Be It Enacted by the Legislature of the State of
Florida:
Section 1. This act may be cited as the
"Electronic Signature Act of 1996."
Section 2. Legislative intent. -- It is
the intent of the Legislature that this act:
(1) Facilitate economic development and efficient delivery of
government services by means of reliable electronic messages.
(2) Enhance public confidence in the use of electronic
signatures.
(3) Minimize the incidence of forged electronic signatures
and fraud in electronic commerce.
(4) Foster the development of electronic commerce through the
use of electronic signatures to lend authenticity and integrity to writings in
any electronic medium.
(5) Assure that proper management oversight and
accountability are maintained for agency-conducted electronic commerce.
Section 3. Subsection (4) of section
1.01, Florida Statutes, is amended to read:
1.01 Definitions. -- In construing these statutes and each
and every word, phrase, or part hereof, where the context will permit:
(4) The word "writing" includes handwriting, printing,
typewriting and all other methods and means of forming letters and characters
upon paper, stone, wood, or other materials. The word "writing" also includes
information which is created or stored in any electronic medium and is
retrievable in perceivable form.
Section 4. Definitions. -- As used in
this act:
(1) "Certificate" means a computer-based record which:
(a) Identifies the certification authority.
(b) Identifies the subscriber.
(c) Contains the subscriber's public key.
(d) Is digitally signed by the certification authority.
(2) "Certification authority" means a person who issues a
certificate.
(3) "Digital signature" means a type of electronic signature
that transforms a message using an asymmetric cryptosystem such that a person
having the initial message and the signer's public key can accurately
determine:
(a) Whether the transformation was created using the
private key that corresponds to the signer's public key.
(b) Whether the initial message has been altered since the
transformation was made.
A "key pair" is a private key and its corresponding public
key in an asymmetric cryptosystem, under which the public key verifies a
digital signature the private key creates. An "asymmetric cryptosystem" is an
algorithm or series of algorithms which provide a secure key pair.
(4) "Electronic signature" means any letters, characters, or
symbols, manifested by electronic or similar means, executed or adopted by a
party with an intent to authenticate a writing. A writing is electronically
signed if an electronic signature is logically associated with such writing.
Section 5. Unless otherwise provided by
law, an electronic signature may be used to sign a writing and shall have the
same force and effect as a written signature.
Section 6. The Secretary of State shall
have the authority to issue certificates for the purpose of verifying digital
signatures, and to take other actions as necessary to achieve the purposes of
this act, including the suspension or revocation of certificates issued by the
Secretary of State. The Secretary of State may impose a reasonable fee to
cover the expenses associated with administering this section and shall adopt
rules necessary to implement this section. Nothing in this section shall be
construed to compel any public or private entity to participate in the
Secretary of State's certification program, as authorized in this section, in
order to verify digital signatures.
Section 7. The head of each agency shall
be responsible for adopting and implementing control processes and procedures
to ensure adequate integrity, security, confidentiality, and auditability of
business transactions conducted using electronic commerce.
Section 8. The Secretary of State shall
study the issues related to expanding the use of digital signatures for
electronic commerce purposes and shall report findings and recommendations
from such study to the Joint Legislative Committee on Information Technology
Resources by December 1, 1996. The report shall address the following issues
to assist the Legislature in determining whether or not it is in the public
interest for the Secretary of State to:
(1) License, certify, or register certification authorities
doing business in this state.
(2) Develop requirements for certification authorities to be
licensed, certified, or registered in this state.
(3) Maintain a publicly accessible database containing a
certification authority disclosure record for each licensed, certified, or
registered certification authority.
The report shall also address any other issues related to
digital signatures which should be considered by the Legislature and shall
recommend whether additional legislation on digital signatures is necessary to
further electronic commerce in this state.
Section 9. This act shall take effect
upon becoming a law.