What are the typical causes of failure in an e-invoicing & e-archiving project, and what steps can both parties take to prevent these from occuring?
EU Court of Justice asked to rule on the application of data protection rules on private detectives
Recently the privacy-commission issued in its Recommendation nr. 08/2012 of 2 May 2012 practical guidelines concerning the access to electronic communication of employees and the supervision thereof.
“Bring your own device” or “BYOD”, meaning that employees use their own laptop or smartphone and software for professional purposes, is an increasing trend. A lot of companies simply tolerate it or even ignore it and believe that it doesn’t concern them. This raises legal concerns. Who is liable for data breaches, viruses and breach of company’s confidential information? Is the company, as employer, allowed to enforce its IT-policies on those privately owned devices? What about the employee’s privacy?
Here is a checklist for a BYOD policy under European / Belgian law. Obviously it does not replace legal advice on the topics mentioned below. Do not hesitate to contact us with your questions.
Belgium has ratified the 2001 Convention of the Council of Europe on Cybercrime and joins herewith the 35 other Membser States who have already ratified the Convention. The Cybercrime Convention establishes not only principles of co-operation, but also rules of extradition.
The EU is well known for its stringent rules with respect to the protection of personal data, such as names, addresses or photos. In order to ensure that these rules cannot be easily circumvented by exporting data to a country with less demanding laws, the European legal framework only allows the export of personal data to non-EU countries (so-called 'third countries') under specific conditions. Exporters can e.g. conclude contracts that contain specific pre-approved clauses to ensure that the export is legitimate and personal data remains well protected.
Another option is a so-called adequacy finding. The European Commission can decide after examination of a foreign legal system that their laws offer an adequate level of legal protection, equivalent to those offered by the European rules. So far however, adequacy findings are few and far between: as shown on the Commission's website, only ten countries have obtained an affirmative decision: Andorra, Argentina, Australia, Canada, Switzerland, the Faeroe Islands, Guernsey, Israel, the Isle of Man and Jersey.
On 21 August 2012, Uruguay became the 11th country on this list, with the Commission deciding that its Data Protection Act of 11 November 2008 (the Ley No 18.331 de Protección de Datos Personales y Acción de ‘Habeas Data') offers a level of protection offered by the EU level data protection rules. The main consequence of this Decision is that personal data can be exported to companies established in Uruguay under the same terms as to any EU destination, and usage of the standardised clauses or other workaround solutions will no longer be necessary. Thus, cooperation with companies in Uruguay is now legally a bit simpler.
CC licenses provide flexibility for an author. But which license is the right one for you?
Creative Commons just released a new interactive license chooser. It helps to choose the right license by asking some precise questions that guide you through the various possible CC licenses. It is very easy to use and straightforward.
Creative Commons licenses are valid under Belgian law. Contrary to popular belief, they are not an alternative to copyright but they work alongside copyright. The author or artist who works with a Creative Commons license in fact uses his exclusive right granted under the copyright law to give his (un)conditional approval for distribution of his work. As long as the user abides by the terms of the license, he does not have to worry about copyright. However, for all other means of exploitation of the author’s creation, the copyright still remains, and only the author has the right to decide under which conditions his creation may be used.
The federal Belgian council of minsters recently approved a draft proposal that will be submitted to the Parliament in September. It aims at further simplifying electronic invoicing and archiving for paper and electronic invoices. The draft law implements the European Directive 2010/45/EC of 13 July 2010 amending Directive 2006/112/EC on the common system of value added tax as regards the rules on invoicing. The goal is to have the new rules in place as from 1st January 2013.
From the 1 billion invoices that are yearly issued in Belgium, it is estimated that approximately 40% are business-to-consumer (B2C) and 60% are business-to-business (B2B) invoices. Of these, the Federation of Belgian Companies (VBO-FEB) estimate that only 1% of these invoices are exchanged electronically.
Since the introduction of e-invoicing into Belgian legislation, the adoption rate of e-invoicing has remained rather slow. There are many reasons, but one of the main ones is that the technological and security requirements are perceived as complex. This leads to confusion and uncertainty about legal compliance for e-invoices in general and also about archiving of paper and electronic invoices.
In 2010, the legislation was simplified. Under that simplified legislation, companies are free to choose the technical means how they will exchange and archive electronic invoices. No specific methods are recommended by the VAT administration. However, the core of the legislation remains. Both senders and receivers of e-invoices must still be able to guarantee the authenticity, integrity and legibility of the invoices. This is a legal requirement at the time of sending as well as throughout the archiving period. Both paper and electronic invoices must mention certain legally mandatory items such as name and address of the supplier, VAT rate, amount, description of the goods/services, etc.
In order to promote the uptake of e-invoicing, paper and electronic invoices must be treated equally. That should be realised by this proposal of the new law. Without going into detail, some of the highlights are the following:
- The type of electronic format is irrelevant. It is possible that an invoice is created and issued in a format x and received and processed in another format y.
- Invoices in an electronic format (structured messages in XML, FINVOICE, PDF, Word or other) issued and received in electronic form, e.g an e-mail with a pdf attachment, an electronically received fax, an invoice downloaded via a website, etc are also considered as electronic invoices.
- There does not have to be a prior nor written agreement between sender and receiver about e-invoicing. However, one must be able to demonstrate a prior agreement to the VAT administration. Therefore it is still advisable to have a written prior agreement.
- Last but not least, the draft law intends to simplify also the requirements about archiving of invoices.
The draft law proposal may still be amended in the Belgian federal parliament. We will keep you updated in September, after the parliamentary recess.
Thanks to its advanced eID card infrastructure, Belgium is an ideal country for digitising paper based processes. Yet, in practice many public sector attestations and certificates are still provided on paper. Electronic attestations face a number of barriers, including the practical and cultural difficulty of presenting the attestations to third parties: when a company or public administration asks you for an attestation, it usually expects to receive a piece of paper, and citizens tend to feel a little lost when they can only present a digital document on their computer or smartphones.
Hybrid digital signatures can present a nice solution to this problem. The electronic document is signed using a normal (and legally valid) electronic signature, but it is also marked with a visible seal representing the characteristics of that electronic signature. When the electronic document is printed, the marking is visible and legible on paper, and it can be scanned to determine its authenticity through online validation portals. In this way, both the paper and electronic versions are equally valid and can be used interchangeably.
These hybrid eSignature solutions - combining the benefits of paper and electronic documents - are not new, and have been used for some time, e.g. in Austria and in the Spanish national cadastre. Since the beginning of July, they are now also used in Belgium, including in the cities of Antwerp and Mechelen. Both cities use technology provided by IntelliStamp, which allows electronic signatures to be visualised and printed on paper in a variety of ways (bar codes, reference numbers, watermarks, or the QR codes used in Belgium). The authenticity of the paper document can then be determined by validating the printed code.
It is worth noting that the Belgian eSignatures rules were updated as well, to eliminate any doubts that could have arisen on the legal validity of this process: the Belgian eSignatures Act was amended through a law of 15 February 2012 (NL | FR), which added a single line to the law: "The certificate holder's signature can be materialised into an equivalent that meets the requirements of Article 2, 2nd member, 2°". This one line addition allows materialisation (printing) into a format that meets the requirements of so-called advanced electronic signatures, and which presumably benefits from the same legal validity.
With any luck, this means that trips to municipalities to pick up paperwork will hopefully soon be a thing of the past.
The European Court of Justice published on 3 July an important landmark ruling concerning the scope of the Community exhaustion of the distribution right with respect to software. The ruling was delivered after a preliminary question from the German Bundesgerichtshof in a dispute between Oracle and UsedSoft.