ACHIEVING BEST PRACTICE IN YOUR BUSINESS. Information Security: Guide to the Electronic Communications Act 2000



Similar documents
ACHIEVING BEST PRACTICE IN YOUR BUSINESS. Publications and resource guide January 2005

ELECTRONIC SIGNATURES FACTSHEET

ELECTRONIC SIGNATURES AND ASSOCIATED LEGISLATION

COMPLYING WITH THE E-COMMERCE REGULATIONS 2002

2002 No. 318 ELECTRONIC COMMUNICATIONS. The Electronic Signatures Regulations 2002

BUILDING CONFIDENCE IN ELECTRONIC COMMERCE - A CONSULTATION DOCUMENT

Food supplements. Summary information on legislation relating to the sale of food supplements

PRODUCT STANDARDS. Electrical Equipment - Requirements for Plugs & Sockets etc

Office of the Regulator of Community Interest Companies: Introduction and guidance notes. Chapter 3: Limited Companies NOVEMBER 2012

2015 No CONSUMER PROTECTION. The Alternative Dispute Resolution for Consumer Disputes (Amendment) Regulations 2015

CERTIFIED SMS SERVICES UK ADVICE

2015 No DEREGULATION. The Deregulation Act 2015 (Insolvency) (Consequential Amendments and Transitional and Savings Provisions) Order 2015

A Users Guide to the recast Late Payment Directive

BIS guidance for foreign exchange providers: compliance with consumer protection legislation SEPTEMBER 2012

2014 No. 576 (C. 24) FAMILY LAW. The Child Maintenance and Other Payments Act 2008 (Commencement No. 13) Order 2014

Identity Cards Act 2006

Guidance to the Air Ambulance Charities Grant Scheme. A grant to cover the VAT costs on aviation fuel

2013 No. 233 ENVIRONMENTAL PROTECTION. The Timber and Timber Products (Placing on the Market) Regulations 2013

Employer s Liability (Defective Equipment and Compulsory Insurance) (Northern Ireland) Order 1972 A guide for employers

Third Parties (Rights against Insurers) Act 2010

AVOIDING AND RESOLVING DISCIPLINE AND GRIEVANCE ISSUES AT WORK. Simpler laws, better services

A guide for employers. Part of the Department for Work and Pensions. Stakeholder pensions

Savings Accounts. General Terms and Conditions

Tendering for Government Contracts A Guide for Small Businesses

Self-Help Kit. Limited Company. Guidance Manual. The contents of this Manual have been approved by H M Williams Chartered Accountants

AVOIDING AND RESOLVING DISCIPLINE AND GRIEVANCE ISSUES AT WORK. Simpler laws, better services

Company Directors Disqualification Act 1986 and Failed Companies Information on Disqualification Procedures

GCP Inspection of Ti Trial Master Files

Consultation on changes to the Investment Regulations following the Law Commission s report Fiduciary Duties of Investment Intermediaries

The Electricity and Gas (Internal Markets) Regulations 2011

4. The Regulations will apply to England, Wales, Scotland and Northern Ireland.

2016 No. 696 ELECTRONIC COMMUNICATIONS. The Electronic Identification and Trust Services for Electronic Transactions Regulations 2016

Consultation on devolving Sunday trading rules

Health and Safety Executive Employers Liability (Compulsory Insurance) Act 1969

An Act to provide for the facilitation of the use of electronic transactions and signatures and for related matters.

technical factsheet 175

(FRPPHUFHLQ5XVVLD 0U(UNNL/LLNDQHQ 63((&+ Member of the European Commission, responsible for Enterprise and the Information Society

Hiring agency staff during strike action: reforming regulation

Company Investigations What we do.

In April 2010, changes to both the GMS and PMS regulations came into force which:

Gambling (Licensing and Advertising) Act 2014

Code of Practice on Noise from Audible Intruder Alarms 1982

EDUCATION AND ADOPTION BILL EXPLANATORY NOTES

Creditors voluntary liquidation

MEMORANDUM TO THE BUSINESS, INNOVATION AND SKILLS SELECT COMMITTEE. Post-Legislative Assessment of the Further Education and Training Act 2007

Police (Health and Safety) Act 1997

Recruitment Sector. Consultation on prohibiting employment agencies and employment businesses from advertising jobs exclusively in other EEA countries

Employers Liability (Compulsory Insurance) Act 1969

2013 No REHABILITATION OF OFFENDERS, ENGLAND AND WALES

Ecommerce Applications 2009/10. E-Commerce Applications UK e-commerce Regulations

lighting road markings Part 2 td 89/08 use of passively safe signposts, lighting columns and traffic signal posts to bs en 12767: 2007

GENERAL SYNOD THE CHURCH OF ENGLAND FUNDED PENSIONS SCHEME (AMENDMENT) RULES 2012 EXPLANATORY MEMORANDUM

UNCITRAL legislative standards on electronic communications and electronic signatures: an introduction

2015 No. 234 LOCAL GOVERNMENT, ENGLAND AND WALES. The Accounts and Audit Regulations 2015

UNCITRAL United Nations Commission on International Trade Law Introduction to the law of electronic signatures

2015 No. (W. ) SOCIAL CARE, WALES. The Care and Support (Business Failure) (Wales) Regulations 2015 W E L S H S T A T U T O R Y I N S T R U M E N T S

Employers Liability (Compulsory Insurance) Act 1969

Open-Ended Investment Companies Act (Northern Ireland) 2002

CONSULTATION PAPER NO

Agency Pack for Sales Partners

Changes to the Energy Performance of Buildings Framework. Policy update 5 Energy Performance Certificate compliance and enforcement

LGPC Bulletin 73 August 2010

A Consultation on Land and Buildings Transaction Tax Rules for Property Authorised Investment Funds

2003 No. 37 ROAD TRAFFIC. The Motor Vehicles (Compulsory Insurance) (Information Centre and Compensation Body) Regulations 2003

Electrical Equipment (implementing the Low Voltage Directive)

A short guide for businesses on distance selling. A short guide for business on distance selling

2008 No. 495 COMPANIES. The Companies (Trading Disclosures) Regulations 2008

LAW FOR THE ELECTRONIC DOCUMENT AND ELECTRONIC SIGNATURE

2008 No ELECTRICITY GAS. The Gas and Electricity (Consumer Complaints Handling Standards) Regulations 2008

Merchants and Trade - Act No 28/2001 on electronic signatures

FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS

Waste can you handle it?

Electronic Commerce ELECTRONIC COMMERCE ACT Act. No Commencement LN. 2001/ Assent

Safe management of healthcare waste

2015 No PUBLIC SECTOR INFORMATION. The Re-use of Public Sector Information Regulations 2015

CURRENT ACCOUNT SWITCH

Camellia Plc. Proposed Delisting from the Official List and Admission to trading on AIM

Quick House Sales. Market Study Annexe A: What are the main laws that may apply to quick house sales? August 2013 OFT1499A

FIRST-TIME BUYERS ALMOST 10% BETTER OFF BUYING THAN RENTING

EXPLANATORY MEMORANDUM TO THE DATA RETENTION (EC DIRECTIVE) REGULATIONS No. 2199

Excess Professional Indemnity. Policy document

Speed Sending cash or cheques by post for goods is slow, and has security and currency conversion implications.

About insolvency. Information for individuals and companies

How to Make a Claim. Guide. The Equality Act 2010

Freedom of Information Act 2000

Data Retention and Investigatory Powers Bill

London Stock Exchange Testing Services Order Form

PRIVATE COMPANY LIMITED BY GUARANTEE ARTICLES OF EUROCLOUD UK LIMITED

Guidance for dealing with non-assured Shorthold Tenancies and the Increased Rent Threshold

Proposed Regulations for Trinidad and Tobago s E-transactions Bill

Sage Instant Accounts. New. Easy-to-use accounts software for new and small businesses

4. Laying of orders and regulations before Houses of Oireachtas.

Intellectual Property Office is an operating name of the Patent Office

2014 No. ELECTRONIC COMMUNICATIONS. The Data Retention Regulations 2014

USER AGREEMENT FOR: ELECTRONIC DEALINGS THROUGH THE CUSTOMS CONNECT FACILITY

Sippchoice Bespoke SIPP

Your guide to our telephone and internet service

Should you have any questions please do not hesitate to contact the NIG Broker Support on * or by to

Statistics on E-commerce and Information and Communication Technology Activity

Transcription:

ACHIEVING BEST PRACTICE IN YOUR BUSINESS Information Security: Guide to the Electronic Communications Act 2000

The DTI drives our ambition of prosperity for all by working to create the best environment for business success in the UK. We help people and companies become more productive by promoting enterprise, innovation and creativity. We champion UK business at home and abroad. We invest heavily in world-class science and technology. We protect the rights of working people and consumers. And we stand up for fair and open markets in the UK, Europe and the world. Achieving best practice in your business is a key theme within DTI s approach to business support solutions, providing ideas and insights into how you can improve performance across your business. By showing what works in other businesses, we can help you see what can help you, and then support you in implementation. This brochure focuses on these solutions.

The Electronic Communications Act 2000 contributes to making the UK the best and safest place to do electronic commerce. It aims to build confidence in electronic communications, and creates a legal framework for electronic commerce to thrive, both in the private and public sectors. This brochure is for: All businesses that buy or sell electronically. It covers: The importance of secure electronic trading and an overview of the Act.

Electronic commerce has grown rapidly in recent years. By early 2004 about 90% of UK businesses had access to the internet and increasing numbers of these businesses are involved in e-commerce ordering and paying online. Businesses need confidence and trust in trading electronically. They need to be certain that transmitted orders or invoices have not been altered, and that they are from whom they appear to be from. They need to be able to trust that others cannot access confidential or personal information. 02

Cryptography and electronic signatures are important for electronic transactions: Cryptography has long been applied by banks and government, and is an essential tool for electronic commerce. Cryptography encrypts documents or messages, which ensures they remain confidential. It can be used as the basis of an electronic signature. An electronic signature is associated with an electronic document and has a similar function to a manual signature. It can confirm that the communication is authentic and hasn t been tampered with. The owner of an electronic signature can be verified in several ways, for example through a certificate provided by a trust service provider. Other information relating to electronic signatures or encryption keys is also normally held in a certificate, which is signed by a trust service provider. 03

The Act is part of the legislative framework to support electronic communications and transactions, along with the Electronic Signatures Regulations 2002, and the Electronic Commerce (EC Directive) Regulations 2002. It provides a fallback to a statutory approvals scheme, if selfregulation does not work, that will ensure the quality of electronic signature and other cryptography support services. It clarifies the legal status of electronic signatures. It gives the Government power to update legislation, and offer electronic communication and storage as an alternative to paper. The Act is in three parts: PART I (SECTIONS 1-6) Cryptography Service Providers This would allow the Government to set up a voluntary approval scheme for bodies providing cryptography services (such as electronic signature and confidentiality support services) to businesses and the public. It has not been brought into force, and the industry-led tscheme is fulfilling this approvals function. A statutory scheme will only be introduced if an industry-led scheme fails. The tscheme is a membership scheme for trust service providers that will ensure minimum standards of approval and service. It gives independent assurance that trust service providers meet quality standards. The Electronic Communications 04

PART II (SECTIONS 7-10) Facilitation of electronic commerce, data storage etc Section 7 makes clear that electronic signatures, supporting certificates and the processes under which such signatures and certificates are created, issued and used can be admitted as evidence in court. The court will decide whether an electronic signature has been correctly used and what weight it should be given. In disputes where, for example, electronic signatures are fraudulently created, or where people deny having signed payments, the electronic signature and supporting certificates can be supplied as evidence to the court. Section 7 does not affect any contracts that businesses already have in place regarding electronic communications. Nor does the Act mandate the use of electronic signatures, or specify particular formats or methods. The legislation aims to be technology-neutral and covers all types of electronic signature, from those based on e-mail exchanges to those using public key cryptography or biometric techniques. Section 8 allows Ministers to amend existing legislation so that transactions or contracts no longer have to be done in writing and can instead use electronic communications or storage. One example is the Companies Act 1985 companies can now produce annual reports and accounts electronically and can accept nominations for proxies electronically. They can also facilitate the electronic incorporation and filing of certain documents and forms. Act 2000 05

PART III (SECTION 11-16) Telecommunications licences and supplemental Sections 11 and 12 of the Act simplified the process under which existing telecommunications licences can be modified. This is no longer in force, having been replaced by Chapter 1, Part 2 of the Communications Act 2003. Sections 14 to 16 are supplemental, concerning prohibition on key escrow requirements, interpretation, and commencement of the Act. 06

Details of legislation If you require a detailed clause-byclause summary of the Act, please see the explanatory notes on the HMSO website www.hmso.gov.uk This publication highlights the most important provisions but is not intended as a comprehensive guide, nor does it constitute legal advice on the application of the Act. International issues The Act implements certain provisions of the Electronic Signatures Directive (1999/93/EC). The Directive sets out a legal framework for the use of electronic signatures across the European Union. The Act is also consistent with the principles developed in the Uniform Rules on electronic signatures and certification authorities by the United Nations Commission on International Trade Law (UNCITRAL). 07

Further help and advice INFORMATION SECURITY ISSUES The Electronic Communications Act 2000 and the accompanying explanatory notes can be found on the HMSO website. The site also features details of the statutory instruments made under Section 8 of the Act www.hmso.gov.uk Paper copies can be obtained from the Stationery Office (www.tso.co.uk) and Stationery Office bookshops Information on tscheme is available at www.tscheme.org The Transposition Note for the Electronic Signatures Directive 1999/93/EC is available at www.dti.gov.uk/industries/ information_security For help and advice on information security issues contact: The Information Security Policy Team Department of Trade and Industry 151 Buckingham Palace Road London SW1W 9SS Tel: 020 7215 1962 Fax: 020 7215 1966 E-mail: InfosecPolicyTeam@dti.gsi.gov.uk Further guidance and a full listing of all our information security publications can be found at: www.dti.gov.uk/ industries/information_security ACHIEVING BEST PRACTICE IN YOUR BUSINESS Achieving best practice in your business is a key theme within DTI s approach to business support solutions, providing ideas and insights into how you can improve performance across your business. By showing what works in other businesses, we can help you see what approaches can help you, and then support you in implementation. To access free information and publications on best practice: visit our website at www.dti.gov.uk/ bestpractice call the DTI Publications Orderline on 0870 150 2500 or visit www.dti.gov.uk/publications SUPPORT TO IMPLEMENT BEST BUSINESS PRACTICE To get help bringing best practice to your business, contact Business Link the national business advice service. Backed by the DTI, Business Link is an easy-to-use business support and information service, which can put you in touch with one of its network of experienced business advisers. Visit the Business Link website at www.businesslink.gov.uk Call Business Link on 0845 600 9 006 Or look at our information security business advice pages at: www.dti.gov/uk/bestpractice/infosec 08

GENERAL BUSINESS ADVICE You can also get a range of general business advice from the following organisations: Examples of products and companies included in this leaflet do not in any way imply endorsement or recommendation by DTI. Bear in mind that prices quoted are indicative at the time it was published. England Call Business Link on 0845 600 9 006 Visit the website at www.businesslink.gov.uk Scotland Call Business Gateway on 0845 609 6611 Visit the website at www.bgateway.com Wales Call Business Eye/Llygad Busnes on 08457 96 97 98 Visit the website at www.businesseye.org.uk Northern Ireland Call Invest Northern Ireland on 028 9023 9090 Visit the website at www.investni.com

Published by the Department of Trade and Industry. www.dti.gov.uk Crown Copyright. URN 04/622; 04/04

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information