湖北省司法厅

Decree of the People’s Government of Hubei Province

No. 401

Interim Measures of Hubei Province for the Administration of Electronic Certificates, as deliberated and adopted at the executive meeting of the provincial people’s government on December 3, 2018, is hereby promulgated and shall come into force as of March 1, 2019.

Governor: Wang Xiaodong

December 28, 2018

Interim Measures of Hubei Province for the Administration of Electronic Certificates

Article 1 In order to standardize the administration of electronic certificates, facilitate the application of electronic certificates and the sharing of government service data, and improve the efficiency of government service, the Interim Measures of Hubei Province for the Administration of Electronic Certificates is hereby formulated in accordance with the Law of the People's Republic of China on Electronic Signatures and other relevant laws and regulations stipulated by the State and based on the realities of Hubei Province.

Article 2 The Measures shall be applicable to the information collection, generation, issuance, sharing, application, supervision and administration of electronic certificates involved in government administration and government service within the administrative area of Hubei Province.

The “electronic certificates” mentioned herein refer to data files of various credentials, certificates, permits, licenses, approvals and other result information generated by administrative organs at various levels, public institutions, and organizations authorized by laws and regulations or lawfully commissioned organizations during the process of performing government administration and providing government service.

Article 3 The application and management of electronic certificates shall follow the principles of being standard, normative, equally effective, shared, mutually recognized, preferentially used, safe and controllable.

Article 4 The provincial people’s government shall make overall arrangements for advancing the application and popularization of electronic certificates within the administrative area of the Province.

The people’s governments at or above the county level shall treat the administration of electronic certificates and the sharing and application of data as an important part of government service, and the finance department at the same level shall make overall arrangements for expenditures arising therefrom.

Article 5 The departments administrating government services of governments at or above the county level (hereinafter referred to as “government service administration departments”) shall manage the catalogue of electronic certificates at the same level, and guide and supervise the application and popularization of electronic certificates.

Management departments of electronic certificates database system shall be responsible for the construction and maintenance, data storage, application support, emergency backup, security and other work of the electronic certificates database system.

Issuers of electronic certificates shall be responsible for the management and security maintenance of the catalogue of its electronic certificates, as well as the generation, issuance, alteration, cancellation, sharing and filing of electronic certificates.

Agencies using electronic certificates shall be responsible for using electronic certificates in government services preferentially and safely.

Article 6 Issuers of electronic certificates shall compile the catalogue of its electronic certificates in accordance with relevant national and provincial  technical standards and business specifications, including the basic elements of certificates, template of certificates, sample of certificates, standard of data items, and pattern of stamps.

Article 7 When providing government services, issuers of electronic certificates shall treat the generation of electronic certificates as a necessary part of the service process, use online generation of electronic certificates with priority so as to generate both electronic and paper-based or physical certificates simultaneously when the service is concluded.

Electronic certificates with valid and reliable electronic signatures shall have the same legal effect as paper-based or physical certificates.

Where the annual inspection, extension, revocation, cancellation, annulment or pledge of an electronic certificate is required due to any alteration or the expiry of its valid period, the issuer of the electronic certificate shall promptly update the information and synchronously send the updated information to the electronic certificates database system.

Article 8 Issuers of electronic certificates shall align the business information system with the electronic certificates database system at the same level or other concerned electronic certificates database system in accordance with relevant national and provincial technical standards and business specifications, and simultaneously update generated electronic certificates in the electronic certificates database system at the same level or other concerned electronic certificates database system.

In case of unavailability of online generation conditions or inappropriateness of online processing, issuers of electronic certificates shall generate electronic certificates offline on the date of concluding the business, and promptly send the electronic certificates to the electronic certificates database system at the same level or other concerned electronic certificates database system.

Where the businesses are handled through business systems of relevant national departments, concerned departments of the provincial people’s government shall strive to make said national departments pass the data back or provide system interfaces so that simultaneous issuance can be gradually achieved.  .

Article 9 Issuers of electronic certificates shall promptly collect and send data of its electronic certificates to the electronic certificates database system at the same level or other concerned electronic certificates database system; the organization managing the lower-level electronic certificates database system shall collect and send the data of its electronic certificates to the higher-level electronic certificates database system.

Article 10 Issuers of electronic certificates shall strengthen the information verification of electronic certificates to ensure the authenticity, accuracy and completeness of the generated electronic certificates.

The electronic certification service on which the issuance of electronic certificates depends shall be provided by electronic certification service agencies established in accordance with the law, and follow the relevant policies, regulations and standards concerning the interconnection of electronic authentication.

Article 11 When handling government services, agencies using electronic certificates shall use the government information resources sharing platform to search electronic certificates that need to be checked and stored in the first place. Electronic certificates obtained through the government information resources sharing platform shall be used with priority and no certificate holder shall be required to provide paper-based or physical certificates or other relevant documents, unless otherwise stipulated by laws and regulations.

Article 12 Issuers of electronic certificates shall specify the requirements of using electronic certificates involving state secrets, trade secrets or personal privacy in accordance with relevant laws and regulations.

The information access shall be controlled by technical means for electronic certificates database system in order to prevent agencies using electronic certificates from searching the information about electronic certificates beyond the scope of business.

Article 13 Agencies using electronic certificates shall be responsible for securing certificate information it uses, and ensure that the certificates are searched and used ex officio and lawfully. None of their servicers shall search any information other than electronic certificate information that is required for handling matters in question and belongs to specific administrative counterparts and specific matters.

Agencies using electronic certificates must use the electronic certificate system to obtain valid electronic certificates and their copies. No agencies using electronic certificates shall obtain copies of any certificates through screen capturing, scanning, photographing, printing or other means in the business handling process.

Article 14 Issuers of electronic certificates and agencies using electronic certificates shall make full use of digital certificates, electronic seals, biometric technology and other necessary security technology to strengthen the identity authentication of certificate holders and applicants, to ensure the authenticity and credibility of their identities.

Article 15 Holders of electronic certificates may check the list and details of electronic certificates through Hubei government services website (http://zwfw.hubei.gov.cn/).

Article 16 Agencies using electronic certificates or holders of electronic certificates may submit applications to issuers of electronic certificates to verify electronic certificate information to which they have any objections.

Within 3 days after receiving the verification application, the issuer of the electronic certificate shall verify the inconsistent information caused by non-technical reasons, correct the false information, and notify the applicant or the certificate holder of the results.

With regard to the information inconsistency caused by technical reasons, the issuer of the electronic certificate shall forward the verification application to management departments of electronic certificates database system. The latter shall check the information, correct the false information, and provide feedback to issuers of electronic certificates within 3 days. Issuers of electronic certificates shall notify the applicant or the certificate holder of the results.

Article 17 Unless otherwise stipulated by laws and regulations,  issuers of electronic certificates shall keep electronic records of government services and place these electronic documents on file in accordance with national and provincial relevant regulations.

Agencies using electronic certificates shall file electronic certificates which are used as proofs of handling affairs in accordance with relevant regulations.

Article 18 Where any citizens, legal persons or other organizations request to handle relevant matters through the online government service platform and upload the electronic materials online, said requests shall be recognized by issuers of electronic certificates, and no service receiver shall be forced to submit applications on the site or provide materials in writing or other forms, unless otherwise stipulated by laws, regulations and rules.

Where agencies using electronic certificates reject electronic certificates or repeatedly demands paper-based or physical certificates, the certificate holder shall have the right to refuse to submit paper-based or physical certificates and he/she may lodge a complaint to government service administration departments.

Article 19 Information collection, preparation, issuance, sharing and use of electronic certificates shall comply with relevant technical and business standards and specifications stipulated by China and Hubei Province for the sharing of government information resources and the management of electronic certificates.

  Government service administration departments shall establish the mechanism of authorizing the data sharing of electronic certificates and the mechanism of providing feedback within specified time limit in accordance with the relevant regulations of China and Hubei province.

Article 20 Government service administration departments, management departments of electronic certificates database system,  issuers of electronic certificates and agencies using electronic certificates shall jointly strengthen the construction of security infrastructure of electronic certificates database system, and implement technical measures and management systems to ensure that information concerning electronic certificates is safe and controllable.

Management departments of electronic certificates database system shall establish a security management system, take necessary technical and security measures such as identity authentication, access control, information audit and tracking to prevent unauthorized access to data, establish a remote backup mechanism, and develop contingency plans and rules concerning data backup and recovery to ensure the safety and reliability of electronic certificates.

Issuers of electronic certificates and agencies using electronic certificates shall, in light of their realities, strengthen the information security management of the business information system associated with the electronic certificates database system, in order to ensure that national standards concerning security protection levels are met.

Article 21 Issuers of electronic certificates shall establish a normalized management mechanism, and promptly check and correct any errors and supplement any omissions found in the data and information of electronic certificates.

The retention period of the logs concerning the issuance, alteration and cancellation of electronic certificates shall not be less than the retention period of the issued electronic certificates. The retention period of the logs concerning the use of electronic certificates shall not be less than the retention period of the results generated from the use of electronic certificates.

Article 22 Government service administration departments shall treat the issuance and use of electronic certificates as indicators of performance assessment concerning government information sharing and government service, and strengthen the supervision over electronic certificate management efficiency.

Article 23 Where issuers of electronic certificates, agencies using electronic certificates, or management departments of electronic certificates database system violate any provisions herein by involving into any of the following acts, the government service administration departments shall order the violator to make corrections, lawfully punish the directly responsible person in charge and other directly responsible personnel in cases of gross violation, and hold violators criminally liable in accordance with the law if it constitutes a criminal offence:

(I) Failing to prepare, update or maintain the catalogue of its electronic certificates as required;

(II) Failing to promptly check and correct the problematic data and information of electronic certificates;

(III) Refusing or delaying the provision of data and information of electronic certificates, and reducing the scope of required data and information of electronic certificates without authorization;

(IV) Failing to use electronic certificates to provide government services with priority;

(V) Providing or disclosing data of electronic certificates to any others without approval, or extending the application scope of data without authorization;

(VI) Illegally using electronic certificate information that involves trade secrets or personal privacy, which results in the leakage of trade secrets or personal privacy.

Article 24 If any staff members of government service administration departments abuse their power, neglect their duties, or engage in malpractice for personal gains in the popularization and application of electronic certificates, they shall be punished in accordance with the law; if the act constitutes a criminal offence, criminal liability shall be investigated in accordance with the law.

Article 25 Issuers of electronic certificates shall take necessary measures to gradually complete the generation of electronic copies of valid certificates issued before the implementation of the Measures, and simultaneously update generated electronic certificates in electronic certificates database system at the same level or other concerned electronic certificates database system.

Article 26 The Measures shall come into force as of March 1, 2019.