Article19 Expert Group workspace

This is the workspace of the Article 19 Expert Group. Here you can find information about the group, meeting minutes, list of members and other useful information.

The Resilience portal is being deprecated.

Please, use the confluence platform located in the link below

ECATS HOME

Dear Colleagues,

Background

Article19Electronic trust services is what we call services like digital signatures, digital certificates, electronic seals, timestamps, etc. which are used in electronic transactions, to make them secure, trustworthy. The eIDAS regulation is the EU wide legal framework ensuring interoperability and security of these electronic trust services across the EU. One of the goals of eIDAS is to ensure that electronic transactions can have the same legal standing as traditional paper based transactions. eIDAS is important for the European digital market because it allows businesses and citizens to work and use services across the EU. eIDAS regulation was adopted in July 2014 and came into force in 2016.

Article 19

Article 19 of the eIDAS regulation sets security requirements for trust service providers. National supervisory bodies have to supervise the trust service providers in their country to ensure that they fulfil these requirements. Cooperation and agreement on how to do this in practice is important not only to create a level playing field for providers operating out of different EU countries, but also to protect transactions based on these services. If there is, for instance, a cyber-attack on a trust service provider in one Member State, then this could have an impact on organizations in other parts of the EU who rely on the provider’s trust services.

Article 19 requires that trust service providers 1) assess risks, 2) take appropriate security measures, and 3) notify the supervisory body about significant security incidents and breaches of integrity. This triangle (depicted below) is supervised by national supervisory bodies and is also present in the Telecoms Framework directive (Article 13a) and the NIS directive (Article 14 and Article 16).

Article 19 Expert Group

The Article 19 Expert Group was set up by ENISA in 2015, under the auspices of the Commission, to support voluntary collaboration between Member States about the technical details of how to implement Article 19. This is a voluntary non-binding process, between experts from ministries, agencies, supervisory bodies, national authorities, et cetera, who are involved with the implementation of Article 19.

The focus of the Article 19 Expert Group is on the technical details of incident reporting, the ad-hoc reporting between Member States about incidents with cross-border impact, the annual summary reporting, and the supervision of TSPs. It is good to note that many of the security aspects of trust services are governed by international and European (ETSI) standards. The group is composed of experts from EU member states as well as EEA and EFTA countries.

Important links

Note that most of these links are accessible for members of the group only.

Contact us

For any questions or remarks please contact us via email to

Data Privacy Statement