Information Commissioner's Office
ICO approves the first UK eIDAS Regulations Qualified Trust Service Provider
The Information Commissioner’s Office has approved GlobalSign as the UK’s first qualified trust service provider [QTSP] under the UK eIDAS Regulations.
Trust services are important to businesses as they help ensure electronic transactions can happen securely and legally using mechanisms such as electronic signatures.
To become a QTSP organisations must undergo a conformity assessment to demonstrate they meet the requirements of the UK eIDAS Regulations. This is then checked by the ICO.
GMO GlobalSign Ltd is the first company globally to have gone through this process in the UK under the UK eIDAS Regulations and is now a qualified trust service provider for the following services:
- Qualified certificates for electronic signatures.
- Qualified certificates for electronic seals.
Anulka Clarke, Acting Director of Regulatory Assurance yesterday said:
“Trust is often described as the currency of business and that’s especially true in the digital economy. Clients, consumers and companies need confidence when they’re transferring information electronically. That’s why QTSPs are so important. They give businesses assurance and present an opportunity for growth, development and innovation.”
Arvid Vermote, Chief Information Security Officer for GlobalSign yesterday said:
“We are particularly proud to be the first Certificate Authority in the world to accomplish this. As always, the level of assurance QTSP recognition offers is critical, especially for companies in regulated industries such as banking, insurance and energy marketplaces. Being recognized as a QTSP within the UK and the EU will continue to offer many important opportunities for GlobalSign.”
GlobalSign have now been added to the UK’s Trusted List of Trust Service Providers, which is managed by tScheme.
Notes to Editors
- The UK eIDAS Regulations set out rules for UK trust services and establishes a legal framework for the provision and effect of electronic signatures, electronic seals, electronic time stamps, electronic documents, electronic registered delivery services and certificate services for website authentication.
- Following the UK withdrawal from the EU the eIDAS Regulation was adopted into UK law and amended by The Electronic Identification and Trust Services for Electronic Transactions (Amendment etc.) (EU Exit) Regulations 2019). In addition, the existing UK trust services legislation, The Electronic Identification and Trust Services for Electronic Transactions Regulation 2016 (2016 No.696)) was also amended. Taken together, these regulations are referred to as the UK eIDAS Regulations.
- The ICO has responsibility for supervision of the trust service provisions of the UK eIDAS Regulations. The ICO can grant and revoke qualified status for trust service providers established in the UK, approve or reject qualified trust services, report on security breaches, carry out audits and take enforcement action.
Latest News from
Information Commissioner's Office
ICO and Ofcom strengthen partnership on online safety and data protection25/11/2022 15:20:00
The Information Commissioner’s Office (ICO) and Ofcom have today set out how we will work together to ensure coherence between the data protection and the new online safety regimes.
International transfers: empowering innovation and growth whilst protecting people’s personal information18/11/2022 12:25:00
Blog posted by: Emma Bate, 17 November 2022.
ICO launches consultation on how it prioritises FOI complaints09/11/2022 10:20:00
The Information Commissioner’s Office (ICO) has launched a consultation on how it prioritises the complaints it receives about public bodies’ handling of Freedom of Information (FOI) requests.
Department for Education warned after gambling companies benefit from learning records database08/11/2022 12:25:00
The Information Commissioner’s Office (ICO) has issued a reprimand to the Department for Education (DfE) following the prolonged misuse of the personal information of up to 28 million children.
ICO and Cabinet Office reach agreement on New Year Honours data breach fine03/11/2022 15:05:00
The UK Information Commissioner has agreed to reduce the £500,000 Monetary Penalty Notice (MPN) imposed on the Cabinet Office in 2021 in relation to the New Year Honours data breach to £50,000, which the Cabinet Office has agreed to pay, reflecting our new approach to working more effectively with public authorities.
Making our employment guidance work for you28/10/2022 09:05:00
A blog by Elanor McCombe, Group Manager - Policy
‘Immature biometric technologies could be discriminating against people’ says ICO in warning to organisations26/10/2022 09:10:00
The Information Commissioner’s Office (ICO) is warning organisations to assess the public risks of using emotion analysis technologies, before implementing these systems.
‘Biggest cyber risk is complacency, not hackers’ - UK Information Commissioner issues warning as construction company fined £4.4 million24/10/2022 12:25:00
The UK Information Commissioner has warned that companies are leaving themselves open to cyber attack by ignoring crucial measures like updating software and training staff.