Digital timestamp: a complete guide to legal-grade time certification

Every digital document carries timestamps in its metadata, but those timestamps can be changed in seconds. A file created at 2:32 PM on April 3rd can be backdated to 9:00 AM the previous day without leaving a visible trace. As long as the time reference stays internal to the device, it holds no weight in court.

A digital timestamp changes this. A qualified time stamp, issued by a Qualified Trust Service Provider (QTSP) under the RFC 3161 standard, cryptographically binds the date and time to a specific piece of content. If anyone modifies even a single byte after the stamping, the discrepancy becomes immediately detectable. The result is legal proof of the exact moment when data was generated or acquired.

This insight is part of our guide: Qualified electronic timestamps: how they work and when they are legally required

How a qualified digital timestamp works

The mechanism behind a qualified digital timestamp is defined by the IETF RFC 3161 specification and follows distinct cryptographic steps. First, the system calculates a hash of the original document using algorithms such as SHA-256 or SHA-512, producing a unique fingerprint of the content. This hash is sent to a Time Stamping Authority (TSA) operated by an accredited QTSP. The TSA combines it with the current date and time from a certified time source and signs everything with its digital seal.

The resulting timestamp token binds together the document hash, the precise time reference, and the TSA's cryptographic signature. Changing a single bit of the original file causes the hash to no longer match the sealed version: tampering becomes evident to anyone performing the verification.

The ETSI EN 319 421 and EN 319 422 standards define the security and operational requirements for TSAs issuing qualified timestamps. On the legal side, the eIDAS Regulation (Articles 41-42) establishes a principle with significant practical implications: a qualified timestamp enjoys the presumption of accuracy. In legal proceedings, the burden of proof shifts to the opposing party, who must demonstrate that the date is incorrect.

Feature	Simple timestamp	Qualified timestamp
Issuer	NTP server, free online service	QTSP listed on the EU Trusted List
Time source	Unverifiable	Linked to UTC, certified
Legal value (eIDAS)	Challengeable	Presumption of accuracy
Reference standard	None specific	RFC 3161, ETSI EN 319 421/422
Long-term validity	Not guaranteed	Minimum 20 years (with LTV)

Simple vs. qualified timestamps: where the legal line falls

Not all timestamps carry the same weight in court. A simple timestamp, generated by an internal NTP server or a free online service, can be challenged relatively easily because it offers no guarantees about the time source or the integrity of the process. A qualified timestamp, on the other hand, is issued by a QTSP listed on the EU Trusted List and meets strict technical requirements: a time source linked to UTC, certified hardware cryptographic modules, and regular audits by national supervisory bodies. The difference is not just technical. It is the difference between a document that can be disputed and one that carries a legal presumption.

Operational scenarios: when the timestamp matters most

The practical value of a qualified digital timestamp becomes clear when the date itself is at the centre of a dispute.

In construction litigation, for example, a company that documents site conditions with photos certified through TrueScreen obtains evidence with a certain date. If the client argues that works were not completed by the contractual deadline, images acquired with a qualified electronic timestamp demonstrate the exact moment of acquisition. Timestamped documentation has proved decisive in resolving commercial disputes across EU jurisdictions, as noted by the European Commission's digital trust services framework.

For intellectual property protection, the logic is even more direct: first in time, first in right. An inventor who certifies a prototype, source code, or design documentation with a qualified timestamp creates opposable proof of prior art. If someone else claims the same work later, the certified date speaks for itself. The WIPO PROOF service, used by operators in 117 countries according to the World Intellectual Property Organization, works on the same principle.

On the compliance front, several international regulations explicitly require a certain date on digital documents. The eIDAS Regulation mandates qualified timestamps for trust services across the EU, while frameworks like the US ESIGN Act and the UNCITRAL Model Law on Electronic Signatures provide parallel recognition in other jurisdictions.

Timestamps in forensic data certification

In digital forensics, the timestamp is not optional: it is a structural requirement. The ISO/IEC 27037 standard, which defines guidelines for digital evidence acquisition, requires every piece of evidence to be accompanied by a verifiable, independent time reference. TrueScreen automatically integrates a qualified timestamp compliant with the RFC 3161 standard into every certification, without the need for third-party services or manual steps. Forensic acquisition and certification happen in a single operation: data is acquired at the source, sealed with a cryptographic hash, qualified timestamp and digital signature, maintaining a complete chain of custody from the first moment.

TrueScreen and automatic time certification

TrueScreen, the Data Authenticity Platform, takes a different approach from timestamps applied retroactively to existing documents. The platform acquires content directly at the source (photos, videos, documents, screenshots, web pages) and simultaneously applies complete certification: cryptographic hash, qualified timestamp issued by an internationally accredited QTSP, and digital signature. Acquiring at the source means the data cannot have been manipulated before certification: this is the difference compared to a simple seal applied to a received file.

Certification validity exceeds 20 years thanks to Long-Term Validation (LTV) technology, which preserves signatures and timestamps even after the expiration of underlying digital certificates (typically 1-3 years). TrueScreen certifications are verifiable and enforceable across all jurisdictions adhering to the eIDAS framework and recognized in major international legal systems.

FAQ: digital timestamps and qualified time certification

What is the difference between a digital timestamp and a file creation date?

A file creation date is metadata that can be freely modified by the operating system or the user. A qualified digital timestamp is a cryptographic token issued by an accredited QTSP: it binds the date and time to the content through hashing and a digital signature. Only the latter has probative value in court under the eIDAS Regulation.

How long does a qualified timestamp remain legally valid?

A minimum of 20 years under the RFC 3161 standard, with the possibility of extension through Long-Term Validation technology. The eIDAS Regulation ensures mutual recognition across all EU Member States.

Is a free online timestamp sufficient for legal use?

No. Free timestamping services are not issued by accredited QTSPs and do not comply with ETSI EN 319 421/422 standards. In legal proceedings, the opposing party can challenge both the accuracy of the time source and the integrity of the process. A qualified timestamp is required for recognized probative value.

Certify your data with a qualified timestamp

Every photo, video, document and screenshot acquired with TrueScreen automatically includes a qualified RFC 3161 timestamp with international legal validity.

Start now

Request a demo