HOUSE BILL NO. 188
INTRODUCED BY C. TUSS, D. MOOD, K. OHS, B. SIMON, E. SWANSON, R. DEPRATU, L. GROSFIELD, M. TAYLOR, J. TESTER, M. WATERMAN
BY REQUEST OF THE SECRETARY OF STATE
AN ACT PROVIDING FOR THE USE OF ELECTRONIC RECORDS AND ELECTRONIC SIGNATURES IN TRANSACTIONS WITH STATE AGENCIES AND LOCAL GOVERNMENT UNITS; PROVIDING FOR LEGAL RECOGNITION OF ELECTRONIC RECORDS, ELECTRONIC SIGNATURES, AND ELECTRONIC CONTRACTS IN STATE AGENCY PROCEEDINGS; PROVIDING EXCEPTIONS; PROHIBITING A PERSON FROM ACTING AS A CERTIFICATION AUTHORITY OR REPOSITORY OF CERTAIN ELECTRONIC DATA WITHOUT REGISTERING WITH THE SECRETARY OF STATE; REQUIRING CERTAIN STATE AGENCIES AND THE SECRETARY OF STATE TO ADOPT RULES; PROVIDING FOR MANAGEMENT OF ELECTRONIC RECORDS; PROVIDING A PENALTY; AND PROVIDING EFFECTIVE DATES.
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MONTANA:
Section 1. Short title. [Sections 1 through 11] may be cited as the "Montana Electronic Transactions With State Agencies and Local Government Units Act".
Section 2. Legislative intent. It is the intent of the legislature that [sections 1 through 11]:
(1) facilitate economic development and efficient delivery of government services;
(2) encourage electronic filing of documents with state agencies and local government units;
(3) facilitate and promote electronic commerce by eliminating uncertainties over what constitutes verified electronic records and electronic signatures in transactions with state agencies and local government units;
(4) promote the development of the legal and business infrastructure necessary to implement electronic commerce carried on with state agencies and local government units; and
(5) promote public confidence in the reliability and integrity of electronic records and electronic signatures sent or received by state agencies and local government units.
Section 3. Definitions. As used in [sections 1 through 11], unless the context indicates otherwise, the following definitions apply:
(1) "Certificate" means an electronic record that:
(a) identifies the certification authority issuing it;
(b) identifies its subscriber;
(c) contains a public key that corresponds to a private key under the control of the subscriber;
(d) specifies its operational period; and
(e) is digitally signed by the certification authority issuing it.
(2) "Certification authority" means a person who authorizes and causes the issuance of a certificate.
(3) "Cryptosystem" means a system that transforms or encrypts information for the purpose of secrecy or authenticity. The term includes a computer-based security procedure capable of generating and using a key pair.
(4) "Digital signature" means a type of electronic signature that encrypts a record by using a cryptosystem in a manner that a person who has the unencrypted record, the encrypted record, and the signer's key can accurately determine:
(a) whether the encryption of the record to an electronic record was created using the private key that corresponds to the signer's public key; and
(b) whether the record has been altered since the record was encrypted into an electronic record.
(5) "Electronic" includes electrical, digital, magnetic, optical, electromagnetic, or any other form of technology that entails capabilities similar to these technologies.
(6) "Electronic record" means a record that is created or stored electronically and that is retrievable in perceivable form.
(7) "Electronic signature" means an electronic signal attached to or logically associated with an electronic record and that is:
(a) unique to the person using it;
(b) capable of verification;
(c) under the sole control of the person using it; and
(d) linked to the electronic record in such a way that if the electronic record is changed, the signature is invalidated.
(8) "Key" means a password or table used to decipher encrypted electronic data.
(9) "Key pair" means a private key and its corresponding public key in a cryptosystem, as part of which the public key verifies the signature made by the private key.
(10) "Local government unit" means a city, county, town, unincorporated municipality or village, or a special taxing district and any commission, board, bureau, or other office of any of them.
(11) "Party" means a person who is a party to a transaction with a state agency or local government unit.
(12) "Person" means an individual, corporation, business trust, estate, trust, partnership, limited partnership, limited liability company, association, joint venture, state agency, local government unit, government of another state or of the United States, or political subdivision of this or another state or any other legal or commercial entity.
(13) "Private key" is a key of a key pair used to create a digital signature.
(14) "Public key" is the key of a key pair used to verify a digital signature.
(15) "Qualified security procedure" means a security procedure capable of producing reliable evidence that an electronic record or electronic signature has not been altered.
(16) "Record" includes any paper, correspondence, form, book, photograph, microfilm, map, drawing, or other document, including a copy of any of them, that has been made or received by a state agency or local government unit in connection with the transaction of the official business of that entity and all other documents required by law to be filed with or kept by that agency.
(17) "Repository" means a person that maintains a registry of certification authorities.
(18) "Rule of law" means a statute, regulation, ordinance, common-law rule, court decision, ordinance, rule, or other law enacted, established, or adopted by a state agency, court, or political subdivision of this state.
(19) "Secure electronic record" is an electronic record that is transmitted using a qualified security procedure.
(20) "Secure electronic signature" is a digital signature that is transmitted using a qualified security procedure.
(21) "Security procedure" is a methodology or procedure used for the purpose of:
(a) verifying that an electronic record is that of a specific person; and
(b) detecting an error or alteration in the communication, content, or storage of an electronic record since a specific point in time.
(22) "State agency" means a department, board, commission, authority, or other governmental entity of the executive branch of state government, including the Montana university system.
(23) "Subscriber" means a person holding a private key that corresponds to a public key listed or identified in a certificate and who is the person to whom digitally signed records verified by reference to the certificate are to be attributed.
(24) "Trustworthy manner" means electronic records and electronic signatures transmitted by a qualified security procedure.
(25) "Verify a digital signature" means to use the public key listed in a valid certificate, by means of a security procedure, to evaluate a digitally signed electronic record so that the evaluation concludes that:
(a) the digital signature was created using the private key corresponding to the public key listed in the certificate; and
(b) the electronic record has not been altered since its digital signature was created.
Section 4. Construction -- exceptions. (1) [Sections 1 through 11], as applied to transactions with state agencies or local government units, may not be construed to:
(a) require a party to accept an electronic record, an electronic signature, or an electronic contract or to respond to or act upon an electronic record, an electronic signature, or an electronic contract unless the parties have freely and voluntarily agreed to the use of an electronic record, electronic signature, or electronic contract prior to electronic transmission; or
(b) preclude the recipient of an electronic record, an electronic signature, or an electronic contract from establishing the conditions under which the recipient will accept the electronic record, electronic signature, or electronic contract.
(2) [Sections 1 through 11] do not apply:
(a) when application of [sections 1 through 11] is clearly inconsistent with the manifest intent of another rule of law. However, a requirement of a rule of law that information must be "in writing", "written", "printed", "signed", or by any other word or phrase specifies written communication for a certain purpose is not by itself sufficient to prohibit the use of an electronic record or electronic signature, as applicable, for that purpose.
(b) to any rule of law governing the creation or execution of a will, trust, living will, or health care power of attorney;
(c) to any record that serves as a unique and transferable physical token of rights and obligations, including negotiable instruments and other instruments of title in which possession of the instrument is considered to confer title.
Section 5. State agency or local government unit acceptance and use of electronic records and electronic signatures -- rulemaking required. (1) [Sections 1 through 11] strongly encourage but do not require a state agency or local government unit to use or permit the use of an electronic signature or to send or receive electronic records. A state agency or local government unit may determine if, and the extent to which, it will send and receive electronic records to and from other persons and the extent to which it will create, use, and rely upon electronic records.
(2) Unless otherwise agreed to between a state agency or local government unit acting as the sender or receiver of an electronic record and another person who is the sender or receiver of the same electronic record, an electronic record is sent when it enters an information processing system outside the control of the sender or a person that sent the electronic record on behalf of the sender.
(3) Unless otherwise agreed to between a state agency or local government unit acting as the sender or receiver of an electronic record and another person acting as the sender or receiver of the same electronic record, an electronic record is received when the electronic record enters an information processing system from which the recipient is able to retrieve electronic records in a form capable of being processed by that system, if the recipient uses or has designated that system for the purpose of receiving the electronic record. An electronic record is effective when received even if no individual is aware of its receipt.
(4) A state agency sending or receiving electronic records shall adopt rules specifying:
(a) the manner and format in which an electronic record must be created, sent, received, and stored;
(b) whether an electronic record must be signed, the type of electronic signature required, the manner and format in which a signature must be affixed to the electronic record, and the identity of, or criteria that must be met by, a third person used by the person filing the document to facilitate the process;
(c) appropriate control methods used to ensure adequate integrity, security, and confidentiality of the electronic records and to ensure that the creation, transmission, and use of the electronic record may be audited; and
(d) other matters applicable to nonelectronic records that in the state agency's judgment should also be made applicable to electronic records.
Section 6. Legal recognition for certain electronic records and electronic signatures in administrative proceedings. (1) This section applies only to contested case proceedings held pursuant to the Montana Administrative Procedure Act or a similar procedure held before a state agency in which rights are determined or duties are enforced on a case-by-case basis.
(2) If a rule of law requires a record to be written or in writing or provides for certain consequences if the record is not written or in writing, an electronic record satisfies that rule of law.
(3) If a rule of law requires a signature or provides for certain consequences if a record is not signed, an electronic signature satisfies that rule of law.
(4) If all parties to a transaction agree to the use of an electronic record or electronic signature, the electronic record or electronic signature may not be denied legal effect, validity, or enforceability solely on the grounds that it is electronic or on the grounds that it is not original.
(5) The trier of fact shall weigh the reliability of information in the form of an electronic record or electronic signature. In assessing the reliability of an electronic record or electronic signature when its authenticity is in issue, the trier of fact may consider:
(a) the manner in which it was generated, stored, or communicated;
(b) the reliability of the manner in which its integrity was maintained;
(c) the manner in which its originator was identified or the electronic record was signed; and
(d) any other relevant information or circumstances.
Section 7. Legal recognition for secured electronic records and secured electronic signatures in administrative proceedings. (1) This section applies only to contested case proceedings held pursuant to the Montana Administrative Procedure Act or a similar procedure held before a state agency in which rights are determined or duties are enforced on a case-by-case basis.
(2) If, through a qualified security procedure, it can be verified that an electronic record or electronic signature has not been altered since a specified point in time, the electronic record or electronic signature must be considered to be a secure electronic record or secure electronic signature from the specified point in time to the time of verification, if the relying party establishes that the qualified security procedure was:
(a) reasonable under the circumstances;
(b) applied by the relying party in a trustworthy manner; and
(c) reasonably in good faith relied upon by the relying party.
(3) In an administrative proceeding involving a secure electronic record, it must be rebuttably presumed that the electronic record has not been altered since the specific point in time to which the secure status relates.
(4) In an administrative proceeding involving a secure electronic signature, it must be rebuttably presumed that the secure electronic signature is the signature of the person to whom it correlates.
(5) The effect of the presumptions provided in this section is to place on the party challenging the integrity of a secure electronic record or challenging the genuineness of a secure electronic signature both the burden of going forward with evidence to rebut the presumption and the burden of persuading the trier of fact that the nonexistence of the presumed fact is more probable than its existence.
Section 8. Legal recognition for electronic contracts in administrative proceedings. (1) This section applies only to contested case proceedings held pursuant to the Montana Administrative Procedure Act or a similar procedure held before a state agency in which rights are determined or duties are enforced on a case-by-case basis.
(2) An electronic contract valid under the Uniform Commercial Code is valid under [sections 1 through 11].
(3) In an administrative proceeding involving a contract signed by a secure electronic signature, it must be rebuttably presumed that the electronic contract has not been altered since the specific point in time to which the secure status relates.
(4) The effect of presumptions provided in this section is to place on the party challenging the integrity of a secure electronic contract both the burden of going forward with evidence to rebut the presumption and the burden of persuading the trier of fact that the nonexistence of the presumed fact is more probable than its existence.
(5) In administrative proceedings involving a contract signed by an electronic signature, the trier of fact shall weigh the reliability of information. In assessing the reliability of a contract when its authenticity is in issue, the trier of fact may consider:
(a) the manner in which it was generated, stored, or communicated;
(b) the reliability of the manner in which its integrity was maintained;
(c) the manner in which its originator was identified or the electronic contract was signed; and
(d) any other relevant information or circumstances.
Section 9. Secretary of state to register certification authorities and repositories -- penalty. (1) A person may not act as a certification authority or repository without registering with the secretary of state as provided in this section.
(2) A person who acts as a certification authority or repository without being registered with the secretary of state as required by this section and rules adopted pursuant to this section is guilty of a misdemeanor and shall be punished as provided by law.
(3) A certification authority registered with the secretary of state pursuant to this section shall comply with all applicable requirements of Title 35.
(4) In addition to a filing fee that may be required by Title 35, the secretary of state shall charge and collect from each certification authority a license fee of $300 annually.
Section 10. Secretary of state to adopt rules for registration of certification authorities and repositories. (1) The secretary of state shall adopt rules concerning the registration of certification authorities and repositories.
(2) In adopting rules authorized by this section, the secretary of state shall provide maximum flexibility to the development of digital signature technology and the business models necessary to support it. The rules must maximize opportunities for uniformity with the rules or laws of other jurisdictions.
Section 11. Electronic records management. Electronic records must be preserved, protected, transferred, and disposed of in accordance with Title 2, chapter 6, part 2.
Section 12. Saving clause. [This act] does not affect rights and duties that matured, penalties that were incurred, or proceedings that were begun before July 1, 1999.
Section 13. Effective dates. (1) [Sections 10 and 12 and this section] are effective on passage and approval.
(2) [Sections 1 through 9 and 11] are effective July 1, 1999.
- END -
Latest Version of HB 188 (HB0188.ENR)
Processed for the Web on April 14, 1999 (1:33PM)
New language in a bill appears underlined, deleted material appears stricken.
Sponsor names are handwritten on introduced bills, hence do not appear on the bill until it is reprinted. See the status of the bill for the bill's primary sponsor.
Status of this Bill | 1999 Session | Leg. Branch Home
This bill in WP 5.1 | All versions of all bills in WP 5.1
Prepared by Montana Legislative Services
(406)444-3064