(1) "Certificate" means a computer-based record that:
(A) Identifies the certification authority issuing it;
(B) Names or identifies its subscriber;
(C) Contains the subscriber's public key; and
(D) Is digitally signed by the certification authority issuing it.
(2) "Certification authority" means a person who issues a certificate.
(3) "Digital mark" consists of an electronic code indicating approval or confirmation which is entered into a protected digital record following access protocols which identify the user and require a password, personal identification number, encrypted card or other security device which restricts access to one or more authorized individuals; and
(4) "Digital signature" consists of a message transformed using an asymmetric cryptosystem so that a person having the initial message and the signer's public key can accurately determine:
(A) Whether the transformed message was created using the private key that corresponds to the signer's public key; and
(B) Whether the initial message has been altered since the message was transformed.
(5) "Electronic postmark" means an electronic service provided by the United States Postal Service that provides evidentiary proof that an electronic document existed in a certain form at a certain time and that an electronic document was opened or the contents of the electronic document were displayed at a time and date documented by the United States Post Office.
(6) "Federal certificate authority and repository program" means an official program established by an agency of the United States government for the issuance and authentication of digital signature certificates or other secure electronic authorizations to individuals for use in electronic transactions.
(a) Any governmental entity may, by appropriate official action, authorize the acceptance of electronic signatures in lieu of original signatures on messages or filings requiring one or more original signatures, subject to the requirements and limitations of section three of this article.
(b) Any governmental entity may elect to participate and utilize the Secretary of State's digital signature authority and registry. Upon acceptance of and registration with the Secretary of State's digital signature authority and registry, the governmental entity's electronic transactions are bound to the regulation of the authority and registry and the rules promulgated thereunder. Any governmental entity not required to participate, but which elects to participate, may withdraw at any time from the program upon notification of the Secretary of State and all others who utilize that entity's digital signature program.
(c) Any governmental entity may adopt, in the manner provided by law, an ordinance, rule or official policy designating the documents on which electronic signatures, electronic postmarks or both are authorized and the type or types of electronic signatures which may be accepted for each type of document. Those governmental entities not subject to the provisions of chapter twenty-nine-a of this code which propose to authorize the acceptance of electronic signatures, electronic postmarks or both on documents filed with that entity shall give public notice of the proposed adoption in a manner prescribed by law, an ordinance, rule or official policy, but in no case for less than thirty days before adoption.
(d) Any governmental entity which intends to extend, modify or revoke the authority to accept electronic signatures or postmarks shall do so by the same means and with the same notice as required in this section for adoption.
(a) The Secretary of State shall propose emergency and legislative rules for promulgation in accordance with the provisions of article three, chapter twenty-nine-a of this code to establish standards and processes to facilitate the use of electronic signatures in all governmental transactions by state agencies subject to chapter twenty-nine-a of this code. The rules shall include minimum standards for secure transactions to promote confidence and efficiency in legally binding electronic document transactions. The rules may be amended from time to time to keep the rules current with new developments in technology and improvements in secured transaction processes.
(b) The Secretary of State is designated the certification authority and repository for all governmental agencies which are subject to chapter twenty-nine-a of this code and shall regulate transactions and digital signature verifications. The Secretary may enter into reciprocal agreements with all state and federal governmental entities to promote the efficient governmental use of electronic transactions. The Secretary of State may propose legislative rules for issuing certificates that bind public keys to individuals, and other electronic transaction authentication devices as provided in this article. The Secretary of State is further authorized to contract with a public or private entity to serve as certification authority for the State of West Virginia. The certification authority may contract with persons to provide certification services. Any contract entered into must require the certification authority to meet the requirements of this article and any rules promulgated by the Secretary of State.
(c) Nothing contained in this article may be construed to mandate any specific form of technology, process or standard to be the only technology, process or standard which may be utilized by state entities. Nor may anything contained in this article be construed to limit the Secretary of State in adopting by legislative rule, alternative technologies to authorize electronic signatures and electronic postmarks.
(d) Nothing contained in this article may be construed to authorize the use of electronic signatures, electronic postmarks, or both, to effect service of a summons and complaint.
The Secretary of State, serving as authority and repository of signature keys for governmental entities shall revoke any signature key when the secretary has reason to believe that the digital signature key has been stolen, fraudulently used or otherwise compromised. This article creates no liability upon the Secretary of State for any transaction compromised by any illegal act or inappropriate uses associated with electronic signatures.
If any provision of this article be found by a court of competent jurisdiction to be unenforceable under the Constitution of this state or the laws and Constitutions of the United States, the remaining provisions of this article shall be severable and shall continue in full force and effect.