PEC becomes European: what are the new standards?

PEC becomes European: what are the new standards?

PEC and traditional email: what are the main differences?

The PEC – which refers to Certified Electronic Mail – is considered the same as a registered letter with return receipt, but it works in a very similar way to the traditional email box meeting the requirements of the elDAS Regulation for the certified electronic delivery service (SERC).

The main difference between a PEC email and a traditional one revolves around the fact that the Certified Electronic Mail guarantees greater security since the content of a Certified Electronic Mail email is always protected and neither the message nor the attachments can be modified during transmission. This allows users of Certified Electronic Mail services to send email messages with the same legal value as a classic registered letter with receipt, so with a real guarantee proof about the sending and the delivery of digital contents through an email platform.

A few subjects like Public Administration organisations and freelance professionals nowadays have a mandatory possession and use of the PEC for official communications. Moreover, recently some steps further have been taking in defining the PEC as a valid and shared mean of certified communications in Europe.

Towards the European PEC: what’s new?

The first step towards the adoption of an European PEC system was the process of definition and publication of the new standard ETSI EN 319 532-4.

This refers especially to the interoperability at European level of qualified eDelivery systems in compliance with the eIDAS Regulation, based on the use of the REM (which stands for Registered Electronic Mail) transport protocol.

In other words, with the approval of the ETSI (European Telecommunications Standards Institute) standard, the current PEC service will allow citizens and businesses of member states to communicate with full legal value and in a security, effectively making Certified Electronic Mail valid throughout Europe. Therefore, this is the first evolution of what we can call an European PEC, a qualified delivery system that can be used within European borders for the secure exchange of electronic communications with a legal value.

Its European evolution and adoption represents a further milestone which not only confirms the effectiveness of a tool that has become needed by now, for several reasons and even by laws, but also makes the PEC one of the top factors of the digitilisation process promoted throughout public offices, companies, professionals and citizens.

PEC adjustment to European standards: what’s going to change?

The new ETSI standard identifies the key elements of a shared technological interface (CSI – Common Service Interface) which allows secure dialogue and interconnection between qualified delivery service managers and, consequently, also that between citizens and companies and government bodies of the Member States in Europe.

What does it mean? It means that the European PEC will certify the following data and information:

  • The identity of those who have a PEC address, wherever they reside in the EU;
  • The integrity of the contents sent an delivered through certified email systems;
  • The exact time and date when the message was sent and received.

The first necessary step for adapting to European standards for the making of what’s meant to be an European PEC system is the recognition of the user who owns a PEC certified email address. This operation requires the user to use one or more tools and systems in order to identity his/her own data and PEC email address:

  • Public Digital Identity System;
  • Digital signature;
  • Electronic Identity Card;
  • National Service Card;
  • De Visu Online recognition with an operator;
  • Directly in person, by going to authorized offices.

On the other hand, the second step involves the activation of Two-Factor Authentication (2FA), which is now mandatory to operate with the PEC at European level. The users will be able to access his mailbox using the combination: username + password + OTP and authorization push notification, with a strong guarantee related to authentication, data security and privacy in addition to the improved reliability of the whole certified email system which, finally, will interconnect Europe according to this point of view as well.

Articolo precedenteMetaverse: what is it and where are we headed?
Articolo successivo3 Things you need to know on the eIDAS Regulation