Carefully consider regulations on management of digital signatures used exclusively for public service

May 30, 2023 15:23

Continuing the program of the 5th Session, on the morning of May 30, the National Assembly discussed in the hall a number of contents with different opinions of the draft Law on Electronic Transactions (amended).

Classification of electronic signatures according to scope of use

Chú thích ảnh

Chairman of the National Assembly's Committee on Science, Technology and Environment Le Quang Huy presented a report explaining, accepting and revising the draft Law on Electronic Transactions (amended).

Presenting the Report on receiving, explaining and revising the draft Law, Chairman of the National Assembly's Committee on Science, Technology and Environment Le Quang Huy said that, regarding the scope of regulation (Article 1), according to the Government's Submission, the expansion of the scope of regulation as stipulated in the draft Law is based on the technical infrastructure, technology... in Vietnam that is currently ready, ensuring safety and reliability. Agencies, organizations and individuals participating in transactions have the right to choose technology, electronic means... to carry out transactions.

At the same time, in addition to the provisions on data messages, electronic signatures, conclusion and performance of electronic contracts, the draft Law has added provisions on trusted services, electronic certificates, electronic transactions in State agencies, etc. to have a legal basis to guide electronic transactions in accordance with the scope of the Law.

In addition, the current relevant legal system has been basically completed, creating a legal basis for eligible fields to conduct electronic transactions. At the same time, Vietnam's practice shows that some fields excluded from the scope of the 2005 Law on Electronic Transactions have now been partially implemented for electronic transactions, such as birth registration and marriage, which have online public services in many localities... Online public services provided by ministries, branches and localities are being actively implemented in the direction of closing the entire service process from start to finish (the whole process), in line with the trend of digital transformation being promoted in all socio-economic fields according to the guidelines and policies of the Party and the State.

Therefore, Article 1 has been revised as in the draft Law in the direction of: only regulating the implementation of transactions by electronic means, not regulating the content, form, and conditions of transactions in different fields, including the fields of defense and security. Transactions in any field will be regulated by the specialized laws of that field.

Regarding electronic signatures (Article 25), there are opinions suggesting the need to clarify the content of digital signatures and electronic signatures; suggesting to clarify whether OTP, SMS or biometric forms are electronic signatures; some opinions suggesting to study and supplement regulations to create a legal basis for authentication measures with the role of electronic signatures.

Director Le Quang Huy said that currently, the forms of transaction authentication codes via electronic messages (SMS), one-time password confirmation (OTP), OTP Token, biometrics, electronic user identification (eKYC) ... are used relatively commonly in electronic transactions. However, these forms are only considered electronic signatures when: logically combined with data messages; capable of confirming the subject signing the data message and confirming that subject's approval of the content of the signed data message.

In response to the opinions of National Assembly deputies, the draft Law has revised the content of the explanation of the terms "Digital signature" and "Electronic signature" in Article 3. In addition, Article 25 of the draft Law has classified electronic signatures according to the scope of use, including: specialized electronic signatures; public digital signatures and specialized digital signatures for public service.

Regarding the proposal to add regulations to create a legal basis for other electronic authentication measures, the National Assembly Standing Committee found that, according to Clause 3, Article 4 on general principles for conducting electronic transactions, the parties are allowed to "Self-agree on the selection of technology, electronic means, and electronic signatures to conduct electronic transactions".

In fact, according to reports from banks, customers can use transaction accounts, passwords, OTP codes, etc. provided by the bank to make transactions. This is a form of confirming the customer's approval of the content of the data message (transaction content), however, these forms are not electronic signatures according to the provisions of this Law.

Therefore, the Standing Committee of the National Assembly has directed to supplement Clause 4, Article 25, stipulating that other forms of confirmation by electronic means other than electronic signatures shall be implemented in accordance with the provisions of specialized laws, to be consistent with practical implementation.

Supplementing regulations on the responsibilities of suppliers

Through discussion, delegates highly appreciated the content of the revised Law on Electronic Transactions presented at this Session.

Chú thích ảnh

National Assembly Delegate of Binh Duong province Nguyen Hoang Bao Tran speaks

Delegate Nguyen Hoang Bao Tran (Binh Duong) stated that the service of certifying digital signatures for public service is a special important public service because the service users are civil servants and public employees. The field of management of digital signatures for public service and the management of digital signatures for public service are two separate fields, with different characteristics in terms of subjects, objectives, management methods, and technical infrastructure. Therefore, when regulating state management agencies on digital signatures for public service, it is necessary to consider carefully, it is not necessary to rigidly separate state management and service provision.

The delegate said that in practice, since 2007, there have been two separate digital signature systems: digital signatures for official use and public digital signatures, which have been assigned by the Government to two management agencies. In which, the Ministry of National Defense manages the State on digital signatures for official use. The Ministry of Information and Communications manages the State on digital signatures for public use.

The delegate analyzed that digital signatures for public service are special activities, the responsibility of agencies, organizations and individuals is reserved. This is the implementation of public service of the State to carry out political tasks without charging fees, the service objects are individuals of Party and State agencies, political and social organizations; requiring a higher level of safety and security. Meanwhile, digital signatures for public use are managed by the Ministry of Information and Communications and licensed to businesses providing services to individuals, organizations and businesses, which is a conditional business activity, with fees. Therefore, the level of safety is lower. If the draft stipulates that the Ministry of Information and Communications manages both types of digital signatures, when an insecurity issue occurs, the determination of responsibility is unclear.

From the above analysis, delegate Nguyen Hoang Bao Tran proposed to stipulate that the Minister of National Defense shall perform State management of electronic transactions in the field of cryptography and digital signatures for specialized public service according to legal provisions on cryptography and electronic transactions.

Sharing the same view, delegate Hoang Huu Chien (An Giang) suggested that the Drafting Committee continue to research to more specifically define the authority of the Ministry of National Defense and the role and responsibility of the Government Cipher Committee in managing, exploiting and providing digital signatures for specialized public service.

Delegate Tran Thi Thu Phuoc (Kon Tum) assessed that amending and perfecting the Law on Electronic Transactions to suit the current situation is an urgent task, creating a favorable legal environment to transfer activities from the real world to the digital environment in all sectors and fields, contributing to protecting the rights and legitimate interests of parties participating in electronic transactions. However, in recent times, criminal forms taking advantage of electronic transactions have become increasingly diverse and sophisticated; fraudulent acts in cyberspace through social networks, electronic payment applications, fake websites... not only cause damage to people and businesses but also affect people's trust in transactions in the electronic environment.

The delegate said that the draft Law has incorporated adjustments and clearly stipulated measures to ensure network information security and network security in electronic transactions, and defined the responsibilities of the parties involved in electronic transactions. However, in order to prevent and stop the exploitation of electronic transactions to commit illegal acts, it is necessary to supplement regulations on the responsibilities of suppliers and intermediary platforms in controlling and removing illegal content on digital platforms, and the responsibilities of relevant State agencies in monitoring and handling illegal acts in electronic transactions according to assigned fields and areas.

According to VNA

(0) Comments
Latest News
Carefully consider regulations on management of digital signatures used exclusively for public service