Šajā tīmekļa vietnē tiek izmantotas sīkdatnes. Turpinot lietot šo vietni, jūs piekrītat sīkdatņu izmantošanai. Uzzināt vairāk.
Teksta versija
LEGAL ACTS OF THE REPUBLIC OF LATVIA
home
 
The translation of this document is outdated.
Translation validity: 22.10.2009.–01.04.2015.
Amendments not included: 05.03.2015., 11.05.2017., 07.06.2018.

Text consolidated by Valsts valodas centrs (State Language Centre) with amending laws of:

6 May 2004 [shall come into force from 27 May 2004];
28 October 2004 [shall come into force from 24 November 2004];
22 June 2006 [shall come into force from 21 July 2006];
24 May 2007 [shall come into force from 26 June 2007];
24 September 2009 [shall come into force from 22 October 2009].

If a whole or part of a section has been amended, the date of the amending law appears in square brackets at the end of the section. If a whole section, paragraph or clause has been deleted, the date of the deletion appears in square brackets beside the deleted section, paragraph or clause.

The Saeima1 has adopted
and the President has proclaimed the following Law:

Electronic Documents Law

Chapter I
General Provisions

Section 1. Terms Used in this Law

The following terms are used in this Law:

1) secure electronic signature-creation devices - software packages, hardware and electronic signature-creation data that conform to the following requirements:

a) the electronic signature-creation data shall be created only once, and the secrecy thereof is ensured,

b) the electronic signature-creation data cannot be derived and, utilising technologies, the electronic signature is secured against forgery,

c) the electronic signature-creation data are securely protected against being used unlawfully by third persons,

d) the secure electronic signature-creation devices do not alter the electronic document to be signed and do not prevent becoming acquainted with such a document before its signing;

2) secure electronic signature - an electronic signature that conforms to all of the following requirements:

a) it is linked only to the signatory,

b) it ensures the personal identification of the signatory,

c) it is created with secure electronic signature-creation devices, which may be controlled only by the signatory,

d) it is linked to a signed electronic document so that later changes in the electronic document are detectable,

e) it is certified by a qualified certificate;

3) electronic document - any data which is created, stored, sent or received electronically, which ensures the possibility of utilising such data for the performance of some activity, realisation of a right and protection;

4) electronic signature - electronic data that is attached to or logically associated with an electronic document, and ensures the authenticity of the electronic document and confirms the identity of the signatory;

5) electronic signature-verification data - data that is utilised in order to verify an electronic signature;

6) electronic signature-creation data - data created only once, which are utilised by the signatory in order to create an electronic signature;

7) qualified certificate - a certificate which contains the information laid down in this Law and which has been issued by a trusted certification service provider;

8) time-stamp - an electronically signed confirmation of the fact that at a specified date and time the electronic document has been signed at the certification service provider;

9) signatory - a natural person who has electronic signature-creation devices and who acts either in his or her own name or the name of the natural person or legal person or institution that he or she represents;

10) certification services - the issuance and cancellation of certificates, the suspension and renewal of the validity of certificates, registration of certificates, the maintenance of a electronic signature-verification data register, the stamping of electronic documents with time-stamps, as well as the provision of consultancy services in relation to electronic signatures;

11) certificate - an electronic confirmation that links the electronic signature-verification data with a signatory and serves to specify the identity of the signatory.

[24 May 2007]

Section 2. Application of this Law

(1) This Law determines the legal status of electronic documents and electronic signatures.

(2) The provisions of this Law are not applicable if a natural person or legal person who is not a certification service provider performs the stamping of electronic documents with a time-stamp.

Chapter II
Electronic Documents and the Derivation thereof

Section 3. Electronic Documents

(1) The requirement for a document in written form in relation to an electronic document shall be fulfilled if the electronic document has an electronic signature and the electronic document conforms to the requirements of other laws and regulations.

(2) An electronic document shall be considered to have been signed by hand if it has a secure electronic signature. An electronic document shall be considered to have been signed by hand also in such cases where it has an electronic signature and the parties have agreed in writing regarding the signing of electronic documents with an electronic signature. In such case, the written agreement shall be drawn up and signed on paper or electronically with a secure electronic signature.

(3) If laws and regulations provide that, in addition to other requisites for a document to acquire legal effect, it also requires the imprint of a seal, then this requirement in relation to an electronic document shall be fulfilled if the electronic document has a secure electronic signature and a time-stamp or electronic signature if the parties in accordance with the procedures laid down in Paragraph two of this Section have agreed in writing regarding the signing of electronic documents with an electronic signature.

(4) An electronic signature is legal evidence and the submission of an electronic document as evidence to competent institutions has no restrictions, based only upon the fact that:

a) the document is in electronic form; or

b) it does not have a secure electronic signature.

(5) In the circulation of electronic documents between State and local government institutions or between these institutions and natural persons and legal persons, the electronic document shall be considered to be signed if it has a secure electronic signature and time-stamp or electronic signature if the parties in accordance with the procedures laid down in Paragraph two of this Section have agreed in writing regarding the signing of electronic documents with an electronic signature.

(6) The provisions of this Law are not applicable to:

1) contracts with which rights are created or transferred to immovable property, except for rental rights;

2) contracts which, in accordance with law, are not in effect if they have not been certified according to special procedures by law;

3) guarantee contracts if the guarantee grants, and security for pledges if such is provided by persons who engage in purposes, which are not related to the trade of such person, entrepreneurial activity or occupation;

4) transactions in the field of family law and inheritance law.

[28 October 2004]

Section 4. Original Electronic Documents

(1) If laws and regulations require the storage or presentation of the original of a document, this requirement in relation to electronic documents shall be fulfilled if it conforms to the requirements of Section 3, Paragraphs two and three of this Law.

(2) Paragraph one of this Section applies to a requirement expressed in the form of a duty or in a case, where the laws and regulations provide for a legal effect regarding the non-storage of documents or the non-presentation of document originals.

Section 5. Derivation of Electronic Documents

(1) A copy, true copy or extract in paper form of an electronic document shall have the same legal effect as the original if the correctness of the copy, true copy or extract is certified in accordance with the requirements of laws and regulations and if the issuer of the copies, true copies or extracts in paper form can, on the basis of a request, present the document original in electronic form, and it conforms to the requirements laid down in this Law.

(2) A copy, true copy or extract in electronic form of a paper document shall have the same legal effect as the original if the person who, in accordance with the requirements of laws and regulations, has the right to certify document original copies, true copies or extracts has certified its correctness with a secure electronic signature and time-stamp or electronic signature if the parties in accordance with the procedures laid down in Section 3, Paragraph two of this Law have agreed in writing regarding the signing of electronic documents with an electronic signature, and it conforms to the requirements of laws and regulations.

(3) A duplicate of a paper document in electronic form shall have the same legal effect as the original if the duplicate has been issued and drawn up in conformity with the requirements of this Law and other laws and regulations.

(4) The making of derivations of electronic documents in paper form shall be only from such electronic documents as is possible to present in a readable or graphic form.

[28 October 2004]

Chapter III
Provisions for the Circulation and Storage of Electronic Documents

Section 6. General Provisions for the Circulation and Storage of Electronic Documents

(1) If laws and regulations determine requirements for the preparation, drawing up and storage of documents in a separate way, these same provisions shall be applicable also to electronic documents.

(2) The procedures for the preparation, drawing up, storage and circulation of electronic documents in State and local government institutions, and the circulation procedures between State and local government institutions, or between these institutions and natural persons and legal persons shall be governed by Cabinet regulations.

(3) The Latvian State Archive Directorate shall be responsible for the evaluation and selection of electronic documents for long-term and permanent storage, and it shall also monitor that State and local government archives ensure the storage and accessibility of electronic documents.

(4) State and local government institutions shall develop internal circulation instructions for electronic documents which comply with this Law and the regulations of the Cabinet referred to in Paragraph two of this Section, as well as the work specifics of the institution, and shall ensure the possibility of natural persons and legal persons to submit and receive State and local government institution documents, their copies, true copies, extracts and duplicates electronically or in another form according to the choice of the person.

(5) The type of evaluation of electronic documents, procedures for storage, and time periods for the transfer of such documents to State archives for storage shall be governed by Cabinet regulations.

[6 May 2004]

Section 7. Special Provisions for the Storage of Electronic Documents

(1) If laws and regulations provide for the storage of specific documents, records or data, this requirement in relation to electronic documents is fulfilled if:

1) the data contained therein is accessible for utilisation;

2) the electronic document is preserved in such a form as it was initially created, sent or received, or in such a form as the initially created, sent or received data can be shown;

3) the preserved data allows the origin or final destination of the electronic document to be specified, and the time of sending or receipt.

(2) The provisions of Paragraph one, Clause 3 of this Section shall not apply to data that is automatically created in the process of receiving or sending an electronic document.

(3) A person may fulfil the provisions of Paragraph one of this Section by utilising the services of another person if the provisions of this Law are conformed to.

Chapter IV
Certificate Service Providers and Trusted Certification Service Providers

Section 8. Certification Service Providers

(1) A certification service provider is a natural or legal person, who provides certification services without the receipt of a special permit.

(2) Accreditation of a certification service provider is voluntary.

(3) A certification service provider shall be considered to be trustworthy if he or she conforms to all the requirements of Section 9 of this Law.

Section 9. Trusted Certification Service Provider

A trusted certification service provider shall be considered to be a natural or legal person who conforms to all of the following requirements:

1) utilises trustworthy personnel who have the necessary specialised knowledge, experience and qualifications for the provision of certification services, who have become acquainted with the relevant security provisions for the provision of certification services, and have not been convicted for the intentional committing of a criminal offence;

2) utilises trustworthy and secure information systems and products which are appropriately protected against unauthorised access and modification;

3) maintains sufficient financial resources in order to implement this Law and the regulatory enactment requirements issued on the basis of this Law, and has insured its professional activity for civil liability in the amount and in accordance with the procedures laid down in Section 14 of this Law;

4) is accredited with the State Data Inspection (hereinafter also - supervisory institution) in accordance with the procedures laid down in this Law;

5) ensures the on-line regime accessibility of the signature-verification data register;

6) ensures the possibility of immediate revocation, suspension of operation and renewal of qualified certificates in the cases laid down in this Law;

7) ensures that at any moment the date and time of the issuance, revocation, suspension of operation and renewal of qualified certificates can be determined;

8) utilises a secure system for qualified certificate storage in a verifiable form and shall ensure that:

a) only the authorised persons of the trusted certification service provider may make entries or their changes,

b) it is possible to check and determine changes in information,

c) the qualified certificates issued are not publicly accessible, except in a case where the written consent of the signatory has been obtained,

d) any technical changes that affect security requirements are apparent to the systems administrator,

e) such technology is utilised as will ensure that when using electronic signature-creation data they can never be copied;

9) in stamping the electronic document with a time stamp, ensures the possibility to specify without doubt the date and time when the electronic document was electronically signed and such signature was valid;

10) ensure that the time-stamp does not alter the signed electronic document.

[28 October 2004; 24 May 2007]

Section 10. Accreditation of Trusted Certification Service Providers

(1) In order to receive accreditation, the following documents shall be submitted to the supervisory institution:

1) a written application;

2) the certification service provision regulations;

3) a description of the certification service provision information system and procedure security;

4) an examination opinion of the certification service provision information system and procedure security;

5) a document that certifies the fulfilment of the requirements of Section 9, Clause 3 of this Law.

(2) The amount and payment procedures of the State fee for accreditation and renewal of accreditation of a certification service provider shall be determined by the Cabinet.

[24 September 2009]

Section 11. Certification Service Provision Regulations

(1) The certification service provision regulations shall include:

1) the firm name of the trusted certification service provider, registration number or given name, surname, personal identity number, telephone address and electronic mail address;

2) information regarding the information system, equipment, technology, computer programmes to be utilised for the provision of certification services and the documents certifying their right of use;

3) a model trusted certification service provider and signatory contract;

4) information regarding the issuing procedures for qualified certificates and their security;

5) information regarding various possibilities of restricting the use of the secure electronic signature by the signatory;

6) information regarding the revocation, suspension of operation and renewal procedures for qualified certificates;

7) information regarding the technical and technological possibilities which are offered by the certification service provider in order to protect secure electronic signature-creation devices, electronic signature-verification data and qualified certificates from unlawful use;

8) information regarding how the on-line free access regime, free access shall be ensured to the electronic signature-verification data and the issued, revoked, suspended and renewed certificate registers;

9) information regarding the stamping of electronic documents with a time-stamp and the security of the procedures thereof;

10) information regarding how the on-line regime, free access shall be ensured to the time stamp register regarding signed submitted time stamps.

(2) If the information included in the certification service provision regulation changes, the trusted certification service provider shall, without delay, submit amendments to the certification service provision regulations to the supervisory institution.

[24 May 2007]

Section 12. Description of the Certification Service Provision Information System, Equipment and Procedure Security

(1) Information to be indicated in the description of the certification service provision information system, equipment and procedure security shall be determined by the Cabinet.

(2) If the information indicated in the description of the certification service provision information system, equipment and procedure security changes, the trusted certification service provider shall, without delay, submit amendments to the description of the certification service provision information system, equipment and procedure security to the supervisory institution.

Section 13. Examination of the Certification Service Provision Information System, Equipment and Procedure Security

(1) The examination of the certification service provision information system, equipment and procedure security and the opinion regarding such shall be provided by an expert who is included in a list approved by the supervisory institution.

(2) The list approved by the supervisory institution shall include persons who conform to all of the following requirements:

1) he or she has the technical possibility to specify the conformity of the certification service provision information system, equipment and procedure security with the requirements of laws and regulations;

2) he or she is legally and financially independent from trusted certification service providers and supervisory institutions;

3) he or she or his or her employed personnel have the necessary knowledge;

4) he or she is not engaged in the manufacture and supply of certification service provision information systems and other information technologies.

(3) Procedures for the examination of certification service provision information system, equipment and procedure security and time periods shall be determined by the Cabinet.

Section 14. Civil Liability Insurance

(1) It is mandatory to insure against the possible risk of losses associated with the activities of a trusted certification service provider.

(2) The insurance of the risk of the activities of a trusted certification service provider shall secure claims, which may arise in relation to his or her activities.

(3) The trusted certification service provider shall enter into an insurance contract prior to receipt of accreditation, and the insurance contract shall be maintained in effect for the whole of the time period of the provision of certification services.

(4) If as a result of the actions or inaction of the trusted certification service provider, losses are incurred, the insurance company on the basis of the insurance contract shall cover such losses from the insurance compensation of the trusted certification service provider.

(5) The Cabinet shall determine the minimum amount of insurance.

[28 October 2004]

Section 14.1 Technical and Organisational Requirements

The Cabinet shall determine the technical and organisational requirements to which the qualified certificate, the trusted certification service provider, and the secure electronic signature transmission facilities shall conform, as well as the procedures by which the secure verification of electronic signatures shall be performed.

[28 October 2004]

Section 15. Personal Data Protection

(1) A certification service provider may only acquire personal data directly from the natural person or from a third person if the natural person has consented in writing that his or her data shall be acquired by the concrete certification service provider from the third person.

(2) A certification service provider may process the personal data only for the provision of certification services.

(3) A certification service provider may not process the personal data, which are acquired for provision of certification services, for other purposes.

[24 May 2007]

Chapter V
Qualified Certificates

Section 16. Information to be included in Qualified Certificates

(1) A qualified certificate shall include the following information:

1) an indication that it is a qualified certificate;

2) the firm name, registration number and the state in which the trusted certification service provider is established or given name, surname and personal identity number;

3) the given name and surname of the signatory or a pseudonym (indicating that it is a pseudonym);

4) personal identity number of the signatory;

5) the commencement and end of the time period of the quality certificate;

6) the consecutive number of the certificate granted by the trusted certification service provider;

7) the electronic signature-verification data which correspond to the existing secure electronic signature-creation data under the control of the signatory;

8) limitations of transaction amounts, which may be performed utilising the qualified certificate.

(2) In addition to the information referred to in Paragraph one of this Section, a qualified certificate may also include the following information:

1) restrictions on the scope of operation of the certificate or other certificate operation restrictions;

2) specific legal facts in relation to the signatory (if such is necessary) depending upon the purpose for which the certificate is intended;

3) [24 May 2007];

4) the identity number of the signatory if information regarding the signatory is not included in the Population Register.

(3) A qualified certificate shall be signed with the electronic signature of the trusted certification service provider. The electronic signature shall conform to the following requirements:

1) it is linked only to the trusted certification service provider;

2) it ensures the identification of the trusted certification service provider;

3) it is created with the secure electronic signature-creation devices of the trusted certification service provider;

4) it is linked to a signed electronic document so that later changes in the signed electronic document are detectable.

(4) Secure electronic signature-creation devices of the trusted certification service provider in this Law shall mean software packages, hardware and electronic signature-creation data that conform to the following requirements:

1) the electronic signature-creation data are created in a strongly controlled environment and the secrecy thereof is ensured;

2) the electronic signature-creation data cannot be derived and, utilising technologies, the electronic signature is secured against forgery;

3) the electronic signature-creation data are securely protected against being used unlawfully by third persons;

4) the secure electronic signature-creation devices do not alter the electronic document to be signed and do not prevent becoming acquainted with such a document before its signing.

[22 June 2006; 24 May 2007]

Section 17. Issuance of Qualified Certificates

(1) In order to receive a qualified certificate, the signatory shall submit a personally signed written application.

(2) Before the issuance of a qualified certificate, the trusted certification service provider shall, in the presence of the signatory, be satisfied regarding the identity of the signatory on the basis of the personal identification document presented by the signatory.

(3) A trusted certification service provider shall, on the basis of a written application of the signatory, include in the qualified certificate information regarding the powers of the signatory or other important information, which is referred to in Section 16, Paragraph two of this Law.

(4) A trusted certification service provider on the basis of a written application of the signatory in place of the given name and surname of the signatory in the qualified certificate may record a pseudonym, in respect of which making a relevant indication in the certificate.

(5) The trusted certification service provider shall issue the qualified certificate to the signatory.

(6) A signatory may be issued several qualified certificates.

(7) The trusted certification service provider, preserving the liability laid down in this Law, on the basis of a contract may entrust another person to perform the activities laid down in Paragraphs two, three, four and five of this Section if the supervisory institution has given written consent for this.

[24 May 2007]

Section 18. Revocation, Suspension of Operation and Renewal of Qualified Certificates

(1) The revocation of a qualified certificate is the recognising of the certificate as invalid. The operation of a revoked qualified certificate shall not be renewed.

(2) A trusted certification service provider shall revoke without delay a qualified certificate in the following cases:

1) the signatory requests the revocation of the certificate;

2) the trusted certification service provider receives official information regarding the death of the signatory or other information included in the certificate changes;

3) the signatory has provided the trusted certification service provider with false or misleading information in order to receive a qualified certificate;

4) fulfilment of a court adjudication regarding the revocation of the certificate;

5) in the cases stipulated in the contract regarding provision of certification services.

(3) The suspension of operation of a qualified certificate is recognition of the certificate as invalid for a time. The operation of a suspended qualified certificate may be renewed.

(4) The renewal of the operation of a qualified certificate is the recognition of the qualified certificate as valid, the operation of which was suspended.

(5) A trusted certification service provider shall suspend and renew the operation of a qualified certificate in the following cases:

1) in fulfilment of a court adjudication;

2) on the basis of a written request of the signatory;

3) in the cases stipulated in the contract regarding provision of certification services.

(6) A qualified certificate may not be revoked, and its operation suspended or renewed with a retroactive date.

(7) A secure electronic signature, which has been created after the cancellation of a qualified certificate or in the period when the operation of the qualified certificate has been suspended, shall not be valid.

(8) A secure electronic signature, which has been created after the death of the signatory, shall not be valid.

(9) If a trusted certification service provider without a legal basis, on wrongful purpose or due to negligence revokes a qualified certificate, suspends or renews the operation of a qualified certificate, the trusted certification service provider shall compensate losses caused to a person that have arisen because of the unfounded revocation of the qualified certificate, and the suspension or renewal of operation of the qualified certificate.

[22 June 2006; 24 May 2007]

Chapter VI
Supervision of Trusted Certification Service Providers

Section 19. Trusted Certification Service Provider Supervisory Institution

(1) The State Data Inspection shall be the supervisory institution for trusted certification service providers.

(2) The supervisory institution shall regularly supervise the conformity of the work of the trusted certification service providers with the requirements of this Law and other laws and regulations.

Section 20. Duties of the Supervisory Institution

(1) The supervisory institution has the following duties:

1) to accredit certification service providers in accordance with the voluntary accreditation principles;

2) to check whether the trusted certification service providers comply with the certification service provision regulations;

3) to monitor that the security of the trusted certification service provider information system and procedures conform to this Law, other laws and regulations and the description of the trusted certification service provider information system, equipment and procedure security;

4) to monitor that the electronic signature-verification data and time-stamp registers for qualified certificates issued, revoked, suspended and renewed by trusted certification service providers is accessible in an on-line regime;

5) to ensure that the Latvian accredited trusted certification service provider register in which information regarding certification service providers from other states is also included, the issued qualified certificates of which are guaranteed by a Republic of Latvia accredited trusted certification service provider, is freely accessible in an on-line regime.

(2) The supervisory institution shall maintain an on-line freely accessible trusted certification service provider register, in which the following information shall be accessible:

1) the firm name of the trusted certification service provider or given name and surname;

2) the address, telephone number and electronic mail address of the trusted certification service provider;

3) the certification service provision regulations;

4) [24 May 2007];

5) an examination opinion of the certification service provision information system, equipment and procedure security;

6) the date of accreditation;

7) information regarding reprimands, warnings or revocation of accreditation by the supervisory institution.

(3) If the documents submitted and the certification service provider conform to the requirements of this Law and other laws and regulations, the supervisory institution shall issue, within 10 days from receipt of all the documents referred to in Section 10 of this Law, to the certification service provider an accreditation certificate and shall include the information referred to in Paragraph two of this Section in the trusted certification service provider register.

(4) If the documents submitted or the certification service provider do not conform to the requirements of this Law and other laws and regulations, the supervisory institution shall issue, within 10 days from receipt of all the documents referred to in Section 10 of this Law, a written refusal of accreditation.

[24 May 2007]

Section 21. Supervisory Measures

(1) The supervisory institution has the right to give instructions to trusted certification service providers to rectify non-conformity with this Law, other laws and regulations, the certification service provision regulations included in the trusted certification service provider register or the description of the certification service provision information system, equipment and procedure security.

(2) The time period for rectification of non-conformity shall be determined by the supervisory institution.

(3) If the supervisory institution's instructions are not carried out within the time period specified by it, the supervisory institution shall warn the trusted certification service provider regarding the possible revocation of accreditation.

(4) If, within 10 days following the supervisory institution's warning regarding the possible revocation of accreditation, the supervisory institution's instructions are not carried out, the accreditation of the trusted certification service provider shall be revoked without delay and the information regarding the revocation of the accreditation shall be included in the trusted certification service provider register.

(5) After the revocation of the accreditation of the trusted certification service provider, the provisions of Section 22, Paragraphs two, three, four and five of this Law shall be applied.

(6) In performing supervision, officials of the supervisory institution shall present a service identification document. The person referred to has the following rights:

1) to freely visit any commercial premises in which the information systems and equipment of the trusted certification service provider is located, and in the presence of the certification service provider to perform the necessary examination or other measures, in order to determine the conformity of the certification service provision process with this Law, other laws and regulations, certification service provision regulations published in the trusted certification service providers register;

2) to request written or oral explanations from the trusted certification service provider representatives and employees;

3) to become acquainted with documents and other information which relate to certification service provision;

4) to request the examination of the information systems, equipment and procedures of the trusted certification service provider and to specify the issues to be investigated in the independent expert-examination.

(7) The supervisory institution has the right to bring an action in court to terminate the activities of a trusted certification service provider if the relevant trusted certification service provider violates this Law or other laws and regulations.

(8) The decisions of the supervisory institution may be appealed to a court. Appeal of the decision of the supervisory institution shall not suspend the operation thereof.

[24 May 2007]

Section 22. Termination of the Activities of a Trusted Certification Service Provider, Declaration of Insolvency and Suspension of Service Provision

(1) A trusted certification service provider shall, without delay, inform in writing the supervisory institution and signatories with whom a certification service provision contract has been entered into, that the activities thereof have been terminated, it has been declared insolvent, the provision of certification services have been suspended or the accreditation of the certification service provider has been cancelled.

(2) In the cases referred to in Paragraph one of this Section, the trusted certification service provider shall ensure the preservation of the data associated with the certification service, information, databases, registers, other pertinent information, the information system and certification service, and on the basis of mutual agreement transfer them to other trusted certification service providers.

(3) In respect of all transfer procedures and time periods, the supervisory institution shall be informed without delay in writing.

(4) If the transfer referred to in Paragraph two of this Section is not possible, the trusted certification service provider shall transfer the data associated with the certification service, information, databases, registers, other pertinent information, the information system and certification service under the supervision of the supervisory institution to the State archives.

(5) A signatory after receiving information regarding the termination of the activities of the trusted certification service provider, declaration of insolvency or suspension service provision is entitled to transfer his or her own data associated with the issued qualified certificate to another trusted certification service provider at his or her discretion.

(6) The supervisory institution shall, without delay, revoke the accreditation of the terminated, declared insolvent or service provision suspended trusted certification service provider, and shall include the information regarding this in the trusted certification service provider register.

[24 May 2007]

Chapter VII
Duties and Liability of Trusted Certification Service Providers and Signatories

Section 23. Duties of Trusted Certification Service Providers

A trusted certification service provider has the following duties:

1) to use secure certification service provision information systems, equipment and procedures that appropriately guarantee the security of certification services;

2) to take necessary measures in order to guarantee the secrecy of secure electronic signature-creation data and protection against illegal processing and utilisation of electronic signature-creation data, protection against forgery of qualified certificates and accessibility to such certificates only with the consent of the signatory;

3) to ensure that the certification service provision information system, equipment and procedures conforms to this Law and other laws and regulations;

4) to ensure that signatory personal identification information is included in the qualified certificate only on the basis of a personal identification document presented in the presence of the signatory;

5) to ensure that the qualified certificate is issued by entering into a contract with the signatory regarding the provision of certification services;

6) before entering into a contract, informing the signatory in writing regarding the regulations and conditions that relate to the use of qualified certificates, including regarding any restrictions on the use of certificates, regarding procedures for examining complaints and disputes, regarding the civil liability of the certification service provider, as well as regarding the cases in the contract providing for the suspension, cancellation and renewal of the operation of a qualified certificate. Information may be sent electronically and confirmed with the electronic signature of the trusted certification service provider. Relevant parts of this information shall be made available to persons who rely on the qualified certificate upon the request of such persons;

7) before entering into a contract, informing the signatory in writing regarding the certification service provision regulations and security measures, which are performed by the trusted certification service provider in order to prevent the illegal use of the issued qualified certificate;

8) in issuing a qualified certificate, to inform the signatory in writing regarding the conditions included in the certificate and restrictions regarding the use of the certificate;

9) to comply with this Law, other laws and regulations, the description of the certification service provision information system and procedure security, as well as the certification service provision regulations included in the trusted certification service providers register;

10) to inform the supervisory institution, without delay, regarding all circumstances that hinder conformity with this Law, other laws and regulations, certification service provision regulations published in the trusted certification service providers register and the description of the certification service provision information system and procedure security;

11) to ensure without delay, the revocation of a qualified certificate, the suspension or renewal of the operation thereof in the cases laid down in this Law;

12) [24 May 2007];

13) to inform the signatory, his or her authorised persons or heirs, without delay, regarding the revocation of the qualified certificate or its suspension of operation;

14) to maintain in the free of charge and freely accessible on-line regime, full electronic signature-verification data, and issued, revoked, suspended and renewed qualified certificate registers;

15) to perform full accounting of the issuance, revocation, suspension of operation and renewal of qualified certificates, as well as of time-stamp procedures;

16) to preserve information associated with qualified certificates and time-stamps for a specified time in accordance with the procedures laid down in this Law and other laws and regulations;

17) to regularly perform with the information system associated with the provision of certification services, an equipment and procedure security audit and to preserve the audit notes; In the audit notes shall be recorded all measures which are associated with the issuance, revocation, suspension of operation and renewal of qualified certificates, and measures which are associated with the stamping of electronic documents with a time stamp, as well as any other data changes; The audit notes shall be preserved permanently. The audit notes shall be secured by the physical and logical protection laid down in laws and regulations;

18) to perform measures against the possible forgery of qualified certificates and time-stamps, and to guarantee the confidentiality of electronic signature-creation data during the time period of its creation;

19) not to store and copy secure electronic signature-creation data;

20) to ensure that the time-stamp indicates an internationally co-ordinated precise time;

21) in accordance with the procedures laid down in laws and regulations, to provide information to a court, the Office of the Prosecutor and inquiry institutions regarding the issued, revoked, suspended and renewed certificates and time-stamps;

22) to conform to the Personal Data Protection Law and laws and regulations that govern the security of information systems;

23) to transfer revoked and operation terminated qualified certificate registers to the State archive in accordance with Cabinet regulations that determine the procedures and time periods in which electronic documents shall be evaluated, collected and transferred to the State archive;

24) to insure for its own civil liability.

[22 June 2006; 24 May 2007]

Section 24. Liability of Trusted Certification Service Providers

(1) A trusted certification service provider shall be liable for losses that are caused to a person who reasonably relied upon the qualified certificate in relation to:

1) conformity with the requirements of this Law or other laws and regulations in the issuing a qualified certificate, the description of the certification service provision information system, equipment and procedure security, as well as conformity with and fulfilment of the trusted certification service provision regulations included in the trusted certification service providers register;

2) the information included in the qualified certificate;

3) the conformity of the electronic signature-creation data with the electronic signature-verification data included in the certificate at the moment of the issue the qualified certificate;

4) the utilisation of the electronic signature-creation data and electronic signature-verification data in an appropriate way.

(2) A trusted certification service provider shall be liable for losses that are caused to a person who reasonably relied upon the qualified certificate if the revocation or suspension of operation of such certificate has not registered.

(3) A trusted certification service provider shall not be liable for losses that are caused to a person who reasonably relied upon the qualified certificate that is utilised disregarding the conditions or restrictions included therein or exceed the transaction amount restriction indicated in the certificate.

[24 May 2007]

Section 25. Duties and Liability of Signatories

(1) A signatory has the following duties:

1) to provide the trusted certification service provider with truthful information;

2) before entering into a contract regarding certification service provision, to confirm in writing that he or she has become acquainted with the description of the certification service provision information system, equipment and procedures, with the security certification service provision regulations included in the trusted certification service providers register, and other security measures which the trusted certification service provider has performed in order to prevent the illegal use of the qualified certificate;

3) after receipt of the qualified certificate to confirm in writing that he or she has become acquainted with the conditions and restriction included in the qualified certificate;

4) to ensure that the electronic signature-creation data is not utilised without the knowledge of the signatory;

5) to request without delay that the trusted certification service provider to revoke the qualified certificate or to suspend the operation thereof if there is a basis to believe that the electronic signature-creation data have been utilised without the knowledge of the signatory;

6) to request without delay that the trusted certification service provider revoke the qualified certificate if there are changes to the information indicated therein.

(2) A signatory is liable for losses that are caused to a person who reasonably relied upon the qualified certificate if:

1) the signatory provided the trusted certification service provider with false information;

2) the signatory has not appropriately taken care regarding the protection of the electronic signature-creation data against unauthorised utilisation;

3) there has been a basis to believe that the electronic signature-creation data has been utilised without the knowledge of the signatory, but the signatory has not requested the trusted certification service provider to revoke the qualified certificate or to suspend its operation.

[24 May 2007]

Chapter VIII
Recognition of Qualified Certificates Issued in Foreign States

Section 26. Recognition of Qualified Certificates Issued in Foreign States

Qualified certificates issued in foreign states shall have the legal status and legal effect stipulated in this Law if the status of the certificate and the electronic signature-verification data associated with the certificate can be verified being located in the Republic of Latvia, and the qualified certificate conforms to at least one of the following conditions:

1) it conforms to all of the requirements of this Law and other laws and regulations;

2) a certification service provider voluntarily accredited to the supervisory institution has submitted it;

3) a certification service provider voluntarily accredited to the supervisory institution has guaranteed it;

4) it is recognised in the Republic of Latvia in accordance with international agreements;

5) a certification service provider registered in a Member State of the European Union has issued it or a certification service provider registered in a Member State of the European Union guarantees it.

[28 October 2004]

Transitional Provisions

1. State and local government institutions have a duty to accept electronic documents from natural persons and legal persons no later than 1 January 2004.

2. The Cabinet shall by 1 January 2005 issue the regulations provided for in Section 14.1 of this Law.

[28 October 2004]

3. The Cabinet shall by 1 January 2010 issue the regulations regarding the State fee for accreditation and renewal of accreditation of a certification services provider. Until the day of coming into force of new Cabinet regulations, Cabinet Regulation No. 159 of 8 April 2003, Regulations Regarding the State Fee for Accreditation and Renewal of Accreditation of a Certification Services Provider, shall be applicable insofar they are not in contradiction with this Law.

[24 September 2009]

Informative Reference to European Union Directives

Included in this Law are legal norms arising from Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures.

[22 June 2006]

This Law shall come into force on 1 January 2003.

The Law has been adopted by the Saeima on 31 October 2002.

Acting for the President,
Chairperson of the Saeima I. Ūdre

Rīga, 20 November 2002

 

Transitional Provisions Regarding Amendments to the Electronic Documents Law

Transitional Provision
(regarding amending law of 28 October 2004)

With the coming into force of this Law, Cabinet Regulation No. 711, Amendments to the Electronic Documents Law (Latvijas Republikas Saeimas un Ministru Kabineta Ziņotājs, 2004, No. 18) issued in accordance with Article 81 of the Constitution of the Republic of Latvia is repealed.

Transitional Provision
(regarding amending law of 22 June 2006)

With the coming into force of this Law, Cabinet Regulation No. 340, Amendments to the Electronic Documents Law (Latvijas Vēstnesis, 2006, No. 69) issued in accordance with Article 81 of the Constitution of the Republic of Latvia is repealed.

 


1 The Parliament of the Republic of Latvia

Translation © 2014 Valsts valodas centrs (State Language Centre)

 
Document information
Status:
In force
in force
Issuer: Saeima Type: law Adoption: 31.10.2002.Entry into force: 01.01.2003.Theme:  Documents, recordkeeping, data protectionPublication: Latvijas Vēstnesis, 169, 20.11.2002.; Latvijas Republikas Saeimas un Ministru Kabineta Ziņotājs, 23, 12.12.2002.
Language:
Related documents
  • Amendments
  • Legal basis of
  • General Findings of the Supreme Court
  • Annotation / draft legal act
  • Explanations
  • Other related documents
68521
{"selected":{"value":"30.06.2018","content":"<font class='s-1'>30.06.2018.-...<\/font> <font class='s-3'>Sp\u0113k\u0101 eso\u0161\u0101<\/font>"},"data":[{"value":"30.06.2018","iso_value":"2018\/06\/30","content":"<font class='s-1'>30.06.2018.-...<\/font> <font class='s-3'>Sp\u0113k\u0101 eso\u0161\u0101<\/font>"},{"value":"22.05.2017","iso_value":"2017\/05\/22","content":"<font class='s-1'>22.05.2017.-29.06.2018.<\/font> <font class='s-2'>V\u0113sturisk\u0101<\/font>"},{"value":"02.04.2015","iso_value":"2015\/04\/02","content":"<font class='s-1'>02.04.2015.-21.05.2017.<\/font> <font class='s-2'>V\u0113sturisk\u0101<\/font>"},{"value":"22.10.2009","iso_value":"2009\/10\/22","content":"<font class='s-1'>22.10.2009.-01.04.2015.<\/font> <font class='s-2'>V\u0113sturisk\u0101<\/font>"},{"value":"26.06.2007","iso_value":"2007\/06\/26","content":"<font class='s-1'>26.06.2007.-21.10.2009.<\/font> <font class='s-2'>V\u0113sturisk\u0101<\/font>"},{"value":"21.07.2006","iso_value":"2006\/07\/21","content":"<font class='s-1'>21.07.2006.-25.06.2007.<\/font> <font class='s-2'>V\u0113sturisk\u0101<\/font>"},{"value":"04.05.2006","iso_value":"2006\/05\/04","content":"<font class='s-1'>04.05.2006.-20.07.2006.<\/font> <font class='s-2'>V\u0113sturisk\u0101<\/font>"},{"value":"24.11.2004","iso_value":"2004\/11\/24","content":"<font class='s-1'>24.11.2004.-03.05.2006.<\/font> <font class='s-2'>V\u0113sturisk\u0101<\/font>"},{"value":"20.08.2004","iso_value":"2004\/08\/20","content":"<font class='s-1'>20.08.2004.-23.11.2004.<\/font> <font class='s-2'>V\u0113sturisk\u0101<\/font>"},{"value":"27.05.2004","iso_value":"2004\/05\/27","content":"<font class='s-1'>27.05.2004.-19.08.2004.<\/font> <font class='s-2'>V\u0113sturisk\u0101<\/font>"},{"value":"01.01.2003","iso_value":"2003\/01\/01","content":"<font class='s-1'>01.01.2003.-26.05.2004.<\/font> <font class='s-2'>Pamata<\/font>"}]}
30.06.2018
84
0
  • Twitter
  • Facebook
  • Draugiem.lv
 
0
Latvijas Vestnesis, the official publisher
ensures legislative acts systematization
function on this site.
All Likumi.lv content is intended for information purposes.
About Likumi.lv
News archive
Useful links
Contacts
For feedback
Terms of service
Privacy policy
Cookies
RSS logo
Latvijas Vēstnesis "Everyone has the right to know about his or her rights."
Article 90 of the Constitution of the Republic of Latvia
© Official publisher "Latvijas Vēstnesis"
ISO 9001:2008 (quality management system)
ISO 27001:2013 (information security) Kvalitātes balva