Secure Email Communication Standard in Europe: The Advancement of REM Certified Emails
Certified Electronic Mail (PEC) and Registered Electronic Mail (REM): A Shift Towards European Interoperability
As the user base of PEC, Italy's certified electronic mail system, expands across the European Union, the need for an organized and traceable management of messages and receipts becomes increasingly important. This is where Registered Electronic Mail (REM) comes into play, a new European standard for secure communications designed to offer greater interoperability and security.
While PEC remains the established system for certified electronic mail in Italy, providing legal value to electronic communications primarily for official and business correspondence within the country, REM is intended to offer a pan-European solution with legal recognition across borders.
Timeline
As of mid-2025, no official, universally mandated deadline for transitioning from PEC to REM across Italy or the EU has been publicly established. The EU initiatives for REM are advancing, but full implementation and mandatory adoption timelines depend on regulatory updates and technical readiness in member states. The deadline for the mandatory transition from PEC to REM is likely to be extended, probably between the end of 2025 and the beginning of 2026.
Key Differences
| Aspect | PEC (Certified Electronic Mail) | REM (Registered Electronic Mail) | |-------------------------|------------------------------------|-------------------------------------------------------| | Scope | National (Italy-specific) | European Union-wide (cross-border interoperability) | | Legal recognition | Legally recognized in Italy, with certified delivery receipts | Intended for legal recognition across EU member states | | Purpose | Secure legal communications within Italy | Secure registered electronic communications EU-wide | | Technical basis | Italian national infrastructure and protocols | Common EU technical standards and interoperability frameworks | | Usage | Widely used by Italian public administrations, businesses, and citizens | Planned for pan-EU use facilitating cross-border electronic registered mail |
Transition and Benefits
The transition from PEC to REM will occur transparently for users, with mailbox upgrades being the responsibility of the providers. For users and businesses, the benefits of REM will simplify the management of legal communications at a European level. The PEC Management System will securely handle connections to the REM mailbox for receiving and sending emails without any impact on businesses or users.
To access REM, it will be mandatory to activate a two-factor authentication system. For application-to-application authentication to the REM mailbox, an application-based authentication mode based on the OAuth 2.0 protocol has been introduced. The PEC Management System will allow retroactive interoperability between the retiring PEC channel and the new REM channel, ensuring a seamless transition for users.
The transition from PEC to REM is driven by the need for PEC to be considered a "SERCQ," a Qualified Certified Delivery Electronic Service, as per Regulation 910/2014 (eIDAS). With the expansion of the potential PEC user base across the EU, the opportunities for using the electronic legal correspondence channel within businesses will increase.
The European Commission is working to standardize certified digital services within the EU, aiming for greater interoperability. REM, also known as the "European PEC," will be valid for communications across the EU. As the digital landscape continues to evolve, staying informed about these changes is crucial for businesses and individuals alike.
The transition from PEC to REM, the European standard for secure communications, will be beneficial for businesses given its pan-European scope and resulting simplified management of legal communications at a European level, supported by common EU technical standards and interoperability frameworks. This change is facilitated by the use of technology, such as the OAuth 2.0 protocol for application-to-application authentication and data-and-cloud-computing infrastructure that enables seamless transitions between PEC and REM mailboxes.
