This year brought us face to face with a global pandemic, an unexpected situation that imposed and continues to impose more and more urgently the need for changes in the way we were used to living and working, such as the need to improve electronic processes, as well as to develop the use of electronic ways, means and tools in the private and public sector.
The article examines recent initiatives regulating electronic remote identification in Greece, comparing between the rules applicable to financial institutions and other obligated persons supervised by the Bank of Greece and the Hellenic Capital Market Commission, and those applicable to Trust Service Providers supervised by the National Telecommunications & Post Commission (EETT), inferring the advantages to which the merging of the two regulatory frameworks will lead.
Already law 4727/2020 (art. 57) provides that, before issuing a certificate, the Trust Service Provider may also use the identification method with a guarantee equivalent to physical presence (art. 24 par. 1 par. d of the eIDAS Regulation), such as remote identification, providing the legal basis at national level so that Trust Service Providers have the ability to use it.
The Proposal of EETT (April 2020), the Act of the Bank of Greece (June 2020) and the Decision of the Hellenic Capital Market Commission (November 2020) regulate the requirements for remote identification that can be applied by the persons supervised by each body. There are many similarities between them, such as the assessment of the risks in case of acceptance of the current Greek identity cards, the emphasis on the training of the employees who carry out the teleconference, the requirement for interconnection with reliable public databases / registers of citizens, the keeping of a record of the teleconferences held, the specially designed area of controlled access for the realization of the teleconference, compliance with the legal framework on the protection of personal data, the possibility of entrusting the remote identification process to an external service provider, etc. Their main difference is that the EETT Proposal has recommended only the remote identification with the presence of an employee (teleconference), while the other two allow either the videoconference or the automated process through a dynamic selfie.
In Greece, we are awaiting the issuance of the ministerial decision that will define the details and requirements for the remote electronic identification that will be carried out by the Trust Service Providers. It remains to be seen whether the expected ministerial decision will also allow the automated process without the presence of an employee. Its regulation will contribute significantly to facilitating the identification of persons especially when physical presence is not possible, while the possibility of carrying out remote identification in an automated way will bring very positive results and important collaborations, since it will be in line with the corresponding regulatory framework followed by financial institutions.
