Chapter 4. Legal Responsibilities

Article 27. If damages incurred to the party dependent on electronic signatures or the electronic verification service provider are due to (1) the electronic signer's failure to inform every involved party that the data creating the electronic signatures have already or may have been deciphered and failure to terminate the use of the data in a timely manner when he recognizes the problem, (2) the electronic signer's failure to provide authentic, complete, and accurate information to the electronic verification service provider, or (3) other conditions for which the electronic signer is at fault, the electronic signer shall be liable for damages.

Article 28. If damages are incurred when the electronic signer or the party dependent on electronic signatures are undertaking civil activities based on the electronic signatures verification service provided by the electronic verification service provider, and the electronic verification service provider cannot prove that he is not at fault, the provider shall be liable for damages.

Article 29. The agency in charge of information industries under the State Council shall demand termination of all unlawful activities through the provision of unauthorized electronic verification services. The profits of those who engage in such unlawful activities shall be confiscated. For profits in excess of 300,000 yuan, a fine will be imposed ranging from 1 to 3 times of the unlawful profits. If the unlawful profits or earnings are less than 300,000 yuan, a fine of 100,000 to 300,000 yuan will be imposed.

Article 30. If the electronic verifications service provider fails to report to the agency in charge of information industries under the States Council 60 days prior to when the services are temporarily discontinued or terminated, the agency in charge of information industries under the State Council will impose a fine of between 10,000 and 50,000 yuan on the chief manager who has direct responsibility.

Article 31. If the electronic verification service provider does not comply with the operating rules for verification, does not preserve the information relevant to verification, or engages in other unlawful activities, the agency in charge of information industries under the State Council will demand a correction within a specified time. If corrections are not made within this specified time, the Permit of Electronic Verification Services will be revoked. The chief manager and other staff persons who are directly responsible may not provide electronic verification services for the next 10 years. An announcement will be made and reported to the Administration for Industry and Commerce if a Permit of Electronic Verification Services is revoked.

Article 32. Those who forge, imitate, or misappropriate electronic signatures of others will bear criminal liabilities if a crime is committed, and they will bear civil liabilities if damages are incurred by others.

Article 33. Staff persons working for the agency in charge of oversight and management of the electronic verification industry will receive administrative punishments if they do not perform their obligations of administrative authorization and oversight and management in accordance with the law, and will bear criminal responsibilities when a crime is committed.

Chapter 5. Supplementary Provisions

Article 34. The definitions of the following phrases in this law are:

(1) "Electronic signer" refers to the person who holds the data that created the electronic signatures and who implements the electronic signatures for oneself or on behalf of others;

(2) "Party dependent on electronic signatures" refers to the person who undertakes the relevant activities on the basis of trust and reliance in the certificate of verified electronic signatures or electronic signatures;

(3) The "certificate of verified electronic signatures" refers to the electronic data or other electronic records that can verify the relationship between the electronic signer and the data that created the electronic signatures;

(4) The "data that created electronic signatures" refers to the data of characters, codes, and so forth that reliably associate the electronic signatures with the electronic signer in the process of signing;

(5) "Verifying data of electronic signatures" refer to data that are used for verifying the electronic signatures, which include codes, passwords, algorithms, or public keys, and so forth.

Article 35. The State Council, or the agencies designated by the State Council, may draft specific measures for the use of electronic signatures and electronic data in governmental affairs or other social activities in light of the present law.

Article 36. The law is implemented as of April 1, 2005.

The copyright of English version of this law or regulation belongs to "China Internet Project", please specify the source when quote.