Enforcement Rules of the Electronic Signatures Act

Link to law: http://law.moj.gov.tw/ENG/LawClass/LawAll.aspx?PCode=J0080039

Subscribe to a Global-Regulation Premium Membership Today!

Key Benefits:

Subscribe Now
Article 1


These Enforcement Rules are enacted in accordance with Article 16 of the Electronic Signatures Act (hereinafter referred to as " the Act ").


Article 2


The expression "attached to and associated with an electronic record" as set forth in Subparagraph 2, Article 2 of the Act shall mean the act of being affixed to, incorporated in, or logically associated with an electronic record.


Article 3


The term "private key" as defined in Subparagraph 3, Article 2 of the Act shall mean certain digital data that are contained in the digital data having the parity matching relation and are possessed by a signatory to create a digital signature.


Article 4


The term "public key" as defined in Subparagraph 3, Article 2 of the Act shall mean certain digital data that are contained in the digital data having the parity matching relation and are open to the public to verify a digital signature.


Article 5


The expression "a government agency or a juristic person that issues certificates" as set forth in Subparagraph 5, Article 2 of the Act shall mean the nominal issuer as indicated on the certificate.


Article 6


For any prescription and any requirement for particular technology and procedure published by a government agency in accordance with the provisions set out in Paragraph 3 of Article 4, Paragraph 3 of Article 6, and Paragraph 2 of Article 9 of the Act, a duplicate of such shall be forwarded to the competent authority accordingly.


Article 7


The expression "to provide services for issuing certificates to the public" as set forth in Paragraph 1, Article 11 of the Act shall mean that a certificate issued by a certification service provider may be used by the certificate subscriber as a proof to sign an electronic record with a third party other than the certification service provider.


Article 8


When a certification service provider files its certification practice statement, in accordance with the provisions set out in Paragraph 1 and 3 , Article 11 of the Act, to the competent authority for approval, the following documents shall be submitted:
1.An application form;
2.The certification practice statement;
3.A checklist of the required information for the certification practice statement; and
4.Other documents required by the competent authority.
The format of the application form in Subparagraph 1, the checklist of the required information for the certification practice statement in Subparagraph 3, and the other documents required in Subparagraph 4 under the preceding Paragraph shall be prescribed by the competent authority.


Article 9


In the event that there is any modification in the certification practice statement, a certification service provider shall, in accordance with Paragraph 1, Article 11 of the Act, submit to the competent authority for approval the following documents:
1.An application form;
2.The modified certification practice statement and the checklist of the required information for the certification practice statement thereof;
3.A comparison table of content variation; and
4.Other documents required by the competent authority.
The format of the application form in Subparagraph 1, the comparison table of content variation in Subparagraph 3, and the other documents required in Subparagraph 4 under the preceding Paragraph shall be prescribed by the competent authority.


Article 10


All the documents to be submitted along with any application filed by a certification service provider in accordance with the Act and these Enforcement Rules must be written in Chinese; and for the relevant scientific (and technical) terminologies, if any, the Chinese translation as published by the National Institute of Compilation and Translation shall be used as the standard translation thereof provided that such Chinese translation must be followed by the original nomenclature of such scientific (or technical) terminology in a foreign language.
If the aforementioned documents are in a foreign language, the original foreign language documents or the photocopy thereof shall be attached as well.


Article 11


The term "archives and records" referred to in Subparagraph 4, Paragraph 1, Article 13 of the Act shall include the following information:
1.Certificate subscribers` registration information;
2.All the certificates already issued;
3.Certificate revocation list;
4.Status information of the certificates;
5.Various versions of the certification practice statement;
6.The certification policy;
7.The compliance audit or other assessment records;
8.Archival records; and
9.Other documents required by the competent authority.
In case a certificate subscriber has any objection to the certificate subscribers` registration information in Subparagraph 1 of the preceding Paragraph, such registration information shall not be applicable.


Article 12


These Enforcement Rules shall come into force from the date of promulgation.