Office of the Government Chief Information Officer, The Government of the Hong Kong Special Administrative Region | Brand Hong Kong

GovHK | Search | Site Map | Contact Us | Home | Content | What's New


Recognition of Certification Authorities and Certificates > Introduction


To provide a clear legal framework for the conduct of e-business in the Hong Kong Special Administrative Region ("HKSAR"), the Electronic Transactions Ordinance (Cap. 553) ("Ordinance") was enacted on 5 January 2000. The Electronic Transactions (Amendment) Ordinance 2004 (the Amendment Ordinance) (in PDF) was also enacted and came into operation on 30 June 2004 to update and improve the Ordinance. In general, the Ordinance, as amended by the Amendment Ordinance, seeks to -

1. accord electronic record and electronic signature (please see Note 1 below) the same legal status as that of their paper-based counterparts; and

2. establish a voluntary recognition scheme for certification authorities ("CA") to enhance public confidence in electronic transactions.

(Note 1: For transactions not involving Government entities, a signature requirement under the law can be met by any form of electronic signature so long as it is reliable, appropriate and agreed by the recipient of the signature. For transactions involving Government entities, a signature requirement under the law can be satisfied by digital signature.)

Electronic Records and Signatures

In respect of electronic records and signatures, the Ordinance provides that -

1. if a rule of law requires information to be or given in writing or provides for certain consequences if it is not, an electronic record satisfies the requirement if the information contained in the electronic record is accessible so as to be usable for subsequent reference (section 5(1) of the Ordinance);

2. if a rule of law permits information to be or given in writing, an electronic record satisfies that rule of law if the information contained in the electronic record is accessible so as to be usable for subsequent reference (section 5(2) of the Ordinance);

3. if a rule of law under a provision set out in Schedule 3 of the Ordinance requires a document to be served on a person by personal service or by post, the provision shall be construed as also providing that service of the document in the form of an electronic record to an information system designated by the person satisfies the requirement under the provision if the information contained in the electronic record is accessible so as to be usable for subsequent reference (section 5A(1) of the Ordinance);

4. if a rule of law under a provision set out in Schedule 3 of the Ordinance permits a document to be served on a person by personal service or by post, the provision shall be construed as also providing that service of the document in the form of an electronic record to an information system designated by the person is permitted under the provision if the information contained in the electronic record is accessible so as to be usable for subsequent reference (section 5A(2) of the Ordinance);

5. where a rule of law requires that certain information be presented or retained in its original form, the requirement is satisfied by presenting or retaining the information in the form of electronic records if -

a. there exists a reliable assurance as to the integrity of the information from the time when it was first generated in its final form; and

b. where it is required that information be presented, the information is capable of being displayed in a legible form to the person to whom it is to be presented

(section 7(1) of the Ordinance);

6. without prejudice to any rules of evidence, an electronic record shall not be denied admissibility in evidence in any legal proceeding on the sole ground that it is an electronic record (section 9 of the Ordinance);

7. where an electronic record is used in the formation of a contract, that contract shall not be denied validity or enforceability on the sole ground that an electronic record was used for that purpose (section 17(2) of the Ordinance);

8. in the context of the formation of contracts, if an offer or the acceptance of an offer is in whole or in part expressed by means of an electronic record, an electronic signature attached to or logically associated with the electronic record shall not be denied legal effect on the sole ground that it is an electronic signature (section 17(2A) of the Ordinance);

9. where -

a. a rule of law requires the signature of a person ("the first mentioned person") on a document or provides for certain consequences if the document is not signed by the first mentioned person; and

b. neither the first mentioned person nor the person to whom the signature is to be given ("the second mentioned person") is or is acting on behalf of a government entity,

an electronic signature of the first mentioned person satisfies the requirement if -

c. the first mentioned person uses a method to attach the electronic signature to or logically associate the electronic signature with an electronic record for the purpose of identifying himself and indicating his authentication or approval of the information contained in the document in the form of the electronic record;

d. having regard to all the relevant circumstances, the method used is reliable, and is appropriate, for the purpose for which the information contained in the document is communicated; and

e. the second mentioned person consents to the use of the method by the first mentioned person;

(section 6(1) of the Ordinance); and

10. where -

a. a rule of law requires the signature of a person on a document or provides for certain consequences if the document is not signed by the person; and

b. either or both of the person mentioned in paragraph (a) and the person to whom the signature is to be given is or are or is or are acting on behalf of a government entity or government entities,

a digital signature of the person mentioned in paragraph (a) satisfies the requirement if the digital signature is -

c. supported by a recognized certificate;

d. generated within the validity of that certificate; and

e. used in accordance with the terms of that certificate.

(section 6(1A) of the Ordinance).

Voluntary Recognition Scheme for Certification Authorities

Through the use of public and private key pairs and recognized certificates issued by recognized CAs, individuals and businesses can -

1. establish the identity of the opposite party in electronic transactions;

2. ensure the integrity of the electronic messages received; and

3. prevent electronic transactions from being repudiated.

Section 34 of the Ordinance states that the Postmaster General is a recognized CA. In addition to the Postmaster General, the private sector is free to set up CAs in the HKSAR to serve the needs of different sectors of the society. The number of CAs to be established in the HKSAR should be determined by market forces. The Government of the HKSAR encourages private sector initiatives to provide CA services. Although there is no mandatory licensing requirement under the Ordinance, in order to protect consumers' interests and enhance public confidence in electronic transactions, the Ordinance stipulates a voluntary scheme of recognition whereby CAs are free to apply for recognition from the Government. Under the Ordinance, the Government Chief Information Officer ("GCIO") is the authority for granting recognition to CAs and to the certificates that recognized CAs issue. The list of CAs recognized under the Ordinance is available at the disclosure record that the GCIO maintains for the recognized CAs.

Note:

The information in this web page is not intended to affect your rights and obligations. It is not intended to be relied upon as a statement of the legal position and you should consult your legal adviser before acting upon the information.


Top

2003 © | Important notices | Privacy Policy | Last review date : 31 March 2009

End of page