中华人民共和国电子签名法(2004) (中英双语逐条对照版)
中华人民共和国电子签名法(2004)
Electronic Signature Law of the People's Republic of China
《中华人民共和国电子签名法》已由中华人民共和国第十届全国人民代表大会常务委员会第十一次会议于2004年8月28日通过,现予公布,自2005年4月1日起施行。
中华人民共和国主席胡锦涛
2004年8月28日
(2004年8月28日第十届全国人民代表大会常务委员会第十一次会议通过)(Adopted at the 11th Meeting of the Standing Committee of the Tenth National People's Congress on August 28, 2004 and promulgated by Order No.18 of the President of the People’s Republic of China on August 28, 2004)
第一章总则
Chapter I General Provisions
第一条为了规范电子签名行为,确立电子签名的法律效力,维护有关各方的合法权益,制定本法。
Article 1 This Law is enacted in order to standardize acts of electronic signature, validate the legal effect of electronic signature, and safeguard the lawful rights and interests of the parties concerned. 第二条本法所称电子签名,是指数据电文中以电子形式所含、所附用于识别签名人身份并表明签名人认可其中内容的数据。
Article 2 For the purposes of this Law, electronic signature means the data in electronic form contained in and attached to a data message to be used for identifying the identity of the signatory and for showing that the signatory recognizes what is in the message.
本法所称数据电文,是指以电子、光学、磁或者类似手段生成、发送、接收或者储存的信息。
The data message as mentioned in this Law means the information generated, dispatched, received or stored by electronic, optical, magnetic or similar means.
第三条民事活动中的合同或者其他文件、单证等文书,当事人可以约定使用或者不使用电子签名、数据电文。
Article 3 The parties concerned may agree to use or not to use electronic signature or data message in such documentations as contracts and other documents, receipts and vouchers in civil activities.
当事人约定使用电子签名、数据电文的文书,不得仅因为其采用电子签名、数据电文的形式而否定其法律效力。
The legal effect of a document, with regard to which the parties concerned have agreed to use electronic signature or data message, shall not be denied only because the form of electronic signature or data message is adopted.
前款规定不适用下列文书:
The provisions of the preceding paragraphs shall not be applicable to the following documents: (一)涉及婚姻、收养、继承等人身关系的;
(1) documents relating to such personal relations as marriage, adoption and succession;
(二)涉及土地、房屋等不动产权益转让的;
(2) documents relating to the transfer of the rights and interests residing in such real estate as land and houses;
(三)涉及停止供水、供热、供气、供电等公用事业服务的;
(3) documents relating to termination of such public utility services as water supply, heat supply, gas supply and power supply; and
(四)法律、行政法规规定的不适用电子文书的其他情形。
(4) other circumstances where electronic documentation is not applicable, as provided for by laws and administrative regulations.
第二章数据电文
Chapter II Data Message
第四条能够有形地表现所载内容,并可以随时调取查用的数据电文,视为符合法律、法规要求的书面形式。
Article 4 A data message, which can give visible expression to the contents carried and can readily be picked up for reference, shall be deemed to be the written form which conforms to the requirements of laws and regulations.
第五条符合下列条件的数据电文,视为满足法律、法规规定的原件形式要求:
Article 5 Data messages that meet the following conditions shall be deemed to satisfy the requirements for the form of the original copies as provided for by laws and regulations:
(一)能够有效地表现所载内容并可供随时调取查用;
(1) messages that can give effective expression to the contents carried and can readily be picked up for reference; and
(二)能够可靠地保证自最终形成时起,内容保持完整、未被更改。但是,在数据电文上增加背书以及数据交换、储存和显示过程中发生的形式变化不影响数据电文的完整性。
(2) messages that can unfailingly guarantee that the contents remain complete and unaltered from the time when they are finally generated. And the completeness of the data messages shall not be affected when endorsements are added to the data messages or when their forms are altered in the process of data interchange, storage and display.
第六条符合下列条件的数据电文,视为满足法律、法规规定的文件保存要求:
Article 6 Data messages that meet the following conditions shall be deemed to satisfy the requirements for document preservation as provided for by laws and regulations:
(一)能够有效地表现所载内容并可供随时调取查用;
(1) messages that can give effective expression to the contents carried and can readily be picked up for reference;
(二)数据电文的格式与其生成、发送或者接收时的格式相同,或者格式不相同但是能够准确表现原来生成、发送或者接收的内容;
(2) the format of the data messages is the same as the format when they are generated, dispatched or received, or although the format is not the same, the contents originally generated, dispatched or received can accurately be expressed; and
(三)能够识别数据电文的发件人、收件人以及发送、接收的时间。
(3) messages the addressers and receivers of which and the time of their dispatch and receipt can be identified.
第七条数据电文不得仅因为其是以电子、光学、磁或者类似手段生成、发送、接收或者储存的而被拒绝作为证据使用。
Article 7 No data messages to be used as evidence shall be rejected simply because they are generated, dispatched, received or stored by electronic, optical, magnetic or similar means.
第八条审查数据电文作为证据的真实性,应当考虑以下因素:
Article 8 The following factors shall be taken into consideration when the truthfulness of data messages to be used as evidence is examined:
(一)生成、储存或者传递数据电文方法的可靠性;
(1) the reliability of the methods used for generating, storing or transmitting the data messages;
(二)保持内容完整性方法的可靠性;
(2) the reliability of the methods used for keeping the completeness of the contents;
(三)用以鉴别发件人方法的可靠性;
(3) the reliability of the methods for distinguishing the addressers; and
(四)其他相关因素。
(4) other relevant factors.
第九条数据电文有下列情形之一的,视为发件人发送:
Article 9 Any of the following data messages shall be deemed to be dispatched by the addresser: (一)经发件人授权发送的;
(1) the data message is dispatched with authorization of the addresser;
(二)发件人的信息系统自动发送的;
(2) the data message is dispatched automatically by the information system of the addresser; and
(三)收件人按照发件人认可的方法对数据电文进行验证后结果相符的。
(3) verification of the data message made by the receiver in accordance with the method recognized by the addresser proves that the message is identical with the one dispatched.
当事人对前款规定的事项另有约定的,从其约定。
If the parties concerned have agreed otherwise with regard to the matters specified in the preceding paragraph, such agreement shall be complied with.
第十条法律、行政法规规定或者当事人约定数据电文需要确认收讫的,应当确认收讫。发件人收到收件人的收讫确认时,数据电文视为已经收到。
Article 10 If confirmation of receipt of a data message is required pursuant to the provisions of laws and administrative regulations or the agreement reached between the parties concerned, such receipt shall be confirmed. When the addresser receives the confirmation of the receipt sent by the receiver, the data message shall be deemed to have been received.
第十一条数据电文进入发件人控制之外的某个信息系统的时间,视为该数据电文的发送时间。Article 11 The time when a data message enters into a certain information system beyond the control of the addresser shall be deemed to be the time when the message is dispatched.
收件人指定特定系统接收数据电文的,数据电文进入该特定系统的时间,视为该数据电文的接收时间;未指定特定系统的,数据电文进入收件人的任何系统的首次时间,视为该数据电文的接收时间。
If a receiver designates a special system for receipt of a data message, the time when the message enters into the system as designated shall be deemed to be the time when the said message is received; and if no special system is designated, the first time when the data message enters into any systems of the receiver's shall be deemed to be the time when the message is received.
当事人对数据电文的发送时间、接收时间另有约定的,从其约定。
If the parties concerned have agreed otherwise on the time of dispatch or the time of receipt of data messages, such agreement shall be complied with.
第十二条发件人的主营业地为数据电文的发送地点,收件人的主营业地为数据电文的接收地点。没有主营业地的,其经常居住地为发送或者接收地点。
Article 12 The principal business place of an addresser shall be the place of dispatch of data messages, and the principal business place of a receiver shall be the place of receipt of data messages. If there are no principal business places, their habitual residences shall be the places of dispatch or receipt.
当事人对数据电文的发送地点、接收地点另有约定的,从其约定。
If the parties concerned have agreed otherwise on the place of dispatch or the place of receipt of data messages, such agreement shall be complied with.
第三章电子签名与认证
Chapter III Electronic Signature and Certification
第十三条电子签名同时符合下列条件的,视为可靠的电子签名:
Article 13 If an electronic signature concurrently meets the following conditions, it shall be deemed as a reliable electronic signature:
(一)电子签名制作数据用于电子签名时,属于电子签名人专有;(1) when the creation data of the electronic signature are used for electronic signature, it exclusively belongs to an electronic signatory;
(二)签署时电子签名制作数据仅由电子签名人控制;
(2) when the signature is entered, its creation data are controlled only by the electronic signatory;
(三)签署后对电子签名的任何改动能够被发现;
(3) after the signature is entered, any alteration made to the electronic signature can be detected; and
(四)签署后对数据电文内容和形式的任何改动能够被发现。
(4) after the signature is entered, any alteration made to the contents and form of a data message can be detected.
当事人也可以选择使用符合其约定的可靠条件的电子签名。
The parties concerned may also choose to use the electronic signatures which meet the conditions of reliability they have agreed to.
第十四条可靠的电子签名与手写签名或者盖章具有同等的法律效力。
Article 14 A reliable electronic signature shall have equal legal force with handwritten signature or the seal.
第十五条电子签名人应当妥善保管电子签名制作数据。电子签名人知悉电子签名制作数据已经失密或者可能已经失密时,应当及时告知有关各方,并终止使用该电子签名制作数据。Article 15 An electronic signatory shall have the creation data of his electronic signature well preserved. When an electronic signatory learns that the creation data of his electronic signature have got lost or may have got lost, he shall make it known to all the parties concerned in time, and terminate the use of such data.
第十六条电子签名需要第三方认证的,由依法设立的电子认证服务提供者提供认证服务。Article 16 If an electronic signature needs to be verified by a third party, the electronic verification service established according to law shall provide such service.
第十七条提供电子认证服务,应当具备下列条件:
Article 17 An electronic verification service shall meet the following conditions:
(一)具有与提供电子认证服务相适应的专业技术人员和管理人员;
(1) having the professional technicians and managerial personnel suited for provision of electronic verification services;
(二)具有与提供电子认证服务相适应的资金和经营场所;
(2) having the funds and business places suited for provision of electronic verification services;
(三)具有符合国家安全标准的技术和设备;
(3) having the technology and equipment complying with the safety standards of the State;
(四)具有国家密码管理机构同意使用密码的证明文件;
(4) having the certificates for the use of the codes approved by the code control institution of the State; and
(五)法律、行政法规规定的其他条件。
(5) other conditions prescribed by laws and administrative regulations.
第十八条从事电子认证服务,应当向国务院信息产业主管部门提出申请,并提交符合本法第十七条规定条件的相关材料。国务院信息产业主管部门接到申请后经依法审查,征求国务院商务主管部门等有关部门的意见后,自接到申请之日起四十五日内作出许可或者不予许可的决定。予以许可的,颁发电子认证许可证书;不予许可的,应当书面通知申请人并告知理由。Article 18 A person that intends to engage in electronic verification service shall make an application to the department in charge of the information industry under the State Council and submits the materials proving fulfillment of the conditions as specified by Article 17 of this Law. Upon receiving the application, the department in charge of the information industry under the State Council shall examine it according to law and consult with the department in charge of commerce and other relevant departments under the State Council, before making a decision on whether to grant or deny approval within 45 days from the date it receives the application. If it grants approval, it shall issue the license of electronic verification; and if it denies approval, it shall inform the applicant in writing of the fact and of the reasons why.
申请人应当持电子认证许可证书依法向工商行政管理部门办理企业登记手续。
The applicant shall, upon the strength of the license of electronic verification, go through the formalities for enterprise registration at the administrative department for industry and commerce according to law.
取得认证资格的电子认证服务提供者,应当按照国务院信息产业主管部门的规定在互联网上公布其名称、许可证号等信息。
The electronic verification service that has been qualified for verification shall, in accordance with the regulations of the department in charge of the information industry under the State Council, make public in the Internet such information as its name and the number of its license.
第十九条电子认证服务提供者应当制定、公布符合国家有关规定的电子认证业务规则,并向国务院信息产业主管部门备案。
Article 19 The electronic verification service shall formulate and publish its rules for electronic verification, which are in conformity with the relevant regulations of the State, and submit them to the department in charge of the information industry under the State Council for the record.
电子认证业务规则应当包括责任范围、作业操作规范、信息安全保障措施等事项。
The rules for electronic verification shall include the matters such as the scope of liability, the norms for operation and the protective measures for information safety.
第二十条电子签名人向电子认证服务提供者申请电子签名认证证书,应当提供真实、完整和准确的信息。
Article 20 When an electronic signatory applies to an electronic verification service for the certificate of his electronic signature, he shall provide truthful, complete and accurate information.
电子认证服务提供者收到电子签名认证证书申请后,应当对申请人的身份进行查验,并对有关材料进行审查。
Upon receiving the application for certificate of the electronic signature, the electronic verification service shall check the identity of the applicant and examine the relevant materials.
第二十一条电子认证服务提供者签发的电子签名认证证书应当准确无误,并应当载明下列内容:
Article 21 The certificate of an electronic signature issued by the electronic verification service shall be accurate and devoid of error, and the following items shall clearly be stated therein: (一)电子认证服务提供者名称;
(1) the name of the electronic verification service;
(二)证书持有人名称;
(2) the name of the certificate holder;
(三)证书序列号;
(3) the serial number of the certificate;
(四)证书有效期;
(4) the term of validity for the certificate;
(五)证书持有人的电子签名验证数据;
(5) the validation data of the electronic signature of the certificate holder;
(六)电子认证服务提供者的电子签名;
(6) the electronic signature of the electronic verification service; and
(七)国务院信息产业主管部门规定的其他内容。
(7) other items as prescribed by the department in charge of the information industry under the State Council.
第二十二条电子认证服务提供者应当保证电子签名认证证书内容在有效期内完整、准确,并保证电子签名依赖方能够证实或者了解电子签名认证证书所载内容及其他有关事项。
Article 22 An electronic verification service shall guarantee that the items in the certificate of an electronic signature are complete and accurate within the term of its validity, and guarantee the party relying on the electronic signature the ability to prove or to know the items stated in the certificate of the electronic signature and other relevant matters.
第二十三条电子认证服务提供者拟暂停或者终止电子认证服务的,应当在暂停或者终止服务九十日前,就业务承接及其他有关事项通知有关各方。
Article 23 If an electronic verification service intends to suspend or terminate the service, it shall, 90 days prior to the suspension or termination of service, notify the parties concerned of how to get continued services and of other relevant matters.
电子认证服务提供者拟暂停或者终止电子认证服务的,应当在暂停或者终止服务六十日前向国务院信息产业主管部门报告,并与其他电子认证服务提供者就业务承接进行协商,作出妥善安排。
If an electronic verification service intends to suspend or terminate the service, it shall report to the department in charge of the information industry under the State Council 60 days prior to the suspension or termination of service, and shall make proper arrangements by negotiating with other electronic verification services on how to carry on its business.
电子认证服务提供者未能就业务承接事项与其他电子认证服务提供者达成协议的,应当申请国务院信息产业主管部门安排其他电子认证服务提供者承接其业务。
If an electronic verification service fails to reach an agreement with other electronic verification services on matters of how to carry on its business, it shall apply to the department in charge of the information industry under the State Council for arranging other electronic verification services to carry on its business.
电子认证服务提供者被依法吊销电子认证许可证书的,其业务承接事项的处理按照国务院信息产业主管部门的规定执行。
If the license of electronic verification of an electronic verification service is revoked according to law, its business shall be carried on in accordance with the regulations of the department in charge of the information industry under the State Council.
第二十四条电子认证服务提供者应当妥善保存与认证相关的信息,信息保存期限至少为电子签名认证证书失效后五年。
Article 24 An electronic verification service shall have the information relating to verification well preserved. The time limit for preservation of such information shall at least be five years after the certificate of the electronic signature ceases to be valid.
第二十五条国务院信息产业主管部门依照本法制定电子认证服务业的具体管理办法,对电子认证服务提供者依法实施监督管理。
Article 25 The department in charge of the information industry under the State Council shall, in accordance with this Law, formulate the specific measures for administration of the electronic verification services and exercise supervision over the electronic verification services according to law.
第二十六条经国务院信息产业主管部门根据有关协议或者对等原则核准后,中华人民共和国境外的电子认证服务提供者在境外签发的电子签名认证证书与依照本法设立的电子认证服务提供者签发的电子签名认证证书具有同等的法律效力。
Article 26 Upon examination and approval by the department in charge of the information industry under the State Council on the basis of relevant agreements or the principle of reciprocity, the certificates of electronic signatures issued by overseas electronic verification services outside of the territory of the People's Republic of China shall have equal legal force with the ones issued by the electronic verification services established in accordance with this Law.
第四章法律责任
Chapter IV Legal Responsibility
第二十七条电子签名人知悉电子签名制作数据已经失密或者可能已经失密未及时告知有关各方、并终止使用电子签名制作数据,未向电子认证服务提供者提供真实、完整和准确的信息,或者有其他过错,给电子签名依赖方、电子认证服务提供者造成损失的,承担赔偿责任。Article 27 An electronic signatory who, having learnt that the creation data of his electronic signature have got lost or might have got lost, fails to notify in time the parties concerned of the fact and to terminate the use of the same, who fails to provide the electronic verification service with truthful, complete and accurate information, or who makes other errors, thus causing losses to the party relying on the electronic signature and to the electronic verification service, shall bear the responsibility for compensation.
第二十八条电子签名人或者电子签名依赖方因依据电子认证服务提供者提供的电子签名认证服务从事民事活动遭受损失,电子认证服务提供者不能证明自己无过错的,承担赔偿责任。Article 28 Where an electronic signatory or the party relying on the electronic signature suffers losses due to engaging in civil activities on the basis of the electronic signature verified by an electronic verification service, and if the electronic verification service fails to prove that it is free from fault, the service shall bear the responsibility for compensation.
第二十九条未经许可提供电子认证服务的,由国务院信息产业主管部门责令停止违法行为;有违法所得的,没收违法所得;违法所得三十万元以上的,处违法所得一倍以上三倍以下的罚款;没有违法所得或者违法所得不足三十万元的,处十万元以上三十万元以下的罚款。Article 29 Where a person provides electronic verification services without permission, the department in charge of the information industry under the State Council shall order him to desist from the illegal act; the unlawful gains, if any, shall be confiscated; if such gains exceed RMB 300,000 yuan, a fine of not less than one time but not more than three times the unlawful gains shall be imposed; and if there
are no unlawful gains or the amount of such gains is less than 300,000 yuan, a fine of not less than 100,000 yuan but not more than 300,000 yuan shall be imposed.
第三十条电子认证服务提供者暂停或者终止电子认证服务,未在暂停或者终止服务六十日前向国务院信息产业主管部门报告的,由国务院信息产业主管部门对其直接负责的主管人员处一万元以上五万元以下的罚款。
Article 30 Where an electronic verification service that intends to suspend or terminate electronic verification services fails to report to the department in charge of the information industry under the State Council 60 days prior to the suspension or termination of service, the said department shall impose a fine of not less than 10,000 yuan but not more than 50,000 yuan on the person who is directly in charge of the service.
第三十一条电子认证服务提供者不遵守认证业务规则、未妥善保存与认证相关的信息,或者有其他违法行为的,由国务院信息产业主管部门责令限期改正;逾期未改正的,吊销电子认证许可证书,其直接负责的主管人员和其他直接责任人员十年内不得从事电子认证服务。吊销电子认证许可证书的,应当予以公告并通知工商行政管理部门。
Article 31 Where an electronic verification service fails to observe the rules for verification, fails to have the information relating to verification well preserved, or commits other illegal acts, the department in charge of the information industry under the State Council shall order it to rectify within a time limit; if it fails to comply at the expiration of the time limit, its electronic verification license shall be revoked, and the persons who are directly in charge of the service and the other persons who are directly responsible shall be prohibited from engaging in electronic verification services within the period of 10 years. If an electronic verification license is revoked, the fact shall be made known to the public and the administrative department for industry and commerce shall be informed of the same. 第三十二条伪造、冒用、盗用他人的电子签名,构成犯罪的,依法追究刑事责任;给他人造成损失的,依法承担民事责任。
Article 32 Where a person counterfeits, copies or usurps the electronic signature of another person's, which constitutes a crime, his criminal responsibility shall be investigated according to law; and if losses are caused to another person, he shall bear civil responsibility according to law.
第三十三条依照本法负责电子认证服务业监督管理工作的部门的工作人员,不依法履行行政许可、监督管理职责的,依法给予行政处分;构成犯罪的,依法追究刑事责任。
Article 33 Where a staff member of the department in charge of supervision and administration over the electronic verification industry in accordance with this Law fails to perform his duties of granting administrative license and exercising supervision and administration according to law, he shall be given an administrative sanction according to law; and if a crime is constituted, he shall be investigated for the criminal responsibility according to law.
第五章附则
Chapter V Supplementary Provisions
第三十四条本法中下列用语的含义:
Article 34 The meanings of the following terms used in this Law are:
(一)电子签名人,是指持有电子签名制作数据并以本人身份或者以其所代表的人的名义实施电子签名的人;
(1) the electronic signatory means a person who holds the creation data of an electronic signature and produces the electronic signature either in person or on behalf of the person he represents;
(二)电子签名依赖方,是指基于对电子签名认证证书或者电子签名的信赖从事有关活动的人;
(2) the relying party on the electronic signature means the person who engages in relevant activities on the basis of his trust in the certificate of the electronic signature or the electronic signature;
(三)电子签名认证证书,是指可证实电子签名人与电子签名制作数据有联系的数据电文或者其他电子记录;
(3) the certificate of the electronic signature means a data message or other electronic records that can prove the connection between the electronic signatory and the creation data of the electronic signature;
(四)电子签名制作数据,是指在电子签名过程中使用的,将电子签名与电子签名人可靠地联系起来的字符、编码等数据;
(4) the creation data of an electronic signature means such data as the characters and codes that are used in the course of the electronic signature and that reliably connects the electronic signature with the electronic signatory; and
(五)电子签名验证数据,是指用于验证电子签名的数据,包括代码、口令、算法或者公钥等。
(5) the validation data of an electronic signature means the data used for verifying the electronic signature, including the code, password, algorithm and public key.
第三十五条国务院或者国务院规定的部门可以依据本法制定政务活动和其他社会活动中使用电子签名、数据电文的具体办法。
Article 35 The State Council or the departments specified by the State Council may, in accordance with this Law, formulate specific measures for the use of the electronic signatures and data messages in administrative and other public activities.
第三十六条本法自2005年4月1日起施行。
Article 36 This Law shall go into effect as of April 1, 2005.