[Congressional Bills 105th Congress]
[From the U.S. Government Publishing Office]
[H.R. 2991 Introduced in House (IH)]







105th CONGRESS
  1st Session
                                H. R. 2991

  To enhance electronic commerce by requiring agencies to use digital 
  signatures, which are compatible with standards for such technology 
  used in commerce and industry, to enable persons to submit Federal 
             forms electronically, and for other purposes.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                            November 9, 1997

 Ms. Eshoo (for herself and Mr. Tauzin) introduced the following bill; 
which was referred to the Committee on Government Reform and Oversight, 
   and in addition to the Committee on Commerce, for a period to be 
subsequently determined by the Speaker, in each case for consideration 
  of such provisions as fall within the jurisdiction of the committee 
                               concerned

_______________________________________________________________________

                                 A BILL


 
  To enhance electronic commerce by requiring agencies to use digital 
  signatures, which are compatible with standards for such technology 
  used in commerce and industry, to enable persons to submit Federal 
             forms electronically, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Electronic Commerce Enhancement Act 
of 1997''.

SEC. 2. STUDIES ON USE OF DIGITAL SIGNATURES TO ENHANCE ELECTRONIC 
              COMMERCE.

    The Assistant Secretary shall conduct an ongoing study of the 
enhancement of electronic commerce due to the use of digital signatures 
pursuant to this Act, and shall report findings to the Commerce 
Committee of the House and to the Commerce, Science, and Transportation 
Committee of the Senate not later than--
    (1) 12 months; and
    (2) 60 months;
after the date of enactment of this Act.

SEC. 3. ELECTRONIC AVAILABILITY OF FORMS.

    The Director, in accordance with technical standards provided by 
the Assistant Secretary under section 6, shall not later than 12 months 
after the date of enactment of this Act establish a method for each 
Federal agency to make its forms available electronically. Such forms 
shall be--
            (1) available for electronic submission (through use of a 
        digital signature when necessary);
            (2) substantially identical in content and requirements to 
        any corresponding paper versions;
            (3) available on an Internet web site controlled by the 
        Federal Government that contains an electronic link to the 
        website described in section 6(f) of this Act;
            (4) available for downloading and printing;
            (5) available for electronic storage by employers that are 
        required by law to collect, store, or file paper versions of 
        forms completed by employees; and
            (6) acknowledged upon receipt by an agency through prompt 
        issuance of an electronic receipt.

SEC. 4. PAYMENTS.

    Under the method established under section 2--
            (1) any payment associated with a form submitted 
        electronically shall be no greater than the payment associated 
        with any corresponding printed version of such form;
            (2) not less than 2 means of electronic payment shall be 
        provided, but such payment may not be required to precede 
        submission of a form; and
            (3) a prompt receipt for electronic payment shall be issued 
        electronically to each person who submits a payment 
        electronically.

SEC. 5. USE OF DIGITAL SIGNATURES BY FEDERAL OFFICIALS.

    (a) Agency Employees to Receive Digital Signatures.--The head of 
each agency shall issue guidelines for determining how and which 
employees in each respective agency shall be provided digital 
signatures for use within the scope of their employment.
    (b) Availability of Electronic Notice.--An agency may provide a 
person entitled to receive written notice of a particular matter with 
the opportunity to receive electronic notice instead.

SEC. 6. CERTIFICATES FOR DIGITAL SIGNATURES.

    (a) Guidelines for Acceptance of Certificates.--The Director shall 
issue guidelines governing the manner in which agencies may accept 
certificates.
    (b) Accreditation.--Under the guidelines issued under subsection 
(a), an agency shall accept certificates issued by--
            (1) the agency; or
            (2) a trusted third party that is licensed or accredited 
        by--
                    (A) a State or local government; or
                    (B) an appropriate accreditation body.
    (c) Trusted Third Party Liability.--Under the guidelines issued 
under subsection (a), an agency may accept a certificate only from a 
trusted third party that, in accordance with commercially reasonable 
standards, accepts liability for and is insured against negligent 
issuance or handling of certificates.
    (d) Foreign Trusted Third Party.--The Secretary of State shall 
determine from which foreign countries agencies may accept 
certificates.
    (e) Agency Establishment of Trusted Third Party.--No agency may 
establish a trusted third party except to--
            (1) provide digital signatures to its employees;
            (2) issue certificates relating to messages sent by such 
        employees; or
            (3) act as a reliable authority on behalf of another 
        trusted third party.
    (f) Directory of Qualified Trusted Third Parties.--The Assistant 
Secretary shall compile and post on a website controlled by the Federal 
government a list of trusted third parties (along with an electronic 
link, if any, to a web site controlled by each trusted third party) 
that are qualified under this section to issue certificates.

SEC. 7. STANDARDS FOR DIGITAL SIGNATURES; EFFECT OF DIGITAL SIGNATURES.

    (a) Technical Standards for Digital Signatures.--The Assistant 
Secretary shall provide to the Director technical standards for the 
digital signatures accepted for purposes of the method established 
under section 2 or provided under section 4.
    (b) Compatibility With Private Sector.--The standards referred to 
in subsection (a) shall be compatible with standards and technology for 
digital signatures used in commerce and industry and by State 
governments.
    (c) Reliability of Digital Signatures.--Under the standards 
referred to in subsection (a), a digital signature shall be as reliable 
as is appropriate for the purpose for which an electronic message 
containing a digital signature is generated, in light of all the 
circumstances, including any relevant agreement.
    (d) Legal Significance of Digital Signatures.--For purposes of 
digitally signed forms accepted under section 2, a digital signature 
shall have the same force and effect as a written signature.

SEC. 8. EMPLOYER ELECTRONIC STORAGE OF FORMS.

    If an employer is required by law to collect, store, or file paper 
forms that are completed by employees, such employer may store such 
forms electronically if such forms are submitted electronically.

SEC. 9. IMPLEMENTATION BY AGENCIES.

    (a) Implementation.--Not later than 36 months after the date of 
enactment of this Act, each agency shall implement the method 
established under section 2 of this Act and the guidelines issued under 
section 4 of this Act.
    (b) Report to Congress.--Not later than 12 months after the date of 
enactment of this Act, the Assistant Secretary shall submit a report to 
the Commerce Committee of the House and to the Commerce, Science, and 
Transportation Committee of the Senate that details the technical 
standards described in section 6.

SEC. 10. DEFINITIONS.

    For purposes of this Act:
            (1) Assistant Secretary.--The term ``Assistant Secretary'' 
        means the Assistant Secretary for Communications and 
        Information (the head of the National Telecommunications and 
        Information Administration) of the Department of Commerce.
            (1) Agency.--The term ``agency'' has the meaning given the 
        term ``executive agency'' in section 105 of title 5, United 
        States Code.
            (2) Certificate.--(A) The term ``certificate'' means a 
        statement meeting the requirements of subparagraph (B) that 
        permits a person holding such statement to determine that a 
        digitally signed message--
                    (i) was signed by the person whose digital 
                signature appears to be attached to the message; and
                    (ii) has not been altered since the digital 
                signature was attached.
            (B) For purposes of subparagraph (A), the statement must--
                    (i) identify the trusted third party or agency 
                issuing such statement;
                    (ii) identify the person whose digital signature 
                the trusted third party or agency is authenticating 
                with such statement;
                    (iii) specify the operational period of such 
                statement; and
                    (iv) be digitally signed by the trusted third party 
                or agency issuing such statement.
            (3) Digital signature.--The term ``digital signature'' 
        means a method of signing an electronic message that--
                    (A) identifies a particular person as the source of 
                such electronic message; and
                    (B) indicates such person's approval of the 
                information contained in such electronic message.
            (4) Director.--The term ``Director'' means the Director of 
        the Office of Management and Budget.
            (5) Form.--The term ``form'' means a document produced by 
        an agency--
                    (A) that is used by the agency to facilitate 
                interaction between the agency and persons;
                    (B) that is completed by a person by inserting 
                information as required by the agency;
                    (C) that is submitted to an agency more than 1,000 
                times per year; and
                    (D) that is not required to be completed in the 
                presence of a Federal official or at a particular 
                location.
            (6) Reliable authority.--The term ``reliable authority'' 
        means an entity licensed to serve as a notary that vouches to a 
        trusted third party for the identity of a person who seeks a 
        certificate to be issued on such person's behalf.
            (7) Trusted third party.--The term ``trusted third party'' 
        means an entity (other than an agency) that issues a 
        certificate.
                                 <all>