With the UK government's proposals on electronic commerce legislation repeatedly delayed, British business is ploughing ahead and setting its own standards to encourage online trade.

The BCC's Ian Peters on Net legislation concerns

The British Chambers of Commerce launched a programme of nationwide workshops this week aimed at equipping its members to issue digital certificates by June.

Digital certificates are based on Public Key Cryptography, a model that uses public and private keys. The private key is only known by the user and is used to produce a digital signature. The public key may be known by anyone and is used to check a digital signature.

The BCC says it is working with the "American Express" of digital certificates - Belgian-based GlobalSign. It says it will issue the highest security certificates, Class Three, to ensure the necessary confidence and security for business-to-business online transactions.

BCC certificates are different class

"Class Three is the highest level of authenticity of signatures. It provides for physical checks on the authenticity of the individual and their signatures," says Ian Peters, Deputy Director General of the BCC.

"When they come to apply at a Chamber of Commerce they have to provide physical documentation - evidence of identity, the authority of their business and so on. This is carefully checked before they are given the certificate. That's what will give British business full confidence in this system.

"Digital signatures will be absolutely essential for trading over the Internet. At the moment, when you do business with another company, you need to sign contracts and have a physical signature of someone who has the authority to sign on the company's behalf.

"As we get into e-commerce, people will have to have these digital signatures so that the other party can have complete trust in their ability to deliver against the terms of the contract."

Quarter of users expected to sign digitally

Eight regional workshops are being held. The BCC has 60 approved chambers in its network serving 110,000 businesses. Staff training in digital certificates begins in March. The Class Three certificates will cost £50 and will have to be renewed annually.

With 25 per cent of Net users expected to have digital signatures by 2000, the BCC is competing with banks, the Post Office and companies such as VeriSign and Entrust for a considerable market, estimated to be worth $1.8bn in 2001.

VeriSign claims its digital certificates have become a de facto standard on Websites, with a market share of 90%. The top 25 e-commerce sites all use VeriSign and it receives a licensing fee of $300 for servers using it.

The BCC, as a Registration Authority, says it will be taking the lead as the first national network of local organisations to issue certificates for signatures. The BCC says it is aiming purely at the business market by offering maximum security.

Key escrow controversy

GlobalSign has set itself up as a Certification Authority and Trusted Third Party (TTP) which complies with European Union directives.

The whole issue of encryption has become highly controversial in the UK with the government expected to introduce a policy of key escrow and licensed TTPs through its Electronic Commerce Bill.

This would mean anyone using encryption being encouraged to lodge their keys with TTPs. In turn, the police and security services would be able to gain access to the keys through the TTPs if they suspected criminal activities.

In response to industry concerns, the government announced last April that law enforcement agencies would not be able to obtain a warrant for lawful access to cryptographic keys used solely for digital signature purposes.

But the BCC has joined the Confederation of British Industry, the Post Office and civil liberties groups on the Net in expressing concerns about the impending legislation. Objections range from invasion of privacy to the impracticalities of introducing it and a lack of confidence in the system.

"The problem is that there is not that facility for government [to access keys] elsewhere in Europe or elsewhere in the world. It won't work, businesses will go elsewhere, all this will do is put British business at a disadvantage," says Ian Peters.

Delays may end this month

The e-commerce bill was announced in the Queen's Speech last year. But the publication of the consultation paper expected soon after has been postponed several times. It may now appear later this month.

The delays appear related to the controversy over key escrow and ministerial changes, with Peter Mandelson stepping down as Secretary of State at the Department of Trade and Industry. The minister directly responsible, Barbara Roche, has also moved on.

A parliamentary select committee has launched an inquiry into electronic commerce and is examining the key escrow issue.

Roger Till of the e-commerce standards association, e centre uk, last week testified that key escrow was not a workable solution to law enforcement concerns.

He expressed concern at delays in the bill, saying there was a real danger that the UK was lagging behind. The legislation might make Britain appear to be a more difficult place to trade.

Ironically, this would be the opposite to what Mr Mandelson had promised at the Labour Party conference last year - to make Britain the most e-commerce friendly environment to do business on earth.