7 legislation of the Digital Signature Act (provisional name)

(1)The meaning of an digital signature

A digital signature is a cryptographic system which has the same functions as a manual signature: to identify the originator of a electronic message and to confirm that its contents are based on the intention of the originator.

Because a digital signature can be generated only by a person holding a private key, it is actually impossible to fabricate a digital signature and the originator of a massage can be verified. Besides, a message with a digital signature cannot be altered and its contents cannot be repudiated. So a digital signature can be regarded as equivalent to a manual signature. Moreover, the function of message authentication, a function which is not provided by a manual signature, as well as signer authentication can be realized through a digital signature.

Now digital signature systems are mainly based on asymmetric cryptosystems, and, as stated above, there must be a certification authority certifying a public key used to verify a digital signature corresponds to a private key in such systems.

However, technology of electronic data processing has progressed rapidly, and new standards of systems for electronic "signatures" and technology for identification may be developed. In the legislation on a digital signature, we must take such technical progress into consideration, but we discussed on legislation on a digital signature based on an asymmetric cryptosystem, which is one option to deal with the present issues.

(2) Necessity for legislation

Under the Japanese law, there are cases in which a signature of a person who prepares a document is required (Article 968 of the Civil Code, Article 29 of the Family Registration Act, Article 33 of the Real Property Registration Act, Article 166 of the Commercial Code, etc.). In these cases a signature is required to clarify the person who prepares the document and make sure that the contents of the document is based on the intention of the signer. When a signature is required by law, any documents lacking a signature will not be provided with the effects to be given to a document bearing a signature in accordance with the substantive law or the procedural law.

A signature cannot be attached to a digital message, unless a digital signature, which can play same roles as a manual signature, is deemed as a "signature". To consider a digital signature as an equivalent for a manual signature, there must be some legislation.

In such legislation, it may be appropriate not that all digital signatures based on asymmetric cryptosystems are regarded as "signatures" but only certain digital signatures which can be verified with a public key listed in a certificate issued by a certification authority which fulfills certain legal conditions. Legislation to provide such condition may be necessary in legislate a "digital signature act".

(3) Contents of the legislation

Studies should be continued on the contents of the legislation on a digital signature based on an asymmetric cryptosystem. We should take foreign legislation and standards (X.509)of the contents of a certificate prepared by ITU (International Telecommunication Union) into consideration.

When we legislate on a digital signature based on an asymmetric cryptosystem, the contents of the legislation may be as follows:

  1. Definitions
    Digital signature, certification, public key and private key, and other related matters.
  2. Matters related to competent authorities
    jurisdiction, authority, operations, etc.
  3. Matters related to certification authorities
    Qualification requirements, business details, responsibilities, etc.
  4. Matters related to certificates
    Contents, procedures to deal with lost certificates
  5. Matters related to the effect of digital signatures

8 Studies and discussions in the future

(1) The System Subcommittee have studied some concrete issues and is planning to study such important issues as legislation on an electronic notarization system and key escrow/key recovery systems in 1997.

(2) Through the study, we have concluded that there should be electronic authentication and notarization systems for electronic commerce and electronic applications to be conducted widely and that the Ministry of Justice is expected to deal with this issue actively as a operator of the commercial registration system and a regulator of the notarization system.

As to technology, many systems using asymmetric cryptosystems are published and studied, and cryptosystems themselves are improved day by day. We should consider carefully what kind of cryptosystem should be adopted under such circumstances. We should also investigate cautiously the discussions in such international organizations as UNCITRAL, OECD, APEC, and EU from a standpoint of international harmonization. So it seems difficult to establish a certain system based on a specific cryptosystem, as well as to legislate a digital signature act, at once.

It seems that many corporations have already involved in electronic commerce, but on the other hand, there are also many corporations which would not be involved until electronic authentication and notarization systems are established. It seems clear that establishment of electronic authentication and notarization systems is a major factor to promote electronic commerce. It is also expected to realize electronic applications as a part of improvement of administrative services. The establishment of the electronic authentication system is also expected to realize such applications.

So electronic authentication and notarization systems, which can correspond to future improvement in cryptography and telecommunications flexibly and harmonize the Japanese legal system and commercial custom, should be established as early as possible. Such systems should be recognized universally, as well as be available in the country.

(3) At the System Subcommittee, we are going to continue our studies so that we can propose desirable electronic authentication and notarization systems in Japan.

3. Studies at the Substantive Law Subcommittee (omitted)

back