In this document, I've distilled all the excerpts from the final text of the revision of eIDAS that specifically refer to the new Trust Service for Electronic Archiving. It describes how information should be preserved during its legal retention period, in order to have guarantees regarding authenticity, legibility and integrity.
In summary, the following is outlined about Electronic Archiving:
- In order to create legal certainty, with regard to electronic archiving, it is necessary to have a legal framework for Qualified Electronic Archiving (QeA)services, inspired by existing trust services regulation.
- Electronic data and documents, whether created electronically or digitized from paper, should be preserved securely to prevent loss and alteration, with clear legal effects for using qualified electronic archiving services.
- When digitally signed or sealed information are submitted to a QeA service, procedures and technologies should ensure the trustworthiness of electronic signatures or seals over the preservation period, possibly relying on other qualified trust services.
- Member States may maintain or introduce specific national provisions for electronic archiving services not harmonized by this regulation for archive services of an organisation that are only used internally for that organisation
- National and Public Archives (mainly with a focus on heritage) do not provide Trust Services as described in the text.
- The regulation amends EU Regulation No 910/2014 to include electronic archiving among trust services, with specific requirements for qualified electronic archiving services, such as integrity, confidentiality, proof of origin preservation, and automated integrity confirmation reports for retrieved data.
