UK wants registered providers for trust service framework

The UK government has opened a public consultation to assess the state of the country’s trust services market, pointing out that no qualified trust service providers are currently registered in the UK.

The call for views seeks input from organizations that supply or use electronic trust services such as electronic signatures, digital seals and time stamping. The call-out is occurring against a backdrop of growing digitalization across Europe and globally as the UK is accelerating its own attempts.

In contrast to several European countries, the UK seldom uses advanced or qualified e-signatures. Instead, traditional approaches like wet-ink signatures (with a pen) or less secure digital methods, such as basic e-signatures or simply typing their name into an electronic document, are more common.

UK eIDAS is the legal framework for the provision of trust services in the UK, which is the country’s version of the EU’s trust services regulation which was amended and retained as UK domestic law when the UK left the European Union. No reciprocal arrangement exists between the UK and the EU for trust services providers who are registered in the UK, to operate in the EU.

The ICO’s existing regulatory structure is designed to ensure that qualified trust service providers meet rigorous standards for security and reliability. The British government says that  despite growing digitization across the economy, no UK firms have sought registration, and that  there is scant evidence that qualified trust services are in widespread use.

Although the UK has an established legal framework governing these services — overseen by the Information Commissioner’s Office (ICO) — the sector remains untapped domestically. Instead, businesses in the UK have been forced to rely on EU-registered providers to deliver qualified trust services.

Data on the scale of the UK’s trust services market is patchy. A 2024 digital identity sector analysis by the Department of Science, Innovation and Technology (DSIT) found that just over a third (34 percent) of identified digital identity providers also offer trust services — such as electronic seals, signatures and certificates — and that these offerings generated roughly £136 million ($180.5 million) in revenue during 2023–24.

At present, no qualified trust service providers are registered in the UK. Organizations seeking the higher-assurance “qualified” level of trust services must instead turn to suppliers based in European Union member states.

Interestingly, the call for views welcomes opinions on the advantages and disadvantages of creating clearer connections between the UK digital identity and attributes trust framework and the UK eIDAS regulation.

The consultation will collect essential information about the UK trust services market to help inform policy development. If responses indicate that further action is required, the government plans to widen its engagement to include individuals as well as organizations.

The government’s call for views is designed to paint a clearer picture of the UK trust services landscape. It invites feedback on the effectiveness of the existing regulatory framework from both organizations that supply trust services and those that make use of them.

Interested parties can submit their views via the government’s consultation portal until the deadline of 20 September.

Article Topics

digital identity  |  electronic-signature  |  Information Commissioner’s Office (ICO)  |  Qualified Trust Service Provider (QTSP)  |  trust framework  |  UK  |  UK digital ID