LECTURES 2025
The Digital Identity Wallet is Already on its Way
mag. Aleš Pelan
MINISTRY OF DIGITAL TRANSFORMATION
dr. Alenka Žužek Nemec
MINISTRY OF DIGITAL TRANSFORMATION
dr. Davorka Šel
MINISTRY OF DIGITAL TRANSFORMATION
The presentation will cover the following topics:
- The status of EU eIDAS legislation and implementing acts. What is the future of the European wallet for businesses?
- Preparations for the adaptation of national legislation in the area of electronic identification and trust services
- Results of the pilot project to set up the European wallet Potential
- Preparations for the introduction of a national European wallet for digital identity
The Artificial Intelligence Act, which came into force on August 1, 2024 and will be gradually implemented over the next few years, represents the first comprehensive legal framework to regulate artificial intelligence. The rules that the law provides for developers and users of AI systems are based on risk. The highest-risk systems are completely banned, while high-risk AI systems must meet strict requirements in terms of risk management, data, cybersecurity, human oversight and robustness. For lower-risk AI systems, only rules for adequate transparency apply. The presentation aims to familiarize participants with the basic concepts introduced by the Artificial Intelligence Act and the categorization by risk, with a focus on high-risk UI systems.
What are the Benefits of the Artificial Intelligence Act?
dr. Pika Šarf
THE INFORMATION COMMISIONER OF THE REPUBLIC OF SLOVENIA
Obligations of Trust Service Providers under the New Legislation
Matjaž Mravljak, director
INSPECTORATE FOR INFORMATION SECURITY, GOVERNMENT OFFICE FOR INFORMATION SECURITY
The new Information Security Act (ZInfV-1) and the implementing regulation of the EU Commission (Regulation No. 2024/2690) extend the existing requirements in the area of information and cyber security for providers of essential and important services, which also include trust services. The technical and organizational measures for providers of trust services are explained in more detail in the EU Commission’s implementing regulation. The presentation focuses on the legal framework that binds trust service providers and gives practical advice on how trust service providers can achieve compliance as obliged entities under ZInfV-1.
The technological landscape of e-identity and e-signature providers is becoming increasingly dynamic. European initiatives are introducing valuable innovations through a unified digital platform for e-identities that is consistent for all citizens and always accessible. These measures also create opportunities to enhance trust services both technologically and practically, allowing new entrants into the market. Do we really need another trust service provider in an already saturated market? What added value does this bring to a market that is becoming increasingly crowded with digital services, without compromising quality, usability, or security?
Do we Really Need Another Trust Service Provider?
mag. Aljoša Jerman Blažič
SETCCE d.o.o.
Introductory speech
dr. Aida Kamišalić Latifić, državna sekretarka
MINISTRY OF DIGITAL TRANSFORMATION
Marjan Antončič
President of EIDES ASSOCIATION
Samo Kumar
CEO, BANKART d.o.o.
Coming soon.
New Electronic Archiving Service Under eIDAS 2.0
dr. Jože Škofljanec
ARCHIVES OF THE REPUBLIC OF SLOVENIA
Accreditation of Certification Bodies for the Certification of Personal Data Processing activities
dr. Nataša Vesel Tratnik
SLOVENIAN ACCREDITATION
The protection of individuals with regard to the processing of personal data is a fundamental right and any processing of personal data should be lawful, fair and transparent. The General Data Protection Regulation (Regulation (EU) 2016/679) strengthens the existing rights of individuals and gives citizens more control over their personal data. The processing of personal data should only be carried out by a processor that provides sufficient guarantees, in particular in terms of expertise, reliability and resources, to implement technical and organizational measures that meet the requirements of the aforementioned regulation, including in relation to the security of the processing.
With the entry into force of the General Data Protection Regulation (Regulation (EU) 2016/679), the new edition of the Data Protection Act (ZVOP-2) and the issuance of the document Additional Accreditation Requirements of the Slovenian Information Commissioner for Certification Bodies pursuant to Article 43(1)(b) and Article 43(3) of the General Data Protection Regulation in conjunction with ISO/IEC 17065, No. 06050-1/2023/4, key requirements for the competence of certification bodies for the certification of personal data processing activities have been established. By defining key requirements for the competence of certification bodies in this area, the SA was able to start developing the area of accreditation for the certification of personal data processing activities. During the development process, the SA established the requirements for accreditation, adapted its documented procedures, recruited assessors with expertise in the area of personal data processing and provided training for staff.
With the accreditation for the certification of personal data processing activities, the certification body receives confirmation of its competence to carry out the certification of personal data processing activities, which gives it a competitive advantage in the market. By obtaining a certificate, the clients of an accredited certification body demonstrate that their personal data processing procedures comply with the requirements of the General Data Protection Regulation and ZVOP-2, which helps to increase the confidence of individuals and partners in personal data processing arrangements.
Digital transformation is no longer the future – it is the present. But when a company embarks on the path to full digitalization, it quickly faces a crucial dilemma: which level of electronic signature or seal should be chosen? Simple, advanced or qualified? A similar question arises with regard to other trust services. The choice is a strategic decision with long-term consequences. It is a balance between cost, user experience, legal security and regulatory requirements. In this presentation, you will learn how to find the right solution for your business processes, how to ensure that electronically signed documents remain authentic and complete in the long term, and how to turn your decision into a competitive advantage.
Qualified or Unqualified – that is the (Digital) Question
Miha Poberaj
REKONO d.o.o.
Use of e-Signature in the ELES Business Operations
dr. Jana Babnik Gomišček
ELES d.o.o.
The digital transformation of ELES also includes the compliant, secure and reliable management of electronic documents. These activities include measures and procedures that ensure and maintain the authenticity and integrity of individual electronic documents.
Given the ICT technologies available, these objectives can be most effectively achieved through the use of trust services as defined in the eIDAS Regulation and the corresponding EU and national implementing legislation. In particular with electronic signatures and electronic seals and in certain cases also with other trust services such as electronic time stamps, electronic delivery or electronic archiving. Using electronic signatures as an example, this presentation will highlight some of the challenges that ELES had to face when deciding on the use of trust services.
Ms. Korošec Gorišek will analyze several examples of signing various contracts in practice, with particular attention to employment contracts. She will present observations and considerations that, given the still limited case law, should be taken into account when deciding which type of electronic signature to choose and use for signing contracts in electronic form to ensure compliance with relevant regulations and achieve the desired level of legal certainty for the contracting parties.
Employment Contract in Electronic Form
Barbara Korošec Gorišek
Šafar and Partners Law Firm
Round Table
During the round table discussion, we will address issues related to the intersection of content, requirements, and opportunities arising from regulations and practices in e-identification and trust services, information and cyber security, and personal data protection, in connection with sectoral regulations and practices in these areas.
Questions for Panelists will Focus on:
- providing a European digital identity wallet;
- using current e-identification methods (e.g., e-ID cards) in authentication procedures for accessing online or offline services;
- remote identification and authentication of individuals using biometric data;
- the significance and consequences of classifying trust service providers as essential or important entities under ZInfV-1;
- e-signatures and other means of documenting individuals’ intent in digital form;
- e-archiving and other trust services;
- ensuring the lawful processing of personal data related to identification and authentication procedures and the use of trust services.
The University of Maribor has taken a significant step toward more sustainable, transparent, and connected operations by digitally transforming its business processes. The paperless transition project, which connects 20 organizations and more than 2000 users, has established a unified digital platform that manages the entire document lifecycle, from creation to secure storage.
A key component of the solution is mSign, an electronic signature tool. mSign enables reliable, secure, and legally valid document signing within the platform and allows easy integration of various qualified signature resources. Along with mDocs+ for electronic document management and mSef for secure electronic storage, mSign forms a comprehensive digital environment that enables fully paperless business operations.
At the Zeides conference, Dr. Marko Kežmah, project manager, will present the University of Maribor’s practical experiences in implementing e-signing, integrating various information systems, and ensuring compliance with eIDAS requirements. The presentation will highlight benefits such as faster processes, greater transparency, and reduced paper consumption.
The lecture provides insight into the specific steps and challenges of digitally transforming a large organization and demonstrates how modern solutions like mSign can support the vision of a green, digitally connected, and compliant university of the future.
Transition to Paperless Operations for a Green and Digitally Connected University of Maribor -20 Organizations, 2000 Users, one Future
dr. Marko Kežmah
UNIVERSITIY OF MARIBOR
Contemporary challenges in the field of personal data protection
mag. Andrej Tomšič
THE INFORMATION COMMISIONER OF THE REPUBLIC OF SLOVENIA
The European Union’s Digital Agenda introduces a comprehensive set of new laws aimed at creating secure digital environments, ensure fair competition in digital markets, and strengthen Europe’s digital sovereignty in line with the digital and green transition. The lecture will explain the new powers of the Information Commissioner and some challenges in personal data protection and artificial intelligence, such as synthetic data and neurotechnologies, as well as new case law on anonymization and pseudonymization.