The Proclamation to provide for electronic signature explicitly recognizes the legal acceptance and adoption of electronic messages, electronic signatures and certification. The proclamation addresses the power and duties of the Root Certificate Authority, certificate providers, certificate services, subscribers and reliant parties, dispute settlement, appeals, offenses and penalties. Excerpts of the proclamation appear below.
PROCLAMATION No.1072/2018 A PROCLAMATION TO PROVIDE FOR ELECTRONIC SIGNATURE
WHEREAS, it has become necessary to create conducive legal framework to promote electronic commerce and electronic government service in the country;
WHEREAS, it has become necessary to provide legal recognition to the exchange of electronic messages and determine the rights and obligations of participating parties;
WHEREAS, it has become crucial to provide legal recognition to electronic signature that promote trust in electronic communication and enable to verify the identity of participating parties, authentication of messages and ensure non-repudiation;
NOW, THEREFORE, in accordance with Article 51 (3) and 55 (2) (c) of the Constitution of the Federal Democratic Republic of Ethiopia, it is hereby proclaimed as follows:
PART ONE GENERAL
1. Short Title This Proclamation may be cited as the "Electronic Signature Proclamation No.1072/2018".
PART TWO ELECTRONIC SIGNATURE AND ELECTRONIC MESSAGE
5. Legal Recognition of Electronic Message
1/ No electronic message shall be denied legal effect, validity or admissibility in any legal proceeding, solely on the ground that it is in electronic form.
2/ Where any law requires that information shall be in writing, such requirement shall be deemed to have been satisfied if such information is rendered or made available in an electronic form and accessible so as to be usable for subsequent reference.
PART THREE ROOT CERTIFICATE AUTHORITY AND LICENSING
9. Root Certificate Authority The Information Network Security Agency shall act as the Root Certificate Authority pursuant to the mandate given to it in its establishment Proclamation.
10.Power and Duties Without prejudice to the powers and functions provided for under this Proclamation, Root Certificate Authority shall have the following powers and duties:
1/ issue license to certificate providers and monitor their activities and operations;
2/ensure the trustworthiness and the overall security of the crypto system;
3/issue working procedures and standards that certificate providers shall follow.
11.Requirement of License
1/ No person shall operate as a certificate provider unless that person holds a valid license issued by Root Certificate Authority.
2/ Any person who wants to engage as certificate provider may lodge application to the Root Certificate Authority for the issuance of license by filling the form prescribed by the Root Certificate Authority
PART FOUR CERTIFICATE PROVIDERS AND CERTIFICATION SERVICE SUB-SECTION ONE CERTIFICATE PROVIDERS
22. Functions of Certificate provider Unless otherwise provided any other under law or in the license, a certificate provider shall issue digital certificate, provide encryption service, and time stamp service.
SUB -SECTION TWO CERTIFICATION SERVICE
31. Application for Certificate
1/Any person may apply to acquire certificate upon satisfying requirements provided under this Proclamation and regulation and directives issued in accordance with this Proclamation and detailed terms and conditions set by the certificate provider.
SUB-SECTION THREE LIABILITY AND OBLIGATION OF CERTIFICATE PROVIDER
40. Provision of Warranty
1/ A certificate provider shall provide warranty to its subscriber and relying parties on the following matters:
SUB-SECTION FOUR OBLIGATIONS OF SUBSCRIBERS AND RELYING PARTIES
44. General Provision Without prejudice to obligations provided by law or in contractual agreement, a subscriber or relying party shall be liable for failure to carry out any of the obligations stipulated under Article 45 to 49 of this Proclamation.
PART FIVE MISCELLANEOUS PROVISIONS
50. Dispute Settlement
1/ National Crypto Council comprising members drawn from the concerned bodies shall be established to handle complaints and to provide general policy directions on complaints of certificate providers relating to license, renewal, suspension and related services provided by the Root Certificate Authority. Particulars shall be determined by regulation.
2/ Anybody who is not satisfied with the decisions of the Council may appeal to the Federal High Court.