Text: HF00623 Text: HF00625 Text: HF00600 - HF00699 Text: HF Index Bills and Amendments: General Index Bill History: General Index
PAG LIN 1 1 HOUSE FILE 624 1 2 1 3 AN ACT 1 4 RELATING TO ELECTRONIC COMMERCE SECURITY, AND PROVIDING 1 5 PENALTIES. 1 6 1 7 BE IT ENACTED BY THE GENERAL ASSEMBLY OF THE STATE OF IOWA: 1 8 1 9 DIVISION I 1 10 SUBCHAPTER I 1 11 GENERAL 1 12 Section 1. NEW SECTION. 554C.101 SHORT TITLE. 1 13 This chapter shall be known and may be cited as the "Iowa 1 14 Electronic Commerce Security Act". 1 15 Sec. 2. NEW SECTION. 554C.102 PURPOSES AND CONSTRUCTION. 1 16 This chapter shall be construed consistently with what is 1 17 commercially reasonable under the circumstances and to 1 18 effectuate all of the following purposes: 1 19 1. Facilitate electronic communications by means of 1 20 reliable electronic records. 1 21 2. Facilitate and promote electronic commerce, by 1 22 eliminating barriers resulting from uncertainties over writing 1 23 and signature requirements, and promoting the development of 1 24 the legal and business infrastructure necessary to implement 1 25 secure electronic commerce. 1 26 3. Facilitate electronic filing of documents with state 1 27 and local government agencies and promote efficient delivery 1 28 of government services by means of reliable electronic 1 29 records. 1 30 4. Minimize the incidence of forged electronic records, 1 31 intentional and unintentional alteration of records, and fraud 1 32 in electronic commerce. 1 33 5. Establish uniformity of rules, regulations, and 1 34 standards regarding the authentication and integrity of 1 35 electronic records. 2 1 6. Promote public confidence in the integrity, 2 2 reliability, and legality of electronic records and electronic 2 3 commerce. 2 4 Sec. 3. NEW SECTION. 554C.103 VARIATION BY AGREEMENT 2 5 USE OF ELECTRONIC MEANS OPTIONAL. 2 6 1. As between parties involved in generating, sending, 2 7 receiving, storing, or otherwise processing electronic 2 8 records, the provisions of this chapter may be varied by 2 9 agreement of the parties. However, an agreement shall not 2 10 vary requirements provided in section 554C.203, subsection 2; 2 11 section 554C.204, subsection 4; section 554C.305, subsection 2 12 2; sections 554C.422, 554C.423, 554C.424, and 554C.442; and 2 13 section 554C.444, subsection 2. 2 14 2. This chapter shall not be construed to require a person 2 15 to create, store, transmit, accept, or otherwise use or 2 16 communicate information, records, or signatures by electronic 2 17 means or in electronic form. A government agency shall not 2 18 require electronic filing of an electronic record or an 2 19 electronic signature as the only means of filing such record 2 20 or signature, except as otherwise provided by a rule of law. 2 21 SUBCHAPTER II 2 22 ELECTRONIC RECORDS AND SIGNATURES GENERALLY 2 23 Sec. 4. NEW SECTION. 554C.201 DEFINITIONS. 2 24 As used in this chapter, unless the context otherwise 2 25 requires: 2 26 1. "Commissioner" means the commissioner of insurance 2 27 appointed pursuant to section 505.2. 2 28 2. "Consumer" means an individual engaged in a transaction 2 29 for personal, family, or household purposes. 2 30 3. "Consumer transaction" means a transaction by an 2 31 individual for personal, household, or family use. 2 32 4. "Electronic" includes electrical, digital, magnetic, 2 33 optical, electromagnetic, or any other form of technology that 2 34 entails capabilities similar to these technologies. 2 35 5. "Electronic record" means a record generated, 3 1 communicated, received, or stored by electronic means for use 3 2 in an information system or for transmission from one 3 3 information system to another. 3 4 6. "Electronic signature" means a signature in electronic 3 5 form attached to or logically associated with an electronic 3 6 record. 3 7 7. "Government agency" means the executive, legislative, 3 8 or judicial branch, or an agency, department, board, 3 9 commission, authority, institution, or instrumentality of this 3 10 state or of any county, city, or other political subdivision 3 11 of this state. 3 12 8. "Information" includes but is not limited to data, 3 13 text, images, sound, codes, computer programs, software, and 3 14 databases. 3 15 9. "Party" means a person involved in an electronic 3 16 transaction governed by the provisions of this chapter. 3 17 10. "Record" means information that is inscribed, stored, 3 18 or otherwise fixed on a tangible medium or that is stored in 3 19 an electronic or other medium and is retrievable in 3 20 perceivable form. 3 21 11. "Rule of law" means any statute, rule of or order by a 3 22 government agency, regulation, ordinance, common law rule, or 3 23 court decision enacted, adopted, established, or rendered by 3 24 the general assembly, government agency, court, political 3 25 subdivision of, or other authority of, this state or the 3 26 federal government. 3 27 12. "Security procedure" means a methodology or procedure 3 28 for the purpose of doing any of the following: 3 29 a. Verifying that an electronic record is the record of a 3 30 specific person. 3 31 b. Detecting an error or alteration in the communication, 3 32 content, or storage of an electronic record since a specific 3 33 point in time. A security procedure may require the use of 3 34 algorithms or codes, identifying words or numbers, encryption, 3 35 answer back, acknowledgment procedures, or similar security 4 1 devices. 4 2 13. "Signed" or "signature" includes any symbol executed 4 3 or adopted, or any security procedure employed or adopted, 4 4 including by use of electronic means, by or on behalf of a 4 5 person with a present intention to authenticate a record. 4 6 Definitions used in any part of this chapter shall apply in 4 7 all other parts of this chapter. 4 8 Sec. 5. NEW SECTION. 554C.202 LEGAL RECOGNITION. 4 9 Information shall not be denied legal effect, validity, or 4 10 enforceability solely on the grounds that it is in the form of 4 11 an electronic record or an electronic signature. 4 12 A transaction subject to this chapter is also subject to 4 13 other applicable substantive rules of law. Other substantive 4 14 rules of law, whenever reasonable, shall be construed to be 4 15 consistent with this chapter. If such construction is 4 16 unreasonable, such other substantive rule of law governs. 4 17 Sec. 6. NEW SECTION. 554C.203 ELECTRONIC RECORDS. 4 18 1. Where a rule of law requires information to be written 4 19 or in writing or provides for certain consequences if it is 4 20 not, an electronic record satisfies that rule of law 4 21 requirement. 4 22 2. The provisions of this section shall not apply to any 4 23 of the following: 4 24 a. When its application involves a construction of a rule 4 25 of law that is clearly inconsistent with the manifest intent 4 26 of the body imposing the requirement or repugnant to the 4 27 context of the same rule of law. However, the mere 4 28 requirement that information be in writing, written, or 4 29 printed shall not by itself be sufficient to establish an 4 30 intent which is inconsistent with the requirement of this 4 31 section. 4 32 b. A rule of law governing the creation or execution of a 4 33 will or trust, living will, a general, durable, or healthcare 4 34 power of attorney, or a voluntary, involuntary, or standby 4 35 guardianship or conservatorship. 5 1 c. A record that serves as a unique and transferable 5 2 physical expression of rights and obligations including, 5 3 without limitation, negotiable instruments and other 5 4 instruments of title wherein possession of the instrument is 5 5 deemed to confer title in a consumer transaction. 5 6 d. A record that grants a legal or equitable interest in 5 7 real property, including a deed, mortgage, deed of trust, 5 8 pledge, security interest, or other lien or encumbrance. 5 9 e. A disclosure required in a consumer transaction, 5 10 including but not limited to, disclosures required in chapter 5 11 13C, sections 321.69 and 321.71, chapters 516D, 523B, 523E, 5 12 523G, 533D, 537, 537B, 538A, 552, 552A, 555A, 557A, 557B, 5 13 558A, and 562A, section 714.16, and chapter 714B, or an 5 14 administrative rule adopted pursuant to such sections and 5 15 chapters. 5 16 Sec. 7. NEW SECTION. 554C.204 ELECTRONIC SIGNATURES. 5 17 1. Where a rule of law requires a signature, or provides 5 18 for certain consequences if a document is not signed, an 5 19 electronic signature satisfies that requirement. 5 20 2. An electronic signature may be proved in any manner, 5 21 including by showing that a procedure exists by which a person 5 22 must of necessity have executed a symbol or security procedure 5 23 for the purpose of verifying that an electronic record is the 5 24 record of that person in order to proceed further with a 5 25 transaction. 5 26 3. Absent an agreement to the contrary, the recipient of a 5 27 signed electronic record is entitled to establish reasonable 5 28 requirements to ensure that the symbol or security procedure 5 29 adopted as an electronic signature by the person signing is 5 30 authentic. 5 31 4. The provisions of this section shall not apply to any 5 32 of the following: 5 33 a. When its application would involve a construction of a 5 34 rule of law that is clearly inconsistent with the manifest 5 35 intent of the body imposing the requirement or repugnant to 6 1 the context of the same rule of law. However, the mere 6 2 requirement that information be in writing, written, or 6 3 printed shall not by itself be sufficient to establish an 6 4 intent which is inconsistent with the requirement of this 6 5 section. 6 6 b. To any rule of law governing the creation or execution 6 7 of a will or trust, living will, a general, durable, or 6 8 healthcare power of attorney, or a voluntary, involuntary, or 6 9 standby guardianship or conservatorship. 6 10 c. To any record that serves as a unique and transferable 6 11 physical expression of rights and obligations including, but 6 12 is not limited, to negotiable instruments and other 6 13 instruments of title wherein possession of the instrument is 6 14 deemed to confer title in a consumer transaction. 6 15 d. To any record that grants a legal or equitable interest 6 16 in real property, including a deed, mortgage, deed of trust, 6 17 pledge, security interest, or other lien or encumbrance. 6 18 Sec. 8. NEW SECTION. 554C.205 REQUIREMENT FOR ORIGINAL 6 19 INFORMATION. 6 20 1. Where a rule of law requires information to be 6 21 presented or retained in its original form, or provides 6 22 consequences for information not being presented or retained 6 23 in its original form, that rule of law is satisfied by an 6 24 electronic record if there exists reliable assurance as to the 6 25 integrity of the information from the time when it was first 6 26 generated in its final form, as an electronic record or 6 27 otherwise. 6 28 2. The criteria for assessing the integrity of information 6 29 shall be whether the information has remained complete and 6 30 unaltered, apart from the addition of any endorsement and any 6 31 change that arises in the normal course of communication, 6 32 storage, and display. The standard of reliability required 6 33 shall be assessed in the light of all relevant circumstances, 6 34 including but not limited to the purpose for which the 6 35 information was generated. 7 1 3. The provisions of this section do not apply to any 7 2 record that serves as a unique and transferable physical 7 3 expression of rights and obligations including, but not 7 4 limited to, negotiable instruments and other instruments of 7 5 title wherein possession of the instrument is deemed to confer 7 6 title. 7 7 Sec. 9. NEW SECTION. 554C.206 ADMISSIBILITY INTO 7 8 EVIDENCE. 7 9 1. In any legal proceeding, nothing in the application of 7 10 the rules of evidence shall apply so as to deny the 7 11 admissibility of an electronic record or electronic signature 7 12 into evidence based on any of the following: 7 13 a. On the sole ground that it is an electronic record or 7 14 electronic signature. 7 15 b. On the grounds that it is not in its original form or 7 16 is not an original. 7 17 2. Information in the form of an electronic record shall 7 18 be given due evidential weight by the trier of fact. In 7 19 assessing the evidential weight of an electronic record or 7 20 electronic signature where its authenticity is in issue, the 7 21 trier of fact may consider all relevant information or 7 22 circumstances, including but not limited to the manner in 7 23 which it was generated, stored, or communicated, the 7 24 reliability of the manner in which its integrity was 7 25 maintained, the manner in which its originator was identified, 7 26 and the manner in which the electronic record was signed. 7 27 Sec. 10. NEW SECTION. 554C.207 RETENTION OF ELECTRONIC 7 28 RECORDS. 7 29 1. a. Where a rule of law requires that certain 7 30 documents, records, or information be retained, that 7 31 requirement is met by retaining electronic records of the 7 32 information, provided that all of the following conditions are 7 33 satisfied: 7 34 (1) The electronic record and the information contained in 7 35 the electronic record must be accessible so as to be usable 8 1 for subsequent reference at all times when such information 8 2 must be retained. 8 3 (2) The information must be retained in the format in 8 4 which it was originally generated, sent, or received; or in a 8 5 format that can be demonstrated to represent accurately the 8 6 information originally generated, sent, or received. 8 7 (3) Data is retained which enables the identification of 8 8 the origin and destination of the information, the 8 9 authenticity and integrity of the information, and the date 8 10 and time when it was generated, sent, or received. 8 11 b. An obligation to retain documents, records, or 8 12 information in accordance with this subsection does not extend 8 13 to any data the sole purpose of which is to enable the record 8 14 to be sent or received. 8 15 2. Nothing in this section shall preclude any federal or 8 16 government agency from specifying additional requirements for 8 17 the retention of records that are subject to the jurisdiction 8 18 of such agency. 8 19 SUBCHAPTER III 8 20 SECURE ELECTRONIC RECORDS AND SIGNATURES 8 21 Sec. 11. NEW SECTION. 554C.301 SECURE ELECTRONIC RECORD. 8 22 1. Subject to the provisions of section 554C.303, if, by 8 23 the application of a qualified security procedure, it can be 8 24 verified that an electronic record has not been altered since 8 25 a specified point in time, such electronic record shall be 8 26 considered to be a secure electronic record from such 8 27 specified point in time to the time of verification. 8 28 2. For purposes of this subchapter, a qualified security 8 29 procedure is a security procedure to detect changes in content 8 30 that is any of the following: 8 31 a. Authorized by, and implemented in accordance with the 8 32 requirements of, this chapter. 8 33 b. Previously agreed to by the parties, and implemented in 8 34 accordance with the terms of such agreement. 8 35 c. Certified by the commissioner as providing reliable 9 1 evidence that an electronic record has not been altered, and 9 2 implemented in a manner specified by the certification. 9 3 Sec. 12. NEW SECTION. 554C.302 SECURE ELECTRONIC 9 4 SIGNATURE. 9 5 1. Subject to the provisions of section 554C.303, if, by 9 6 the application of a qualified security procedure, it can be 9 7 authenticated that an electronic signature is the signature of 9 8 a specific person, the electronic signature shall be 9 9 considered to be a secure electronic signature at the time of 9 10 verification. 9 11 2. A qualified security procedure for purposes of this 9 12 section is a security procedure for identifying a party that 9 13 is any of the following: 9 14 a. Authorized by, and implemented in accordance with the 9 15 requirements of, this chapter. 9 16 b. Previously agreed to by the parties to an agreement, 9 17 and implemented in accordance with the terms of the agreement. 9 18 c. Certified by the commissioner as being capable of 9 19 creating an electronic signature that meets all of the 9 20 following conditions: 9 21 (1) Is unique to the signer within the context in which it 9 22 is used. 9 23 (2) Can be used to promptly, objectively, and 9 24 automatically identify the person signing the electronic 9 25 record. 9 26 (3) Was reliably created by such identified person. 9 27 (4) Is linked to the electronic record to which it relates 9 28 in a manner which ensures that if the record or signature is 9 29 changed the electronic signature is invalidated, provided that 9 30 the security procedure is implemented in a manner required by 9 31 the certification. 9 32 Sec. 13. NEW SECTION. 554C.303 COMMERCIALLY REASONABLE 9 33 RELIANCE. 9 34 1. An electronic record or electronic signature that 9 35 qualifies for secure status pursuant to section 554C.301, 10 1 554C.302, 554C.411, or 554C.412 shall not be considered secure 10 2 unless the proponent establishes all of the following: 10 3 a. Use of the applicable security procedure was 10 4 commercially reasonable. 10 5 b. The security procedure was implemented in a trustworthy 10 6 manner or, where applicable, in a manner specified by this 10 7 chapter or the commissioner, to the extent such information is 10 8 within the knowledge of the proponent. 10 9 c. Reliance on the security procedure was reasonable and 10 10 in good faith in light of all the circumstances known to the 10 11 proponent at the time of the reliance, having due regard for 10 12 all of the following: 10 13 (1) Information that the proponent knew or had notice of 10 14 at the time of reliance, including all facts, statements, and 10 15 limitations contained in any statement by any third party 10 16 involved in the authentication process. 10 17 (2) The value or importance of the electronic record 10 18 signed with the secure electronic signature, if known. 10 19 (3) Any course of dealing between the proponent and the 10 20 purported sender and the available indicia of reliability or 10 21 unreliability apart from the secure electronic signature. 10 22 (4) Any usage of trade, particularly trade conducted by 10 23 trustworthy systems or other computer-based means. 10 24 (5) Whether the authentication was performed with the 10 25 assistance of an independent third party. 10 26 (6) Any other evidence relating to facts of which the 10 27 proponent was aware that would suggest that reliance was or 10 28 was not reasonable. 10 29 2. The commercial reasonableness of a security procedure 10 30 is to be determined by the trier of fact in light of the 10 31 purposes of the procedure and the commercial circumstances at 10 32 the time the procedure was used, including but not limited to 10 33 the nature of the transaction, sophistication of the parties, 10 34 volume of similar transactions engaged in by either or both of 10 35 the parties, availability of alternatives offered to but 11 1 rejected by either of the parties, cost of alternative 11 2 procedures, and procedures in general use for similar types of 11 3 transactions. 11 4 Sec. 14. NEW SECTION. 554C.304 PRESUMPTIONS. 11 5 1. In resolving a civil dispute involving a secure 11 6 electronic record, it shall be rebuttably presumed that the 11 7 electronic record has not been altered since the specific 11 8 point in time to which the secure status relates. 11 9 2. In resolving a civil dispute involving a secure 11 10 electronic signature, all of the following shall be rebuttably 11 11 presumed: 11 12 a. The secure electronic signature is the signature of the 11 13 person to whom it correlates. 11 14 b. The secure electronic signature was affixed by that 11 15 person with the intention of signing the electronic record. 11 16 3. The effect of the presumptions provided in this section 11 17 is to place on the party challenging the integrity of a secure 11 18 electronic record or challenging the genuineness of a secure 11 19 electronic signature both the burden of going forward with 11 20 evidence to rebut the presumption and the burden of persuading 11 21 the trier of fact that the falsity of the presumed fact is 11 22 more probable than the truth of its existence. 11 23 4. In the absence of a secure electronic record or a 11 24 secure electronic signature, nothing in this chapter shall 11 25 change existing rules regarding legal or evidentiary rules 11 26 regarding the burden of proving the authenticity and integrity 11 27 of an electronic record or an electronic signature. 11 28 Sec. 15. NEW SECTION. 554C.305 ATTRIBUTION OF SIGNATURE 11 29 TO A PARTY. 11 30 1. Except as provided by another applicable rule of law, 11 31 and subject to the provisions of section 554C.304, a secure 11 32 electronic signature is attributable to the person to whom it 11 33 correlates, whether or not authorized, if all of the following 11 34 apply to the electronic signature: 11 35 a. The signature resulted from acts of a person who 12 1 obtained the access numbers, codes, computer programs, or 12 2 other information necessary to create the signature from a 12 3 source under the control of the alleged signer, creating the 12 4 appearance that it came from the person to whom it correlates. 12 5 b. The access occurred under circumstances constituting a 12 6 failure to exercise reasonable care by the person to whom it 12 7 correlates. 12 8 c. The recipient reasonably relied to the recipient's 12 9 detriment on the apparent source of the electronic record, 12 10 taking into account the factors provided in section 554C.303. 12 11 2. The provisions of this section shall not apply to 12 12 consumer transactions, including but not limited to credit 12 13 card and automatic teller machines, except to the extent 12 14 allowed by applicable consumer law. 12 15 Sec. 16. NEW SECTION. 554C.306 CERTIFICATION BY THE 12 16 COMMISSIONER. 12 17 1. This chapter shall not limit the technology which may 12 18 qualify as a security procedure under section 554C.301 or 12 19 554C.302 if the technology meets all of the criteria in 12 20 subsections 2 and 3. 12 21 2. A security procedure may be certified by the 12 22 commissioner as meeting the requirements of section 554C.301 12 23 or 554C.302, following an appropriate investigation or review, 12 24 if all of the following apply: 12 25 a. The technology utilized by the security procedure is 12 26 completely open and fully disclosed to the public in order to 12 27 facilitate a comprehensive evaluation of its suitability for 12 28 its intended purpose. 12 29 b. The certification is in accordance with the rules 12 30 adopted by the commissioner pursuant to chapter 17A. 12 31 c. The certification specifies at least all of the 12 32 following: 12 33 (1) A full and complete identification of the security 12 34 procedure. 12 35 (2) A specification of one or more acceptable trustworthy 13 1 methods by which the security procedure may be implemented 13 2 consistent with the certification. 13 3 (3) A term for the certification which shall not exceed 13 4 five years. 13 5 3. At the end of the term for each certified security 13 6 procedure, or earlier as determined by the commissioner, the 13 7 security procedure may be reevaluated in light of then-current 13 8 technology and recertified or decertified as appropriate. 13 9 4. A person, upon submitting a written request that 13 10 includes a complete explanation of a proposed technology which 13 11 meets the requirements of this section together with a 13 12 proposed draft of administrative rules applicable to such 13 13 technology, may request the commissioner to review the 13 14 proposed technology and practices. The commissioner shall 13 15 review the proposal and may adopt rules in accordance with 13 16 section 554C.413 with respect to the proposed technology and 13 17 practices. The commissioner may adopt rules establishing 13 18 procedures and requirements for the filing of proposals to 13 19 review proposed technology and practices. 13 20 SUBCHAPTER IV 13 21 DIGITAL SIGNATURES 13 22 PART 1 13 23 DEFINITIONS 13 24 Sec. 17. NEW SECTION. 554C.401 DEFINITIONS. 13 25 As used in this subchapter, unless the context otherwise 13 26 requires: 13 27 1. "Asymmetric cryptosystem" means a computer-based system 13 28 capable of generating and using a key pair, consisting of a 13 29 private key for creating a digital signature, and a public key 13 30 to verify the digital signature. 13 31 2. "Certificate" means a record that at a minimum provides 13 32 all of the following: 13 33 a. Identifies the certification authority issuing the 13 34 certificate. 13 35 b. Names or otherwise identifies its subscriber. 14 1 c. Contains a public key that corresponds to a private key 14 2 under the control of the subscriber. 14 3 d. Identifies its operational period. 14 4 e. Is digitally signed by the certification authority 14 5 issuing the certification. 14 6 3. "Certification authority" means a person who authorizes 14 7 and causes the issuance of a certificate. 14 8 4. "Certification practice statement" means a statement 14 9 published by a certification authority or person operating a 14 10 repository that specifies the policies or practices that the 14 11 certification authority employs in issuing, suspending, and 14 12 revoking certificates, and providing access to a certificate. 14 13 5. "Correspond" means to belong to the same key pair. 14 14 6. "Digital signature" means a type of an electronic 14 15 signature consisting of a transformation of an electronic 14 16 record using a message digest function that is encrypted with 14 17 an asymmetric cryptosystem using the signer's private key in a 14 18 manner providing that any person having the initial 14 19 untransformed electronic record, the encrypted transformation, 14 20 and the signer's public key may accurately determine all of 14 21 the following: 14 22 a. Whether the transformation was created using the 14 23 private key that corresponds to the signer's public key. 14 24 b. Whether the initial electronic record has been altered 14 25 since the transformation was made. A digital signature is a 14 26 security procedure. 14 27 7. "Key pair" means, in an asymmetric cryptosystem, two 14 28 mathematically related keys, having the properties that 14 29 provide all of the following: 14 30 a. One key can encrypt a message which only the other key 14 31 can decrypt. 14 32 b. Even knowing one key, it is computationally infeasible 14 33 to discover the other key. 14 34 8. "Message digest function" means an algorithm that maps 14 35 or translates the sequence of bits comprising an electronic 15 1 record into another, generally smaller, set of bits, referred 15 2 to as the message digest, without requiring the use of any 15 3 secret information such as a key, in a manner which provides 15 4 all of the following: 15 5 a. A record yields the same message digest every time the 15 6 algorithm is executed using such record as input. 15 7 b. It is computationally infeasible that any two 15 8 electronic records can be found or deliberately generated that 15 9 would produce the same message digest using the algorithm 15 10 unless the two records are identical. 15 11 9. "Operational period of a certificate" means a period 15 12 beginning and ending as follows: 15 13 a. The period begins on the date and at the time the 15 14 certificate is issued by a certification authority or on a 15 15 later date and at a time certain if stated in the certificate. 15 16 b. The period ends on the date and at the time the 15 17 certificate expires as noted in the certificate or on an 15 18 earlier date if the certificate is revoked or suspended in 15 19 accordance with this chapter. 15 20 10. "Private key" means the key of a key pair used to 15 21 create a digital signature. 15 22 11. "Public key" means the key of a key pair used to 15 23 verify a digital signature. 15 24 12. "Repository" means a system for storing and retrieving 15 25 certificates or other information relevant to certificates. 15 26 13. "Revoke a certificate" means to permanently end the 15 27 operational period of a certificate from a specified time 15 28 forward. 15 29 14. "Subscriber" means a person to whom all of the 15 30 following applies: 15 31 a. The person is the subject named or otherwise identified 15 32 in a certificate issued to the person. 15 33 b. The person controls a private key that corresponds to 15 34 the public key listed in that certificate. 15 35 c. The digitally signed messages verified by reference to 16 1 the certificate are to be attributed to the person. 16 2 15. "Suspend a certificate" means to temporarily suspend 16 3 the operational period of a certificate for a specified time 16 4 period or from a specified time forward. 16 5 16. "Trustworthy system" means a system of computer 16 6 hardware, software, and procedures that satisfies all of the 16 7 following: 16 8 a. Is reasonably secure from intrusion and misuse. 16 9 b. Provides a reasonable level of availability, 16 10 reliability, and correct operation. 16 11 c. Is reasonably suited to performing the system's 16 12 intended functions. 16 13 d. Adheres to generally accepted security procedures. 16 14 e. Meets or exceeds the requirements of rules adopted by 16 15 the commissioner. 16 16 17. "Valid certificate" means a certificate that meets the 16 17 following conditions: 16 18 a. The certificate has been issued by a certification 16 19 authority. 16 20 b. The subscriber listed in the certificate has accepted 16 21 the certificate in accordance with this chapter. 16 22 18. "Verify a digital signature" means to use the public 16 23 key listed in a certificate, together with an appropriate 16 24 message digest function and public key algorithm, to evaluate 16 25 a digitally signed electronic record in order to determine all 16 26 of the following: 16 27 a. That the digital signature was created using the 16 28 private key corresponding to the public key listed in the 16 29 certificate. 16 30 b. The electronic record has not been altered since its 16 31 digital signature was created. 16 32 PART 2 16 33 EFFECT OF A DIGITAL SIGNATURE 16 34 Sec. 18. NEW SECTION. 554C.411 SECURE ELECTRONIC RECORD. 16 35 Subject to the provisions of section 554C.303, an 17 1 electronic record or any portion thereof that is signed with a 17 2 digital signature shall be considered to be a secure 17 3 electronic record if the digital signature was created during 17 4 the operational period of a valid certificate and is verified 17 5 by reference to the public key listed in such certificate. 17 6 Sec. 19. NEW SECTION. 554C.412 SECURE ELECTRONIC 17 7 SIGNATURE. 17 8 Subject to the provisions of section 554C.303, when all or 17 9 any portion of an electronic record is signed with a digital 17 10 signature, the digital signature shall be considered a secure 17 11 electronic signature with respect to all or that portion of 17 12 the record, if all of the following apply: 17 13 1. The digital signature was created during the 17 14 operational period of a valid certificate, was used within any 17 15 limits specified or incorporated by reference in the 17 16 certificate, and can be verified by reference to the public 17 17 key listed in the certificate. 17 18 2. The certificate shall be considered trustworthy, if one 17 19 of the following is determined by the trier of fact: 17 20 a. The certificate was issued by a certification authority 17 21 in accordance with standards, procedures, and other 17 22 requirements specified by rule of the commissioner. 17 23 b. A trier of fact independently finds one of the 17 24 following: 17 25 (1) That the certificate was issued in a trustworthy 17 26 manner by a certification authority that properly 17 27 authenticated the subscriber and the subscriber's public key. 17 28 (2) The material information set forth in the certificate 17 29 is true. 17 30 3. The process and systems utilized to create and verify a 17 31 digital signature are considered trustworthy because one of 17 32 the following applies: 17 33 a. They comply with standards, procedures, and other 17 34 requirements specified by the commissioner. 17 35 b. A trier of fact independently finds that they are 18 1 trustworthy. 18 2 Sec. 20. NEW SECTION. 554C.413 COMMISSIONER AUTHORITY TO 18 3 ADOPT RULES. 18 4 1. The commissioner may adopt rules applicable to the 18 5 public or private sector which define when a certificate and a 18 6 digital signature is considered sufficiently trustworthy in 18 7 order to ensure that a digital signature verified by reference 18 8 to the certificate will qualify as a secure electronic 18 9 signature. The rules may include but are not limited to any 18 10 of the following: 18 11 a. Establishing or adopting standards applicable to 18 12 certification authorities or certificates. Compliance with 18 13 the standards may be measured by obtaining a voluntary 18 14 certification from the commissioner or becoming accredited by 18 15 one or more independent accrediting entities recognized by the 18 16 commissioner. 18 17 b. Establishing or adopting standards applicable to the 18 18 digital signature creation or verification process. 18 19 2. In adopting rules as provided in this section, the 18 20 commissioner shall consult with the office of the attorney 18 21 general and representatives of the division of information 18 22 technology services of the department of general services. 18 23 The commissioner shall adopt rules that will provide maximum 18 24 flexibility in the implementation of digital signature 18 25 technology and the business models necessary to support it, 18 26 establish a clear basis for the recognition of certificates 18 27 issued by foreign certification authorities, and, to the 18 28 extent reasonably possible, maximize the opportunities for 18 29 uniformity with the laws of other jurisdictions, both within 18 30 the United States and internationally. 18 31 PART 3 18 32 DUTIES GENERALLY 18 33 Sec. 21. NEW SECTION. 554C.421 RELIANCE ON CERTIFICATES. 18 34 A person relying on a digital signature may also rely on a 18 35 valid certificate containing the public key by which the 19 1 digital signature can be verified. 19 2 Sec. 22. NEW SECTION. 554C.422 RESTRICTIONS ON 19 3 PUBLICATION OF CERTIFICATE. 19 4 A person shall not publish a certificate, or otherwise make 19 5 it available to anyone known by that person to be in a 19 6 position to rely on the certificate or on a digital signature 19 7 that is verifiable with reference to the public key listed in 19 8 the certificate, if that person knows that any of the 19 9 following apply: 19 10 1. The certification authority listed in the certificate 19 11 has not issued the certificate. 19 12 2. The subscriber listed in the certificate has not 19 13 accepted the certificate. 19 14 3. The certificate has been revoked or suspended, unless 19 15 the publication is for the purpose of verifying a digital 19 16 signature created prior to such suspension or revocation. 19 17 Sec. 23. NEW SECTION. 554C.423 FRAUDULENT PURPOSE. 19 18 A person shall not knowingly create, publish, alter, or 19 19 otherwise use a certificate for a fraudulent or other unlawful 19 20 purpose. A person convicted of violating this section is 19 21 guilty of a serious misdemeanor. A person convicted of a 19 22 second or subsequent violation is guilty of a class "D" 19 23 felony. 19 24 Sec. 24. NEW SECTION. 554C.424 FALSE OR UNAUTHORIZED 19 25 REQUEST. 19 26 A person shall not knowingly misrepresent the person's 19 27 identity or authorization in requesting or accepting a 19 28 certificate or in requesting suspension or revocation of a 19 29 certificate. A person convicted of violating this section is 19 30 guilty of a serious misdemeanor. A person convicted of a 19 31 second or subsequent violation is guilty of a class "D" 19 32 felony. 19 33 Sec. 25. NEW SECTION. 554C.425 CIVIL REMEDY. 19 34 A person who suffers a loss by reason of a violation of 19 35 section 554C.423 or 554C.424, in a civil action against the 20 1 violator, may obtain appropriate legal and equitable relief. 20 2 In a civil action under this section, the court may award the 20 3 prevailing party its reasonable attorney fees and other 20 4 litigation expenses. However, if the plaintiff is a consumer, 20 5 the court may award reasonable attorney fees and other 20 6 litigation expenses only to a prevailing plaintiff. 20 7 PART 4 20 8 DUTIES OF CERTIFICATION AUTHORITIES AND REPOSITORIES 20 9 Sec. 26. NEW SECTION. 554C.431 TRUSTWORTHY SYSTEM. 20 10 A certification authority and a person maintaining a 20 11 repository shall utilize a trustworthy system in performing 20 12 their services. 20 13 Sec. 27. NEW SECTION. 554C.432 DISCLOSURE. 20 14 1. For each certificate it issues, a certification 20 15 authority must publish to relying parties all of the 20 16 following: 20 17 a. Its certification practice statement, if the authority 20 18 has one. 20 19 b. Its certification authority certificate that identifies 20 20 the certification authority as a self-certifying subscriber 20 21 and that contains the public key corresponding to the private 20 22 key used by that certification authority to digitally sign the 20 23 certificate. 20 24 c. Notice of a revocation or suspension of its 20 25 certification authority certificate, and any other fact 20 26 material relating to either the reliability of a certificate 20 27 that it has issued or its ability to perform its services. 20 28 2. In the event of an occurrence that materially and 20 29 adversely affects a certification authority's trustworthy 20 30 system or its certification authority certificate, the 20 31 certification authority must do all of the following: 20 32 a. Use reasonable efforts to notify persons who are known 20 33 to be or foreseeably will be affected by that occurrence. 20 34 b. Act in accordance with procedures governing this type 20 35 of occurrence specified in its certification practice 21 1 statement. 21 2 3. If a certification authority certifies itself as a 21 3 certification authority, it shall disclose to all relying 21 4 parties that it is self-certified. The certification 21 5 authority shall publish a copy of its own certification 21 6 authority certificate that is verifiable by reference to a 21 7 public key listed in a certificate issued by the certification 21 8 authority. 21 9 Sec. 28. NEW SECTION. 554C.433 ISSUANCE OF A 21 10 CERTIFICATE. 21 11 A certification authority may issue a certificate to a 21 12 prospective subscriber for the purpose of verifying digital 21 13 signatures only after the certification authority does all of 21 14 the following: 21 15 1. Receives a request for the issuance from the 21 16 prospective subscriber. 21 17 2. Does either of the following: 21 18 a. Complies with all of the practices and procedures set 21 19 forth in its applicable certification practice statement, 21 20 including procedures regarding identification of the 21 21 perspective subscriber. 21 22 b. In the absence of a certification practice statement, 21 23 confirms one of the following: 21 24 (1) The prospective subscriber is the person to be listed 21 25 in the certificate to be issued. 21 26 (2) The information in the certificate to be issued is 21 27 accurate. 21 28 (3) The prospective subscriber rightfully holds a private 21 29 key capable of creating a digital signature, and the public 21 30 key to be listed in the certificate can be used to verify a 21 31 digital signature affixed by such private key. 21 32 Sec. 29. NEW SECTION. 554C.434 REPRESENTATIONS UPON 21 33 ISSUANCE OF CERTIFICATE. 21 34 By issuing a certificate, a certification authority 21 35 represents to any person who reasonably relies on the 22 1 certificate or a digital signature verifiable by the public 22 2 key listed in the certificate, that the certification 22 3 authority has issued the certificate in accordance with any 22 4 applicable certification practice statement stated or 22 5 incorporated by reference in the certificate, or of which the 22 6 relying person has notice, and the requirements and 22 7 representations imposed by the law under which it was issued. 22 8 In the absence of a certification practice statement or law, 22 9 the certification authority represents that as of the time the 22 10 certificate is issued it has confirmed all of the following: 22 11 1. The certification authority has complied with all 22 12 applicable requirements of this chapter in issuing the 22 13 certificate, and if the certification authority has published 22 14 the certificate or otherwise made it available to a relying 22 15 person, that the subscriber identified in the certificate has 22 16 accepted it. 22 17 2. The subscriber identified in the certificate, 22 18 rightfully holds the private key corresponding to the public 22 19 key listed in the certificate. 22 20 3. The subscriber's public key and private key constitute 22 21 a functioning key pair. 22 22 4. All information in the certificate is accurate as of 22 23 the date it was issued, unless the certification authority has 22 24 stated in the certificate or incorporated by reference in the 22 25 certificate a statement that the accuracy of specified 22 26 information is not confirmed. 22 27 5. To the knowledge of the certification authority, there 22 28 are no known material facts omitted from the certificate which 22 29 would, if known, adversely affect the reliability of the 22 30 representations required to be provided by the certification 22 31 authority under this section. 22 32 Sec. 30. NEW SECTION. 554C.435 SUSPENSION OF A 22 33 CERTIFICATE. 22 34 The certification authority that issues a certificate, and 22 35 any person maintaining a repository where the certificate is 23 1 published, shall suspend the certificate pursuant to any of 23 2 the following: 23 3 1. The receipt of an order issued by a court of competent 23 4 jurisdiction. 23 5 2. In accordance with the policies and procedures 23 6 governing suspension specified in its certification practice 23 7 statement. In the absence of policies and procedures 23 8 governing suspension, the certificate shall be suspended as 23 9 soon as possible after receiving a request by a person whom 23 10 the certification authority or person maintaining a repository 23 11 reasonably believes to be any of the following: 23 12 a. The subscriber listed in the certificate. 23 13 b. A person duly authorized to act for that subscriber. 23 14 c. A person acting on behalf of that subscriber, who is 23 15 unavailable. 23 16 Sec. 31. NEW SECTION. 554C.436 REVOCATION OF A 23 17 CERTIFICATE. 23 18 The certification authority that issues a certificate, and 23 19 any person maintaining a repository where the certificate is 23 20 published, shall revoke the certificate pursuant to any of the 23 21 following: 23 22 1. Upon receipt of an order issued by a court of competent 23 23 jurisdiction. 23 24 2. In accordance with the policies and procedures 23 25 governing revocation specified in its certification practice 23 26 statement. In the absence of policies and procedures 23 27 governing revocation, the certificate shall be revoked as soon 23 28 as possible after one of the following occurs: 23 29 a. Receipt of a request for revocation by the subscriber 23 30 named in the certificate, if the certification authority or 23 31 repository confirms that the person requesting the revocation 23 32 is the subscriber or is an agent of the subscriber with 23 33 authority to request the revocation. 23 34 b. Receipt of a certified copy of an individual 23 35 subscriber's death certificate, or upon confirmation by other 24 1 reliable evidence that the subscriber is dead. 24 2 c. Presentation of documents effecting a dissolution of a 24 3 corporate subscriber or other legal entity, or upon 24 4 confirmation by other evidence that the subscriber or other 24 5 legal entity has been dissolved or has ceased to exist. 24 6 d. Confirmation by the certification authority that one of 24 7 the following applies: 24 8 (1) A material fact represented in the certificate is 24 9 false. 24 10 (2) A material prerequisite to issuance of the certificate 24 11 was not satisfied. 24 12 (3) The certification authority's private key or 24 13 trustworthy system was compromised in a manner materially 24 14 affecting the certificate's reliability. 24 15 (4) The subscriber's private key or trustworthy system was 24 16 compromised. 24 17 Upon effecting a revocation, the certification authority 24 18 shall promptly notify the subscriber listed in the revoked 24 19 certificate of the revocation. 24 20 Sec. 32. NEW SECTION. 554C.437 NOTICE OF SUSPENSION OR 24 21 REVOCATION. 24 22 Upon suspending or revoking a certificate, a person 24 23 maintaining a repository where the certificate is published 24 24 shall do all of the following: 24 25 1. Promptly publish notice of the suspension or revocation 24 26 if the certificate was published. 24 27 2. Disclose the fact of suspension or revocation on 24 28 inquiry by a relying party. 24 29 PART 5 24 30 DUTIES OF SUBSCRIBERS 24 31 Sec. 33. NEW SECTION. 554C.441 GENERATING THE KEY PAIR. 24 32 If the subscriber generates the key pair whose public key 24 33 is to be listed in a certificate issued by a certification 24 34 authority and accepted by the subscriber, the subscriber must 24 35 generate that key pair and maintain and store the private key 25 1 using a trustworthy system. 25 2 Sec. 34. NEW SECTION. 554C.442 OBTAINING A CERTIFICATE. 25 3 All material representations made by the subscriber to a 25 4 certification authority for purposes of obtaining a 25 5 certificate must be accurate and complete. 25 6 Sec. 35. NEW SECTION. 554C.443 ACCEPTANCE OF A 25 7 CERTIFICATE. 25 8 1. A person accepts a certificate that names a person as a 25 9 subscriber by publishing it to one or more persons, depositing 25 10 the certificate in a repository, or demonstrating approval of 25 11 the certificate, while knowing or having notice of its 25 12 contents. 25 13 2. By accepting a certificate, the subscriber listed in 25 14 the certificate represents to all who reasonably rely on the 25 15 information contained in the certificate that all of the 25 16 following apply: 25 17 a. The subscriber rightfully holds the private key 25 18 corresponding to the public key listed in the certificate. 25 19 b. All representations made by the subscriber to the 25 20 certification authority and material to the information listed 25 21 in the certificate are true. 25 22 c. All information in the certificate that is within the 25 23 knowledge of the subscriber is true. 25 24 Sec. 36. NEW SECTION. 554C.444 CONTROL OF THE PRIVATE 25 25 KEY. 25 26 1. Except as otherwise provided by another applicable rule 25 27 of law, by accepting a certificate issued by a certification 25 28 authority the subscriber identified in the certificate assumes 25 29 a duty to persons who reasonably rely on the certificate to 25 30 exercise reasonable care to retain control of the private key 25 31 corresponding to the public key listed in the certificate and 25 32 to prevent its disclosure to a person not authorized to create 25 33 the subscriber's digital signature. The requirements of this 25 34 subsection shall continue during the operational period of the 25 35 certificate. 26 1 2. The provisions of this section do not apply to consumer 26 2 transactions. 26 3 Sec. 37. NEW SECTION. 554C.445 INITIATING SUSPENSION OR 26 4 REVOCATION. 26 5 Except as otherwise provided by another applicable rule of 26 6 law, if the private key corresponding to the public key listed 26 7 in a certificate is compromised during the operational period 26 8 of the certificate, a subscriber who has accepted the 26 9 certificate shall do one of the following: 26 10 1. Request the issuing certification authority, and all 26 11 independent repositories in which the subscriber has 26 12 authorized the certificate to be published, to suspend or 26 13 revoke the certificate. 26 14 2. Provide reasonable notice to all relying parties that 26 15 the public key listed in the certificate was compromised 26 16 during the operational period of the certificate. 26 17 PART 6 26 18 GOVERNMENT AGENCY USE OF ELECTRONIC RECORDS AND SIGNATURES 26 19 Sec. 38. NEW SECTION. 554C.451 GOVERNMENT AGENCY USE OF 26 20 ELECTRONIC RECORDS. 26 21 1. Each government agency shall determine if, and the 26 22 extent to which, it will send and receive electronic records 26 23 and electronic signatures to and from other persons. This 26 24 section shall not be interpreted as varying the requirements 26 25 of chapter 22. 26 26 2. In any case where a government agency decides to send 26 27 or receive electronic records, or to accept document filings 26 28 by electronic records, the government agency may, by rule, 26 29 giving due consideration to security, specify any of the 26 30 following: 26 31 a. The manner and format in which electronic records must 26 32 be sent, received, and stored, including interoperability 26 33 requirements. 26 34 b. If electronic records must be signed, the type of 26 35 electronic signature required including, if applicable, a 27 1 requirement that the sender use a digital signature or other 27 2 secure electronic signature, the manner and format in which 27 3 the electronic signature must be affixed to the electronic 27 4 record, and the identity of or criteria that must be met by a 27 5 certification authority used by the person filing the 27 6 document. 27 7 c. Control processes and procedures which are appropriate 27 8 to ensure adequate integrity, security, confidentiality, and 27 9 auditability of electronic records. 27 10 d. Any other required attributes for electronic records 27 11 that are currently specified for corresponding paper 27 12 documents, or reasonably necessary under the circumstances. 27 13 3. All rules adopted by a government agency shall be 27 14 consistent with the rules adopted by the commissioner. 27 15 Sec. 39. NEW SECTION. 554C.452 COMMISSIONER TO ADOPT 27 16 STATE STANDARDS. 27 17 1. The commissioner, in consultation with the office of 27 18 the attorney general and the division of information 27 19 technology services of the department of general services, 27 20 shall adopt rules setting forth standards, procedures, and 27 21 policies for the use of electronic records and electronic 27 22 signatures by government agencies. Where appropriate, the 27 23 rules shall specify different levels of standards from which 27 24 implementing government agencies can select the standard most 27 25 appropriate for a particular application. 27 26 2. The commissioner shall specify appropriate procedural 27 27 and technical security requirements to be implemented and 27 28 followed by government agencies for all of the following: 27 29 a. The generation, use, and storage of key pairs. 27 30 b. The issuance, acceptance, use, suspension, and 27 31 revocation of certificates. 27 32 c. The use of digital signatures. 27 33 3. Each government agency shall have the authority to 27 34 issue, or contract for the issuance of, certificates to all of 27 35 the following: 28 1 a. Its employees and agents. 28 2 b. Persons conducting business or other transactions with 28 3 the government agency. The government agency may take other 28 4 actions consistent with this authority, including the 28 5 establishment of repositories and the suspension or revocation 28 6 of issued certificates, provided that actions by the 28 7 government agency are conducted in accordance with all rules, 28 8 procedures, and policies specified by the commissioner. The 28 9 commissioner may adopt rules, procedures, and policies under 28 10 which government agencies may issue or contract for the 28 11 issuance of certificates, or restrict or prohibit their 28 12 issuance. 28 13 4. The commissioner may specify appropriate standards and 28 14 requirements that must be satisfied by a certification 28 15 authority before any of the following occur: 28 16 a. The services of a certification authority are used by a 28 17 government agency for the issuance, publication, suspension, 28 18 or revocation of certificates to the government agency, 28 19 including its employees or agents, for official use only. 28 20 b. The certificates that the certification authority 28 21 issues are accepted for purposes of verifying digitally signed 28 22 electronic records sent to any government agency by any 28 23 person. 28 24 Sec. 40. NEW SECTION. 554C.453 INTEROPERABILITY. 28 25 To the extent reasonable under the circumstances, rules 28 26 adopted by the commissioner or a government agency relating to 28 27 the use of electronic records or electronic signatures shall 28 28 be drafted in a manner designed to encourage and promote 28 29 consistency and interoperability with similar requirements 28 30 adopted by government agencies of other states and the federal 28 31 government. 28 31 MARGINS C 28 31 SUBCHAPTER V 28 31 REPEAL 28 32 MARGINS L 28 32 Sec. 41. NEW SECTION. 554C.501 REPEAL. 28 33 This chapter is repealed effective July 1, 2004. 29 1 MARGINS C 29 1 DIVISION II 29 2 MISCELLANEOUS PROVISIONS 29 3 Sec. 42. Section 4.1, subsection 39, unnumbered paragraph 29 4 1, Code 1999, is amended to read as follows: 29 5 The words "written" and "in writing" may include any mode 29 6 of representing words or letters in general use, and includes 29 7 an electronic record as defined in section 554C.201. A 29 8 signature, when required by law, must be made by the writing 29 9 or markings of the person whose signature is required. 29 10 "Signature" includes an electronic or digital signature as 29 11 defined in section 554C.201. If a person is unable due to a 29 12 physical disability to make a written signature or mark, that 29 13 person may substitute either of the following in lieu of a 29 14 signature required by law: 29 15 Sec. 43. Section 22.7, Code 1999, is amended by adding the 29 16 following new subsection: 29 17 NEW SUBSECTION. 38. a. Records containing information 29 18 that would disclose, or might lead to the disclosure of, 29 19 private keys as provided in section 554C. 29 20 b. Records which if disclosed might jeopardize the 29 21 security of an issued certificate or a certificate to be 29 22 issued pursuant to chapter 554C. 29 23 Sec. 44. COMMISSIONER REQUIRED TO ADOPT RULES. The 29 24 commissioner of insurance shall adopt rules as required by 29 25 this Act not later than July 1, 2000. 29 26 Sec. 45. CONSIDERATION OF MODEL LEGISLATION. It is the 29 27 intent of the general assembly that if the national conference 29 28 of commissioners on uniform state laws proposes a uniform 29 29 electronic commerce act, the general assembly shall consider 29 30 the proposed uniform act during the session in which the 29 31 proposed uniform law is submitted to the states for 29 32 consideration or during its next regular session if the 29 33 proposed uniform act is submitted to the states during a 29 34 period in which the general assembly is not in session. 29 35 30 1 30 2 30 3 RON J. CORBETT 30 4 Speaker of the House 30 5 30 6 30 7 30 8 MARY E. KRAMER 30 9 President of the Senate 30 10 30 11 I hereby certify that this bill originated in the House and 30 12 is known as House File 624, Seventy-eighth General Assembly. 30 13 30 14 30 15 30 16 ELIZABETH ISAACSON 30 17 Chief Clerk of the House 30 18 Approved , 1999 30 19 30 20 30 21 30 22 THOMAS J. VILSACK 30 23 Governor
Text: HF00623 Text: HF00625 Text: HF00600 - HF00699 Text: HF Index Bills and Amendments: General Index Bill History: General Index
© 1999 Cornell College and League of Women Voters of Iowa
Comments about this site or page?
webmaster@legis.iowa.gov.
Please remember that the person listed above does not vote on bills. Direct all comments concerning legislation to State Legislators.
Last update: Wed Jan 12 05:55:23 CST 2000
URL: /DOCS/GA/78GA/Legislation/HF/00600/HF00624/990609.html
jhf