SECTION .0300 - PUBLIC KEY TECHNOLOGY

 

18 NCAC 10 .0301             PUBLIC KEY TECHNOLOGY LICENSING, FEES, RENEWAL

(a)  To be considered for licensure under this subsection, a Certification Authority shall utilize certificate-based public key cryptography.

(b)  Any applicant seeking licensure must demonstrate compliance with the North Carolina Electronic Commerce Act, G.S. 66, Article 11A, and the rules in this Chapter.

(c)  To request licensure, a Certification Authority shall provide the Electronic Commerce Section with a copy of its current Certification Practice Statement and most recent reports of compliance audit(s) as required by 18 NCAC 10 .0303 (k).

(d)  A Certification Authority shall adhere to its Certification Practice Statement.  If a Certification Authority modifies its Certification Practice Statement, it shall provide an updated copy of the Certification Practice Statement to the Electronic Commerce Section as soon as is practicable, and no later than the date the updated Certification Practice Statement is put into operation.  As a condition of continued licensure, the Electronic Commerce Section may require the Certification Authority to undergo an audit to document compliance with its updated Certification Practice Statement and the rules in this Chapter.

(e)  An initial licensing fee of two thousand dollars ($2,000 US) shall accompany an initial application. 

(f)  A renewal fee of two thousand dollars ($2,000 US) shall accompany an application for renewal by a licensed Certification Authority.

(g)  A license issued by the Electronic Commerce Section pursuant to this Section shall expire one year after its effective date, unless timely renewed.

(h)  Financial Responsibility.

(1)           As precondition of licensure a Certification Authority shall obtain a bond issued by a surety company authorized to do business in North Carolina.  A copy of the bond shall be filed with the Electronic Commerce Section prior to licensure.  The amount of the bond shall not be less than twenty-five thousand dollars ($25,000 US).  The bond shall be in favor of the State of North Carolina.  The bond shall be payable for any penalties assessed by the Electronic Commerce Section pursuant to the Rules in this Chapter and for any losses the State encounters resulting from a Certification Authority's conduct of activities subject to the Electronic Commerce Act or arising out of a violation of the Electronic Commerce Act or any Rule promulgated thereunder;

(2)           As precondition of licensure a Certification Authority shall obtain indemnity insurance coverage (e.g. "errors and omissions" or "cyber coverage" or similar coverage) to protect subscribers, relying parties and the State for any losses resulting from the Certification Authority's conduct of activities subject to the Electronic Commerce Act or arising out of a violation of the Electronic Commerce Act or any Rule promulgated thereunder.  Indemnity coverage shall be obtained and maintained in the amount of not less than one hundred thousand dollars ($100,000 US) per occurrence and not less than one million dollars ($1,000,000 US) for all occurrences;

(3)           The failure of a Certification Authority to continuously maintain this surety bond and indemnity insurance coverage may be the basis for revocation or suspension of its license.

 

History Note:        Authority G.S. 66-58.3; 66-58.10(a)(2);

Temporary Adoption Eff. February 23, 1999;

Codifier determined on November 23, 1999, agency findings did not meet criteria for temporary rule;

Temporary Adoption Eff. December 3, 1999;

Eff. March 26, 2001;

Pursuant to G.S. 150B-21.3A, rule is necessary without substantive public interest Eff. December 6, 2016.