DRAFT LAW ON INFORMATION TECHNOLOGY
MONGOLIA - September 2003
CHAPTER ONE: General Provisions
Article 1. Purpose of the Law
The purpose of the law on information and technology is to regulate
relations concerning the information system, management of the information
system, e-governance, e-commerce, electronic signature and services
of information technology.
Article 2. Legislation related to information technology
2.1 Legislation related to information technology shall consist of
the Constitution of Mongolia, the present law and other legal acts issued
in consonance with them.
2.2 In case of conflicting stipulations in the present law and the
international agreement to which Mongolia is subject, the latter shall
take priority over the former.
Article 3. Legal terminology
3.1 Legal terms used in this law shall mean as follows:
3.1.1 E-governance information is a set of documents, information
and data which are created in the information system and network and
used by state organizations and officers as official source.
3.1.2 E-governance management is integrated set of methods of mobilizing
and directing manpower, equipment, information and organizational
resources to treat information as a product for use in activities
of state organizations.
3.1.3 E-governance information database is a set of standardized
classification, codes, indices, methodologies, data, and information
that have been collected and processed in conformity with assimilated
document requirement.
3.1.4 Illegal use of information is illegal access to information
system and data base taking advantage of skills and knowledge of using
information methods, tools and software.
3.1.5 Electronic documents or records are information in electronic
form on a computer.
3.1.6 Electronic signature is a set of electronic documents which
take the cryptographic changes of information related to use of key
for electronic signature and which entitle a holder of signature certificate
to the sole ownership. Electronic signature ensures the prevention
from falsification of electronic documents.
3.1.7 Owner or holder of certificate for key (secret code) for signature
is individual who has been issued a certificate of signature by the
authorized office, owns key (secret code) for electronic signature
through the use of relevant tools and creates his/her signature on
own electronic documents.
3.1.8 Electronic signature tools is technique and program applications
which are used to execute at least one of acts in creation of signature,
and creation of electronic key for electronic signature.
3.1.9 Electronic key for electronic signature is a series of marks
and digits used for creation of signature and known only to owner
of certificate of electronic signature.
3.1.10 Accessible key for electronic signature is a series of marks
and digits used for treating to inaccessible key for electronic signature.
It is used for reaching to any user in the information system and
for confirming the authenticity of electronic signature through relevant
tools.
3.1.11 Open information system is the one, which is open and always
accessible to every individual and legal entity.
3.1.12 Informatics is systematic social, economic, scientific and
technical activities aimed at creating a favorable environment for
meeting the information needs and rights of citizens, state organizations
and legal entities through creation and use of information sources.
3.1.13 Information is data, which is not dependent on the known conventions
in his/her representation.
3.1.14 Factual information is the one recognizable by specific indicators
stored on a computer and written on paper work and for official use.
3.1.15 Information system is system intended for information activities
using data processed in specific and step-wise way, technology sequencing
including estimation technique and digital data transfer tools.
3.1.16 Confidential information is the one concerned with privacy
and confidentiality of state organizations, legal entity and individuals
in accordance with the relevant law of Mongolia.
3.1.18 Electronic data message is information generated by information
and communication means.
3.1.19 Sender of electronic data message or document (hereinafter
referred as sender) is an individual and legal entity who is entitled
to send the data message or document. It does not include a person
acting as an intermediary.
3.1.20 Receiver of electronic data message or document (hereinafter
referred as receiver) is an individual and legal entity who is intended
by the sender to receive the data message or document. It does not
include a person acting as an intermediary.
3.1.21 E-commerce runner is an individual or legal entity who is
issued a license for engagement in electronic commerce.
3.1.22 Client is an individual or legal entity who is served goods
and services and other rights as stipulated in the contract established
with e-commerce runner.
3.1.23 Intermediary is a person who on behalf of another person and
with respect to a particular electronic document sends, receives and
stores or provides other services in respect of that electronic document.
CHAPTER TWO: Authority of the State Administration in
information and technology
Article 4 Authority of the State Great Khural (Parliament)
4.1 State Great Khural (Parliament) shall define a state policy for
information and technology and establish a legal environment.
Article 5 Authority of the government
5.1 The government shall exercise the following authority in information
and technology. They are:
5.1.1 to implement the state policy for information and technology
and organize the enforcement of relevant legal acts;
5.1.2 to establish a national committee for information and technology
and approve its rule and regulations
5.1.3 to form a fund for public service and approve regulation for
mobilization of the fund
5.1.4 to promote and facilitate any organization, enterprise, individual
and legal entity that are effectively introducing information and
technology
Article 6 Authority of the member of government cabinet
in charge of information and technology
6.1 The Government Cabinet Member in charge of information and technology
shall have the following authority. They are:
6.1.1 to implement legislation on information technology and government
decisions
6.1.2 to develop a coherent and consistent state policy on information
technology
6.1.3 to develop a policy promoting competitiveness in information
technology market
6.1.4 to endorse the regulation which determines the amount of fee
of coordinating services for license holders
6.1.5 to develop a policy on public service and monitor its implementation
6.1.7 to ensure the reliability, efficiency and quality of information
technology services and control the security of electronic signature
and information relations
6.1.8 to develop a policy of training professional staff in information
and technology
6.1.9 to approve a work program, plan and overall budget for informatics,
compilation and use of information resources, development and application
of information system, information technology and tools required for
them
6.1.10 to develop a policy for protection of information and information
resources and ensuring their security, to control over security and
safety of informatics
6.1.11 to ensure reliability, efficiency and quality of informatics,
compilation and use of information sources, information system and
technology and tools required for them.
6.1.13 Other rights or authorities stipulated in the legislation.
6.2 The authorized organization shall consult with member of government
cabinet in charge of information technology when appointing or resigning
the management of legal entity of sole state ownership or with participation
of state in ownership.
Article 7. Authority of Governors
7.1 All governors shall exercise the following authority. They are:
7.1.1 to implement actions aimed at advancement of information technology
in respective territory in cooperation with relevant organizations
7.1.2 to organize repair and remedy actions of damages in information
network and software caused by accidental or disastrous conditions
7.1.3 to organize public training for information and technology
7.1.4 to organize actions aimed at introduction of information technology
achievements
7.1.5 other rights stipulated in the legislation.
Article 8. Authority of Communications Regulatory Commission
8.1 Communications Regulatory Commission shall exercise the authority
as follows:
8.1.1 comment on state policy on information technology and provide
authorized and competent organization with information
8.1.2 within the policy on information technology issue a license,
suspend and terminate it, monitor over enforcement of conditions and
requirements inherent to license, and make a contract
8.1.3 identify and confirm technical and software related conditions
and requirements of information technology network and user equipment
8.1.4 approve general conditions of contract on inter-connection
between networks and endorse rule for income distribution
8.1.5 approve the methodology defining service tariff for information
technology and control tariff prevalent in markets
8.1.6 approve general plan of domain addresses, make registration
and issue the addresses
8.1.7 provide a condition for fair competition in information technology
market
8.1.8 facilitate the implementation of public services
8.1.9 in the frame of authority, settle disputes between holder of
license and user
8.1.10 The commission will establish an office for certification
of information technology and through it, issue license, establish
public infrastructure, set up electronic signature base and place
control.
8.1.11 develop standards of electronic signature and approve the
form of certificate
8.1.12 assign or remove audit team of electronic signature
8.1.13 perform other authority or rights mentioned in the legislation
Article 9. National Committee of Information Technology
9.1 National Committee of Information Technology (hereinafter referred
as National Committee) shall function on a part time basis at the Government.
The National Committee shall advise the government on aspect of information
technology development and state policy and coordination.
9.2 National Committee shall be comprised of members on equal number
from state organizations, business organizations, education and science
institutes and NGOs.
9.3 National Committee shall be chaired by Prime Minister of Mongolia.
9.4 Government shall approve the membership of National Committee.
9.5 National Committee shall established its own office.
9.6 Information and Communications Technology Policy Coordination Division
of the Ministry of Infrastructure shall execute duties as the secretariat
and technical arm of the National Committee.
9.7 Ministries, government agencies, aimag and capital city governor's
offices may have a unit in charge of informatics.
Article 10 National Information Technology Park
10.1 National Information Technology Park shall be state owned non-profit
service organization with duties of creating and developing a favorable
environment for information and communications system and network and
facilitating information technology businesses. The National Information
Technology Park shall be responsible for the following.
10.1.1. to show support to development of economic and scientific
initiatives and documents required for state policy aimed, to ensure
reliable functioning and security of information system and network
in Mongolia and to facilitate the arrangement of planning actions
on technique, technology and organizational matters.
10.1.2 to enhance participation of citizens and legal entities in
creation of information system and network, use and benefits of information
technology and to form favorable working conditions and mental production
environment.
10.1.3 to cooperate with relevant organizations in implementation
of policy aimed at ensuring functioning and developing up-to-date
high speed internet network and to plan and execute systems, technology
and organizational matters
10.1.4 to provide professional and methodological assistance to management
of state organizations of all levels, individuals and legal entities
in implementation of state policy on informatics
10.1.5 to propose on development of information technology infrastructure
and issues of promoting informatics for state and society
10.1.6 to train and retrain qualified staff in information technology
and provide professional consultancy assistance
10.2 National Information Technology Park shall take the following
main actions.
10.2.1 to set up internal and external networks of computer able
to exchange information at fast speed using advanced equipment of
information technology and provide services for economic entities
in the national park of information technology
10.2.2 to lease a working space for domestic businesses in information
technology
10.2.3 to create a favorable business environment for new companies
in information technology and support their development
10.2.4 to mediate companies in the national park of information technology
in execution of projects and works requested by state organizations
and international agencies and arrange such work
10.2.5 to implement activities aimed at executing duties and rights
stated in 11.1 of the present law
10.2.6 to create science and technology data base and e-library,
provide the public with information and provide professional assistance
and support in setting up and operationalizing information technology
center and public information service unit.
CHAPTER THREE: The Fund for Public Service
Article 11 The Fund for public service
11.1 The fund for public service shall be formed and used for accessing
essential information technology services to remote areas and population
who haven't been covered yet and creating, expanding and updating new
network in problem areas.
11.2 The fund for public service shall be sourced from the following.
11.2.1 sources of funds is stipulated in 11.2 of the law on Communications
11.2.2 administration and implementation of the fund is also stipulated
in 10.2.6 of the law on Communications
11.3 The fund for public service shall be used only for designated
purposes.
CHAPTER FOUR: License
Article 12 License, required documents for getting a
license, establishing and terminating a contract
12.1 Communications Regulatory Committee shall issue a license for
information technology services and electronic signature.
12.2 Treating information technology services as communications services
Articles 12, 13, 14 and 15 in Communications Law concerning the license,
required documents for getting a license, establishing and terminating
a contract shall be abided by.
12.3 Internet café services shall be registered only.
CHAPTER FIVE: E-governance Information System
Article 13 E-governance information system
13.1 E-governance information system shall comprise the information
system of offices of President of Mongolia, State Great Khural, Government,
National Security Council, Constitutional Court, other courts, ministries,
agencies, NGOs, local self-governance and administration offices, economic
enterprises with state property and state property participation (???)
and budgetary organizations.
13.2 Respective information system of state organizations mentioned
in Paragraph 1 in the article shall have provision of equipment, software,
data base and staff.
Article 14 Principle of functioning e-governance information
14.1 The following principles shall be pursued in e-governance information
activities.
14.1.1 E-governance information database and network and their security
shall be under state protection.
14.1.2 Documents, data and information in e-governance information
data base shall have the same standard and be of reliable services
for citizens within the specified legal framework.
14.1.3 Software, technology, set up, methodology and language of
e-governance information shall be consistent.
Article 15. E-governance information, its types and forms
15.1 E-governance information (hereinafter referred as information)
shall comprise the following documents, data and information which can
be obtained, retrieved and reported back by organizations and their
staff mentioned in 1 of Article 13 of the present law for use in exercising
rights and duties and decision making.
15.1.1 Laws, State Great Khural decisions, President Decrees, Government
decisions
15.1.2 decisions by the National Security Council
15.1.3 decisions by Constitutional Court
15.1.4 explanations of laws
15.1.5 norms and regulations issued by ministries and regulating
agencies for adaption
15.1.6 decisions by local self-governance and administration
15.1.7 reports, papers and minute of meetings
15.1.8 statistical data from official sources
15.1.9 comments and conclusions
15.1.10 announcements made by state organizations and management
within their respective authority
15.1.11 project documents, researches and studies
15.2 Information shall be classified by its purpose as official and
not official.
15.3 Official information shall refer to documents, data and information
stated in section 1 of this article.
15.4 Official information shall have special certifying or identifying
mark.
15.5 Marks refer to titles, types, register number, classification,
codes and indices of organizations, documents, data and information.
15.6 Interfering and making amendment to marks and content of data
and information shall be prohibited.
15.7 Non official information refer to data, information, explanations,
recommendations, methodologies, comments and studies made by entities
which are not entitled to represent state organizations. These are the
type of information not mentioned in section 3 of this article.
15.8 Documents, data and information may take the forms of writing,
prints, images, sound, pictures, combination of such forms and files.
CHAPTER SIX: E-governance information data base
Article 16. Data base
16.1 E-governance information data base in Mongolia shall consist of
data bases stated in section 1 of Article 13 of the present law.
16.2 State organizations shall create data base in accordance with
the scope and guideline of their duties and implement data base management.
Ministries and agencies shall create sector-wise data base and local
administration data base.
16.3 State organizations shall make a list of data base to be used
in its activities in conformity with state official matter list. The
list shall clearly state about receiver, sender, transfer organization,
officer and title of position.
16.4 Documents, data and information shall be placed in data base in
accordance with due classification, codes, indices and set standards.
16.5 Government and Standard and Measurement Institute shall determine
classification, codes and indices.
16.6 Documents, data and information in data base shall have date of
creation, address of creator and references incorporating amendments
and they shall be included in registry of data base of a given organization.
16.7 Member of Government Cabinet in charge of issues of a given sector
shall approve rule, classification and code of data base of a sector.
This role shall be executed by Aimag governor for rules, classification
and code of local administration data base.
16.8 State organization and officer shall take full responsibility
for quality and content of created data base and information sent.
16.9 State officer shall register information used in his/her activities
in date base register regardless of data base register of an organization.
16.10 Documents, data and information in data base shall be classified
as for only official use, confidential and limited.
16.11 Official information shall consist of documents, data and information
designed for only official use and bearing mark "for official use".
16.12 Confidential information shall comprise documents, data and information
related to privacy of state and organizations and individuals which
have been legally identified as prohibitive to expose for not damaging
rights and reputation of individuals and for the interest of national
defense and security and social order.
16.13 Limited information shall be constituted by documents, data and
information to be used under the due permission of authorized organization
and officer within the legislation framework.
Article 17. Ensuring the open access of e-governance
information
17.1 Citizens, state, enterprises and organizations shall be entitled
to search and receipt of information, which is not referred to issues
of confidentiality under the state protection in the legal framework.
17.2 The legislation shall regulate claims and complaints by individuals,
organizations and enterprises for receiving open access data in the
database of e-governance information system and data base of an organization.
17.3 Relations concerning open-access of archived documents, data and
information in the database of e-governance information system and database
of an organization shall be regulated by the law on archive, confidentiality
and information security.
17.4 The limitation may be made to open-access of information in the
following cases for the right and interest of state, offices, organizations
and individuals:
17.4.1 cases which may cause interference to decision making by state
organizations and officers or misunderstanding between citizens and
organizations or damage or priority to one of the sides
17.4.2 cases which may damage legal rights and interests of organizations
and enterprises and interference to operations, business activities
and competitiveness
17.4.3 cases which might adversely affect national security and social
order
17.4.4 cases which might damage cooperation and mutual trust with
foreign countries and international organizations and negotiations
and contract with them
17.4.5 cases which are under the condition of not exposing to the
public
17.4.6 cases which are in processing and monitoring stages
17.5 While making decision, authorized organization and officer shall
ensure the protection of legal rights and interests of third entity.
17.6 High level organization and officer shall settle disagreement
and claim against the decision prohibiting open access of information.
Article 18 Exchange of e-governance information and use
of data base
18.1 Information in e-governance information system shall be exchanged
through e-mail in file form (non-paper technology) and signature, organization
seal and mark shall be secured by secret code.
18.2 Secret code shall be included in list of confidentiality of state
and organizations.
18.3 State organization and its bodies and branches (??) shall have
e-mail addresses.
18.4 Exchange of information by e-mail shall follow principles, standards
and technology of state official matter arrangement. The management
of register and control over information flow and archiving shall be
dealt with by relevant unit of Government Secretariat.
18.5 Documents, data and information created and stored in data base
of state administration information system and exchanged through e-mail
shall become archive material. Archived documents of an organization
may be extinguished upon decision of Accredited Examination Commission.
18.6 State organization shall provide opportunities for state organizations
and NGOs, officers, individuals and enterprises to use open-access information
in the data base.
18.7 Official information shall be utilized for internal use of an
organization while limited or confidential information shall be used
by the authorized entity under the due regulation.
18.8 Data base of e-governance information system and data base of
an organization shall be used upon permission by authorized organizations
and officers.
18.9 Permission shall be issued through official decision by authorized
organizations and officers. With due permission, the frame of use of
database shall be determined and secret code shall be provided in order
to ensure security.
18.10 Monitoring or controlling the use of database of e-governance
information system shall be subject to government decision.
18.11 Authorized organizations and officers shall determine, in concurrence
with legislation, the rule for register of information in database under
the due classification and ownership, exchange and use of e-governance
information system database and organization data base.
18.12 State organizations listed in section 1 of Article 13 of the
present law shall have free of charge access to documents, data and
information in e-governance information data base.
Article 19 Network of e-governance information system
19.1 Network of e-governance information system shall consist of information
network, database and software to enable the exchange of information
between state organizations and its structure units, connect and transfer
telecommunications facilities and other relevant equipment, manpower
and management.
19.2 Central office shall be responsible for technology management
of network of e-governance information system and regulation of software
and database. The central office will be within the structure of Government
Cabinet.
19.3 The addresses of uses of network of e-governance information system
shall be registered by the central office.
19.4 User without address register shall have access to open data base
of network of e-governance information system excluding other data bases
of state organizations.
19.5 Officer in charge of management of network of state administration
information system and database of organization shall be officers keeping
confidentiality of state and organization.
Article 20. Software of e-governance information system
20.1 The copy right of software products which is certified and accepted
by authorized organization shall be applied in e-governance information
system.
20.2 Software products shall meet the standard requirements.
20.3 Office of State Great Khural, Presidential Office, Government
Secretariat, ministries, agencies and aimag and city governor's office
shall be entitled to to the full utilization and orderly application
of software products in the e-governance information system.
20.4 The expenditure of products in e-governance information system
shall be fixed at not exceeding 1.5% of central and local budget.
20.5 The state shall be the owner of patent for software products funded
by science and technology project.
20.6 Enterprises, organizations and Mongolian and foreign citizens
can be executor of the order for software product development.
20.7 Software products developed on order by authorized state organizations
and funded by the state budget shall not be provided on payment to state
and state funded organizations and enterprises of state ownership. (I
can't understand???)
20.8 The patent and copyright of e-governance information system software
shall be regulated by relevant legislation. The issues concerning holding
and application of this system shall be coordinated by contract between
involved parties.
Article 21 Repair and maintenance of information systems
21.1 Central office shall be responsible for repair and maintenance
of technique of e-governance information network.
21.2 Services of information technology, development of software and
repair and maintenance of computer may be contracted to enterprises,
organizations and individuals which are issued permission by authorized
organization.
21.3 Permission to execute services mentioned in 2 of this article
shall be issued by Communications Regulatory Commission. The rule for
services shall be approved by Cabinet Member in charge of this issue.
Article 22 Prohibited Acts in e-governance information
activities
22.1 The following acts shall be prohibited in activities of e-governance
information. They are
22.1.1 to violate the rule for application of data base and network
or access them without permission
22.1.2 unintentionally or intentionally to amend, destroy, close,
distort and steal information
22.1.3 to disseminate misleading or false information through information
network or amend it in private and political interests and use for
election campaign
22.1.4 to make illegal copy of information
22.1.5 to unveil secret of state, organizations and individuals
22.1.6 to make illegal copy of and apply software products
22.1.7 intentionally or unintentionally to damage and destroy data
base and network
22.1.8 to develop information technology and software and execute
technical repair and maintenance without permission.
CHAPTER SEVEN: Conditions for use of electronic signature
Article 23 Equivalency of electronic signature and signature
on paper
23.1 Electronic signature on electronic documents shall be equivalent
to signature on paper under the following condition:
23.1.1 Electronic signature certificate to be valid during the checking
or the time at which the signature was created on electronic document
23.1.2 the authenticity of electronic signature is certified
23.1.3 there is no contradiction between electronic signature and
signature certificate
23.2 Participant in information system may have more than one signature
certificates.
Article 24 Electronic signature means
24.1 Signature key (secret code) shall be created and certified by
certification organization.
24.2 Creation, use and distribution of signature without certified
means shall be prohibited.
24.3 Entity who has violated section 2 of this article shall be subject
to punishment.
24.4 Participant in information system may refer to certification organization
for electronic signature.
24.5 Certificate of electronic signature shall be issued in accordance
with rule and regulation developed by relevant state administration
organization.
Article 25 Signature certificate
25.1 Signature certificate shall contain the following information.
25.1.1 signature register number and starting and expiry dates of
signature certificate issued by certification office
25.1.2 full name or nickname of holder of signature certificate.
In case of using nickname this shall be noted in electronic signature
certificate issued by certification office.
25.1.3 open key(pin code) of electronic signature
25.1.4 information related to compilation of electronic documents
with electronic signature which is legally valid
25.2 Based on documents for verification necessitated by work position
of holder(title and address of organization which holds the position
will be mentioned) and other information verifying given document in
accordance with the claim shall be attached in paper form.
25.3 Signature certificate shall be included in register of signature
certificates of certification office.
25.4 For the purpose of recognizing and checking electronic signature
of holder the date of issuance, information validating the signature
certificate (valid, expired date, date of not-service and invalid date)
as well as information on signature certificate register shall be provided.
25.4.1. 1n case of issuing signature certificate on paper as a fact
the certificate shall be put on a form of certification office and
signed by authorized person and sealed by certification office.
25.4.2 In case of issuing signature certificate and additional information
on electronic documents the certificate shall be signed by authorized
person of certification office in electronic form.
25.4.3 Electronic signature shall remain legally valid when conditions
for signature means and application in information system and network
are provided.
25.5 Recognizing and verifying right of electronic signature shall
be issued on the basis of license. The rule for issuing license shall
be determined by Cabinet Member in charge of information technology.
Article 26 Duration of storing signature certificate
at certification office and its rule
26.1 Duration of storing signature certificate in electronic form at
certification office shall be determined by contract between certification
office and holder of signature certificate.
26.2 The duration of storing signature certificate in electronic form
at certification office since signature certificate was made invalid
shall not exceed the date specified in signature certificate.
26.2.1 When the of duration period of storing signature certificate
expires it is deleted from the signature certificate register and
transferred into archiving regime.
26.2.2 Duration of storing in archive shall be no longer than five
years. During this period the issuance of copy of signature certificate
shall be regulated by separate rule which is approved by Cabinet Member
in charge of the issue.
26.3 Signature certificate in paper form shall be stored in accordance
with the Archiving law.
Article 27 Legal status of certification office
27.1 Certification office which issues signature certificate to be
used in information system of wide application shall be a legal entity
to fulfil duties mentioned by the law.
27.1.1 Certification office shall store information relevant to signature
certificate. It shall have necessary material and financial resources
to enable the compensation of damages for users.
27.1.2 Government authorized organization shall appoint office to
provide material and financial needs of certification office.
27.2 Types of activities by certification office shall be licensed
in conformity with the Mongolian legislation.
Article 28 Activities of certification office
28.1 Certification office shall
28.1.1 prepare signature certificate
28.1.2 create electronic signature key(pin code) for participants
in the information system which will be securely stored in electronic
signature confidentiality.
28.1.3 temporarily suspend or restore or cancel the valid date of
signature certificate
28.1.4 keep the register of signature certificate and provide facilitating
conditions for interaction of the center and participation of information
system
28.1.5 keep the sole identifiable feature of electronic signature
in archive of certification office and register of signature certificate
28.1.6 Signature certificates shall be issued on documents on paper
form and information validating it in electronic document.
28.1.7 Other services related to use of electronic signature shall
be provided for participants in the information system.
28.2 Signature certificate shall be prepared based on claim made by
participant in the information system containing the information required
by holder of signature certificate stated in Article 25 in the present
law.
28.3 The procedure of preparing signature certificate at certification
office involves making of two copies on paper form signed by involved
parties; holder of signature certificate and authorized person of certification
office. The copies should have a seal of certification office. One copy
shall be issued to holder of certificate and another one shall be kept
at certification office.
Article 29 Duties and responsibilities of certification
office
29.1 Certification office shall take the following duties and responsibilities
in relation to the holder of signature certificate. They are as follows:
29.1.1 including in the register of signature certificate
29.1.2 performing acts of issuance of signature certificate to participants
in the information system
29.1.3 duties and rights mutually agreed by involved parties and
other legislative acts
Article 30 Duties and responsibilities of holder of signature
certificate
30.1 The responsibilities of the holder of signature should:
30.1.1 not to use open access and inaccessible key (secret code)
of electronic signature if made known to the holder that the key is
or had been in use
30.1.2 keep the electronic key of electronic signature secret.
30.2 immediately notifying the certification office in case of loss
of secret code of electronic signature.
Article 31. Invalidating the signature certificate
31.1 Certification office shall invalidate signature certificate in
the following cases. They are:
31.1.1 when the date of service is expired
31.1.2 when date of certificate of electronic signature is expired
31.1.3 when the holder of signature certificate has submitted a request
in writing.
31.1.4 when other legislative state or involved parties mutually
agree to do so.
31.2 In case of invalidation of signature certificate, certification
office shall make all the information in signature certificate register
invalid.
Article 32 Terminating activities of certification office
32.1 Activities of certification office, which issues a signature certificate
in the open information system, may be terminated in accordance with
civil law.
32.2 In case of terminating the activities of certification office
in accordance with section 1 of this article, signature certificate
issued by it may be transferred to other certification office upon agreement
of holder of certificate.
32.3 Signature certificate which is not transferred to other certification
office shall be made invalid and shifted to authorized executive organization
for storage in concurrence with Article 26 of the present law.
Article 33 Cases allowing substitute for seal
33.1 The content of documents transferred into electronic form from
paper form having seal, compliant with legal norms and agreed by involved
parties can be verified by electronic signature of authorized person.
33.2 Electronic signature on electronic document that is in concurrence
with legislation and legal acts of Mongolia and agreed by involved parties
shall be equivalent to signature written on paper and verified with
seal.
CHAPTER EIGHT: E-Commerce
Article 34 E-commerce environment
34.1 E-commerce can be used in activities of all sectors, which will
apply to designated technical and program tools for receipt, transfer,
storage and process using digital documents.
Article 35 Regulatory principles of e-commerce
35.1 Legal regulation of e-commerce shall be based on principle of
forming a condition whereby rights of participants are equally provided,
freedom and activities of contract is not impeded and transaction of
goods, services and finance is made without delay.
Article 36 Principle of negotiation in writing on the
basis of electronic document exchange
36.1 Negotiation in writing shall be made through exchange of electronic
documents in compliance with the present law and other legal statements.
36.2 Statement in Section 1 of this article shall not be dependent
on the current law on e-commerce and other legal statements as well
as whether negotiations between involved parties are made in writing
or not.
Article 37 Original and copy of electronic documents
37.1 All electronic documents certified by digital signature shall
constitute an original document.
37.2 The copy of original document is treated as ready when electronic
documents are put on paper form and signed by authorized person.
Article 38 Storing electronic documents
38.1 When the present law, other legislation and negotiations between
involved parties see the necessity of the storage of electronic documents
and other information the following requirements shall be followed.
38.1.1 Electronic documents shall be stored in initial format.
38.1.2 Electronic documents for storage shall be able to be identified
in terms of the dates of sending, receiving and creating.
38.1.3 Other conditions stipulated in the relevant paragraph of the
current law and negotiation between involved parties shall be followed.
38.2 Electronic documents and other information produced for sending
and receiving purpose shall not refer to statements in the present article.
38.3 Citizens and legal entities may use services of other citizens
and legal entities for transferring electronic documents for storage
in accordance with section 1 of this article.
Article 39 Sending electronic documents
39.1 Electronic documents can be treated as originated by sender in
the following conditions. They are
39.1.1 when the sender sends electronic documents
39.1.2 when electronic documents are sent by authorized entity on
behalf of sender
39.1.3 when electronic documents are sent through information system
automated and programmed by holder of the documents
39.2 When electronic documents are proved to have been originated by
the sender after receiver has checked based on negotiation between sender
and receiver.
Article 40 Legal status of e-commerce runners
40.1 E-commerce can be run by enterprises, citizens and legal entities
which are entitled to do so by the present law and other relevant laws.
Article 41 Establishing a contract through exchange of
electronic documents
41.1 E-commerce contract can be established through exchange of electronic
documents upon proof that involved parties have been in relation with
each other through electronic form.
41.2 Commerce contract shall be treated as legal document when it is
proved to have been made through electronic documents.
41.3 When signed by authorized person e-commerce contract in writing
shall be treated as valid.
41.4 Stipulations other than 1 to 3 of the present law shall be determined
by legislation of Mongolia.
Article 42 Acknowledgement of duties by involved parties
42.1 Contract form being in electronic form cannot serve a basis for
dispute and not admissible to court related to conditions and duties
of the contract between involved parties when e-commerce contract was
proved to have been established through electronic documents.
Article 43 Regulation for establishment of e-commerce
43.1 During establishment of e-commerce contract involved parties may
produce proposal for establishing a contract and acceptance of the proposal
in electronic form.
Article 44 Legal relations of electronic documents in
bank transactions
44.1 One of the legal authority of electronic documents in bank transactions
shall be Mongol Bank and other bank and non-banking bodies.
44.2 Relations between subjects of electronic documents in bank transactions
shall be regulated on the basis of contract.
Article 45 Program and Methodology
45.1 The certificate of assessment of programme-technique means designated
for storage, processing and storage in bank transactions shall be issued
by the relevant body at Mongol Bank. The list of certificate of assessment
and list of programme-technique shall be determined by Mongol Bank.
Article 46 Storing electronic documents of inter-bank
payment and allocating of bank statements
46.1 The duration of storing original of electronic documents of inter-bank
payment shall be determined by Mongol Bank. Allocating copy of electronic
documents shall be decided by Central Archive Center of Inter-bank Payment
of Mongol Bank.
CHAPTER NINE: Information resources
Article 47 Legal basis of information resources
47.1 Information resources in Mongolia shall consist of information
resources of citizens, legal entities and state. Like other resources
in Mongolia they shall be subject to legal protection.
47.2 The main condition for referring, given information to information
resources (??) shall be substantiated information. Information shall
be substantiated in accordance with regulation by authorized state organization
in charge of keeping official matters, standardizing documents and ensuring
the security of Mongolia.
47.3 Documents taken from the information system shall be made valid
after this is signed by authorized person in concurrence with the legislation
of Mongolia.
47.4 Documents stored, processed and transferred through the information
system and network shall be made valid upon certification of electronic
signature.
Article 48 Ownership of information resources
48.1 Information resources shall be either of public and private property.
They can be subject to ownership of state, individuals and legal entities.
Relations concerning ownership of information resources shall be regulated
by Civic Law, the present law and other legislation.
48.2 Citizens and legal entities shall be the owner of documents and
information which was received, inherited, given as a gift and originated
by own fund in accordance with the legislation.
48.3. State shall be the owner of documents and information which was
originated, received and accumulated by central and local budgets and
other means stipulated in the law at the state organization.
48.3.1 Relevant state organization shall be entitled to buying substantiated
information that refers to the state secret.
48.3.2 Substantiated information that refers to state secret shall
be used only when authorized state organization gives permission.
48.4 Entity obliged with providing substantiated information for authorized
state organization shall remain the owner of information given.
48.5 State owned information resources at state organization shall
be registered in the list of state property and put under state protection
as stipulated in the law.
48.6 Information resources may be treated as products in all cases
otherwise stated by the law and legislation in Mongolia. The owner of
such information resources shall exercise the rights stated below.
48.6.1 to determine the regime and regulations for processing, protecting
and using information resources within the given authorization and
act within this regime and regulations
48.6.2 to identify conditions for making copies, disseminating and
treating substantiated information and act within the conditions
48.7 Owner or holder of information resources shall be entitled to
inherit them to another owner or holder ensuring their continuity. When
the holder of state information resources is abolished or reoriented
with being no longer responsible for compilation and use of information
resources the authorized state organization shall identify a legal entity
which will take on the duties of holding information resources and provide
working conditions for them as stated in the law. In case of seeing
no necessity for further use of information resources, they will be
transferred to National Archive in conformity with the law on archive
in Mongolia.
Article 49 Referring information resources to national wealth
49.1 Particular objects of information resources at a national scale
may refer to the national wealth.
49.2 The government shall select particular object out of information
resources at a national scale and announce as national wealth. It will
also approve legal regulations as per the above mentioned.
Article 50. Rights to accessing to information resources
50.1 Information resources other than those which are substantiated
and limited as stated in the law shall be open and accessible to the
public.
Article 51. Exercising the right of accessing to information
resources
51.1 State organizations, citizens and legal entities shall be equally
entitled to use of state information resources other than the ones which
refer to state secret.
51.2 Holder of information resources shall provide users with information
on the basis of the law and regulation on use of information resources
and of contract on services for information provision.
51.3 Citizens and profit organization may produce secondary source
of information legally taken out of state information resources for
the purpose of commercial dissemination.
51.4 The regulation for receipt of information by users (place and date
of receipt, responsible officer, regime etc.) shall be determined by
owner or holder of information resource in accordance with the law.
A holder of information system shall distribute users a list of information
and information services and regulation and condition for access to
information resources without charge.
51.5 State authorized organization and other concerned agencies shall
be responsible for providing conditions which enable fast, efficient
and full scale receipt of information by users.
51.6 A regulation for collecting, processing and protecting substantial
information with limited frame of use and manual for access to such
information shall be approved by central state administration office
obliged with creation and use of particular information resources.
Article 52. Duties of information provision
52.1 State administration and other state organizations shall create
information resource on activities and functioning of itself and subsidiary
agencies which will be accessible to public. As well, within given authority
they will provide the public with information on related human rights,
citizen duties, freedom, human security and other issues of public interest.
52.2 The Government of Mongolia jointly with other state authorized
organizations shall approve the regulation for inclusion of information
resources and information system at a national scale into the state
list.
Article 53 Access to information resources
53.1 Unless otherwise stated in the law citizens, enterprises and organizations
shall be entitled to access to information resources for the purpose
of ensuring the reliability and comprehensiveness of information on
themselves. They shall also be entitled to be aware of who has used
the information on themselves and when and why it was used.
53.2 Unless otherwise stated in the law holder of substantiated documents
on citizen shall be obliged to show detailed information without charge
when the citizen demands so.
Article 54 Rights and duties of holder of information
resources
54.1 Holder of information resources may reconstruct the internal structure
of information resource under his/her holding to ensure user-friendliness.
54.2 Holder of information resources shall be obliged to provide information
for users in accordance with regulation determined by owner of information
resources.
54.3 Holder of information resources shall abide by the regulation
for information use stipulated in the Mongolian law.
Article 55 Ownership right of information technology
tools
55.1 Citizens, legal entities and state may own the information technology
tools.
55.2 Information system and network, communications technology and
their tools shall be registered in the state register. Communications
technology tools may be treated as products when the copy of rights
for processing and creation has been certified in accordance with the
Mongolian law.
55.3 Owner of information technology tools shall identify conditions
in which the products are used.
55.4 Creator of information technology tools shall exercise ownership
right upon certification of copy of rights in accordance with the Mongolian
and international law.
55.5 The copy of right of information technology and their tools shall
be under protection in conformity with the Mongolian law on copy of
rights.
CHAPTER TEN: Validity of the Law
Article 56 Effectivity of the law
56.1 The present law shall enter into force from _____(day) of __________
(month), 2000.
|