SECTION .0300 - PUBLIC KEY TECHNOLOGY
18 NCAC 10 .0301 PUBLIC KEY TECHNOLOGY
LICENSING, FEES, RENEWAL
(a) To be considered for licensure under this subsection, a
Certification Authority shall utilize certificate-based public key
cryptography.
(b) Any applicant seeking licensure must demonstrate
compliance with the North Carolina Electronic Commerce Act, G.S. 66, Article
11A, and the rules in this Chapter.
(c) To request licensure, a Certification Authority shall
provide the Electronic Commerce Section with a copy of its current
Certification Practice Statement and most recent reports of compliance audit(s)
as required by 18 NCAC 10 .0303 (k).
(d) A Certification Authority shall adhere to its
Certification Practice Statement. If a Certification Authority modifies its
Certification Practice Statement, it shall provide an updated copy of the
Certification Practice Statement to the Electronic Commerce Section as soon as
is practicable, and no later than the date the updated Certification Practice
Statement is put into operation. As a condition of continued licensure, the
Electronic Commerce Section may require the Certification Authority to undergo
an audit to document compliance with its updated Certification Practice
Statement and the rules in this Chapter.
(e) An initial licensing fee of two thousand dollars
($2,000 US) shall accompany an initial application.
(f) A renewal fee of two thousand dollars ($2,000 US) shall
accompany an application for renewal by a licensed Certification Authority.
(g) A license issued by the Electronic Commerce Section
pursuant to this Section shall expire one year after its effective date, unless
timely renewed.
(h) Financial Responsibility.
(1) As precondition of licensure a
Certification Authority shall obtain a bond issued by a surety company
authorized to do business in North Carolina. A copy of the bond shall be filed
with the Electronic Commerce Section prior to licensure. The amount of the
bond shall not be less than twenty-five thousand dollars ($25,000 US). The
bond shall be in favor of the State of North Carolina. The bond shall be
payable for any penalties assessed by the Electronic Commerce Section pursuant
to the Rules in this Chapter and for any losses the State encounters
resulting from a Certification Authority's conduct of activities subject to the
Electronic Commerce Act or arising out of a violation of the Electronic
Commerce Act or any Rule promulgated thereunder;
(2) As precondition of licensure a
Certification Authority shall obtain indemnity insurance coverage (e.g.
"errors and omissions" or "cyber coverage" or similar
coverage) to protect subscribers, relying parties and the State for any losses
resulting from the Certification Authority's conduct of activities subject to
the Electronic Commerce Act or arising out of a violation of the Electronic
Commerce Act or any Rule promulgated thereunder. Indemnity coverage shall be
obtained and maintained in the amount of not less than one hundred thousand
dollars ($100,000 US) per occurrence and not less than one million dollars
($1,000,000 US) for all occurrences;
(3) The failure of a Certification
Authority to continuously maintain this surety bond and indemnity insurance
coverage may be the basis for revocation or suspension of its license.
History Note: Authority G.S. 66-58.3; 66-58.10(a)(2);
Temporary Adoption Eff. February 23, 1999;
Codifier determined on November 23, 1999, agency findings
did not meet criteria for temporary rule;
Temporary Adoption Eff. December 3, 1999;
Eff. March 26, 2001.