Obsah

Identification of public administration clients

Description of identification of public administration clients

Physical Identification

Physical identification refers to a situation where a client of a public administration is personally present at the place where the service is provided to him/her or where he/she is required to interact. Identification documents are used to provide physical proof of identity and must include:

The identification documents used are ID card and passport. A driving licence is not an identification document because it does not meet the necessary parameters when it is issued, although it does contain, for example, a photograph of the holder.

In order to allow physical identification to work for both current need (a person attends a place at a given time) and historical need (validation of an identification document from a historical contract), eGovernment services provided via Reference interface will be extended with a service that returns, for any historical identification document number and type, whether it was valid at the requested time and the current details of the holder of that historical identification document.

Physical identification for persons without an identification document

Although the preceding text assumes identification only through identification documents, there are situations in which a person does not have the ability to identify himself with such an identification document. Typically these are children under 15 or foreigners. The basic prerequisite for the identification of these persons is their registration in the public administration information system, linked to the linked data fund and the subsequent issuance of a certificate or official/public document that can act as an identification document. For persons under 15 years of age this can be a birth certificate held in one of the editorial agency information systems or a temporary residence permit for foreigners.

Some of these documents, such as permanent residence permits, asylum tags or visa tags, are already held in the basic population register, but their use for identification is not fully resolved.

Electronic identification

Electronic identification refers to a situation where the client of a public administration is not present at the place of service provision. Identification is therefore carried out remotely, without physical contact.

For the unambiguous electronic identification and authentication of public administration clients, a technical and legal framework has been created which allows all administrators of public administration information systems to perform this activity in accordance with the Information Concept of the Czech Republic and without the need to create their own costly solutions and increase the administrative burden.

Act No. 250/2017 Coll., on electronic identification, introduces in §2 the obligation to perform proof of identity using electronic identification only through a qualified electronic identification system. This section comes into force on 1 July 2020. After this date, the practice of issuing access data of public administration clients outside qualified electronic identification systems will not be allowed to continue, unless another law allows this route.

To support the whole process of electronic identification through a qualified electronic identification system, a National Identity Authority (also referred to as NIA) platform is created to perform the activities of the National Point according to § 20 and following and the National eIDAS node for cooperation with notified electronic identification systems according to Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC.

Mandates, rights and roles in electronic identification for public administration clients

The qualified electronic service provider will remain responsible for managing the authorisation (authorization) of the natural person who has proved his/her identity in this way. Therefore, he/she must continue to manage authorisations based on the data about the individual that he/she obtains from the Linked Data Pool and his/her own data held in the agenda.

View of client identification and identifiers VS

Rules for identification of public administration clients

Physical Identification

Physical identification refers to a situation where a client of a public administration is personally present at the place where the service is provided to him/her or where he/she is required to interact. Identification documents are used to provide physical proof of identity and must include:

The identification documents used are ID card and passport. A driving licence is not an identification document because it does not meet the necessary parameters when it is issued, although it does contain, for example, a photograph of the holder.

The ID card itself, which can also be used for electronic identification, can be used for physical identification at various levels:

As far as legal persons in the Czech legal system are concerned, by their nature they can never legally act on their own, they must always be acted for by a representative, which (even indirectly, e.g. if the legal person is a statutory body of another legal person) is always ultimately a natural person (or natural persons). Legal entity identification devices are not issued in the Czech Republic for use in a physical environment. This is because the legal entity is not present in the physical space and is always represented by a natural person who proves his/her own identity.

Electronic identification

Electronic identification refers to a situation where the client of the public administration is not present at the place of service provision. Identification therefore takes place remotely, without physical contact.

For the unambiguous electronic identification and authentication of public administration clients, a technical and legal framework has been created which allows all administrators of public administration information systems to perform this activity in accordance with the Information Concept of the Czech Republic and without the need to create their own costly solutions and increase the administrative burden.

Act No. 250/2017 Coll., on electronic identification, introduces in §2 the obligation to perform proof of identity using electronic identification only through qualified electronic identification system. This section comes into force on 1 July 2020. After this date, the practice of issuing access data of public administration clients outside qualified electronic identification system systems will not be allowed to continue, unless another law allows this route.

To support the whole process of electronic identification through a qualified electronic identification system, the National Identity Authority (also referred to as NIA) platform is created, which performs the activities of the National Point according to § 20 and following and the National eIDAS node for cooperation with notified electronic identification systems according to Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC.

As far as legal persons in the Czech legal system are concerned, by their nature they can never legally act on their own, they must always be acted for by a representative, which (even indirectly, e.g. if the legal person is a statutory body of another legal person) is always ultimately a natural person (or natural persons). It follows that the provisions of Section 2 of the Electronic Identification Act, which apply to the cases of natural persons, also apply to the actions of legal persons, since it is always the natural persons who actually act, whether for themselves or for another natural person or legal person.

However, in an electronic environment, particularly where automated communications are involved, mechanisms are used which are in the nature of a means of identification of a legal person. These include, for example, a certificate for the registration of sales pursuant to Act No 112/2016 Coll., on the registration of sales, or certificates issued by the Czech National Bank for automated communication between the CNB and entities subject to its supervision, typically banks. However, it is true that identification means of legal entities with use irrespective of agendas, equivalent to e.g. ID cards, are not issued in the Czech Republic.

While the authentication of a natural person is not problematic in itself, the question of determining whether a natural person is acting for himself or herself in a given situation (or in what role) or whether he or she is acting for another natural person or for a legal person appears to be problematic. The issue of mandates and authorisations is addressed in below.

The fact that a given natural person has the right to identify and authenticate himself/herself on behalf of a legal person (i.e. to "log in to a service on behalf of a legal person") does not without more confer the right for that natural person to act on behalf of that legal person through a digital service. The authorisation of a given natural person to provide a digital service must be assessed by the person to whom the natural person applies on the basis of the information available to him (information from the commercial register, power of attorney authorising a specific person to act on behalf of a legal person, etc.) in conjunction with the relevant legal provisions.

As an example of such access, we can cite data boxes to which a natural person logs in, for example, with a new ID card with an activated chip. After successful authentication with an electronic identification means (i.e. e.g. with an "eCard)" and consent to the transmission of personal data on the National Point for Identification and Authentication portal, the natural person is identified for the purposes of the Information System for Data Boxes (ISDS). After identification, the ISDS shall offer the natural person a list of data boxes in relation to which the registered natural person is authorised to act.

The authenticated natural person therefore chooses for whom and in what role he/she will act through datavboxes. The ISDS obtains the information about this authorisation, e.g. from ROS, from other sources (e.g. information about the fact that a certain person is a lawyer or insolvency administrator) or keeps it on the basis of a communication from the data box holder himself (e.g. information about the so-called authorised person). However, regardless of the source of the information on the authority to represent another person, or the source of the role information, it is up to the ISDS itself, as the service provider, to implement the authority to represent another person properly in its environment so that persons can exercise that authority. The offering of individual authorisations, or roles, is therefore the responsibility of the service provider and depends on the data and authorisations it maintains within its information system or the data it has access to.

Mandates, roles and rights in electronic communications

Ensuring the correct role assignment, or authorisation, of a client using an electronic service is one of the basic prerequisites for its proper functioning. Different roles have different permissions and responsibilities within the service, and the service provider is obliged to offer the client all the roles into which he or she can fit within the service, including roles as a representative of a legal entity, a representative of a minor, a patient's registering physician, and others. These roles with authorisations in relation to other public administration clients are mandates. In order to properly cast into a role and establish a mandate, several basic elements must be in place to provide electronic services to public administration clients:

  1. Knowledge of the types of mandates when dealing with public administrations.
  2. Unique identification and authentication of the public administration client
  3. A public administration system capable of communicating and retrieving data from a linked data pool
  4. Self-authorization of the public administration client
Mandates for dealing with public administration

In the exercise of public administration, and in particular in any interaction and communication with a public administration client, it is necessary that the public administration respects the mandates to represent one person by another under different titles. A simplified form of representation mandate can be categorized according to the following table.

Entity Type Mandate
Natural person Acting on own behalf
Acting on behalf of another natural person by law:
- parent of a child,
- spouse,
- registered partner,
- guardian, adoptive parent, guardian, foster parent
- heir, executor,
- substitute for persons incapable of acting or without a legal representative
Acting on behalf of another natural person by power of attorney.
Power of attorney authorizing a specific person to act on behalf of a legal entity
Natural person acting on behalf of a legal person Director of a legal person
statutory representative of a legal person (one FO)
Statutory body of a legal person (multiple FOs)
Insolvency administrator
Liquidator
Acting on behalf of the founder of the legal entity
Authorised to act on behalf of the legal entity:
- Public law title,
- Private law title (contract, power of attorney, memorandum of association, etc.)
If an agency regulation allows the use of access data to the data box system as identification means, this is further:
a) For natural persons - statutory representatives authorised to access the data box of a legal entity by verifying the authorisation to the data box of the legal entity through the Data Box Information System (verification of access data and authorisation).
b) For natural persons - authorised by the statutory representative to access the data box of the legal entity by verifying the authorisation to the data box of the legal entity through the Data Box Information System (verification of access data and authorisation).
c) Verification of special agenda authorisation according to the agenda regulation on the basis of which agenda digital services are provided.

Examples of mandates for natural persons resulting from certain municipal ordinances and regulations:

As highlighted below, in the exercise of public administration, it is essential that the competent authority doing some action under the agenda in question knows for which form of representation the mandate is allowed or even necessary. A public authority will treat a mandate arising under the public law title of parentage quite differently from a mandate arising under the private law title of power of attorney.

It is also appropriate to distinguish the purpose of the mandate, i.e. the type of acts that the client of the public administration does through the represented person. These can be divided into the following groups:

Unique identification and authentication of public administration clients

All entities obliged according to Law No. 250/2017 Coll., on electronic identification are obliged according to §2 to use only a qualified system to prove their identity during electronic contact, namely:

"If a legal regulation or the exercise of competence requires proof of identity, proof of identity using electronic identification may be enabled only through a qualified electronic identification system."

The qualified system is managed by a qualified administrator (a public authority or an accredited person) and complies with technical standards and European Union specifications, and in particular is linked to a national point for identification and authentication - the so-called National Identity Authority (NIA).

Identification and authentication through the NIA will provide only and only the service of verified identity of the natural person, or any system using the services of NIA can rely on the fact that the logged-in natural person is actually who he/she claims to be remotely and electronically. No further authorization services are provided.

Public administration system capable of communicating and retrieving data from a linked data pool

A system providing electronic public administration services shall be able to communicate with and retrieve data from the linked dataset. To do this, the system must comply with the regulations:

More about the use of Linked Data data and the infrastructure of the reference interface is written in the chapters:

The central shared eGovernment services can provide the following mandates for individuals who have proved their guaranteed electronic identity to the service provider:

No other central authorisation/mandate verification services are planned at present or in the foreseeable future. Therefore, it is important that each e-service provider provides different types of mandates itself.

Self-provision of public administration client authorisation

Each agenda performed (public administration performance) may require different mandates for its needs. For example, a mandate to file a tax return on behalf of another individual, a mandate to consult the medical records of another individual, to dispose of the property of a legal entity for which I am not the statutory representative, or, for example, a mandate to represent me in inheritance proceedings.

All of these mandates must be dealt with within the framework of the given agenda and we propose as an ideal solution:

It is important to emphasise that the public administration should not differentiate between the form of communication and dealing with the client. Thus, a mandate generally valid for face-to-face dealings with a civil servant or for physical actions performed at the counter must also be available to the client for electronic communication and vice versa. It is therefore also necessary to keep the mandates in a standardised form in one place and to use them for electronic client communication.

Mandates arising from public or private law titles, including powers of attorney and agreements on representation in administrative dealings with the authorities, are among the common decisive facts, as enshrined in the related provisions of the Administrative Procedure Code (in particular Section 6 and Section 50 and related). It is therefore highly appropriate that the competent public authority, if

In fact, the client may refer to the relevant provisions of the Administrative Code and not provide, in particular, powers of attorney and other documents from which the mandate derives, to the authority repeatedly.