Increasing use is being made of qualified electronic signatures (hereafter ‘QES’). This has become even more prevalent with the advent of the COVID-19 pandemic which has made digital signing even more pertinent.
A QES is made with a qualified certificate used for identifying the signer. Such a certificate issued by a recognised certification authority (typically referred to as a ‘Qualified Trust Service Provider’) consists of an electronic document that links the data of the signer and the validation of the signature to the unequivocal identification of the subject.
Regulation (EU) No 910/2014 on electronic identification and trust services transactions in the internal market and repealing Directive 1999/93/EC (hereafter ‘eIDAS’ Regulation) amongst other matters regulates the use and recognition of ‘QES’ throughout the European Union (hereafter ‘EU’). Malta as a member of the EU is bound by the norms in the eIDAS Regulation.
One aspect regulated by the eIDAS Regulation relates to the legal effects of QES. A QES explicitly has the equivalent legal effect of a handwritten signature across all EU Member States including Malta, and therefore must be accepted as such for all purposes of the law. Moreover the eIDAS Regulation expressly states that a QES based on a qualified certifcate issued in one Member State must be recognised as such in all other Member States. This means that if a QES based on a qualified certificate is issued in another Member State, then any person in Malta – including any business or public entity – is required by law to recognise and accept the QES as the equivalent of a hand written signature and treat it as such for the purpose of any transactions. To see the list of Qualified Trust Service Providers recognised in the EU one can access the Trusted List Browser at https://esignature.ec.europa.eu/efda/tl-browser/#/screen/home .
The MCA is the designated Supervisory Body for the eIDAS Regulation in Malta.