Decree No. 26/2007/NĐ-CP detailing the implementation of the Law on Electronic Transactions regarding digital signatures and services for verifying digital signatures.

This Decree details regulations on digital signatures and services for verifying digital signatures, applicable to organizations providing such services and individuals using them in electronic transactions. Notably, it covers management of licenses, operating conditions, rights, and obligations of the parties involved.

文号26/2007/NĐ-CP
文件类型Decree
发布机关Ministry of Science and Technology
签署人Nguyễn Tấn Dũng — Thủ tướng
更新29/06/2026
领域Uncategorized
发布日期15/02/2007
生效日期14/03/2007
失效日期15/11/2018
状态Expired
✦ 智能摘要

This Decree details regulations on digital signatures and services for verifying digital signatures, applicable to organizations providing such services and individuals using them in electronic transactions. Notably, it covers management of licenses, operating conditions, rights, and obligations of the parties involved.

适用范围

Agencies, organizations providing services for verifying digital signatures and individuals, organizations using digital signatures in electronic transactions.

要点

  • Organizations providing public digital signature verification services must obtain a license from the Ministry of Posts and Telecommunications with a validity period not exceeding ten years.
  • Foreign digital signatures and certificates are recognized when foreign organizations providing digital signature verification services meet the prescribed conditions.
  • Organizations providing services for verifying digital signatures have the obligation to store confidential information of subscribers and compensate for damages if there is a breach.
  • Violations of regulations on operations and security will be fined from VND 1,000,000 to VND 100,000,000 depending on the severity of the violation.
  • National digital signature verification service providers issue their own certificates.

🌐 本文件的社会影响

  • Facilitating electronic transactions, enhancing information security, and protecting personal data.
  • Saving time and costs in the process of verifying digital signatures compared to traditional methods.
  • Investment in technology and human resources is required to ensure effective operation, which may impose financial pressure on small enterprises.
  • Enhancing the responsibility of organizations providing digital signature verification services in managing customer information.

❓ 常见问题

What conditions must a company meet to be granted a license to provide public digital signature verification services?

The company must have a business license, meet financial conditions (financial capacity, deposit, or guarantee), personnel, and technical requirements. The license validity period is ten years.

If a digital signature verification service provider has its license revoked, what actions must they take?

The organization must transfer databases to another operating organization and notify subscribers. If the enterprise does not wish to continue providing services, they must notify at least three months before cessation.

What is the legal value of a digital signature?

In cases where the law requires a signature, a data message signed with a digital signature satisfies this requirement. Foreign digital signatures are also recognized and have equivalent legal value.

What conditions must organizations providing specialized digital signature verification services meet?

The company must meet personnel, technical requirements, and regulations of the Ministry of Posts and Telecommunications. They may also be issued a certificate confirming compliance with safety standards for digital signatures.

Which violations will result in the heaviest penalties?

Serious violations such as providing digital signature verification services without a valid license, improperly using another organization's secret key, or damaging database equipment may be fined from VND 70,000,000 to VND 100,000,000.

全文

DECREE

Regulations on implementation of the Law on Electronic Transactions regarding digital signatures and digital signature certification services.

____________________

THE GOVERNMENT

Pursuant to the Law on Organization of the Government dated December 25, 2001;

Pursuant to the Law on Electronic Transactions dated November 29, 2005;

BASED ON THE Ordinance on Handling Administrative Violations dated July 2, 2002;

CONSIDERING the proposal of the Minister of Posts and Telecommunications.

DECREE:

Chapter I:

GENERAL PROVISIONS

Article 1. Scope of Regulation

This Decree provides detailed regulations on digital signatures and digital certificates; management, provision, and use of digital signature certification services.

Article 2. Applicability

This Decree applies to agencies and organizations providing digital signature certification services and agencies, organizations, and individuals choosing to use digital signatures and digital signature certification services in electronic transactions.

Article 3. Explanation of Terms

In this Decree, the following terms are understood as follows:

1. "Digital certificate"is a form of electronic certificate issued by an organization providing digital signature certification services.

2. "Foreign digital certificate"is a digital certificate issued by an organization providing digital signature certification services abroad.

3. “Valid digital certificate"is a digital certificate that has not expired, is not temporarily suspended, or revoked.

4. "Electronic invoice issuance system"is a type of electronic signature created by transforming a data message using an asymmetric cryptographic system such that anyone who obtains the original data message and the public key of the signer can accurately determine:

a) The transformation was created using the correct private key corresponding to the public key in the same key pair;

b) The integrity of the content of the data message from the time of the transformation.

5. “Foreign digital signature"is a digital signature created by a subscriber using a foreign digital certificate.

"Digital signature certification service" is a type of electronic signature certification service provided by an organization offering digital signature certification services. A digital signature certification service includes:

a) Creating a key pair including public and private keys for subscribers;

b) Issuing, renewing, suspending, restoring, and revoking subscribers' digital certificates;

c) Maintaining an online database of certificates;

d) Other related services as prescribed.

7. “Asymmetric cryptographic system"is a cryptographic system capable of generating a key pair consisting of a private key and a public key.

8. “Key" is a binary string (0 and 1) used in cryptographic systems.

9. “Private key"is one key in an asymmetric key pair used to create a digital signature.

10. “Public Key"is one key in an asymmetric key pair used to verify a digital signature created by the corresponding private key in the key pair.

11. "Signing"is the process of inserting a private key into software to automatically generate and attach a digital signature to a data message.

12. “Signer" is a subscriber who uses their own private key to sign a data message under their name.

13. “Received by"is an organization or individual who receives a digitally signed data message, uses the digital certificate of the signer to verify the digital signature in the received message, and proceeds with related activities and transactions.

14. “Subscriber"is an organization or individual issued a digital certificate, accepts the digital certificate, and holds the corresponding private key recorded on the issued digital certificate.

15. “Suspension of digital certificate"temporarily renders a digital certificate invalid from a specified date.

16. “Revocation of digital certificate"permanently renders a digital certificate invalid from a specified date.

17. "Organization providing digital signature certification services"is an organization providing digital signature certification services that carries out the activity of providing digital signature certification services.

Article 4. Organizations providing digital signature certification services

Organizations providing digital signature certification services include:

1. Public digital signature certification service providers are organizations providing digital signature certification services for agencies, organizations, and individuals using them in public activities. The operation of public digital signature certification service providers is aimed at business purposes.

2. Specialized digital signature certification service providers are organizations providing digital signature certification services for agencies, organizations, and individuals with similar operational characteristics or work objectives and linked to each other through articles of association or legal regulations stipulating common organizational structures or forms of collaboration and joint operations. The operation of specialized digital signature certification service providers serves internal transaction needs and does not aim at business purposes.

3. National digital signature certification service providers (Root Certification Authority) are organizations providing digital signature certification services for public digital signature service providers. There is only one national digital signature certification service provider.

Article 5. Policy on developing digital signature certification services

1. The State encourages the use of digital signatures and digital signature certification services in economic, political, and social fields to promote information exchange and online transactions, thereby increasing labor productivity; expanding commercial activities; supporting administrative reform, enhancing social benefits, improving the quality of life for the people, and ensuring national security and defense.

2. The State promotes the application of digital signatures and the development of digital signature certification services through key projects aimed at raising awareness; disseminating laws; developing applications; organizing training for human resources; researching, cooperating, and transferring technology related to digital signatures and digital signature certification services.

3. The State supports the activities of public digital signature certification service providers through preferential policies on tax, land, and other incentives.

Article 6. Responsibilities for state management of digital signature certification services

1. The Ministry of Posts and Telecommunications is responsible before the Government for implementing state management over digital signature certification services, including:

a) Submitting to the Government for approval or issuing within its authority policies, strategies, planning, development plans, and management of digital signature certification services;

b) Issuing within its authority legal regulatory documents on digital signatures and digital signature certification services;

c) Leading and coordinating with the Ministry of Science and Technology, the Ministry of Public Security, and the Government Cryptographic Office to develop and issue mandatory technical standards and standards on digital signatures and digital signature certification services;

d) Leading and coordinating with the Ministry of Public Security and the Government Cryptographic Office in managing digital signature certification service providers, including issuing licenses, certificates of conditions ensuring safety for digital signatures, recognition of foreign digital signatures and certificates, inspection, supervision, and handling violations, and other necessary activities;

đ) Leading and coordinating with the Ministry of Science and Technology, the Ministry of Public Security, and the Government Cryptographic Office to implement international cooperation on digital signature certification services;

e) Establishing and maintaining the operation of national digital signature certification service providers.

2. The Ministry of Science and Technology, the Ministry of Public Security, the Government Cryptographic Office, other relevant ministries and sectors, provincial People's Committees, and centrally governed city People's Committees within their respective authorities and responsibilities shall coordinate with the Ministry of Posts and Telecommunications to implement the provisions of Clause 1 of this Article.

3. The Ministry of Public Security is responsible for leading efforts to combat high-tech crimes using digital signatures and digital signature certification services.

4. The Government Cryptographic Office establishes and maintains the operation of specialized digital signature certification service providers serving agencies under the political system.

Article 7. Prohibited acts

1. Providing digital signature certification services and using digital signatures with the intent to oppose the Socialist Republic of Vietnam, disrupt public security, social order, and social safety; engage in smuggling or conduct other activities contrary to the law and social morals.

2. Directly or indirectly destroying the digital signature certification service provision systems of digital signature certification service providers; obstructing the provision and use of digital signature certification services; forging or instructing others to forge digital certificates.

3. Stealing, cheating, impersonating, appropriating, or improperly using another person's secret key.

4. Buying, selling, or transferring licenses for providing public digital signature certification services.

 

Chapter II:

DIGITAL SIGNATURES AND DIGITAL CERTIFICATES

Article 8. Legal Value of Digital Signatures

1. In cases where laws require a document to bear a signature, a data message shall be deemed to meet this requirement if it is signed with a digital signature.

2. In cases where laws require a document to bear the stamp of an agency or organization, such requirement shall be deemed met if the data message is signed by a digital signature of an authorized person according to the regulations on management and use of stamps and digital signatures, provided that the digital signature is secured in accordance with Clause 9 of this Decree.

3. Foreign digital signatures and digital certificates recognized in accordance with Chapter VII of this Decree shall have the same legal value and effect as those issued by public key certification service providers in Vietnam.

Article 9. Conditions for Ensuring Security of Digital Signatures

A digital signature shall be considered a secure electronic signature when it meets the following conditions:

1. The digital signature is created during the period when the digital certificate is valid and can be verified using the public key recorded on the valid digital certificate.

2. The digital signature is created using the private key corresponding to the public key recorded on the digital certificate issued by a national key certification service provider, a public key certification service provider, a specialized key certification service provider certified to ensure security for digital signatures, or a foreign key certification service provider recognized in Vietnam.

3. The private key is under the control of the signer at the time of signing.

4. The private key and the content of the data message are uniquely associated with the signer when they sign the data message.

Article 10. Contents of Digital Certificates

Digital certificates issued by national key certification service providers, public key certification service providers, and specialized key certification service providers certified to ensure security for digital signatures must include the following contents:

1. Name of the key certification service provider.

2. Name of the subscriber.

3. Serial number of the digital certificate.

4. Validity period of the digital certificate.

5. Public key of the subscriber.

6. Digital signature of the key certification service provider.

7. Restrictions on purpose and scope of use of the digital certificate.

8. Limitations on the legal liability of the key certification service provider.

9. Other necessary contents as prescribed by the Ministry of Posts and Telecommunications.

Article 11. Digital Certificates of Agencies and Organizations

1. All state positions and authorized persons of agencies and organizations as stipulated by laws on management and use of stamps shall have the right to issue digital certificates with the value as prescribed in Clause 2 of Article 8 of this Decree.

2. Digital certificates issued to state positions and authorized persons of agencies and organizations must clearly indicate their positions.

3. Issuing digital certificates to state positions and authorized persons of agencies and organizations must be based on the following documents:

a) Documents from the agency or organization requesting issuance of a digital signature for an authorized person or state position.

b) Legally certified copies of the registration certificate of the stamp model of the agency or organization or state position issued in accordance with laws on management and use of stamps.

c) Legally certified copies of documents confirming the position of the authorized person of the agency or organization or state position.

Article 12. Use of digital signatures and certificates of agencies and organizations

1. The digital signature of a person issued a certificate according to Article 11 of this Decree shall only be used to perform transactions in accordance with the position of that person.

2. The act of signing on behalf of another or at the request of another, as provided for by law, shall be carried out by a person authorized to use their own digital signature, understood based on the position of the signer recorded on the certificate.

Chapter III:

ISSUING LICENSES FOR PROVIDING PUBLIC DIGITAL SIGNATURE VERIFICATION SERVICES

Article 13. Conditions for operation

An organization providing digital signature verification services may provide services to the public when meeting the following conditions:

1. Having a license to provide public digital signature verification services issued by the Ministry of Posts and Telecommunications.

2. Possessing a digital certificate issued by an organization providing national digital signature verification services.

Article 14. Term of the license

The license granted to an organization providing public digital signature verification services shall have a term not exceeding ten years.

Article 15. Conditions for issuing licenses

1. Subject conditions:

It must be a business established under Vietnamese law.

2. Financial condition:

a) Having sufficient financial capacity to establish technical equipment systems, organize and maintain operations consistent with the scale of service provision;

b) Depositing a guarantee fund in a commercial bank operating in Vietnam or having a guarantee letter from a commercial bank operating in Vietnam not less than five billion (5,000,000,000) Vietnamese dong, or committing to purchase insurance to address risks and compensation that may occur during the service provision process and payment of costs for receiving and maintaining the company's database in case the license is revoked.

3. Personnel conditions:

a) Having a team of technical staff, management staff, operational staff, security management staff, and customer service staff meeting the requirements of expertise and the scale of service deployment; without prior criminal records;

b) The legal representative must understand laws related to digital signatures and digital signature verification services.

4. Technical conditions:

a) Establishing a technical equipment system ensuring the following requirements:

- Fully, accurately, and timely storing information of subscribers to serve the issuance of digital certificates throughout the validity period of the certificates;

- Ensuring the creation of key pairs that only allow each key pair to be generated randomly and uniquely once; having features to ensure that the private key cannot be detected when the corresponding public key is available;

- Fully, accurately, and timely updating the list of valid and expired certificates and allowing Internet users to access online 24 hours a day, seven days a week;

- Having the ability to detect, warn, and prevent all unauthorized access, forms of attacks in the network environment, and comply with information security standards;

- Designed to minimize direct contact with the Internet environment as much as possible;

- The key distribution system for subscribers must ensure the integrity and confidentiality of the key pair. In cases where keys are distributed through a computer network, the key distribution system must use secure protocols to ensure that information is not exposed on the transmission path.

b) Having feasible technical and business plans consistent with applicable technical standards and mandatory standards;

c) Having control measures for entering and exiting the headquarters, access rights to the system, and entry and exit rights to the location where equipment for providing digital signature verification services is placed;

d) Having backup plans to ensure safe, continuous operation and recovery in case of incidents;

đ) All equipment systems used to provide services must be located in Vietnam.

5. Other conditions:

a) Constructing headquarters and locations for machinery and equipment in compliance with fire and explosion prevention laws; capable of resisting floods, earthquakes, electromagnetic interference, and illegal human intrusion;

b) Having a publicly disclosed verification regulation in the format prescribed by the Ministry of Posts and Telecommunications and containing content consistent with the provisions of this Decree.

Article 16. Application Documents for Permit Issuance

The application documents for obtaining a permit to provide public digital signature certification services shall be prepared in six sets, each set containing the following:

1. The business's application for a permit to provide public digital signature certification services.

2. A business registration certificate or investment certificate indicating the business’s activities related to providing electronic signature certification services.

3. The business’s charter on organization and operation.

4. Documentation proving compliance with financial conditions stipulated in Clause 2, Article 15 of this Decree.

5. A service provision plan including the following main contents:

- Business plan including scope, target customers for the service; service quality standards; financial plans and other necessary information;

- Technical plan ensuring compliance with Clause 4, Article 15;

- Certification regulations;

- Detailed personal information, qualifications, and credentials of personnel directly involved in the provision of digital signature certification services by the business.

 

Article 17. Review and Issuance of Permit

Within sixty working days from the date of receipt of valid application documents, the Ministry of Posts and Telecommunications shall lead and coordinate with the Ministry of Public Security, the Government Cryptographic Committee, and relevant ministries and sectors to review the application documents. If the enterprise meets all conditions for permit issuance as stipulated in Article 15, the Ministry of Posts and Telecommunications will issue a permit to the enterprise. In case of refusal, the Ministry of Posts and Telecommunications will notify in writing and specify the reasons.

Article 18. Amendment of Permit Content and Reissuance of Permit

1. When there is a need to amend the permit content, the entity providing public digital signature certification services must submit an application for amending the permit content for public digital signature certification services to the Ministry of Posts and Telecommunications.

2. The application for amending the permit shall be prepared in six sets, each set containing: a request for amendment of the permit content; a copy of the currently valid permit; a report on operational status and reasons for amending the permit content; detailed proposed amendments and other necessary documents.

3. Within sixty working days from the date of receipt of valid application documents for amending the permit content, the Ministry of Posts and Telecommunications shall lead and coordinate with relevant ministries and sectors to review the application documents and conduct on-site inspections if necessary. If the proposed amendment still meets all conditions for permit issuance as stipulated in Article 15, the Ministry of Posts and Telecommunications will issue a new permit to the enterprise. If the proposed amendment does not meet all conditions for permit issuance, the Ministry of Posts and Telecommunications will notify in writing and specify the reasons.

4. In cases of restructuring, the entity providing public digital signature certification services must report to the Ministry of Posts and Telecommunications for consideration of permit content changes; procedures for changes shall follow the provisions of Clauses 2 and 3 of this Article.

5. In cases where the permit is lost, torn, burned, or destroyed in any form, the entity providing public digital signature certification services may apply for reissue of the permit. To obtain a reissued permit, the entity must submit a request clearly stating the reason for requesting a reissue to the Ministry of Posts and Telecommunications and pay the required fee.

Article 19. Extension of License

1. When wishing to extend the license, the organization providing public digital signature authentication services must submit the application for license extension 60 days before the license expires.

2. The application for license extension shall be prepared in two sets, each set including: Application for license extension, a copy of the currently valid license, report on operational status and inspection results over the last three years.

3. Within 60 days from the date of receiving a complete application, the Ministry of Posts and Telecommunications shall review and consider the request for license extension. In case of agreement, the Ministry of Posts and Telecommunications will extend the license for the enterprise. In case of refusal, the Ministry of Posts and Telecommunications shall issue a notification letter specifying the reasons.

4. The license may only be extended once, and the extension period shall not exceed one year.

Article 20. Suspension or Revocation of License

1. The organization providing public digital signature authentication services shall have its license suspended when any of the following situations occur:

a) Providing services contrary to the content stated on the license;

b) Failing to meet any of the licensing conditions during the service provision process;

c) Other conditions as prescribed by law.

2. The organization providing public digital signature authentication services shall have its license revoked when any of the following situations occur:

a) Not implementing service provision within twelve months from the date of issuance of the license without a legitimate reason;

b) Being dissolved or declared bankrupt according to relevant laws;

c) The service provision license for public digital signatures has expired;

d) Failing to rectify the suspension conditions stipulated in Clause 1 of this Article within the suspension period determined by the competent authority.

3. The organization providing public digital signature authentication services whose license is revoked shall be responsible for negotiating with another operating organization providing public digital signature authentication services to transfer related databases within ninety days from the date of revocation. In case of failure to reach an agreement, it shall report to the Ministry of Posts and Telecommunications for consideration and resolution.

4. The costs of accepting and maintaining the database of the organization providing public digital signature authentication services whose license is revoked shall be covered from the deposit or guarantee or insurance of that service authentication organization.

Chapter IV:

ACTIVITIES OF ORGANIZATIONS PROVIDING PUBLIC DIGITAL SIGNATURE AUTHENTICATION SERVICES

Article 21. Application for Digital Certificate

The application for a digital certificate includes:

1. Application for a digital certificate according to the form of the organization providing public digital signature authentication services.

2. Supporting documents include:

a) For individuals: a certified true copy of identity card, passport, or other lawful personal identification;

b) For organizations: a certified true copy of the decision to establish or business registration certificate or equivalent document of the organization; authorization document and a certified true copy of identity card, passport, or other lawful personal identification of the authorized representative of the organization;

c) Other documents as prescribed in the authentication regulations of the organization providing public digital signature authentication services.

Article 22. Key Generation and Distribution

1. A key pair of an organization or individual applying for a digital certificate may be generated by:

a) The organization or individual applying for a digital certificate;

b) An organization providing public digital signature verification services based on a written request from the organization or individual applying for a digital certificate.

2. In the case where the organization or individual applying for a digital certificate generates the key pair themselves, the organization providing public digital signature verification services must ensure that they have used equipment in accordance with the prescribed standards to generate and store the key pair.

3. In the case where the organization providing public digital signature verification services generates the key pair, such organization must ensure secure methods are used to transfer the private key to the organization or individual applying for a digital certificate and may only retain a copy of the private key upon a written request from the organization or individual applying for a digital certificate.

Article 23. Issuance of Digital Certificates

1. An organization providing public digital signature verification services shall issue a digital certificate upon verifying the following contents:

a) Information in the application is accurate;

b) The public key on the digital certificate to be issued is unique and paired with the private key of the organization or individual applying for a digital certificate.

2. A digital certificate can only be issued to the applicant and must contain all information prescribed in Article 10 of this Decree.

3. An organization providing public digital signature verification services may only publish the issued digital certificate for the subscriber in its database of digital certificates after receiving confirmation from the subscriber regarding the accuracy of the information on the digital certificate; the publication period shall not exceed 24 hours after receipt of the confirmation, except in cases of agreement otherwise.

4. An organization providing public digital signature verification services shall not refuse to issue a digital certificate to an organization or individual applying for a digital certificate without a valid reason.

Article 24. Renewal of Digital Certificates

1. At least 30 days before the expiration date of the digital certificate, if renewal is desired, the subscriber must submit a renewal application for the digital certificate.

2. In the event of a change in the public key on the renewed digital certificate, the subscriber must clearly indicate this in the application; the generation of keys, distribution of keys, and publication of the renewed digital certificate shall be carried out in accordance with the provisions of Articles 22 and 23 of this Decree.

Article 25. Change of Key Pair

In the event that the subscriber requests a change in the key pair, the subscriber must submit an application for changing the key pair. The generation of keys, distribution of keys, and publication of the digital certificate with the new public key shall be carried out in accordance with the provisions of Articles 22 and 23 of this Decree.

Article 26. Suspension of Digital Certificates

1. A digital certificate shall be suspended when any of the following circumstances occur:

a) When the subscriber requests in writing and such request has been verified by the organization providing public digital signature verification services as being accurate;

b) When the organization providing public digital signature verification services has grounds to confirm that the issued digital certificate does not comply with the provisions of Articles 22 and 23 of this Decree or when any errors affecting the rights of the subscriber and recipient are discovered;

c) Upon request from a prosecution agency, security agency, or the Ministry of Posts and Telecommunications;

d) According to the suspension conditions stipulated in the contract between the subscriber and the service provider.

2. Upon having grounds to suspend a digital certificate, the organization providing public digital signature verification services must immediately suspend it and simultaneously notify the subscriber and publish on the database of digital certificates the suspension, start time, and end time of the suspension.

3. The organization providing public digital signature verification services must restore the digital certificate when there are no longer grounds for suspension or when the suspension period according to the request has expired.

Article 27. Revocation of Digital Certificates

1. A digital certificate shall be revoked in the following cases:

a) When the subscriber requests in writing and such request has been verified by the organization providing public digital signature verification services as being accurate;

b) When the subscriber is an individual who has died or been declared missing by a court, or when the subscriber is an organization that has been dissolved or declared bankrupt in accordance with the law;

c) Upon request from a prosecution agency, security agency, or the Ministry of Posts and Telecommunications;

d) In accordance with the conditions for revoking digital certificates as stipulated in the contract between the subscriber and the organization providing public digital signature certification services.

2. Upon having grounds to revoke a digital certificate, the organization providing public digital signature certification services must proceed to revoke the digital certificate and immediately notify the subscriber and publish on the database of digital certificates the revocation thereof.

Article 28. Issuing Timestamps

1. Issuing timestamps involves attaching information about date, month, year, and time to a data message.

2. The organization providing public digital signature certification services has the right to provide timestamp issuance services. The provision of timestamp issuance services must comply with technical standards and mandatory standards applicable to such services.

3. The date, month, year, and time attached to a data message are those at which the organization providing public digital signature certification services receives the data message. The date, month, year, and time attached to a data message must be digitally signed by the organization providing public digital signature certification services.

4. The date, month, year, and time attached to a data message, in compliance with the provisions of Clauses 1, 2, and 3 of this Article, are recognized by law.

Chapter V:

RIGHTS AND OBLIGATIONS OF PARTIES INVOLVED IN PROVIDING AND USING PUBLIC DIGITAL SIGNATURE CERTIFICATION SERVICES

Section 1: RIGHTS AND OBLIGATIONS OF ORGANIZATIONS PROVIDING PUBLIC DIGITAL SIGNATURE CERTIFICATION SERVICES

Article 29. Obligations Regarding Storage and Use of Information of Organizations and Individuals Applying for Digital Certificates

1. The organization providing public digital signature certification services has the obligation to store information related to the identity of organizations and individuals applying for digital certificates in a confidential and secure manner, and may only use such information for purposes related to the digital certificate, except where otherwise agreed upon or provided by law.

2. Compensation shall be provided to subscribers and recipients in the following cases:

a) Damage occurs as a result of disclosing subscriber information that the organization is obligated to store confidentially;

b) Damage occurs as a result of including inaccurate information on the digital certificate compared to the information provided by the subscriber.

Article 30. Obligations Related to Issuing Digital Certificates

To ensure the legitimate rights of subscribers, the organization providing public digital signature certification services has the following obligations:

1. Provide written guidance to organizations and individuals applying for digital certificates before signing a digital certificate issuance contract regarding the following information:

a) Scope, limitations of use, level of security, fees, and charges for issuing and using the type of digital certificate being applied for, and other information that could affect the rights of organizations and individuals applying for digital certificates;

b) Requirements to ensure the safety in storing and using secret keys;

c) Complaint procedures and dispute resolution;

d) Other contents determined by the organization providing public digital signature certification services.

2. Develop a model contract for digital certificate issuance activities.

3. Ensure security throughout the process of creating and transferring digital certificates to subscribers.

4. Be responsible to subscribers and recipients for the accuracy of the information on the digital certificate.

5. Compensate subscribers and recipients when damage occurs as a result of a digital certificate issued contrary to the provisions of this Decree.

Article 31. Obligations related to the extension of digital certificates

1. When receiving a request for extension from the subscriber in accordance with the provisions of Article 24 of this Decree, the organization providing public digital signature certification services shall have the obligation to complete the procedures for extending the digital certificate before the digital certificate of the subscriber expires.

2. The organization providing public digital signature certification services shall be responsible for compensating the subscriber and the recipient for any damage that occurs due to the violation of Clause 1 of this Article.

Article 32. Rights and obligations related to suspending and restoring digital certificates

The organization providing public digital signature certification services shall have the obligation to:

1. Ensure a communication channel to receive requests to suspend the operation of digital certificates available 24 hours a day, 7 days a week.

2. Store all information related to the suspension of digital certificates for at least 5 years, starting from the date when the digital certificate is suspended.

3. During the period of suspension of digital certificates, the organization providing public digital signature certification services must still fulfill the obligations related to keeping confidential personal information and secret keys of subscribers as stipulated in this Decree.

4. Compensate the parties involved in case of damage resulting from non-compliance with the provisions of Clause 2 and 3 of Article 26 of this Decree.

Article 33. Obligations related to revoking digital certificates

The organization providing public digital signature certification services shall have the following obligations:

1. Ensure a communication channel to receive requests for revoking digital certificates available 24 hours a day, 7 days a week.

2. Retain all information related to the revocation of digital certificates and revoked digital certificates for at least 5 years, starting from the date when the digital certificate was revoked.

3. Ensure the confidentiality of the secret key of the subscriber in cases where the subscriber has authorized it, and retain information related to the digital certificate of the subscriber for at least 5 years, starting from the date when the digital certificate was revoked.

4. Compensate the parties involved in case of damage resulting from non-compliance with the provisions of Article 27 of this Decree.

Article 34. Obligations related to key management activities

The organization providing public digital signature certification services shall have the following obligations:

1. Ensure the confidentiality of the entire process of generating key pairs in cases where key pairs are generated for organizations or individuals applying for digital certificates.

2. Utilize all means and make the greatest effort to notify the subscriber simultaneously and apply measures to prevent and promptly address any signs of exposure, loss of integrity, or any other errors that may adversely affect the interests of the subscriber when such signs are detected.

3. Advise the subscriber to change key pairs when necessary to ensure the highest level of reliability and security for the key pairs.

4. Compensate the subscriber and the recipient if damage occurs as a result of exposing the key generation process, exposing the subscriber's secret key during transfer, or storing the subscriber's secret key when the organization providing public digital signature certification services retains the subscriber's secret key.

Article 35. Obligation to Temporarily Suspend Issuance of New Digital Certificates

1. Public Key Infrastructure Service Providers must temporarily suspend the issuance of new digital certificates in the following cases:

a) When discovering errors in their service provision system that may affect the interests of subscribers and recipients;

b) Upon request from competent state authorities.

2. When temporarily suspending the issuance of new digital certificates, Public Key Infrastructure Service Providers must publicly announce this suspension on their website and report to competent state authorities.

3. During the period of temporarily suspending the issuance of new digital certificates, Public Key Infrastructure Service Providers are responsible for maintaining the database systems related to previously issued digital certificates.

Article 36. Obligation to Publicly Disclose Information

Public Key Infrastructure Service Providers must publicly disclose and maintain information 24 hours a day, 7 days a week on their website the following information:

1. Their authentication regulations and digital certificate policies.

2. Lists of active, suspended, and revoked digital certificates of subscribers.

3. Other necessary information.

Article 37. Obligation to Purchase Risk Insurance

In cases where they do not deposit a guarantee or have a bank guarantee as stipulated in Clause 2, Article 15 of this Decree, Public Key Infrastructure Service Providers must purchase insurance to address risks and compensation that may arise for subscribers and recipients due to the fault of the Public Key Infrastructure Service Provider and pay fees to other Public Key Infrastructure Service Providers to take over and maintain their database when their license is revoked.

Article 38. Obligations Related to License Application and Implementation

Public Key Infrastructure Service Providers have the following obligations:

1. To fully bear legal responsibility for the accuracy of the application dossier for licensing.

2. To implement and maintain activities in accordance with the content recorded in the license and commitments made in the application dossier for licensing.

3. To pay licensing fees and charges as prescribed.

Article 39. Rights and Obligations Upon Revocation of Public Key Infrastructure Service Provision License

1. Public Key Infrastructure Service Providers whose licenses are revoked have the obligation to hand over relevant documentation and databases related to digital certificates and the issuance of digital certificates to the receiving organization as stipulated in Clause 3, Article 20 of this Decree.

2. Public Key Infrastructure Service Providers whose licenses are revoked have the obligation to notify subscribers about the revocation of their license and information about the receiving organization of their database. In cases where the license revocation is due to the business entity's decision not to continue providing services, such notification must be made at least three months before the business entity stops providing services.

3. The organization receiving the database of the Public Key Infrastructure Service Provider whose license has been revoked must perform rights and obligations towards subscribers and recipients of the Public Key Infrastructure Service Provider whose license has been revoked.

4. After a period of three years from the date of license revocation, Public Key Infrastructure Service Providers whose licenses have been revoked have the right to reapply for a license. Conditions and procedures for reissuance shall be carried out according to the provisions applicable to new applications.

Article 40. Other rights and obligations

1. Reporting periodically and urgently upon request of competent state agencies.

2. Being subject to inspection, audit, and violation handling by competent state agencies.

3. Providing necessary information to investigative agencies or security agencies for serving the work of ensuring information security, investigation, and crime prevention according to the prescribed legal procedures and formalities.

4. In cases of emergency as defined by laws on emergency situations or to ensure national security, public service providers of digital signature certification have the obligation to provide all necessary support at the request of competent state agencies.

SECTION 2: RIGHTS AND OBLIGATIONS OF SUBSCRIBERS OF ORGANIZATIONS PROVIDING DIGITAL SIGNATURE CERTIFICATION SERVICES

Article 41. Rights and obligations of subscribers in providing information

Subscribers of organizations providing digital signature certification services have the following rights and obligations:

1. The obligation to provide truthful and accurate personal information and present documents required for issuing digital certificates to the organization providing digital signature certification services; subscribers shall be responsible under the law and for any damage resulting from violations of this provision.

2. The right to request the organization providing digital signature certification services to provide in writing the information specified in Clause 1 of Article 30 of this Decree.

3. Providing secret keys and necessary information to investigative agencies and security agencies to serve the purpose of ensuring national security or investigating crimes as prescribed by law.

Article 42. Creation, use, and management of keys

Subscribers of organizations providing digital signature certification services have the following rights and obligations:

1. When creating key pairs for themselves, subscribers must ensure that the key pair generation equipment complies with technical standards and mandatory requirements. This provision does not apply when subscribers lease key pair generation equipment from organizations providing digital signature certification services.

2. Safely and confidentially storing and using their secret keys throughout the period during which their digital certificates are valid and suspended.

3. Immediately notifying the organization providing digital signature certification services if they discover signs indicating that their secret keys have been exposed, stolen, or used improperly so that appropriate measures can be taken.

4. Being legally responsible for any damage resulting from violations of Clauses 1, 2, and 3 of this Article.

Article 43. Legal Obligations

1. When agreeing to have the organization providing digital signature certification services publicly announce their digital certificate as stipulated in Clause 3 of Article 23 of this Decree or when providing such a digital certificate to others for transactions, subscribers are deemed to have committed to the recipient that they are the lawful holder of the secret key corresponding to the public key on the digital certificate and that the information on the digital certificate related to the subscriber is true, and must fulfill the obligations arising from the digital certificate.

2. The right to request the organization providing digital signature certification services to suspend or revoke issued digital certificates and bear responsibility for such requests.

PART 3: OBLIGATIONS OF THE RECEIVER

Article 44. Obligation to check information

1. Before accepting a digital signature from the signer, the recipient must verify the following information:

a) The validity, scope of use, liability limits, and other related information about the digital certificate of the signer;

b) The digital signature must be created using the secret key corresponding to the public key on the digital certificate of the signer.

2. The receiver shall bear all losses arising in the following cases:

a) Failure to comply with the provisions of Clause 1 of this Article;

b) Knowing or being informed that the digital certificate and the private key of the signer are no longer trustworthy.

Chapter VI:

ORGANIZATIONS PROVIDING SPECIALIZED DIGITAL SIGNATURE VERIFICATION SERVICES

PART 1: CONDITIONS AND PROCEDURES FOR REGISTRATION OF ACTIVITIES OF ORGANIZATIONS PROVIDING SPECIALIZED DIGITAL SIGNATURE VERIFICATION SERVICES

Article 45. Conditions for operation of organizations providing specialized digital signature verification services

Organizations providing specialized digital signature verification services must meet the following conditions:

1. Having sufficient professional technical staff and management personnel appropriate to provide digital signature verification services.

2. Equipment systems suitable for national security and safety standards.

Article 46. Procedures and formalities for registration of activities of organizations providing specialized digital signature verification services

Before commencing operations, organizations providing specialized digital signature verification services must register with the Ministry of Posts and Telecommunications according to the following contents:

1. Name and address of the organization's headquarters.

2. Detailed information about the head and person responsible for managing the equipment system providing the service.

3. Scope and target audience for the provision of services.

4. Technical standards and standards to be applied.

Article 47. Rights and obligations of organizations providing specialized digital signature verification services

Organizations providing specialized digital signature verification services have the following rights and obligations:

1. To stipulate the procedures for providing services.

2. To stipulate the rights and obligations of related parties based on not contravening relevant laws and principles of the Vietnamese legal system.

3. To be subject to inspection, audit, and handling of violations by competent state agencies.

4. To provide necessary information to investigative agencies or security agencies to serve the work of ensuring information security and investigating crimes in accordance with the prescribed legal procedures.

5. In case of emergency as defined by the law on emergency situations or to ensure national security, organizations providing specialized digital signature verification services have the obligation to provide all necessary support at the request of competent state agencies.

6. Organizations providing specialized digital signature verification services have the right to request the Ministry of Posts and Telecommunications to issue a certificate of compliance with security conditions for digital signatures to ensure the security of digital signatures in accordance with Article 9 of this Decree. The conditions and procedures for issuing certificates of compliance with security conditions for digital signatures follow the provisions of Articles 48, 49, and 50 of this Decree.

PART 2: CONDITIONS AND PROCEDURES FOR ISSUANCE OF CERTIFICATES OF COMPLIANCE WITH SECURITY CONDITIONS FOR DIGITAL SIGNATURES

Article 48. Conditions for issuance of certificates of compliance with security conditions for digital signatures

Organizations providing specialized digital signature verification services can only obtain certificates of compliance with security conditions for digital signatures when they meet the human resources, technical conditions, and other conditions specified in Clauses 3, 4, and 5 of Article 15 of this Decree.

Article 49. Documents for Application to Obtain a Certificate of Compliance with Safety Conditions for Digital Signature

The application documents for obtaining a certificate of compliance with safety conditions for digital signature shall be prepared in six sets, each set containing the following:

1. An application form for obtaining a certificate of compliance with safety conditions for digital signature.

2. Decision on establishment and operational regulations of the organization.

3. A proposal for service provision including:

a) Scope, target audience for service provision and other necessary information;

b) Technical solutions to ensure the provisions stipulated in Article 48 of this Decree;

c) Authentication rules;

d) Detailed personal information and qualifications, certificates of personnel directly involved in the authentication services provided by the organization.

Article 50. Examination of Application Documents and Issuance of Certificate of Compliance with Safety Conditions for Digital Signature

Within sixty working days from the date of receipt of the application documents for obtaining a certificate of compliance with safety conditions for digital signature, the Ministry of Posts and Telecommunications shall take the lead and coordinate with the Ministry of Public Security, the Government Cryptographic Committee, and relevant ministries and sectors to examine the application documents and conduct on-site inspections. In case the organization meets all conditions for service provision as prescribed in Article 48, the Ministry of Posts and Telecommunications will issue a certificate of compliance with safety conditions for digital signature to the organization. If the organization fails to meet the required conditions, the Ministry of Posts and Telecommunications will notify in writing and specify the reasons.

Article 51. Rights and Obligations of Organizations Providing Specialized Digital Signature Authentication Services that Have Obtained a Certificate of Compliance with Safety Conditions for Digital Signature

Organizations providing specialized digital signature authentication services that have obtained a certificate of compliance with safety conditions for digital signature shall have the following rights and obligations:

1. To regulate their operations, rights, and obligations of related parties based on not violating relevant laws and principles of the Vietnamese legal system.

2. To report periodically and ad hoc as required by competent state agencies.

3. To be subject to inspection, audit, and handling of violations by competent state agencies.

4. To provide necessary information to investigative agencies or security agencies to serve the work of ensuring information security and investigating crimes in accordance with the prescribed legal procedures.

5. In cases of emergency as defined by laws on emergency situations or to ensure national security, organizations providing specialized digital signature authentication services that have obtained a certificate of compliance with safety conditions for digital signature shall have the obligation to provide all necessary support as requested by competent state agencies.

Chapter VII:

RECOGNITION OF FOREIGN DIGITAL SIGNATURES AND CERTIFICATES, AND ACTIVITIES OF FOREIGN SERVICE PROVIDERS FOR DIGITAL SIGNATURE AUTHENTICATION

Article 52. Recognition of Foreign Digital Signatures and Certificates

1. Foreign digital signatures and certificates are recognized when the foreign service provider issuing such certificates has been granted a recognition certificate for foreign digital signatures and certificates by the Ministry of Posts and Telecommunications.

2. A foreign service provider is granted a recognition certificate for foreign digital signatures and certificates if it meets the following conditions:

a) The country where the foreign service provider registers its activities has signed or joined international treaties that include provisions on the recognition of foreign digital signatures and certificates, which Vietnam has also joined.

b) It has been licensed or certified by the competent authority of its own country to operate in the field of digital signature authentication services and is currently operating.

c) The reliability of the digital signatures and certificates issued by the foreign service provider is not lower than the reliability of those issued by public digital signature authentication service providers in Vietnam.

d) It has a representative office in Vietnam to handle related issues.

Article 53. Documents for Issuing Certificates Recognizing Foreign Digital Signatures and Certificates

The application package for issuing certificates recognizing foreign digital signatures and certificates consists of six sets, each set including:

1. Application for recognition of foreign digital signatures and certificates submitted by the foreign service provider organization.

2. Documents proving compliance with the provisions stipulated in Clauses 1, 2, 3, and 4 of Article 52 of this Decree.

3. Receipt for payment of the examination fee.

4. Other contents as required by the Ministry of Posts and Telecommunications.

Article 54. Examination of Documents and Issuance of Certificates Recognizing Foreign Digital Signatures and Certificates

Within sixty working days from the date of receipt of the application for issuance of certificates recognizing foreign digital signatures and certificates, the Ministry of Posts and Telecommunications shall take the lead and coordinate with the Ministry of Public Security, the Government Office for Official Communications, and relevant ministries and sectors to examine the application. If all conditions stipulated in Article 52 of this Decree are met, the Ministry of Posts and Telecommunications will issue certificates recognizing foreign digital signatures and certificates to the foreign service provider organization. In case these conditions are not met, the Ministry of Posts and Telecommunications will notify in writing and specify the reasons.

Article 55. Activities of Foreign Service Providers of Digital Signature Certification Services

1. Investment activities of foreign service providers of digital signature certification services in Vietnam shall be carried out in accordance with the laws on investment and international treaties on digital signature certification services to which Vietnam is a party.

2. The activities of foreign service providers of digital signature certification services in Vietnam must comply with regulations on operating conditions, rights, and obligations as prescribed for public digital signature certification service providers.

 

 

 

Chapter VIII:

NATIONAL DIGITAL SIGNATURE CERTIFICATION SERVICE PROVIDERS

Article 56. Establishment of National Digital Signature Certification Service Providers

1. The establishment of national digital signature certification service providers must comply with the provisions stipulated in Clause 3, 4, and 5 of Article 15 of this Decree.

2. National digital signature certification service providers shall issue their own digital certificates.

Article 57. Activities, Rights, and Obligations of National Digital Signature Certification Service Providers

The issuance and management of digital certificates by national digital signature certification service providers, as well as the rights and obligations of related parties, must comply with the provisions stipulated in Chapters IV and V of this Decree. Accordingly, national digital signature certification service providers shall act as public digital signature certification service providers, while public digital signature certification service providers shall act as subscribers, subject to certain additional and amended provisions as follows:

1. The application for issuance of digital certificates stipulated in Article 21 of this Decree shall be supplemented with a license issued by the Ministry of Posts and Telecommunications to public digital signature certification service providers.

2. The key pair stipulated in Article 22 of this Decree shall be generated by public digital signature certification service providers on their own systems.

3. The pre-issuance verification requirements stipulated in Clause 1 of Article 23 of this Decree shall include verification of compliance with the operating conditions stipulated in Clauses 4 and 5 of Article 15 of this Decree.

4. Information to be publicly disclosed stipulated in Article 36 of this Decree shall be published on the website of the national digital signature certification service provider or the public digital signature certification service provider.

Chapter IX:

DISPUTES, COMPLAINTS, REPORTS AND COMPENSATION

Article 58. Dispute Resolution

Disputes between parties regarding the provision and use of public digital signature certification services shall be resolved based on the contracts between the parties and relevant laws.

Article 59. Complaints and Reports

Complaints against administrative decisions and administrative acts concerning digital signatures and digital signature certification services; reports to competent state agencies regarding violations related to digital signatures and digital signature certification services shall be carried out in accordance with the provisions of the law on complaints and reports.

Article 60. Compensation for Damage

1. Organizations and individuals causing damage to other organizations and individuals in the provision and use of digital signature certification services must compensate according to the provisions of the law.

2. The Ministry of Posts and Telecommunications shall specify the principles and levels of compensation for damage in the provision and use of digital signature certification services.

Chapter X:

INSPECTION, AUDIT AND VIOLATION HANDLING

Article 61. Inspection and Supervision

1. Public digital signature certification service providers and specialized digital signature certification service providers who have been issued certificates confirming their qualification to ensure the security of digital signatures shall be subject to annual inspections by the Ministry of Posts and Telecommunications on compliance with the provisions of this Decree. The results of the inspection must be publicly announced on the Ministry's electronic news website.

2. Service providers and organizations and individuals using digital signature certification services shall be subject to inspection and supervision by competent state agencies in accordance with the law.

3. Inspections of organizations and individuals participating in the management, provision, and use of digital signature certification services shall be conducted in accordance with the law on inspection.

Article 62. Violations of Operating Conditions Rules

1. A fine of from VND 1,000,000 to VND 2,000,000 shall be imposed for the act of not applying for reissue when lost or damaged to the extent that the content is no longer clear in one of the following papers:

a) License for providing public digital signature certification services;

b) Certificate confirming qualification to ensure the security of digital signatures;

c) Recognition certificate of foreign digital signatures and certificates.

2. A fine of from VND 4,000,000 to VND 10,000,000 shall be imposed for one of the following acts:

a) Applying for extension of the license for providing public digital signature certification services without ensuring the time stipulated in Clause 1, Article 19 of this Decree;

b) Submitting the application for extension of the license for providing public digital signature certification services when receiving notification from the Ministry of Posts and Telecommunications without ensuring the time stipulated in Clause 1, Article 19 of this Decree;

c) Providing specialized digital signature certification services without meeting the conditions stipulated in Clause 1, Article 45 of this Decree.

3. A fine of from VND 10,000,000 to VND 20,000,000 shall be imposed for one of the following acts:

a) Erasing or altering the content of the certificate confirming qualification to ensure the security of digital signatures;

b) Buying, selling, transferring, leasing, lending or renting the certificate confirming qualification to ensure the security of digital signatures;

c) Providing false information or materials for the purpose of registering activities or applying for the certificate confirming qualification to ensure the security of digital signatures.

4. A fine of from VND 20,000,000 to VND 40,000,000 shall be imposed for one of the following acts:

a) Erasing or altering the content recorded in the license for providing public digital signature certification services;

b) Erasing or altering the content recorded in the recognition certificate of foreign digital signatures and certificates;

c) Buying, selling, transferring, leasing, lending or renting the papers specified in point a, b, Clause 1 of this Article;

d) Providing false information or materials for the purpose of applying for, changing the content, or extending the license for providing public digital signature certification services;

đ) Providing false information or materials for the purpose of applying for the recognition certificate of foreign digital signatures and certificates;

e) During the process of providing digital signature certification services, failing to meet the human resource conditions stipulated in Clause 3, Article 15 of this Decree;

g) Keeping copies of secret keys when there is no written request from the organization or individual applying for the certificate.

5. A fine of from VND 50,000,000 to VND 70,000,000 shall be imposed for one of the following acts:

a) Providing digital signature certification services to the public without a license for providing public digital signature certification services issued by the Ministry of Posts and Telecommunications or a certificate issued by a national digital signature certification service provider;

b) Providing digital signature certification services to the public when the certificate issued by a national digital signature certification service provider has expired or the license for providing public digital signature certification services has expired.

6. A fine of from VND 70,000,000 to VND 100,000,000 shall be imposed for one of the following acts:

a) Not purchasing insurance in cases where no deposit or guarantee is made as prescribed in Article 37 of this Decree;

b) During the process of providing public digital signature certification services, failing to meet the financial conditions stipulated in Clause 2, Article 15 of this Decree;

c) Not storing complete, accurate, and updated information about subscribers serving the issuance of certificates throughout the validity period of the certificates.

Article 63. Violations of provisions on safety and security

1. A fine of from five million to ten million Vietnamese dong shall be imposed for any of the following acts:

a) Illegally obstructing the use of digital certificates;

b) Illegally storing another person's secret key;

c) Storing information related to organizations or individuals applying for digital certificates without ensuring confidentiality and safety;

d) Using information related to organizations or individuals applying for digital certificates in violation of the law;

đ) Failing to ensure safety during the creation or transfer of digital certificates to subscribers;

2. A fine of VND 10,000,000 to VND 30,000,000 shall be imposed for the following acts:

a) Stealing, fraudulently obtaining, impersonating, or appropriating another person's secret key;

b) Illegally copying, disclosing, or providing a subscriber's secret key;

c) Illegally accessing, disclosing, or using information of subscribers and digital signature certification service providers;

d) Failing to ensure the confidentiality of the entire process of creating a key pair;

đ) Using equipment that does not comply with technical standards and mandatory requirements to create a key pair;

e) Using insecure methods to transfer secret keys to organizations or individuals applying for digital certificates;

g) Creating a key pair in violation of the law;

h) Failing to securely store information about subscribers and their secret keys during the suspension period of digital certificates;

i) Illegally modifying information of subscribers and digital signature certification service providers;

k) Failing to ensure the confidentiality of subscribers' secret keys when authorized by the subscriber;

3. A fine of VND 30,000,000 to VND 50,000,000 shall be imposed for any of the following acts:

a) Using computer software or technical equipment to illegally intrude into the system or database of digital signature certification service providers without reaching the level of criminal prosecution;

b) Illegally disclosing or providing the secret key of specialized digital signature certification service providers;

c) Illegally using another person's secret key;

d) Counterfeiting or instructing others to counterfeit digital certificates;

đ) Creating a digital signature that does not meet one of the conditions stipulated in Article 9 of this Decree;

e) Using a technical system that lacks the ability to detect and warn against illegal access and cyber attacks;

g) Using a key distribution system for subscribers that does not ensure the integrity and security of the key pair;

h) Failing to implement measures to control entry into the premises or location where equipment for providing digital signature certification services is located;

i) Failing to implement measures to control access rights to the system providing digital signature certification services;

k) Illegally using the secret key of specialized digital signature certification service providers;

l) Stealing the secret key of specialized digital signature certification service providers;

m) Violating other provisions on safety and security as prescribed by law;

4. A fine of VND 50,000,000 to VND 70,000,000 shall be imposed for any of the following acts:

a) Illegally obstructing the operation of digital signature certification service providers;

b) Illegally using the secret key of public digital signature certification service providers;

c) Illegally disclosing or providing the secret key of public digital signature certification service providers;

d) Stealing the secret key of public digital signature certification service providers;

5. A fine of VND 70,000,000 to VND 100,000,000 shall be imposed for any of the following acts:

a) Failing to implement or fully implementing contingency plans to ensure safe, continuous operation and recovery from incidents;

b) Stealing the secret key of national digital signature certification service providers;

c) Illegally disclosing or providing the secret key of national digital signature certification service providers;

d) Illegally using the secret key of national digital signature certification service providers;

đ) Damaging equipment or databases of digital signature certification service providers without reaching the level of criminal prosecution;

e) Failing to comply with or complying improperly with the requirements of competent state agencies in emergency situations as prescribed by law on emergencies or to ensure national security.

Article 64. Violations of regulations on technical standards and mandatory standards

1. A fine of VND 10,000,000 to VND 30,000,000 shall be imposed for the act of providing digital signature certification services by specialized digital signature certification organizations not in accordance with registered standards.

2. A fine of VND 30,000,000 to VND 50,000,000 shall be imposed for the act of providing digital signature certification services by public digital signature certification service providers that do not meet registered standards.

3. A fine of VND 50,000,000 to VND 70,000,000 shall be imposed for any of the following acts:

a) Technical solutions not conforming to technical standards during operation;

b) Providing digital signature certification services not in accordance with technical standards and mandatory standards.

Article 65. Violations of regulations on tariff rates, fees, and charges

1. For violations concerning tariff rates for digital signature certification services provided in accordance with the provisions of Government Decree No. 169/2004/NĐ-CP dated September 22, 2004, which stipulates administrative penalties in the field of pricing.

2. For violations concerning fees and charges in the provision of digital signature certification services in accordance with the provisions of Government Decree No. 106/2003/NĐ-CP dated September 23, 2003, which stipulates administrative penalties in the field of fees and charges.

Article 66. Violations of regulations on service provision

1. A fine of from VND 1,000,000 to VND 5,000,000 for one of the following acts:

a) Providing incorrect or incomplete information as prescribed in Clause 1, Article 30 of this Decree;

b) Not providing written guidance to organizations or individuals requesting issuance of digital certificates before signing a digital certificate issuance contract;

c) Not renewing digital certificates of subscribers when requested according to regulations;

d) Not ensuring a 24-hour-a-day, seven-day-a-week channel to receive requests for revocation or suspension of digital certificates;

đ) Not retaining information related to digital certificates for a minimum period of five years from the date of certificate revocation;

e) Not providing in writing the information prescribed in Clause 1, Article 30 upon request of the subscriber;

2. A fine of VND 5,000,000 to VND 10,000,000 shall be imposed on any of the following acts:

a) Not notifying the subscriber if signs of exposure or non-integrity of their secret key are detected or any other errors that may adversely affect the subscriber's interests;

b) Not notifying the subscriber about the revocation of their public digital signature certification service license and information about the organization receiving their database;

c) Not notifying the subscriber before suspending the service as required under Clause 2, Article 39 of this Decree;

d) Not notifying the subscriber about the suspension, start time, and end time of the suspension when there is a basis for suspending their digital certificate;

đ) Not publicly announcing the suspension of new digital certificate issuance on their website;

e) Refusing to issue digital certificates without justifiable reasons;

g) Public certification rules not in accordance with the model of the Ministry of Posts and Telecommunications or containing content inconsistent with the provisions of this Decree;

h) Not publicly disclosing public certification rules in accordance with the model of the Ministry of Posts and Telecommunications;

i) Not notifying the subscriber about the revocation of their digital certificate;

k) Not registering with the Ministry of Posts and Telecommunications as prescribed in Article 46 of this Decree;

l) Not establishing a standard contract for digital certificate issuance activities;

m) Providing time stamping services not in accordance with technical standards and mandatory standards;

n) Not reporting to competent state agencies the suspension of new digital certificate issuance;

3. A fine of from VND 10,000,000 to VND 20,000,000 shall be imposed for one of the following acts:

a) Publishing digital certificates issued to subscribers on the database without confirmation from the subscriber regarding the accuracy of the information on the digital certificate;

b) Not publishing on the website new digital certificates issued, suspended, revoked, start time, and end time of the suspension of digital certificates;

c) Not restoring digital certificates after the suspension period has expired;

d) Not retaining all information related to the suspension or revocation of digital certificates for a minimum period of five years;

đ) Not agreeing to transfer the relevant database when the public digital signature certification service license is revoked;

e) Not reporting to the Ministry of Posts and Telecommunications in cases where agreement on the transfer of the relevant database cannot be reached when the public digital signature certification service license is revoked;

g) Changing key pairs without the subscriber's request;

h) Not retaining information related to organizations or individuals requesting issuance of digital certificates;

4. A fine of from VND 20,000,000 to VND 40,000,000 shall be imposed for one of the following acts:

a) Not suspending digital certificates upon request of the subscriber or competent state agency;

b) Not revoking digital certificates upon request of the subscriber or competent state agency;

c) Incorrectly publishing the content of digital certificates on the database;

d) Digital certificates not containing all required contents as prescribed in Article 10 of this Decree;

đ) Issuing digital certificates not in accordance with the positions within state agencies or organizations as prescribed in Article 11 of this Decree or not in accordance with laws;

e) Not allowing internet users to access lists of valid and expired digital certificates;

g) Not complying with the suspension or revocation of licenses as prescribed in Clause 1 and 2, Article 20 of this Decree;

h) Publishing digital certificates issued to subscribers on the database not meeting the deadline prescribed in Clause 3, Article 23 of this Decree;

i) Issuing time stamps not in accordance with the provisions of Clause 3, Article 28 of this Decree;

k) Not suspending the issuance of new digital certificates when errors in the digital signature certification service system are discovered.

5. A fine of from VND 40,000,000 to VND 70,000,000 shall be imposed for the following acts:

a) Failure to hand over documents and databases as prescribed in Clause 1 of Article 39 of this Decree;

b) Failure to report to the Ministry of Posts and Telecommunications for consideration of changes in content, revocation, or issuance of new licenses in accordance with regulations on eligible recipients when organizations providing public digital signature certification services carry out mergers, joint ventures, affiliations, and other organizational changes;

c) Implementation or provision of digital signature certification services not in accordance with the contents recorded on the public digital signature certification service license;

d) Failure to temporarily halt issuance of new certificates upon request of competent state agencies;

đ) Failure to maintain related database systems during the period of temporary suspension of new certificate issuance;

6. A fine of from VND 70,000,000 to VND 100,000,000 shall be imposed for one of the following acts:

a) Failure to maintain online 24 hours a day, 7 days a week a list of valid and expired certificates;

b) Failure to store accurately and update the list of valid and expired certificates for at least five years;

c) The equipment system for providing digital signature certification services of organizations licensed by the Ministry of Posts and Telecommunications to provide public digital signature certification services or certified as meeting security conditions for digital signatures is not located in Vietnam;

d) Failure to maintain information as prescribed in Article 36 of this Decree online 24 hours a day, 7 days a week on their website;

Article 67. Violation of provisions on the use of services

1. A fine of from VND 10,000,000 to VND 20,000,000 shall be imposed for failure to provide secret keys or necessary information to investigative agencies or security agencies;

2. A fine of VND 20,000,000 to VND 30,000,000 shall be imposed on any of the following acts:

a) Providing false information to obtain a certificate;

b) Using a digital signature corresponding to a certificate issued to an agency or organization as prescribed in Article 12 of this Decree when no longer holding the relevant position;

Article 68. Violation of provisions on reporting systems, information provision, and inspection and supervision

A fine of from VND 5,000,000 to VND 15,000,000 shall be imposed for any of the following acts:

Violating reporting systems as prescribed;

1. Providing false or incomplete information to competent state agencies when requested under the law;

2. Refusal to comply with inspections and supervisions conducted by competent state agencies;

Article 69. Additional penalties and measures to remedy consequences

In addition to primary penalties, depending on the nature and severity of the violation, organizations and individuals may also be subject to one or more additional penalties or remedial measures as follows:

1. Temporary suspension or cessation of issuance of new certificates for any of the violations prescribed in point c, Clause 2, Article 62; point d, Clause 2, Article 63; Article 64; point b, Clause 2; points a, c, d, Clause 3, Article 66 of this Decree;

2. Revocation of the license for providing public digital signature certification services or certificate of compliance with security conditions for digital signatures or foreign digital signature recognition and certificate for any of the violations prescribed in point b, c, Clause 2, Article 62; point d, Clause 2, Article 63; Article 64; point b, Clause 2; points a, c, d, Clause 3, Article 66 of this Decree;

3. Confiscation of objects and means used to commit administrative offenses for any of the violations prescribed in point b, Clause 2, Article 62; Clause 1; points a, b, c, d, Clause 2; points a, b, c, d, Clause 3; point a, Clause 4, Article 63; point c, Clause 2, Article 66 of this Decree;

4. Compulsion to restore the original condition altered due to administrative violations for any of the violations prescribed in point b, Clause 1; point b, Clause 3, Article 63 of this Decree;

5. Compulsion to comply with national regulations for violations prescribed in Clause 1; points a, c, Clause 2; Clause 3, Article 62; point d, Clause 2; point d, Clause 3, Article 63; Article 64; Clause 1; points a, b, Clause 2; Clause 3, Article 66; Article 68 of this Decree.

Article 70. Competence to Impose Administrative Penalties

1. Postal, Telecommunications, and Information Technology Inspectors carrying out their duties have the competence to:  

a) Impose fines up to 200,000 VND;

b) Confiscate objects and means used for administrative violations with a value up to 2,000,000 VND;

c) Apply remedial measures as stipulated in Clause 4 and Clause 5 of Article 69 of this Decree;

d) Exercise rights prescribed in Clause 2 of Article 46 and Clause 2 of Article 48 of the Ordinance on Handling Administrative Violations.

2. The Head of Postal and Telecommunications Inspection at the Department has the competence to:      

a) Impose fines up to 20,000,000 VND;

b) Apply additional forms of administrative penalties and remedial measures as stipulated in Article 69 of this Decree;

c) Exercise rights prescribed in Clause 1 of Article 46 of the Ordinance on Handling Administrative Violations.

3. The Head of Postal and Telecommunications Inspection at the Ministry has the competence to:      

a) To impose fines up to VND 100,000,000;

b) Apply additional forms of administrative penalties and remedial measures as stipulated in Article 69 of this Decree;

c) Exercise rights prescribed in Clause 1 of Article 46 of the Ordinance on Handling Administrative Violations.

4. Inspectors and Heads of other specialized inspection agencies have the competence to impose administrative penalties on acts of administrative violation in the field of digital signatures and digital signature certification services like postal, telecommunications, and information technology inspectors within the scope of state management as prescribed by the Government.

People's Public Security, Customs, Tax Authorities, Market Management Agencies have the competence to impose administrative penalties according to Articles 31, 34, 36, and 37 of the Ordinance on Handling Administrative Violations for acts of administrative violation related to digital signatures and digital signature certification services directly under their management as prescribed in this Decree.

5. Competence to Impose Administrative Penalties of People's Committees at all levels

Chairpersons of People's Committees at all levels have the right to impose administrative penalties according to the competence prescribed in Articles 28, 29, and 30 of the Ordinance on Handling Administrative Violations within the territory under their management for acts of administrative violation related to digital signatures and digital signature certification services as prescribed in this Decree.

Article 71. Principles, Time Limits, Procedures for Imposing Administrative Penalties, Aggravating Circumstances, Mitigating Circumstances

Principles for imposing administrative penalties, time limits for imposing administrative penalties, procedures for imposing administrative penalties, aggravating circumstances, mitigating circumstances, and the period considered as not having been administratively penalized regarding digital signatures and digital signature certification services shall be implemented in accordance with the provisions of the Ordinance on Handling Administrative Violations.

Article 72. Criminal Liability Pursuit

Acts of exploiting digital signatures and digital signature certification services to oppose the Socialist Republic of Vietnam and disrupt national security, public order, and social safety; other serious violations related to digital signatures and digital signature certification services that constitute criminal offenses will be pursued for criminal liability in accordance with the provisions of the law.

Chapter XI:

IMPLEMENTING PROVISIONS

Article 73. Implementation Provisions

This Decree shall take effect fifteen days after its publication in the Official Gazette.

The Ministers, Heads of ministerial-level agencies, Heads of government-attached agencies, Chairpersons of provincial People's Committees under the central city shall be responsible for implementing this Decree./.

 

本文件的原始文件正在更新中,请先查看全文,稍后再来查看。

下载

本文件的原始文件正在更新中,请先查看全文,稍后再来查看。

关系图

↑ 依据及影响本文件的文件
依据 90
44/2002/PL-UBTVQH10 Pháp lệnh số 44/2002/PL-UBTVQH10 Xử lý vi phạm hành chính 已失效 51/2005/QH11 Nghị quyết số 51/2005/QH11 Về nhiệm vụ năm 2006 生效中 32/2001/QH10 Luật Tổ chức Chính phủ số 32/2001/QH10 已失效 28/2015/TT-NHNN Thông tư số 28/2015/TT-NHNN Quy định về việc quản lý, sử dụng chữ ký số, chứng thư số và dịch vụ chứng thực chữ ký số của Ngân hàng Nhà nước 已失效 123/2011/TT-BTC Thông tư số 123/2011/TT-BTC Hướng dẫn việc quản lý, khai thác Phần mềm Quản lý đăng ký tài sản nhà nước 已失效 23/2010/TT-NHNN Thông tư số 23/2010/TT-NHNN Quy định về việc quản lý, vận hành và sử dụng Hệ thống thanh toán điện tử liên ngân hàng 已失效 17/2010/TT-BKH Thông tư số 17/2010/TT-BKH Quy định chi tiết thí điểm đấu thầu qua mạng 已失效 89/2016/TTLT-BTC-BCT Thông tư liên tịch số 89/2016/TTLT-BTC-BCT Hướng dẫn thực hiện Cơ chế một cửa quốc gỉa 生效中 184/2014/TT-BTC Thông tư số 184/2014/TT-BTC Hướng dẫn việc quản Iý, sử dụng, khai thác Phần mềm Quản lý đăng ký tài sản nhà nước 已失效 110/2015/TT-BTC Thông tư số 110/2015/TT-BTC Hướng dẫn giao dịch điện tử trong lĩnh vực thuế 已失效 17/2014/TT-BTTTT Thông tư số 17/2014/TT-BTTTT Quy định chế độ báo cáo về hoạt động chứng thực chữ ký số 生效中 01/2013/TT-BKHĐT Thông tư số 01/2013/TT-BKHĐT Hướng dẫn về đăng ký doanh nghiệp 已失效 12/2011/TT-NHNN Thông tư số 12/2011/TT-NHNN Quy định về quản lý, sử dụng chữ ký số, chứng thư số và dịch vụ chứng thực chữ ký số của Ngân hàng Nhà nước 已失效 40/2008/QĐ-BCT Quyết định số 40/2008/QĐ-BCT Ban hành Quy chế quản lý, sử dụng chữ ký số, chứng thư số và dịch vụ chứng thực chữ ký số của Bộ Công Thương 已失效 05/2010/TT-BNV Thông tư số 05/2010/TT-BNV Hướng dẫn về cung cấp, quản lý và sử dụng dịch vụ chứng thực chữ ký số chuyên dùng phục vụ các cơ quan thuộc hệ thống chính trị 生效中 09/2011/TT-BCT Thông tư số 09/2011/TT-BCT Quy định về việc quản lý, sử dụng chữ ký số, chứng thư số và dịch vụ chứng thực chữ ký số của Bộ Công Thương 已失效 180/2010/TT-BTC Thông tư số 180/2010/TT-BTC Hướng dẫn giao dịch điện tử trong lĩnh vực thuế 已失效 29/2011/TT-NHNN Thông tư số 29/2011/TT-NHNN Quy định về an toàn, bảo mật cho việc cung cấp dịch vụ ngân hàng trên Internet 已失效 08/2011/TT-BTTTT Thông tư số 08/2011/TT-BTTTT Sửa đổi thông tư 37/2009/TT-BTTTT quy định về hồ sơ và thủ tục liên quan đến cấp phép, đăng ký, công nhận các tổ chức cung cấp dịch vụ chứng thực chữ ký số do Bộ trưởng Bộ Thông tin và Truyền thông ban hành 生效中 37/2009/TT-BTTTT Thông tư số 37/2009/TT-BTTTT Quy định về hồ sơ và thủ tục liên quan đến cấp phép, đăng ký, công nhận các tổ chức cung cấp dịch vụ chứng thực chữ ký số 生效中 07/2015/TTLT-BKHĐT-BTC Thông tư liên tịch số 07/2015/TTLT-BKHĐT-BTC Quy định chi tiết việc cung cấp, đăng tải thông tin về đấu thầu và lựa chọn nhà thầu qua mạng 已失效 06/2015/TT-BTTTT Thông tư số 06/2015/TT-BTTTT Quy định Danh mục tiêu chuẩn bắt buộc áp dụng về chữ ký số và dịch vụ chứng thực chữ ký số 已失效 35/2013/TT-BTC Thông tư số 35/2013/TT-BTC Sửa đổi, bổ sung một số điều của Thông tư số 180/2010/TT-BTC ngày 10 tháng 11 năm 2010 của Bộ Tài chính hướng dẫn về Giao dịch điện tử trong lĩnh vực thuế 已失效 59/2008/QĐ-BTTTT Quyết định số 59/2008/QĐ-BTTTT Ban hành Danh mục tiêu chuẩn bắt buộc áp dụng về chữ ký số và dịch vụ chứng thực chữ ký số 已失效 58/2008/QĐ-BTTTT Quyết định số 58/2008/QĐ-BTTTT Ban hành Quy chế báo cáo thông tin về các hoạt động chứng thực chữ ký số của các tổ chức cung cấp dịch vụ chứng thực chữ ký số 已失效 209/2010/TT-BTC Thông tư số 209/2010/TT-BTC Quy định giao dịch điện tử trong hoạt động nghiệp vụ Kho bạc Nhà nước 已失效 37/2016/TT-NHNN Thông tư số 37/2016/TT-NHNN Quy định về việc quản lý, vận hành và sử dụng Hệ thống Thanh toán điện tử liên ngân hàng Quốc gia 已失效 518/2011/QĐ-UBND Quyết định số 518/2011/QĐ-UBND Ban hành Quy định về việc gửi, nhận văn bản điện tử và sử dụng thư điện tử trong các cơ quan Nhà nước trên địa bàn tỉnh Bắc Giang 已失效 456/2014/QĐ-UBND Quyết định số 456/2014/QĐ-UBND Ban hành quy chế bảo đảm an toàn thông tin trong hoạt động ứng dụng công nghệ thông tin của cơ quan nhà nước trên địa bàn Tỉnh Bắc Ninh 已失效 1115/2013/QĐ-UBND Quyết định số 1115/2013/QĐ-UBND ban hành Quy chế phối hợp kiểm tra, đối chiếu thông tin và sử dụng thông tin trong cơ sở dữ liệu quốc gia về tài sản nhà nước trên địa bàn tỉnh Hà Giang 已失效 20/2007/QĐ-BBCVT Quyết định số 20/2007/QĐ-BBCVT Về việc ban hành Mẫu Quy chế chứng thực chữ ký số 生效中 1259/QĐ-BTC Quyết định số 1259/QĐ-BTC Về việc mở rộng phạm vi thí điểm người nộp thuế nộp hồ sơ khai thuế qua mạng internet 生效中 1753/QĐ-UBND Quyết định 1753/QĐ-UBND năm 2014 ủy quyền cho Giám đốc Sở Thông tin và Truyền thông thực hiện trách nhiệm của người quản lý thuê bao chữ ký số chuyên dùng của Thành phố Hồ Chí Minh 生效中 05/2016/TT-BCT Thông tư số 05/2016/TT-BCT Quy định về việc cung cấp dịch vụ công trực tuyến của Bộ Công Thương 生效中 2956/2015/QĐ-UBND Quyết định số 2956/2015/QĐ-UBND Về việc quy định áp dụng chữ ký số trong trả kết quả giải quyết thủ tục hành chính tại các Trung tâm hành chính công và bộ phận một cửa điện tử cấp xã, phường tỉnh Quảng Ninh 生效中 21/2018/TT-NHNN Thông tư số 21/2018/TT-NHNN Sửa đổi, bổ sung một số điều của Thông tư số 37/2016/TT-NHNN ngày 30 tháng 12 năm 2016 của Thống đốc Ngân hàng Nhà nước Việt Nam quy định về việc quản lý, vận hành và sử dụng Hệ thống Thanh toán điện tử liên ngân hàng Quốc gia 生效中 1830/QĐ-BTC Quyết định số 1830/QĐ-BTC Về việc thực hiện thí điểm người nộp thuế nộp hồ sơ khai thuế qua mạng internet 生效中 77/2017/TT-BTC Thông tư số 77/2017/TT-BTC Hướng dẫn Chế độ kế toán Ngân sách nhà nước và hoạt động nghiệp vụ Kho bạc Nhà nước 生效中 305/2016/TT-BTC Thông tư số 305/2016/TT-BTC Quy định mức thu, chế độ thu, nộp, quản lý và sử dụng phí dịch vụ duy trì hệ thổng kiểm tra trạng thái chứng thư số 已失效 1377/2013/QĐ-UBND Quyết định số 1377/2013/QĐ-UBND Về gửi, nhận văn bản qua hệ thống thư điện tử thành phố Hải Phòng 已失效 133/2017/TT-BTC Thông tư số 133/2017/TT-BTC Quy định về giao dịch điện tử trong hoạt động nghiệp vụ Kho bạc Nhà nước 已失效 185/2015/TT-BTC Thông tư số 185/2015/TT-BTC Hướng dẫn đăng ký, cấp và sử dụng mã số đơn vị có quan hệ với ngân sách 生效中 330/2016/QĐ-UBND Quyết định số 330/2016/QĐ-UBND Ban hành Quy chế Quản lý và sử dụng chữ ký số, chứng thư số trong các cơ quan nhà nước tỉnh Bắc Giang 已失效 41/2017/TT-BTTTT Thông tư số 41/2017/TT-BTTTT Quy định sử dụng chữ ký số cho văn bản điện tử trong cơ quan nhà nước 生效中 18/2007/QĐ-BTM Quyết định số 18/2007/QĐ-BTM Về việc ban hành Quy chế cấp chứng nhận xuất xứ điện tử 生效中 04/2008/QĐ-NHNN Quyết định số 04/2008/QĐ-NHNN Ban hành Quy chế cấp phát, quản lý, sử dụng chữ ký số, chứng thư số và dịch vụ chứng thực chữ ký số của Ngân hàng Nhà nước 已失效 23/2017/TT-NHNN Thông tư số 23/2017/TT-NHNN Sửa đổi, bổ sung một số điều của Thông tư số 37/2016/TT-NHNN ngày 30 tháng 12 năm 2016 của Thống đốc Ngân hàng Nhà nước Việt Nam quy định về việc quản lý, vận hành và sử dụng Hệ thống Thanh toán điện tử liên ngân hàng Quốc gia 已失效 28/2018/QĐ-TTg Quyết định số 28/2018/QĐ-TTg Về việc gửi, nhận văn bản điện tử giữa các cơ quan trong hệ thống hành chính nhà nước 生效中 34/2016/QĐ-TTg Quyết định số 34/2016/QĐ-TTg Quy định thủ tục điện tử đối với tàu thuyền vào, rời cảng biển, cảng thủy nội địa, cảng dầu khí ngoài khơi thông qua Cơ chế một cửa quốc gia 生效中 08/2015/QĐ-TTg Quyết định số 08/2015/QĐ-TTg Thí điểm về giao dịch điện tử trong việc thực hiện thủ tục tham gia bảo hiểm xã hội, bảo hiểm y tế, bảo hiểm thất nghiệp và đề nghị cấp sổ bảo hiểm xã hội, thẻ bảo hiểm y tế 生效中 44/2019/QĐ-UBND Quyết định số 44/2019/QĐ-UBND Ban hành Quy chế quản lý, sử dụng Cổng dịch vụ công trực tuyến tỉnh Bình Định 已失效 37/2017/QĐ-UBND Quyết định số 37 /2017/QĐ-UBND Về việc ban hành Quy chế quản lý, sử dụng chứng thư số và chữ ký số trong các cơ quan nhà nước tỉnh Sơn La 已失效 50/2017/QĐ-UBND Quyết định số 50/2017/QĐ-UBND Ban hành Quy chế quản lý và sử dụng chữ ký số, chứng thư số trong các cơ quan quản lý nhà nước trên địa bàn tỉnh Kon Tum 已失效 88/2017/QĐ-UBND Quyết định số 88/2017/QĐ-UBND Ban hành Quy định về cung cấp dịch vụ công trực tuyến tại tỉnh Thừa Thiên Huế. 已失效 42/2017/QĐ-UBND Quyết định số 42/2017/QĐ-UBND Ban hành Quy chế quản lý, sử dụng chứng thư số, chữ ký số và phát hành văn bản điện tử có ký số trong các cơ quan Nhà nước trên địa bàn tỉnh Ninh Thuận 已失效 07/2017/QĐ-UBND Quyết định số 07/2017/QĐ-UBND Ban hành Quy định trao đổi, xử lý, lưu trữ văn bản điện tử trên môi trường mạng trong hoạt động của các cơ quan nhà nước trên địa bàn tỉnh Hưng Yên 已失效 10/2017/QĐ-UBND Quyết định số 10/2017/QĐ-UBND ban hành Quy chế Quản lý và sử dụng chữ ký số, chứng thực số chuyên dùng trên địa bàn tỉnh Quảng Trị 已失效 31/2017/QĐ-UBND Quyết định số 31/2017/QĐ-UBND Ban hành Quy chế quản lý và sử dụng chữ ký số, chứng thư số chuyên dùng trong các cơ quan nhà nước trên địa bàn tỉnh Bến Tre 已失效 12/2017/QĐ-UBND Quyết định số 12/2017/QĐ-UBND Ban hành Quy chế quản lý và sử dụng chứng thư số chuyên dùng trong các cơ quan nhà nước tỉnh Bình Dương 已失效 13/2017/QĐ-UBND Quyết định số 13/2017/QĐ-UBND Ban hành Quy chế quản lý, sử dụng chứng thư số và chữ ký số trong các cơ quan nhà nước trên địa bàn tỉnh Bình Định 已失效 24/2016/QĐ-UBND Quyết định số 24/2016/QĐ-UBND Ban hành Quy định trao đổi, xử lý, lưu trữ văn bản điện tử trong hoạt động của các cơ quan Nhà nước thuộc thẩm quyền quản lý của UBND tỉnh Ninh Bình 生效中 36/2016/QĐ-UBND Quyết định số 36/2016/QĐ-UBND Ban hành Quy chế Quản lý và sử dụng chữ ký số, chứng thư số chuyên dùng trong các cơ quan nhà nước, Ủy ban Mặt trận Tổ quốc và các đoàn thể tỉnh Bắc Kạn. 已失效 90/2016/QĐ-UBND Quyết định số 90/2016/QĐ-UBND Ban hành Quy định tạo lập và sử dụng hồ sơ điện tử, thẻ điện tử trong giao dịch thủ tục hành chính trên địa bàn tỉnh Thừa Thiên Huế 已失效 89/2016/QĐ-UBND Quyết định số 89/2016/QĐ-UBND Ban hành Quy định hoạt động quản lý, cung cấp dịch vụ công trực tuyến tỉnh Thừa Thiên Huế 已失效 67/2016/QĐ-UBND Quyết định số 67/2016/QĐ-UBND Quy chế quản lý và sử dụng chữ ký số, chứng thư số chuyên dùng trên địa bàn tỉnh An Giang 已失效 65/2016/QĐ-UBND Quyết định số 65/2016/QĐ-UBND Ban hành quy định về cung cấp, quản lý và sử dụng dịch vụ chứng thực chữ ký số chuyên dùng phục vụ các cơ quan Nhà nước trên địa bàn tỉnh Nghệ An 已失效 35/2016/QĐ-UBND Quyết định số 35/2016/QĐ-UBND Ban hành Quy định về việc sử dụng văn bản và hồ sơ điện tử trong các cơ quan nhà nước trên địa bàn tỉnh Đắk Nông 已失效 37/2016/QĐ-UBND Quyết định số 37/2016/QĐ-UBND Ban hành Quy chế quản lý và sử dụng chữ ký số, chứng thư số trong các cơ quan nhà nước tỉnh Đắk Nông 已失效 09/2016/QĐ-UBND Quyết định số 09/2016/QĐ-UBND Ban hành Quy chế quản lý và sử dụng chữ ký số, chứng thư số chuyên dùng trong cơ quan nhà nước trên địa bàn tỉnh Gia Lai 已失效 32/2016/QĐ-UBND Quyết định số 32/2016/QĐ-UBND Ban hành Quy chế quản lý và sử dụng chữ ký số,chứng thư số chuyên dùng trong cơ quan nhà nước tỉnh Hà Tĩnh 已失效 08/2016/QĐ-UBND Quyết định số 08/2016/QĐ-UBND Ban hành Quy chế quản lý, sử dụng chứng thư số chuyên dùng trong các cơ quan nhà nước, đơn vị sự nghiệp của tỉnh Thái Bình 已失效 31/2013/QÐ-UBND Quyết định số 31/2013/QÐ-UBND Ban hành Quy chế đảm bảo an toàn, an ninh thông tin thuộc lĩnh vực công nghệ thông tin trong hoạt động của các cơ quan nhà nước trên địa bàn tỉnh Thái Nguyên 已失效 42/2012/QĐ-UBND Quyết định số 42/2012/QĐ-UBND Quy chế tiếp nhận hồ sơ qua cổng thông tin điện tử; tiếp nhận hồ sơ hoặc trả kết quả giải quyết thủ tục hành chính bằng dịch vụ bưu chính trên địa bàn tỉnh An Giang 已失效 15/2016/QĐ-UBND Quyết định số 15/2016/QĐ-UBND V/v ban hành Quy chế quản lý và sử dụng hệ thống dịch vụ công trực tuyến mức độ 3 trên địa bàn tỉnh Hà Tĩnh 已失效 09/2016/QĐ-UBND Quyết định số 09/2016/QĐ-UBND V/v Ban hành Quy định về quản lý và sử dụng chứng thư số, chữ ký số trong cơ quan nhà nước trên địa bàn tỉnh Vĩnh Long 已失效 05/2016/QĐ-UBND Quyết định số 05 /2016/QĐ-UBND Ban hành Quy định về việc trao đổi và sử dụng văn bản điện tử trong các cơ quan nhà nước tỉnh Nam Định 已失效 07/2016/QĐ-UBND Quyết định số 07/2016/QĐ-UBND Ban hành Quy chế quản lý, sử dụng chữ ký số chuyên dùng trong việc gửi, nhận và sử dụng văn bản điện tử của các cơ quan Nhà nước trên địa bàn tỉnh Tây Ninh 已失效 67/2015/QĐ-UBND Quyết định số 67/2015/QĐ-UBND Ban hành quy chế quản lý, sử dụng chữ ký số, chứng thư số chuyên dùng trong các cơ quan, tổ chức, cá nhân trên địa bàn tỉnh Lâm Đồng 已失效 51/2015/QĐ-UBND Quyết định số 51/2015/QĐ-UBND Ban hành quy chế quản lý, sử dụng chứng thư số và chữ ký số trong các cơ quan nhà nước trên địa bàn tỉnh Lào Cai 已失效 47/2014/QĐ-UBND Quyết định số 47/2014/QĐ-UBND Ban hành Quy chế quản lý và sử dụng chữ ký số, chứng thư số trong cơ quan Nhà nước trên địa bàn tỉnh Đồng Nai 已失效 32/2015/QĐ-UBND Quyết định số 32/2015/QĐ-UBND Ban hành Quy chế Quản lý và sử dụng chữ ký số, chứng thư số trong cơ quan nhà nước trên địa bàn tỉnh Quảng Ngãi 已失效 62/2010/QĐ-UBND Quyết định số 62/2010/QĐ-UBND V/v ban hành Quy định về việc gửi, nhận văn bản điện tử giữa các cơ quan hành chính Nhà nước, đơn vị sự nghiệp trên địa bàn tỉnh Đồng Nai 已失效 14/2015/QĐ-UBND Quyết định số 14/2015/QĐ-UBND Ban hành Quy định về quản lý, ứng dụng chữ ký số trong việc gửi, nhận và sử dụng văn bản điện tử của các cơ quan hành chính nhà nước trên địa bàn tỉnh Cao Bằng 已失效 37/2012/QĐ-UBND Quyết định số 37/2012/QĐ-UBND V/v ban hành Quy chế phối hợp kiểm tra, đối chiếu thông tin và sử dụng thông tin trong cơ sở dữ liệu quốc gia về tài sản nhà nước 已失效 22/2015/QĐ-UBND Quyết định số 22/2015/QĐ-UBND Ban hành Quy chế quản lý và sử dụng chữ ký số, chứng thư số trong cơ quan nhà nước trên địa bàn tỉnh Tiền Giang 已失效 03/2011/QĐ-UBND Quyết định số 03/2011/QĐ-UBND Về việc ban hành Quy chế sử dụng hệ thống thư điện tử công vụ trong hoạt động các cơ quan nhà nước tỉnh Gia Lai 已失效 69/2014/QĐ-UBND Quyết định số 69/2014/QĐ-UBND Ban hành Quy chế quản lý và sử dụng chứng thư số của các cơ quan nhà nước trên địa bàn tỉnh Bình Dương 已失效 10/2014/QĐ-UBND Quyết định số 10/2014/QĐ-UBND Về việc ban hành quy chế quản lý và sử dụng chữ ký số, chứng thư số trong cơ quan nhà nước trên địa bàn tỉnh Long An 已失效 39/2014/QĐ-UBND Quyết định số 39/2014/QĐ-UBND Về việc ban hành Quy chế quản lý và sử dụng chữ ký số, chứng thư số chuyên dùng trên địa bàn tỉnh An Giang 已失效 82/2009/QĐ-UBND Quyết định số 82/2009/QĐ-UBND Ban hành quy chế sử dụng thư điện tử trong hoạt động của cơ quan nhà nước tỉnh Bình Dương 生效中
26/2007/NĐ-CP
Decree No. 26/2007/NĐ-CP detailing the implementation of the Law on Electronic Transactions regarding digital signatures and services for verifying digital signatures.
Expired
↓ 受本文件影响的文件
相关 46
25/2014/QĐ-UBND QUYẾT ĐỊNH SỐ 25/2014/QĐ-UBND BAN HÀNH QUY CHẾ THEO DÕI, ĐÔN ĐỐC, KIỂM TRA VIỆC THỰC HIỆN NHIỆM VỤ DO ỦY BAN NHÂN DÂN TỈNH, CHỦ TỊCH ỦY BAN NHÂN DÂN TỈNH GIAO 已失效 42/2012/QĐ-UBND QUYẾT ĐỊNH SỐ 42/2012/QĐ-UBND BAN HÀNH QUY CHẾ QUẢN LÝ CÁC HOẠT ĐỘNG TRONG KHU BẢO TỒN BIỂN HÒN CAU, TỈNH BÌNH THUẬN 生效中 08/2016/QĐ-UBND Quyết định số 08/2016/QĐ-UBND Ban hành danh mục, thời gian sử dụng và tỷ lệ hao mòn tài sản cố định vô hình; danh mục, thời gian sử dụng và tỷ lệ hao mòn tài sản cố định đặc thù; danh mục và giá quy ước tài sản cố định đặc biệt thuộc phạm vi quản lý của tỉnh Khánh Hòa. 已失效 10/2014/QĐ-UBND Quyết định số 10/2014/QĐ-UBND Sửa đổi, bổ sung một số nội dung tại Quyết định số 29/2012/QĐ-UBND ngày 04/9/2012 của UBND tỉnh Khánh Hòa về việc ban hành Quy định việc luân chuyển hồ sơ xác định nghĩa vụ tài chính trong lĩnh vực đất đai của các tổ chức trên địa bàn tỉnh Khánh Hòa. 已失效 07/2017/QĐ-UBND Quyết định số 07/2017/QĐ-UBND Ban hành Quy chế về tổ chức và hoạt động của Phòng Tài nguyên và Môi trường thuộc Ủy ban nhân dân huyện Bình Chánh 已失效 13/2017/QĐ-UBND QUYẾT ĐỊNH SỐ 13/2017/QĐ-UBND BAN HÀNH QUY ĐỊNH CHỨC NĂNG, NHIỆM VỤ, QUYỀN HẠN, CƠ CẤU TỔ CHỨC VÀ MỐI QUAN HỆ CÔNG TÁC CỦA ĐÀI PHÁT THANH - TRUYỀN HÌNH BÌNH THUẬN 已失效 69/2014/QĐ-UBND Quyết định số 69/2014/QĐ-UBND Quy định mức thu, sử dụng lệ phí đăng ký kinh doanh và cung cấp thông tin về đăng ký kinh doanh đối với hợp tác xã, Liên hiệp hợp tác xã, Quỹ tín dụng nhân dân trên địa bàn tỉnh Đồng Nai 已失效 82/2009/QĐ-UBND Quyết định số 82/2009/QĐ-UBND Về việc ban hành chính sách trợ cấp đối với cán bộ, công nhân viên ngành Y tế phục vụ chuyên môn y tế giai đoạn 2010 - 2015 trên địa bàn tỉnh Bà Rịa – Vũng Tàu 已失效 67/2016/QĐ-UBND Quyết định số 67/2016/QĐ-UBND Về việc bổ sung quy hoạch bến xe phía Bắc huyện Yên Thành vào Quy hoạch hệ thống bến xe khách trên ñịa bàn tỉnh Nghệ An ñến năm 2020. 已失效 2017/QĐ-UBND Quyết định 2017/QĐ-UBND năm 2013 thành lập Ban Chỉ đạo về đẩy mạnh cải cách chế độ công vụ, công chức trên địa bàn Thành phố Hồ Chí Minh 生效中 32/2016/QĐ-UBND Quyết định số 32/2016/QĐ-UBND Ban hành Quy định về phân cấp nguồn thu, nhiệm vụ chi của các cấp chính quyền địa phương và tỷ lệ phần trăm (%) phân chia các khoản thu giữa các cấp ngân sách giai đoạn 2017 - 2020 已失效 06/2010/QĐ-UBND Quyết định số 06/2010/QĐ-UBND Về việc điều chỉnh kế hoạch vốn đối ứng kế hoạch năm 2010 cho các dự án ODA do Sở Nông nghiệp và Phát triển nông thôn làm chủ đầu tư 已失效 47/2014/QĐ-UBND Quyết định số 47/2014/QĐ-UBND Về việc giao dự toán thu, chi ngân sách nhà nước năm 2015 cho các huyện, thị xã, thành phố 已失效 35/2016/QĐ-UBND QUYẾT ĐỊNH SỐ 35/2016/QĐ-UBND VỀ VIỆC QUY ĐỊNH MỘT SỐ ĐIỀU VỀ THỰC HIỆN NẾP SỐNG VĂN MINH TRONG VIỆC CƯỚI, VIỆC TANG, LỄ HỘI VÀ TỔ CHỨC KỶ NIỆM NGÀY TRUYỀN THỐNG, ĐÓN NHẬN CÁC DANH HIỆU THI ĐUA TRÊN ĐỊA BÀN TỈNH 已失效 88/2017/QĐ-UBND Quyết định số 88/2017/QĐ-UBND Ban hành Quy chế quản lý, sử dụng vốn vay từ ngân sách địa phương đối với người lao động đi làm việc ở nước ngoài theo hợp đồng trên địa bàn tỉnh Ninh Thuận giai đoạn 2017-2020. 已失效 44/2019/QĐ-UBND Quyết định số 44/2019/QĐ-UBND Quy định về đánh giá và phân loại mức độ thực hiện nhiệm vụ UBND thành phố, Chủ tịch UBND thành phố giao đối với người đứng đầu sở, ngành, đơn vị sự nghiệp công lập trực thuộc UBND thành phố và Chủ tịch UBND các quận, huyện tại thành phố Hải Phòng 已失效 39/2014/QĐ-UBND Quyết định số 39/2014/QĐ-UBND Sửa đổi, bổ sung một số điều của Quyết định số 23/2014/QĐ-UBNDngày 30/7/2014 của Ủy nhân dân tỉnh Tiền Giang 已失效 05/2018/QĐ-UBND Quyết định số 05/2018/QĐ-UBND Về việc bãi bỏ văn bản 生效中 24/2016/QĐ-UBND Quyết định số 24/2016/QĐ-UBND Phê duyệt Đề án sắp xếp quy mô, mạng lưới trường, lớp đối với giáo dục mầm non, giáo dục phổ thông trên địa bàn tỉnh Yên Bái, giai đoạn 2016-2020 已失效 50/2017/QĐ-UBND Quyết định số 50/2017/QĐ-UBND Ban hành quy chế tiếp nhận, xử lý, phát hành và quản lý văn bản điện tử giữa các cơ quan nhà nước trên địa bàn tỉnh An Giang 生效中 09/2016/QĐ-UBND Quyết định số 09/2016/QĐ-UBND Ban hành Quy chế quản lý, sử dụng máy móc, thiết bị của cơ quan, tổ chức, đơn vị sự nghiệp công lập thuộc phạm vi quản lý của Ủy ban nhân dân tỉnh Khánh Hòa. 已失效 14/2015/QĐ-UBND Quyết định số 14/2015/QĐ-UBND ban hành Quy định chức năng, nhiệm vụ, quyền hạn và cơ cấu tổ chức của Sở Khoa học và Công Nghệ tỉnh Quảng Trị 已失效 67/2015/QĐ-UBND Quyết định số 67/2015/QĐ-UBND Về việc ban hành tiêu chí dự án trọng điểm nhóm C giai đoạn 2016-2020 trên địa bàn tỉnh Long An 已失效 03/2011/QĐ-UBND Quyết định số 03/2011/QĐ-UBND Về việc Phê duyệt Quy hoạch bổ sung cơ sở hoạt động kinh doanh karaoke, vũ trường trên địa bàn tỉnh, giai đoạn 2010- 2015, định hướng đến năm 2020 已失效 12/2018/QĐ-UBND Quyết định số 12/2018/QĐ-UBND Ban hành quy định về tiêu chí lựa chọn đối tượng được mua, thuê, thuê mua nhà ở xã hội trên địa bàn tỉnh Hà Tĩnh 已失效 90/2016/QĐ-UBND Quyết định số 90/2016/QĐ-UBND Quy định giá dịch vụ sử dụng cầu Mỹ Luông - Tấn Mỹ, huyện Chợ Mới, tỉnh An Giang 生效中 07/2016/QĐ-UBND Quyết định số 07/2016/QĐ-UBND Ban hành quy định về quản lý và sử dụng chung công trình hạ tầng kỹ thuật đô thị trên địa bàn tỉnh nghệ an 生效中 36/2016/QĐ-UBND Quyết định số 36/2016/QĐ-UBND Ban hành giá dịch vụ trông giữ xe đạp, xe máy, xe ô tô trên địa bàn tỉnh Khánh Hòa 生效中 32/2015/QĐ-UBND Quyết định số 32/2015/QĐ-UBND Về việc ban hành Quy chế phát ngôn và cung cấp thông tin cho báo chí trên địa bàn tỉnh Cao Bằng 已失效 11/2018/QĐ-UBND Quyết định số 11/2018/QĐ-UBND Ban hành Quy định về việc góp quyền sử dụng đất và điều chỉnh lại quyền sử dụng đất để thực hiện dự án đầu tư trên địa bàn tỉnh Trà Vinh 生效中 08/2018/QĐ-UBND Quyết định số 08/2018/QĐ-UBND Ban hành Quy chế tổ chức và hoạt động của Phòng Y tế quận Gò Vấp 已失效 10/2017/QĐ-UBND Quyết định số 10/2017/QĐ-UBND Ban hành Quy định chức năng, nhiệm vụ, quyền hạn và cơ cấu tổ chức của Ban Quản lý dự án đầu tư xây dựng và Khu vực phát triển đô thị tỉnh An Giang 已失效 37/2016/QĐ-UBND QUYẾT ĐỊNH SỐ 37/2016/QĐ-UBND VỀ VIỆC QUY ĐỊNH TỶ LỆ (%) PHÂN CHIA CÁC NGUỒN THU GIỮA CÁC CẤP NGÂN SÁCH TRÊN ĐỊA BÀN TỈNH PHÚ THỌ GIAI ĐOẠN 2017 - 2020 已失效 42/2017/QĐ-UBND Quyết định số 42/2017/QĐ-UBND Ban hành Bảng giá tính thuế tài nguyên năm 2018 trên địa bàn tỉnh Thái Nguyên 已失效 37/2012/QĐ-UBND QUYẾT ĐỊNH SỐ 37/2012/QĐ-UBND VỀ VIỆC QUY ĐỊNH CHẾ ĐỘ HỌC BỔNG KHUYẾN KHÍCH HỌC TẬP CHO HỌC SINH CÁC TRƯỜNG TRUNG HỌC PHỔ THÔNG TRÊN ĐỊA BÀN TỈNH 生效中 65/2016/QĐ-UBND Quyết định số 65/2016/QĐ-UBND Ban hành Quy chế phối hợp trong công tác quản lý nhà nước về tôn giáo trên địa bàn tỉnh Bình Phước 已失效 31/2017/QĐ-UBND Quyết định số 31/2017/QĐ-UBND Ban hành Quy định một số chính sách hỗ trợ, ưu đãi phát triển Kinh tế tập thể trên địa bàn tỉnh Bình Dương giai đoạn 2018-2020 生效中 12/2017/QĐ-UBND Quyết định số 12/2017/QĐ-UBND Ban hành Quy định về thẩm định, quyết định chủ trương đầu tư dự án; phân cấp thẩm định, phê duyệt dự án, thiết kế cơ sở, kế hoạch lựa chọn nhà thầu và thiết kế, dự toán xây dựng công trình trên địa bàn tỉnh Bạc Liêu 已失效 62/2010/QĐ-UBND Quyết định số 62/2010/QĐ-UBND Quy định chế độ chi tiêu đón tiếp khách nước ngoài vào làm việc, chi tiêu tổ chức các hội nghị, hội thảo quốc tế và chi tiêu tiếp khách trong nước bằng ngân sách địa phương trên địa bàn tỉnh An Giang 已失效 2016/QĐ-UBND Quyết định 2016/QĐ-UBND năm 2009 duyệt cho vay vốn theo dự án quỹ quốc gia về việc làm năm 2009 do Chủ tịch Ủy ban nhân dân thành phố Hồ Chí Minh ban hành 生效中 89/2016/QĐ-UBND Quyết định số 89/2016/QĐ-UBND Quy định giá dịch vụ sử dụng cầu Bình Thủy, huyện Châu Phú, tỉnh An Giang 已失效 22/2015/QĐ-UBND Quyết định số 22/2015/QĐ-UBND Ban hành Quy định đánh giá, nghiệm thu kết quả thực hiện nhiệm vụ khoa học và công nghệ cấp tỉnh sử dụng ngân sách nhà nước 已失效 15/2016/QĐ-UBND Quyết định số 15/2016/QĐ-UBND Về việc hỗ trợ 30% mệnh giá thẻ bảo hiểm y tế cho người thuộc hộ gia đình cận nghèo 已失效
引用 3
169/2004/NĐ-CP Nghị định số 169/2004/NĐ-CP Quy định về xử phạt vi phạm hành chính trong lĩnh vực giá 已失效 106/2003/NĐ-CP Nghị định số 106/2003/NĐ-CP Quy định về việc xử phạt vi phạm hành chính trong lĩnh vực phí, lệ phí 已失效
指导 1

点击文件即可打开。红色边框=改变效力的关系。