Electronic Signature Act of 1996

Electronic Signature Act of 1996

1996 Legislature                                        SB 942

 An act relating to electronic signatures;

 creating the "Electronic Signature Act of

 1996"; providing legislative intent; amending

 s. 1.01, F.S.; revising a definition; providing

 definitions; authorizing electronic signatures

 for certain purposes; authorizing the Secretary

 of State to be a certification authority for

 certain purposes; authorizing the Secretary of

 State to impose a fee for certain expenses;

 requiring each agency head to adopt and

 implement certain control processes and

 procedures for certain purposes; requiring the

 Secretary of State to conduct a study and

 report to the Legislature; providing an

 effective date.

Be It Enacted by the Legislature of the State of Florida:

 Section 1.  This act may be cited as the "Electronic

Signature Act of 1996."

 Section 2.  Legislative intent.--It is the intent of

the Legislature that this act:

 (1)  Facilitate economic development and efficient

delivery of government services by means of reliable

electronic messages.

 (2)  Enhance public confidence in the use of electronic

signatures.

 (3)  Minimize the incidence of forged electronic

signatures and fraud in electronic commerce.

 (4)  Foster the development of electronic commerce

through the use of electronic signatures to lend authenticity

and integrity to writings in any electronic medium.

 (5)  Assure that proper management oversight and

accountability are maintained for agency-conducted electronic

commerce.

 Section 3.  Subsection (4) of section 1.01, Florida

Statutes, is amended to read:

 1.01  Definitions.--In construing these statutes and

each and every word, phrase, or part hereof, where the context

will permit:

 (4)  The word "writing" includes handwriting, printing,

typewriting and all other methods and means of forming letters

and characters upon paper, stone, wood, or other materials.

The word "writing" also includes information which is

created or stored in any electronic medium and is retrievable

in perceivable form.

 Section 4.  Definitions.--As used in this act:

 (1)  "Certificate" means a computer-based record which:

 (a)  Identifies the certification authority.

 (b)  Identifies the subscriber.

 (c)  Contains the subscriber's public key.

 (d)  Is digitally signed by the certification

authority.

 (2)  "Certification authority" means a person who

issues a certificate.

 (3)  "Digital signature" means a type of electronic

signature that transforms a message using an asymmetric

cryptosystem such that a person having the initial message and

the signer's public key can accurately determine:

 (a)  Whether the transformation was created using the

private key that corresponds to the signer's public key.

 (b)  Whether the initial message has been altered since

the transformation was made.

A "key pair" is a private key and its corresponding public key

in an asymmetric cryptosystem, under which the public key

verifies a digital signature the private key creates.  An

"asymmetric cryptosystem" is an algorithm or series of

algorithms which provide a secure key pair.

 (4)  "Electronic signature" means any letters,

characters, or symbols, manifested by electronic or similar

means, executed or adopted by a party with an intent to

authenticate a writing.  A writing is electronically signed if

an electronic signature is logically associated with such

writing.

 Section 5.  Unless otherwise provided by law, an

electronic signature may be used to sign a writing and shall

have the same force and effect as a written signature.

 Section 6.  The Secretary of State shall have the

authority to issue certificates for the purpose of verifying

digital signatures, and to take other actions as necessary to

achieve the purposes of this act, including the suspension or

revocation of certificates issued by the Secretary of State.

The Secretary of State may impose a reasonable fee to cover

the expenses associated with administering this section and

shall adopt rules necessary to implement this section.

Nothing in this section shall be construed to compel any

public or private entity to participate in the Secretary of

State's certification program, as authorized in this section,

in order to verify digital signatures.

 Section 7.  The head of each agency shall be

responsible for adopting and implementing control processes

and procedures to ensure adequate integrity, security,

confidentiality, and auditability of business transactions

conducted using electronic commerce.

 Section 8.  The Secretary of State shall study the

issues related to expanding the use of digital signatures for

electronic commerce purposes and shall report findings and

recommendations from such study to the Joint Legislative

Committee on Information Technology Resources by December 1,

1996.  The report shall address the following issues to assist

the Legislature in determining whether or not it is in the

public interest for the Secretary of State to:

 (1)  License, certify, or register certification

authorities doing business in this state.

 (2)  Develop requirements for certification authorities

to be licensed, certified, or registered in this state.

 (3)  Maintain a publicly accessible database containing

a certification authority disclosure record for each licensed,

certified, or registered certification authority.

The report shall also address any other issues related to

digital signatures which should be considered by the

Legislature and shall recommend whether additional legislation

on digital signatures is necessary to further electronic

commerce in this state.

 Section 9.  This act shall take effect upon becoming a

law.