of service with SMS, electronic bureaufaxes and for the contracting of services over the internet.
In the former case, the company certifies the contents of the communication and the transmission process and files everything with a notary. In the case of electronic bureaufaxes, it guarantees the same aspects as with SMS messages and also certifies that such messages have been read and the client may request to be notified if the communication is accepted or rejected by the recipient.
These communications will keep on growing.
In terms of the Spanish Public Administration, the new Public Administration Common Administrative Procedure Act 39/2015 (LPAC), of 1 October, establishes electronic processing as the normal means for communicating with citizens.
It establishes that communication by electronic means between the parties concerned and the Administration is a right and, in some cases, an obligation; it stipulates that the Administration will use electronic means in order to process procedures; and it establishes a new electronic notification system. So, when the Administration has to give notice of any administrative proceedings, fines, summons, etc. it sends a message to the email address or an SMS to a mobile device with a link to access the notification.
In the area of banking, an increasing number of transactions and all interactions between the user and the bank take place by electronic means and by the internet, with all of the security requirements that this entails.
With regard to the official certification of documents, digital powers of attorney are already being granted. You will no longer be required to appear in person in order to grant power of attorney to a third party.
And in the private sector, it is becoming increasingly necessary to provide electronic proof that a notification was actually delivered, that a contract was electronically signed and that messages have not been tampered with, etc.
Moreover, we will soon be seeing people exercise their democratic rights by electronic means (voting in elections and referendums), and as these are such fundamental rights it will be necessary to implement the most stringent legal safeguards.