English VersionContact UsSiteMapHomePage
جستجو :
دوشنبه 7 خرداد 1397
 

شماره 92 منتشر شد

    نحوه ی آشنایی شمابا وب سایت مجله چگونه بوده است ؟  


آرشيو نظر سنجي ها

 

E - B LAW REPUBLIC OF TUNISIA



E - B LAW REPUBLIC OF TUNISIA

Mehdi Sadeqi

Part I

Law: 2000-83 of August 9th , 2000, relatif to the Electronic Exchanges

and Electronic Commerce Bill(Translated from the official Arabic text for

information purposes

only, not to be quoted)

Chapter IV

On Electronic Certification Services

Article 11:

Any person or corporate body wishing to engage in the activity of providing

certification services shall be licensed in prior by the National Certification

Agency.

Any person or the legal representative of a corporate body interested in

being licensed to provide electronic certification services must meet the

following criteria :To have been a Tunisian citizen for at least five years ;To

be a resident of Tunisia ;Should be enjoying all civil and political rights

and has no legal precedent , Should have at least a Bachelor’s Degree or its

equivalent ;To have no other employment activity.

Article 12:

Every certification services provider assumes the duties of issuing , delivering

and storing of certificates according to a Schedules or Rules approved

by a decree and according to this act in case of suspension or

revoke of certificates.

The Schedules of Rules contains especially : Information on the operating

cost of examination and folloz6up of files of applications for certification

, Deadlines for completion of examination of files ; Physical, financial and

human resources that must be provided to engage in the activity ; Conditions

for securing the interoperability of certification solutions and of interrelation

of certificate records ; Rules related to information concerning

the provider`s services and certificates issued that the certification provider

must upkeep.

Article 13:

Certification services provider must use certified methods for issuing

delivering, and storing of

certificates and to take necessary

measures to protect

them against imitation and

counterfeit according to the

Schedule or Rules mentioned

in Article 12 of this act.

Article 14:

Every certification services

provider must make available

an electronic record of

certificates electronically accessible

to users at all time

to check the information included

within . The record of

certificates includes, if necessary,

information on the date

of withdrawal or withdrawal

or suspension of certificates.

The record and the certificate must be protected against unauthorized

change.

Article 15:

It is imposed on certification services providers and their agents to uphold

the Confidentiality of the information entrusted to them in the context of

carrying their Duties except those that the owner of the certificate authorized,

in writing or electronically, their publication or their notification or

in accordance with provisions stated in the law in force.

The certification services provider issues certificates that meet the requirements

of security and reliability. Technical specifications related to be certificate

and its reliability are defined by a decree from the ministry in charge

of telecommunications. The certificate includes notably : The identity of the

certificate owner ; The identity and the electronic signature of the certificate

issuer ; Elements of verification of the signature of the certificate owner

,The certificate period of validity ;The areas where the certificate ought to

be used.

Article 16:

when processing an application for a certificate, the certification services

provider gathers personal information directly from the involved person and

may get the information from a third party after the written or electronic approval

of that person.

The certification services provider is forbidden from gathering information

not required for the delivery of the certificate.

The certification services provider is forbidden the use of information gath-

ered for the purpose of issuing the certificate outside the context of certification

activities without the written or electronic approval of the involved

person.

Article 18:

The certification services provider guarantees: The accuracy of information

included in the certificate on the date of its delivery ; The relation between

the owner of the certificate and his signature verification solution ; Exclusive

ownership by the certificate owner of a signature establishment solution in

compliance with the regulations of the decree mentioned in Article 5 of this

act and in concordance with the signature verification solution referred to in

the certificate at the date of delivery. And when delivering the certificate to

a corporate body, the certification services provider is required to verify in

prior the identity of the person to receive the certificate and the title of his

representation of the corporate body.

Article 19:

The certification services provider assumes the responsibility to Immediately

suspend the certificate by request of its owner or when it has determined :

The certificate was delivered based on false or counterfeit information ;

That the signature establishment solution was infringed ; That the certificate

was used for forgery purposes ; That the information included in the

certificate has changed. The certification services provider assumes the responsibility

to immediately inform the certificate owner when the certificate

is suspended and the reasons behind such measure. The suspension is immediately

lifted when the information included in the certificate has been

determined to be accurate and that its use is legitimate. The owner of the

certificate or a third party objects to the suspension decision of the certification

services provider on the date of its publication in the electronic record

mentioned in Article 14 this act.

Article 20:

The certification services provider revokes the certificate immediately when

the following conditions occur: Upon request of the certificate owner ; Upon

being informed of the death of the person or the dissolution of the

corporate body owner of the certificate ; Upon conclusion after thorough

testing after its withdrawal, that the information is false or counterfeit or that

it does not correspond to reality or that the signature establishment solution

has been breached or that the certificate has been used in a forged manner.

The owner of the certificate or a third party objects to the revoke decision

of the certification service provider on the date of its publication in the electronic

record mentioned in Article 14 of this act.

Article 21:

The owner of the certificate is the sole responsible on the confidentiality

and the security of the signature establishment solution he is using, and any

use of this solution is considered emanating from him.The owner of the

The owner of the certificate shall inform the certification services provider

on any change of information included in the certificate.

The owner of the suspended or revoked certificate ;ay not use the personal

signature encryption elements of that certificate to seek certification of the

same elements anew at another certification services provider.

Article 22 :

The certification services provider shall be responsible on each one of the

damages ensuing to every person who trusted in good will in the guarantees

mentioned in Article 18 of this act.

The certification services provider shall also be responsible on the damage

ensuing to every person caused by failure to suspending or revoking of a

certificate according to Articles 19 and 20 of this act.

The certification services provider shall not be responsible on the damage

ensuing from the non6compliance by the owner of the certificate with its

usage rules or with the rules of his signature establishment solution

Article 23 :

Certifications delivered by a certification services provider residing in a

foreign country shall be considered the same as certificates delivered by a

certification services provider residing Article 17

in Tunisia if the foreign provider is recognized within the context of a

mutual recognition agreement signed by The National Certification

Agency.

Article 24 :

The certification services provider that intends to cease its activities shall

inform The National Certification Agency at least three months prior to the

date of cessation of activities.

The certification services provider may transfer a portion or all of its

activities over to another provider , such transfer shall occur according to the

following rules: Informing the owners of active certificates of his intention

to transfer the certificates to another provider one month at least prior to the

expected transfer ; Informing the owners of the certificates of the

possibility of refusing the expected transfer as well as of the deadlines and

methods for the refusal. Certificates, whose owners expressed by this

deadline their refusal in

writing or electronically, shall be revoked. In the case of death or

bankruptcy or dissolution or liquidation of the certification services

provider, his inheritors or his agents or the liquidators are subject to the

provisions of paragraph two of this Article during a three-month deadline

period . In all cases of cessation of activity, personal information that

remained under the control of the provider shall be destroyed in the presence

of a representative of The National Certification Agency.



در تاريخ : سه شنبه 26 بهمن 1389 ساعت 11:55:53



 
 





  بازديد کل : 327442 نفر |   بازديد امروز : 4 نفر |   بازديد ديروز : 54 نفر |   آنلاين : 1 نفر