The Malta Communications Authority is the National Supervisory Authority according to the Electronic Commerce Act.
Trusted List Scheme Information
The present list is the ‘Trusted List of supervised/accredited Certification Service Providers’ providing information about the supervision/accreditation status of certification services from Certification Service Providers (CSPs) who are supervised/accredited by Malta for compliance with the relevant provisions of Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures.
The Trusted List aims at:
· listing and providing reliable information on the supervision/accreditation status of certification services from Certification Service Providers, who are supervised/accredited by Malta for compliance with the relevant provisions laid down in Directive 1999/93/EC,
· allowing for a trusted validation of electronic signatures supported by those listed supervised/accredited certification services from the listed CSPs.
The Trusted List of a Member State provides, as a minimum, information on supervised/accredited CSPs issuing Qualified Certificates in accordance with the provisions laid down in Directive 1999/93/EC (Article 3(2) and (3) and Article 7(1)(a)), including, when this is not part of the QCs, information on the QC supporting the electronic signature and whether the signature is or not created by a Secure Signature Creation Device.
The CSPs issuing Qualified Certificates (QCs) listed here are supervised by Malta and may also be accredited for compliance with the provisions laid down in Directive 1999/93/EC, including compliance with the requirements of Annex I (requirements for QCs), and those of Annex II (requirements for CSPs issuing QCs). The applicable ‘supervision’ system(respectively ‘voluntary accreditation’ system) is defined and must meet the relevant requirements of Directive 1999/93/EC, in particular those laid down in Article 3(3), Article 8(1), Article 11 (respectively, Article 2(13), Article 3(2), Article 7(1)(a), Article 8(1), Article 11).
Additional information on other supervised/accredited CSPs not issuing QCs but providing services related to electronic signatures (e.g. CSP providing Time Stamping Services and issuing Time Stamp Tokens, CSP issuing non-Qualified certificates, etc.) are included in the Trusted List at a national level on a voluntary basis.
The Directive is implemented into Maltese law by the Electronic Commerce Act established in Part V of the Act.
The Electronic Commerce Act establishes the following:
- Provision of signature certification services not subject to prior authorisation
- Service provider has a number of obligations vis-a-vis the qualified certificate
- Who is liable for damages resulting from use of the certificate if certain steps not taken
- Requirements for qualified certificates
- Requirements for Signature Certification Service providers
- Requirements for Secure Signature-Creation Devices
- Requirements to be met during the Signature verification process
- Authority of MCA empowered to require audit against provisions at law