In a lengthy report released today, the European Commission said the American approach could threaten privacy and stifle the growth of electronic commerce and that it might simply be ineffective.
Theodor Schlickmann of the Commission's DG13 posted the URL: http://www.ispo.cec.be/eif/policy/970503toc.html Executive summary from http://www.ispo.cec.be/eif/policy/970503exec.html follows: ENSURING SECURITY AND TRUST IN ELECTRONIC COMMUNICATION Towards A European Framework for Digital Signatures And Encryption EXECUTIVE SUMMARY Introduction Open electronic networks such as the Internet are increasingly being used as a platform for communication in our society. They have the capacity to create new businesses, new channels of distribution and new methods of reaching the customer. They also open up opportunities to re-engineer business conduct itself. It is now largely expected that electronic commerce will be one of the key drivers for the development of the global information society. Electronic Commerce presents the European Union with an excellent opportunity to advance its economic integration by means of a "virtual" economic area. However, the realisation of such developments are hampered by the noticed insecurities typical to open networks: messages can be intercepted and manipulated, the validity of documents can be denied, personal data can be illicitly collected. As a result, the attractiveness and advantage of electronic commerce and communication cannot be fully exploited. In order to make good use of the commercial opportunities offered by electronic communication via open networks, a more secure environment needs to be established. Cryptographic technologies are widely recognised as essential tools for security and trust on open networks. Two important applications of cryptography are digital signatures and encryption. Several Member States announced their intentions to introduce specific regulation on cryptography and some already have done so. For instance, Germany and Italy already moved ahead with digital signature laws. In other Member States internal discussions are taking place, and some tend to refrain, at least for the moment, from any specific regulation at all. Divergent and restrictive practices with regard to cryptography can be detrimental to the free circulation of goods and services within the Internal Market and hinder the development of electronic commerce. The European Union simply cannot afford a divided regulatory landscape in a field so vital for the economy and society. The main objectives of this Communication are to develop a European policy in particular with a view to establishing a common framework for digital signatures, ensuring the functioning of the Internal Market for cryptographic services and products, stimulating a European industry for cryptographic services and products and stimulating and enabling users in all economical sectors to benefit from the opportunities of the global information society. As far as timing is concerned, the Commission considers that appropriate measures ought to be in place throughout the Union by the year 2000 at the latest. As a consequence, the Commission intends to come forward with detailed proposals in 1998 after the assessment of comments on this Communication. This is in line with the April 1997 adopted Communication on Electronic Commerce, where the Commission announced the intention to prepare a policy aiming at guaranteeing the free movement of encryption technologies and products, as well as to propose a specific initiative on digital signatures