ASEAN ELECTRONIC COMMERCE LEGISLATION COMPARISON TABLE (version dated 1 Dec 2000) MATRIX UNCITRAL Singapore Brunei Thailand Malaysia Philippines

Similar documents
Archival Legislation in Singapore

Tentative Translation ELECTRONIC TRANSACTIONS ACT, B.E (2001) 1

CHAPTER 308B ELECTRONIC TRANSACTIONS

UNCITRAL E-SIGN UETA COMPARISON 1

Resolution adopted by the General Assembly. [on the report of the Sixth Committee (A/56/588 and Corr.1)]

ARRANGEMENT OF SECTIONS PART I PRELIMINARY

1 ELECTRONIC COMMUNICATIONS IN CONTRACTUAL TRANSACTIONS 2 DRAFT TABLE OF CONTENTS 3 PART 1 4 GENERAL PROVISIONS

EXHIBIT D THE UNITED NATIONS CONVENTION ON THE USE OF ELECTRONIC COMMUNICATIONS IN INTERNATIONAL CONTRACTS WITH AMERICAN COMMENTARY

Presidential Decree No. 513 of 10 November 1997

OBJECTS AND REASONS

UNITED NATIONS CONVENTION ON THE USE OF ELECTRONIC COMMUNICATIONS IN INTERNATIONAL CONTRACTS

DIGITAL SIGNATURES IN THE AUTOMATED ELECTION SYSTEM

FINAL REPORT ON THE LAW OF INFORMATION TECHNOLOGY

ELECTRONIC COMMERCE ACT

UNCITRAL Model Law on Electronic Commerce with Guide to Enactment 1996 With additional article 5 bis as adopted in 1998

UNITED NATIONS COMMISSION ON INTERNATIONAL TRADE LAW (UNCITRAL) UNCITRAL Model Law on Electronic Commerce with Guide to Enactment 1996

REPUBLIC OF THE PHILIPPINES DEPARTMENT OF TRADE AND INDUSTRY DEPARMENT OF BUDGET AND MANAGEMENT BANGKO SENTRAL NG PILIPINAS

GENERAL ASSEMBLY OF NORTH CAROLINA SESSION 1999 S 1 SENATE BILL 1266

The Electronic Information and Documents Act, 2000

ELECTRONIC TRANSACTIONS ACT

GATEKEEPER ABN-DSC SUBSCRIBER AGREEMENT INSTRUCTIONS

NEVADA REVISED STATUTES. Title 59 - ELECTRONIC RECORDS AND TRANSACTIONS CHAPTER 719 ELECTRONIC TRANSACTIONS (UNIFORM ACT)

Resolution adopted by the General Assembly on 23 November [on the report of the Sixth Committee (A/60/515)]

OFFICIAL POLICY. Policy Statement

Information Technology (Amendment) Act, 2008

Title 10: COMMERCE AND TRADE

Chapter 10 Information Technology (Amendment) Act, 2008

ORGANISATION OF EASTERN CARIBBEAN STATES

INSTRUCTIONS FOR USE

THE STATUTES OF THE REPUBLIC OF SINGAPORE INTERNATIONAL ARBITRATION ACT (CHAPTER 143A)

ELECTRONIC COMMUNICATIONS AND TRANSACTIONS ACT, ACT NO. 25 OF 2002 [ASSENTED TO 31 JULY 2002] [DATE OF COMMENCEMENT: 30 AUGUST 2002]

ELECTRONIC TRANSACTIONS LAW

Electronic Transactions Act, Act, Act 772 ARRANGEMENT OF SECTIONS. Object and scope of the Act

THE INFORMATION TECHNOLOGY ACT, 2000 ARRANGEMENT OF SECTIONS

Annex A ELECTRONIC TRANSACTIONS LAW

Electronic Document and Electronic Signature Act Published SG 34/6 April 2001, effective 7 October 2001, amended SG 112/29 December 2001, effective 5

Article III - ( ) ELECTRONIC SIGNATURES AND RECORDS ACT

U.S. Code Title 15 Commerce and Trade Chapter 96 Electronic Signature in Global and National Commerce Act Section General rule of validity

Republic Act No ELECTRONIC COMMERCE ACT OF 2000

NASS Resolution Reaffirming Support for the National Electronic Notarization Standards

HIPSSA SADC Model Law on Electronic Transactions & Electronic Commerce. Establishment of Harmonized Policies for the ICT Market in the ACP

INFORMATION TECHNOLOGY ACT, 2000 (as amended by Information Technology Act, 2008)

RULES OF TENNESSEE DEPARTMENT OF ENVIRONMENT AND CONSERVATION CHAPTER ELECTRONIC REPORTING TABLE OF CONTENTS

E-Transactions Comparative Law Analysis

"Certification Authority" means an entity which issues Certificates and performs all of the functions associated with issuing such Certificates.

This title may be cited as the Uniform Electronic Transactions Act.

ON THE INFORMATION SOCIETY SERVICES

Class Unification of Law - Uniform Law (Rechtsvereinheitlichung) Summer term 2017

1. Electronic means relating to technology having electrical, digital, magnetic, wireless, optical, electromagnetic, or similar capabilities.

Digital Signature and DIN

Obligation of good faith.

Muskingum Valley Park District Board of Park Commissioners AMENDED BYLAWS

AMENDED AND RESTATED BY-LAWS OF CHICAGO MERCANTILE EXCHANGE INC. Amended and Restated as of May 6, 2016

Korean Intellectual Property Office

ERIN ENERGY CORPORATION (Exact name of registrant as specified in its charter)

CHAPTER 8 INTERNATIONAL CONVENTIONS ON E-CONTRACTS

Trustwave Subscriber Agreement for Digital Certificates Ver. 15FEB17

UNIFORM RESIDENTIAL MORTGAGE SATISFACTION ACT

THE STATUTES OF THE REPUBLIC OF SINGAPORE ARBITRATION ACT (CHAPTER 10)

TERMS OF USE FOR PUBLIC LAW CORPORATION PERSONAL CERTIFICATES FOR AUTHENTICATION

THE NEGOTIABLE INSTRUMENTS (AMENDMENT AND MISCELLANEOUS PROVISIONS) BILL, 2002

Economic and Social Council

DD/DSD CDS PROCEDURES MANUAL FOR ADA 21/04/17 Chapter: 4 ACCOUNT MANAGEMENT Section: 4.1 Opening Of Account Applications

Unprofiled Document

NASS Support for the Revised National Electronic Notarization Standards

( ) Page: 1/5 WORK PROGRAMME ON ELECTRONIC COMMERCE ELECTRONIC SIGNATURES. Communication from Argentina, Brazil and Paraguay

OHIO REVISED CODE TITLE 1. STATE GOVERNMENT CHAPTER 147. NOTARIES PUBLIC

MONTANA CODE ANNOTATED

SCHEDULE CHAPTER 117 THE REGISTRATION OF DOCUMENTS ACT An Act relating to the registration of documents. [1st January, 1924]

STATE OF NEW JERSEY. SENATE, No th LEGISLATURE PRE-FILED FOR INTRODUCTION IN THE 2016 SESSION

CONVENTION ON CHOICE OF COURT AGREEMENTS. (Concluded 30 June 2005)

For the purpose of this opinion, we have assumed the following:

The Malawi Gazette Supplement, dated 4th November, 2016, containing Acts (No. 6C) MALAWI GOVERNMENT

General Assembly. United Nations A/CN.9/WG.I/WP.42/Add.1

Summary of Committee Discussion/Questions No discussion or questions occurred among Committee members prior to approval of the proposed policy.

BYLAWS OF COMMUNITY ASSOCIATIONS INSTITUTE OF COLORADO d/b/a COMMUNITY ASSOCIATIONS INSTITUTE ROCKY MOUNTAIN CHAPTER

CHAPTER 137. AUTHENTICATIONS AND ELECTRONIC TRANSACTIONS AND RECORDS SUBCHAPTER I

REVISOR PMM/NB A

BILL, Explanatory. (These notes form no part of the Bill but are intended only to indicate its general purport)

Class Unification of Law - Uniform Law (Rechtsvereinheitlichung) Summer term 2016

Provider Electronic Trading Partner Agreement

AMENDED AND RESTATED BYLAWS ONLINE TRUST ALLIANCE

RESIDENTIAL MORTGAGE SATISFACTION ACT

Electronic Interactions Reform Bill

RULES AND REGULATIONS FOR THE GENERAL SHAREHOLDERS MEETING PREAMBLE

BYLAWS OF COACHELLA VALLEY CHAPTER OF THE COMMUNITUY ASSOCIATIONS INSTITUTE ARTICLE I NAME AND OFFICE

OPTIMUMSSL RELYING PARTY AGREEMENT

GEOTRUST RELYING PARTY AGREEMENT

MALAYSIA Trademarks Regulations as amended by PU (A) 47 of 2011 ENTRY INTO FORCE: February 15, 2011

H 7502 S T A T E O F R H O D E I S L A N D

P.U. (A) 47/2011 TRADE MARKS (AMENDMENT) REGULATIONS 2011

DELAWARE CODE TITLE 6. COMMERCE AND TRADE SUBTITLE II. OTHER LAWS RELATING TO COMMERCE AND TRADE CHAPTER 12A. UNIFORM ELECTRONIC TRANSACTIONS ACT

A Bill Regular Session, 2017 HOUSE BILL 1479

TURKS AND CAICOS ISLANDS COMPANIES ORDINANCE 2017 ARRANGEMENT OF SECTIONS

BELIZE ELECTRONIC EVIDENCE ACT CHAPTER 95:01 REVISED EDITION 2003 SHOWING THE SUBSTANTIVE LAWS AS AT 31ST MAY, 2003

CERTIFICATE OF INCORPORATION OF WINGSTOP INC.

EuropeanSSL Relying Party Agreement ("Agreement")

SECOND AMENDED AND RESTATED BY-LAWS AMTRUST FINANCIAL SERVICES, INC. A Delaware corporation Adopted as of November 29, 2018 ARTICLE II OFFICES

INTERNATIONAL BUSINESS COMPANIES ACT, An Act to provide for the Incorporation, Registration and Operation of International Business Companies

Arbitration Act of. of Barbados. (Barbade)

Transcription:

Scope ASEAN ELECTRONIC COMMERCE LEGISLATION COMPARISON TABLE (version dated 1 Dec 2000) MATRIX /digital / data message Effect of /digital s Art 1 EC This Law applies to any kind of information in the form of a data message used in the context of commercial activities. Art 1 ES These Rules apply where s are used in the context of commercial activities. They do not override any rule of law intended for the protection of consumers. Note: The term commercial should be given a wide interpretation so as to cover matters arising from all relationships of a commercial nature, whether contractual or not. Relationships of a commercial nature include, but are not limited to, the following transactions: any trade transaction for the supply of exchange of goods or services; distribution agreement; commercial representation or agency; factoring; leasing; construction of works; consulting; engineering; licensing; investment; financing; banking; insurance; exploitation agreement or concession; joint venture other forms of industrial or business cooperation; carriage of goods or passengers by air, sea, rail or road. Draft s 2 ES Electronic Signature means data in form in, affixed to, or logically associated with, a data message, which may be used to identify the signatory in relation to the data message indicate the signatory s approval of the information contained in the data message. Note: ES is not PKIspecific Art 2 EC (data message) Draft Art 2 ES (data message) Means information generated, sent, received or stored by, optical or similar means including, but not limited to, data interchange (EDI), mail, telegram, telex or telecopy Art 7 EC (1) Where the law requires a of a person, that requirement is met in relation to a data message if: (a) a method is used to identify that person to indicate that person s approval of the information contained in the data message; (b) that method is as reliable as was appropriate for the purpose for which the data message Parts II IV shall not apply to any rule of law requiring writing or s in any of the following matters: i. the creation or execution of a will; ii. negotiable instruments; iii. the creation, performance or enforcement of an indenture, declaration of trust or power of attorney with the exception of constructive resulting trusts; iv. any contract for the sale or other disposition of immovable property, or any interest in such property; v. the conveyance of immovable property or the transfer of any interest in immovable property; vi. documents of title. S 2 ( ) Any letters, characters, numbers or other symbols in digital form attached to or logically associated with an, executed or adopted with the intention of authenticating or approving the S 2 (digital ) Electronic consisting of a transformation of an using an asymmetric cryptosystem a hash function such that a person having the initial untransformed the signer s public key can accurately determine (a) whether the transformation was created using the private key that corresponds to the signer s public key; (b) whether the initial has been altered since the transformation was made S 2 ( ) Means a generated, communicated, received or stored by, magnetic, optical or other means in an information system or for transmission from one information system to another. Where a rule of law requires a, or provides for certain consequences if a document is not signed, an satisfies that rule of law. Parts II IV shall not apply to any rule of law requiring writing or s in any of the following matters: vii. [the creation of any legal instrument or document under any written law relating to Islamic law]; viii. [the creation or execution of a will under any written law relating to a will]; ix. negotiable instruments; x. the creation, performance or enforcement of an indenture, declaration of trust or power of attorney with the exception of constructive resulting trusts; xi. any contract for the sale or other disposition of immovable property, or any interest in such property; xii. the conveyance of immovable property or the transfer of any interest in immovable property; xiii. documents of title. S 2 ( ) Any letters, characters, numbers or other symbols in digital form attached to or logically associated with an, executed or adopted with the intention of authenticating or approving the S 2 (digital ) Electronic consisting of a transformation of an using an asymmetric cryptosystem a hash function such that a person having the initial untransformed the signer s public key can accurately determine (a) whether the transformation was created using the private key that corresponds to the signer s public key; (b) whether the initial has been altered since the transformation was made S 2 ( ) Means a generated, communicated, received or stored by, magnetic, optical or other means in an information system or for transmission from one information system to another. Where a rule of law requires a, or provides for certain consequences if a document is not signed, an satisfies that rule of law. S 3 This Act shall apply to civil commercial transactions made by a data message, exception the transaction the legal nature of which does not admit of its application, as prescribed in the Royal Decree. An application, permission, registration, administrative order or the performance of any act under the law with a State agency shall, if made in the form of a data message in accordance with the rules procedures prescribed by the Royal Decree, fall under the application of this Act shall be deemed to have the same legal effect as the performance of the act in accordance the rules procedures provided by the law on that particular matter. For this purpose, the Royal Decree may also require a State agency to issue rules prescribing details in certain cases. ( ) Letters, characters, numbers, sound or any other symbols created by an means attached to a data message for establishing the association of a particular person with the data message the purposes of identifying the signatory indicating that such person has approved agreed to be bound by such data message Note: Not PKIspecific (data messages) Means information generated, sent, received, stored or processed by an means such as data interchange, mail, telegram, telex or facsimile. In a case where a person is to enter a in any writing, it shall be deemed that a data message bears a if: (1) a method is used which is capable of identifying the signatory indicating that the signatory has approved the information contained in the data message as being his or her own; (2) such method is as reliable as was appropriate [Scope not expressly circumscribed. By implication, Act applies to all classes of transactions] Also, see ss 62 & 64. S 2 (digital ) Means the transformation of a message using an asymmetric cyptosystem such that a person having the initial message the signer s public key can accurately determine (a) whether the transformation was created using the private key that corresponds to the signer s public key; (b) whether the message has been altered since the transformation was made Note: undefined S 2 (message) Means a digital representation of information S 62 (1) Where a rule of law requires a or provides for certain consequences in the absence of a, that rule shall be satisfied by a digital where (a) that digital is verified by reference to the public key listed in a valid certificate issued by a licensed certification authority; (b) that digital was affixed by This Act shall apply to any kind of data message document used in the context of commercial noncommercial activities to include domestic international dealings, transactions, arrangements, agreements, contracts exchanges storage of information. S 5 ( ) Any distinctive mark, characteristic /or sound in form, representing the identity of a person attached to or logically associated with the data message or any methodology or procedures employed by a person executed or adopted by such person with the intention of authenticating or approving an document S 5 ( data message) Refers to information generated, sent, received or stored by, optical or similar means. ( document) Refers to information or the representation of information, data, figures, symbols or other modes of written expression, described or however represented, by which a right is established or an obligation extinguished, or by which a fact may be proved affirmed, which is received, ed, transmitted, stored, processed, retrieved or produced ally. An on the document shall be equivalent to the of a person on a written document if the is an proved by showing that a prescribed procedure, not alterable by the parties interested in the document, existed under which (a) a method is used to identify the party sought to be bound to indicate said

Effect of / data message was generated or communicated, in the light of all the circumstances, including any relevant agreement. Art 6 ES (1) Where the law requires a of a person, that requirement is met in relation to a data message if an is used which is as reliable as was appropriate for the purpose for which the data message was generated or communicated, in the light of all the circumstances, including any relevant agreement. (2) An is considered to be reliable for the purpose of satisfying the requirement referred to in paragraph (1) if: (a) the means of creating the is, within the context in which it is used, linked to the signatory to no other person; (b) the means of creating the was, at the time of signing, under the control of the signatory of no other person; any alteration to the, made after the time of signing, is detectable; (d) where a purpose of the legal requirement for a is to provide assurance as to the integrity of the information to which it relates, any alteration made to that information after the time of signing is detectable. Art 6 EC (1) Where the law requires information to be in writing, that requirement is met by a data message if the information contained therein is accessible so as to be usable for subsequent Where a rule of law requires information to be written, in writing, to be presented in writing or provides for certain consequences if it is not, an satisfies that rule of law if the information contained therein is accessible so as to be usable for subsequent Where a rule of law requires information to be written, in writing, to be presented in writing or provides for certain consequences if it is not, an satisfies that rule of law if the information contained therein is accessible so as to be usable for subsequent for the purpose for which the data message was generated or sent, having regard to surrounding circumstances or an agreement between the parties. Subject to the provisions of section 8, in the case where the law requires that any transaction be made in writing or evidenced by writing or supported by a document which must be produced, if the information is generated in the form of a data message which is accessible by reading convertible into the information usable for subsequent reference, it shall be deemed that such information is already made in writing, evidenced by writing or supported by a duly produced document. the signor with the intention of signing the message; the recipient has no knowledge or notice that the signer has breached a duty as a subscriber; or does not rightfully hold the private key used to affix the digital. S 64 (1) A message shall be valid, enforceable effective as if it had been written on paper if (a) It bears in its entirety a digital ; (b) that digital is verified by the public key listed in a certificate which was issued by licensed certification authority; was valid at the time the digital was created. (b) (d) party s access to the document necessary for his consent or approval through the ; Said method is reliable appropriate for the purpose for which the document was generated or communicated, in the light of all circumstances, including any relevant agreement; It is necessary for the party sought to be bound, in order to proceed further with the transaction, to have executed or provided the ; The other party is authorised enabled to verify the to make the decision to proceed with the transaction authenticated by the same. Electronic documents shall have the legal effect, validity or enforceability as any other document or legal writing, (a) where the law requires a document to be in writing, that requirement is met by an document if the said document maintains its integrity reliability can be authenticated so as to be usable for subsequent reference, in that the document has remained complete unaltered, apart from the addition of any endorsement any authorised change, or any change which arises in the normal course of communication, storage display; the document is reliable in the light of the purpose for which it was generated in the light of all relevant circumstances. a. Paragraph (a) applies whether the requirement therein is in the form of an obligation or whether the law simply provides consequences for the document not being presented or retained in its original form. secure Art 7 UR (1) [Any person, organ or authority, whether public or private, specified by the enacting State as competent] may determine which s satisfy the provisions of Art 6. S 17 If, through the application of a prescribed security procedure or a commercially reasonable security procedure agreed to by the parties involved, it can be verified that an was, at the time it S 17 If, through the application of a prescribed security procedure or a commercially reasonable security procedure agreed to by the parties involved, it can be verified that all was, at the time it S 33 The following s shall be deemed secure s: (1) an as prescribed in the Royal Decree under s 24;

secure relating to secure relating to secure s relating to certificates (2) Any determination made under paragraph (1) shall be consistent with recognised international stards. [Purpose of article 7 is to make it clear that an enacting State may designate an organ or authority that will have the power to make determinations as to what specific technologies may benefit from the presumptions or substantive rule established under article 6.] was made unique to the person using it; capable of identifying such person; (iii) created in a manner or using a means under the sole control of the person using it; (iv) linked to the to which it relates in a manner such that if the was changed the would be invalidated S 16 If a prescribed security procedure or a commercially reasonable security procedure agreed to by the parties involved has been properly applied to an to verify that the has not been altered since a specific point in time, such shall be treated as a secure from such specific point in time to the time of verification. S 18(2), it shall be presumed, unless evidence to the contrary is adduced, that (a) the secure is the of that person to whom it correlates; (b) the secure was affixed by that person with the intention of signing or approving the S 18(1), it shall be presumed, unless evidence to the contrary is adduced, that the secure has not been altered since the specific point in time to which the secure status relates. S 21 It shall be presumed, unless evidence to the contrary is adduced, that the information (except for information identified as subscriber information which has not been verified) listed in a certificate issued by a licensed certification authority is correct if the certificate was accepted by the subscriber. was made (v) unique to the person using it; (vi) capable of identifying such person; (vii) created in a manner or using a means under the sole control of the person using it; (viii) is linked to the to which it relates in a manner such that if the was changed the would be invalidated S 16 If a prescribed security procedure or a commercially reasonable security procedure agreed to by the parties involved has been properly applied to an to verify that the has not been altered since a specified point in time, such shall be treated as a secure from such specific point in time to the time of verification. S 18(2), it shall be presumed, unless evidence to the contrary is adduced, that the secure is the of that person to whom it correlates; (d) the secure was affixed by that person with the intention of signing or approving the S 18(1), it shall be presumed, unless evidence to the contrary is adduced, that the secure has not been altered since the specific point in time to which the secure status relates. S 21 It shall be presumed, unless evidence to the contrary is adduced, that the information listed in a certificate issued by a licensed certification authority is correct, except for information identified as subscriber information which has not been verified, if the certificate was accepted by the subscriber. (2) where the originator the addressee so agree, an which is created under the sole control of a particular originator at the time of its creation using the creation method which makes a unique linkage of such person with such S 34 If a secure is used with any data message, it shall be presumed that such data message has not been altered as from the specific point in time at which such secure was created that such person has the intention to treat the said as his or her own. S 67 In adjudicating a dispute involving a digital, a court shall presume (a) that a certificate digitally signed by a licensed certification authority published in a recognised (b) (d) repository; or made available by the issuing licensed certification authority or by the subscriber listed in the certificate, is issued by the licensed certification authority which digitally signed it is accepted by the subscriber listed in it; that the information listed in a valid certificate confirmed by a licensed certification authority issuing the certificate is accurate; that where a digital is verified by the public key listed in a valid certificate issued by a licensed certification authority that digital is the digital of the subscriber listed in that certificate; that digital was affixed by that subscriber with the intention of signing the message; (iii) the recipient of that digital has no knowledge or notice that the signer (A) has breached a duty as a subscriber; or (B) does not rightfully hold the private key used to affix the digital ; that a digital was created before it was timestamped by a recognised date/time stamp service utilising a trustworthy system.

Effect of digital Registration/ Licensing of CAs Art 7 ES (3) [Any person, organ or authority, whether public or private, specified by the enacting State as competent] may determine which s satisfy the provisions of Art 6. (4) Any determination made under paragraph (1) shall be consistent with recognised international stards. [Purpose of article 7 is to make it clear that an enacting State may designate an organ or authority that will have the power to make determinations as to what specific technologies may benefit from the presumptions or substantive rule established under article 6.] The portion of an that is signed with a digital shall be treated as a secure if the digital is a secure by virtue of section 20. S 20 When any portion of an is signed with a digital, the digital shall be treated as a secure with respect to such portion of the, if (a) the digital was created during the operational period of a valid certificate is verified by reference to the public key listed in such certificate; (b) the certificate is considered trustworthy, in that it is an accurate binding of a public key to a person s identify because the certificate was issued by a licensed certification authority operating in compliance with the regulations made under s 42; the certificate was issued by a certification authority outside Singapore recognised for this purpose by the Controller pursuant to regulations made under s 43; (iii) the certificate was issued by a department or ministry of the Government, an organ of State or a statutory corporation approved by the Minister to act as a certification authority on such conditions as he may by regulations impose or specify; or (iv) the parties have expressly agreed between themselves (sender recipient) to use digital s as a security procedure, the digital was properly verified by reference to the sender s public key. The portion of an that is signed with a digital shall be treated as a secure if the digital is a secure by virtue of section 20. S 20 When any portion of an is signed with a digital, the digital shall be treated as a secure with respect to such portion of the, if (a) the digital was created during the operational period of a valid certificate is verified by reference to the public key listed in such certificate; (b) the certificate is considered trustworthy, in that it is an accurate binding of a public key to a person s identify because the certificate was issued by a licensed certification authority operating in compliance with the regulations made under s 42; the certificate was issued by a certification authority outside Brunei Darussalam recognised for this purpose by the Controller pursuant to regulations made under s 43; (iii) the certificate was issued by a department or ministry of the Government, an organ of State or a statutory corporation approved by the Minister to act as a certification authority on such conditions as he may by regulations impose or specify; or (iv) the parties have expressly agreed between themselves (sender recipient) to use digital s as a security procedure, the digital was properly verified by reference to the sender s public key. S 33 The following s shall be deemed secure s an as prescribed in the Royal Decree under s 24. Voluntary Voluntary Voluntary unless otherwise directed S 35 A person may operate as a certification authority except that in the case where it is necessary for strengthening reliability trustworthiness in data message systems or for preventing loss to the public, the Commission may make a recommendation for issuance of a Royal Decree requiring the operation of certification services in any particular case to be subject to prior notification, registration or licence. Note: Dealt with above. Matory unless exempted. (1) No person shall carry on or operate, or hold himself out as carrying on or operating, as a certification authority unless that person holds a valid licence issued under this Act. (3) The Minister may, on an application in writing being made in accordance with this Act, exempt (a) a person operating as a certification authority within an organisation where certificates key pairs are issued to members of the organisation for internal use only; (b) such other person or class of persons as the Minister considers fit, from the requirements of this section.? S 29 Among other things, the DTI is empowered to promulgate rules regulations, as well as provide quality stards or issue certifications, as the case may be, perform such other functions as may be necessary for the implementation of this Act in the area of commerce

Recognition of foreign certificates/ Electronic s Legal Liability of Licensed CAs Art 12 ES (1) In determining whether, or to what extent, a certificate or an signatese is legally effective, no regard shall be had to: (a) The geographic location where the certificate is issued or the signatese created or used; or (b) the geographic location of the place of business of the issuer or signatory. (2) A certificate issued outside [the enacting State] shall have the same legal effect in [the enacting State] as a certificate issued in [the enacting State] if it offers a substantially equivalent level of reliability. (3) An signatese created or used outside [the enacting State] shall have the same legal effect in [the enacting State] if it offers a substantially equivalent of reliability. (4) In determining whether a certificate or an offers a substantially equivalent level of reliability for the purposes of paragraphs (2) or (3), regard shall be had to recognised international stards to any other relevant factors. (5) Where, notwithsting paragraphs (2), (3) (4), parties agree, as between themselves, to the use of certain types of s or certificates, that agreement shall be recognised as sufficient for the purposes of crossborder recognition, unless that agreement would not be valid or effective under applicable law. 3 The Minister may, by regulations, provide that the Controller may recognise certification authorities outside Singapore that satisfy the prescribed requirements for any of the following purposes: (a) the recommended reliance limit, if any, specified in a certificate issued by the certification authority; (b) the presumptions referred to in sections 20(b) 21. [Note: Regulations have yet to be drawn up] 5 Unless a licensed certification authority waives the application of this section, a licensed certification authority (a) shall not be liable for any loss caused by reliance on a false or forged digital of a subscriber, if, with respect to the false or forged digital, the licensed certification authority complied with the requirements of this Act; (b) shall not be liable in excess of the amount specified in the certificate as its recommended reliance limit for either a loss caused by reliance on a misrepresentation in the certificate of any fact that the licensed certification authority is required to confirm; or failure to comply with sections 29 30 in issuing the certificate. [See s 44 on Recommended Reliance Limit] 3 The Minister may, by regulations, provide that the Controller may recognise certification authorities outside Brunei Darussalam that satisfy the prescribed requirements for any of the following purposes: (a) the recommended reliance limit, if any, specified in a certificate issued by the certification authority; (b) the presumptions referred to in sections 20(b) 21. 5 Unless a licensed certification authority waives the application of this section, a licensed certification authority (a) shall not be liable for any loss caused by reliance on a false or forged digital of a subscriber, if, with respect to the false or forged digital, the licensed certification authority complied with the requirements of this Order; (b) shall not be liable in excess of the amount specified in the certificate as its recommended reliance limit for either a loss caused by reliance on a misrepresentation in the certificate of any fact that the licensed certification authority is required to confirm; or failure to comply with sections 29 30 in issuing the certificate. [See s 44 on Recommended Reliance Limit] S 38 A foreign certificate shall be deemed to have the same effect as that given to a certificate issued under this Act provided that a trustworthy system which is no less reliable than the trustworthy system under this Act is issued in the issuance of such foreign certificate that the issuance is in accordance with the rules procedures prescribed by the Commission. S 39 An created supported by a foreign certificate under section 38 shall be deemed to have the same effect as that given to an supported by a certificate under this Act. (1) The controller may recognise, by order published in the Gazette, certification authorities licensed or otherwise authorised by governmental entities outside Malaysia that satisfy the prescribed requirements. (2) Where a licence or other authorisation of a governmental entity is recognised under subsection (1), (a) the recommended reliance limit, if any, specified in a certificate issued by the certification authority licensed or otherwise authorised by the governmental entity shall have effect in the same manner as a recommended reliance limit specified in a certificate issued by a licensed certification authority of Malaysia; (b) Part V shall apply to the certificates issued by the certification authority licensed or otherwise authorised by the governmental entity in the same manner as it applies to a certificate issued by a licensed certification authority of Malaysia. Note: see also rr 71 76 Digital Signature Regulations 1998 S 61 Unless a licensed certification authority waives the application of this section, a licensed certification authority (a) shall not be liable for any loss caused by reliance on a false or forged digital of a subscriber, if, with respect to the false or forged digital, the licensed certification authority complied with the requirements of this Act; (b) shall not be liable in excess of the amount specified in the certificate as its recommended reliance limit for either a loss caused by reliance on a misrepresentation in the certificate of any fact that the licensed certification authority is required to confirm; or failure to comply with sections 29 30 in issuing the certificate; shall not be liable for punitive or exemplary damages; or damages for pain or suffering. [See s 60 on Recommended Reliance Limit]

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback