[cooperation-wg] Comment on eid-and-trust-services-regulation

Dear Alessandro,

Thank you for your comments. I hope that we will be able to have a broader support for these changes in the European Parliament and the Council of Ministers.

Would I be able to make references to you when speaking with other MEP:s? I think it might help for me, at least, if I can point to the support of other groups for these amendments. In the end, it might also help if you are able to get in touch with MEPs and speak with them directly. If you are aware of your national government representatives in Brussels who are working with these topics, they could also be useful.

My amendments are quite far from the original formulations by the European Commission, but I feel they support the same spirit - accountability, transparency,  privacy and appropriately allocated liability to all parties in the chain. The relevant Commission unit is led by Andrea Servida, who may therefore also be approached.

Best regards,

Amelia

-----Original Message-----
From: Alessandro Vesely [mailto:vesely at tana.it] 
Sent: 22 April 2013 15:29
To: ANDERSDOTTER Amelia
Cc: cooperation-wg
Subject: Comment on eid-and-trust-services-regulation

Amelia,
I read your blog (see link in the post below) and wish to thank you
for your work and for your amendments to the eIDSA.

In particular, I support how you'd move art. 11 to art. 4a and the
additions brought there.  It seems that, if techniques like OAuth 2.0
or similar --based on pseudonyms like email addresses-- take root,
then mailbox providers may become the trust service providers of
choice for a number of mundane transactions, including shopping and
subscriptions to newsletters and mailing lists.  The ability to
generate pseudonyms ad-hoc (the part before the "@") can allow
complete anonymity, and possibly trace unwanted leakage of the
pseudonym itself.  In addition, a provider chosen by the data subjects
can register such transactions on their behalf:  Any other method for
acquiring consent ends up being registered on the processor's side
only, which I consider unfair of Directive 95/46/EC.

Regards
A mailbox provider

-------- Original Message --------
From: Patrik Fältström <patrik at frobbit.se>
Date: Mon, 22 Apr 2013 10:00:07 +0200
To: cooperation-wg at ripe.net <cooperation-wg at ripe.net>
Subject: [cooperation-wg] EU proposa on qualified signatures

All,

There is as some of you might know a discussion in EU related to e-ID
and a new proposed regulation on trust services.

One summary of the situation is made by member of the European
Parliament Amelia Andersdotter that criticizes the proposal that is on
the table for the parliament.

I have personally had problems with the original directive, and this
proposal even more as it tries to enforce onto people and
organisations who to trust. Or more specifically, who you should trust
as a trusted third party.

I think federated solutions are better as "one size does not fit all",
and with federated solutions one can more easily build services the
way "it was intended" on the Internet.

Anyway, here is the summary by Amelia, and maybe we should spend some
time on this in Dublin, if people are interested?

http://ameliaandersdotter.eu/eid-and-trust-services-regulation/

   Patrik