Legislative Council

LC Paper No. LS277/98-99

Object(s) of the Bill

To provide a statutory framework for the conduct of electronic transactions to -

1. give legal recognition to electronic records and digital signatures used in electronic transactions ; and

2. provide for the establishment of certification authorities ("CAs") to ensure trust and security in electronic transactions through the issue of digital certificates by CAs and the use of public/private key technology.

LegCo Brief Reference

2. ITBB/IT 107/4/1(99) VIII dated 8 July 1999 issued by the Information Technology and Broadcasting Bureau.

Date of First Reading

3. 14 July 1999

Comments

4. The Bill seeks to establish a clear legal framework to enhance certainty and security in the conduct of electronic transactions with a view to promoting the development of electronic commerce in Hong Kong and to facilitating the implementation of the Electronic Service Delivery ("ESD") scheme for the provision of public services to the community on-line. According to the Administration, the first phase of the ESD scheme is scheduled to be implemented in the latter half of 2000.

Electronic records and digital signatures

5. To remove the legal impediments to the conduct of electronic transactions, the Bill gives electronic records and digital signatures used in electronic transactions the same legal status as that of their paper-based counterparts. The following provisions relating to electronic records and digital signatures proposed in the Bill are modelled on the United Nations Commission on International Trade Law - Model Law on Electronic Commerce -

1. contracts shall not be denied validity or enforceability on the ground that electronic records are used in their formation;

2. where an Ordinance or a rule of common law or equity requires information to be in writing, given or presented in writing, that requirement is met by electronic records;

3. where an Ordinance or a rule of common law or equity requires information to be retained, or to be presented or retained in the original form, that requirement is met by retaining or presenting the information in the form of electronic records;

4. where an Ordinance or a rule of common law or equity requires a signature of a person, that requirement is met by a digital signature which shall have the same legal effect as a hand-written signature; and

5. electronic records shall not be denied admissibility as evidence in court solely on the ground that they are electronic records.

6. Certain transactions are however exempt from the operation of the above provisions with the result that those transactions cannot be executed or conducted by an electronic transaction or authenticated by a digital signature in satisfying a requirement imposed by statue or common law. These exempted transactions include wills, trust, declarations, affidavits, power of attorney, court orders, bills of exchange, documents or instruments concerning land or property transactions, etc.

7. The Bill also excludes judicial proceedings from the application of the provisions relating to electronic records and digital signatures. However, the authorities for making court rules are empowered to apply the relevant provisions to such proceedings.

Certification Authorities

8. To ensure that electronic records are authentic and have not in any way been manipulated during the process of transmission, the Bill provides for the issue of digital certificates by CAs. The purpose of digital certificates is to support digital signatures which purport to confirm the identity or other significant characteristics of the parties in electronic transactions through the use of public/private key encryption.

9. The Bill proposes the introduction of a voluntary system of recognition whereby CAs are free to apply for recognition from Government. The Director of Information Technology Services ("DITS") will be the authority for granting Government recognition to CAs. Under the Bill, only digital signatures supported by recognized certificates issued by CAs which are recognized by Government will be given legal recognition.

10. Under the proposed Bill, the Postmaster General is a recognized CA and may charge fees for its services on a commercial basis.

11. The Bill also proposes to make certain malpractices criminal offences. These malpractices relate to disclosure of records, information or documents to which a person has access in the course of performing the functions under the Bill, furnishing false information and the making of a false claim as a recognized CA. A person who commits any of these offences is liable to a fine at level 6 ($100,000) and in the case of an individual also to imprisonment for 6 months.

12. Other provisions of the Bill relate to the following matters -

1. the power of the Secretary for Information Technology and Broadcasting to make regulations to provide for, among other things, the manner of applying to the DITS for recognition or renewal of recognition as a recognized CA, the fees payable in respect of recognition and the manner and procedures of appealing against decisions made by the DITS; and

2. conferring immunity on public officers performing functions under the Bill other than the functions of a CA performed by the Postmaster General.

13. The Bill applies to any Ordinance or a rule of common law or equity irrespective of whether that Ordinance or rule is applicable to an individual, public body, public authority, private body, organ or any other person or to a transaction executed by means of electronic records to which any such person is a party.

14. CAs which have not obtained Government recognition will not be covered by the provisions of the Bill; they and their subscribers can, however, rely on common law principles in providing and obtaining CA services respectively.

15. If enacted, the Bill will come into operation on a day to be appointed by the Secretary for Information Technology and Broadcasting by notice in the Gazette.

Public Consultation

16. According to the LegCo Brief, the Information Infrastructure Advisory Committee, the Hong Kong Bar Association and the Law Society of Hong Kong have been consulted on the principles of the Bill. The former two organisations supported the principles while the Law Society has taken note of the principles and has raised some technical points for clarification.

17. The Administration has widely publicised the principles of the Bill through seminars, workshops and briefings for different organisations and has received positive feedback on the Bill.

Consultation with the LegCo Panel

18. The LegCo Panel on Information Technology & Broadcasting was briefed on the Bill at its meeting on 11 January 1999. At the meeting, some members of the Panel raised concerns on various matters, such as the scope within which legal recognition of electronic records would apply, the adequacy of safeguards against disclosure of personal and corporate information held by CAs, etc. (Please refer to LC Paper No. CB(1)925/98-99).

Conclusion

19. The Bill is an important measure to promote the development of electronic commerce in Hong Kong. Members are recommended to set up a Bills Committee to study the Bill in detail.

Prepared by

FUNG Sau-kuen, Connie
Assistant Legal Adviser
Legislative Council Secretariat
20 September 1999

LS\B\123/98-99