NOTIFICATION PURSUANT TO ARTICLE III:3 OF THE
GENERAL AGREEMENT ON TRADE IN SERVICES

The following notification from the delegation of Ukraine, dated 6 August 2024, is being circulated to Members of the Council for Trade in Services.

_______________

1  MEMBER NOTIFYING:

Ukraine

2  NOTIFICATION UNDER:

Article III:3 of the General Agreement on Trade in Services

3  DATE OF ENTRY INTO FORCE:

10 July 2024

3.1  Duration:

Indefinite

4  AGENCY RESPONSIBLE FOR ENFORCEMENT OF THE MEASURE:

Ministry of Digital Transformation of Ukraine

5  DESCRIPTION OF THE MEASURE:

Full title of the Resolution:

The Resolution of the Cabinet of Ministries of Ukraine No. 764 "Some Issues of Electronic Identification and Electronic Trust Services" of 28 June 2024.

Brief summary of the content with a focus on the potential effect on services trade:

The Resolution approves:

·_        the Requirements for Providers of Electronic Identification Services and Electronic Trust Services;

·_        the Procedure for Informing the Regulatory Body and Users of Electronic Identification Services, Users of Electronic Trust Services about Breaches of Confidentiality and/or Integrity of Information;

·_        the Procedure for Verifying Information on Individuals Issued Electronic Identification Means or Qualified Public Key Certificates Using Data from Information Systems and Public Electronic Registers;

·_        the Procedure for Using Pseudonyms by Persons who are Users of Electronic Identification Services or Electronic Trust Services;

·_        the Procedure for Verifying the Civil Legal Capacity and Legal Capacity of a Legal Entity or an Individual Entrepreneur When Providing Electronic Trust Services.

Thus, the Requirements for Providers of Electronic Identification Services and Electronic Trust Services define organizational, methodological, technical and technological conditions, including requirements for information security and protection, to be followed by providers of electronic identification services and electronic trust services (both qualified and non-qualified) and their distinct registration points during the provision of these services. Additionally, the Requirements specify the qualifications for employees of trust service providers.

Providers of electronic identification services shall conduct their operations in compliance with standards in the fields of information technology, information security, cybersecurity and confidentiality protection.

Requirements for employees of trust service providers, their responsibilities, and procedures related to the generation and storage of the trust service provider's personal keys are determined in accordance with standards for electronic signatures and infrastructures (ESI), as well as general policy requirements for trust service providers.

Employees of trust service providers are required to possess the necessary knowledge, experience, and qualifications to provide electronic trust services. A certification administrator, system administrator or system auditor may hold a higher education degree in information technology, information security or cybersecurity, and have at least three years of professional experience in these fields. Any individual with computer skills can serve as a registration administrator. A security administrator shall have at least three years of experience in information security or cybersecurity and meet at least one of the following conditions: hold a higher education degree in cybersecurity or information security; hold a higher education degree in information technology and have obtained a certification in cybersecurity and information security.

A qualified trust service provider shall deliver qualified electronic trust services in accordance with legislative requirements in the field of electronic trust services, as well as the regulations governing the operation of such providers.

The list of standards applied by trust service providers during their operations is specified in the Appendix to the Requirements for Providers of Electronic Identification Services and Electronic Trust Services.

6  MEMBERS SPECIFICALLY AFFECTED, IF ANY:

None

7  TEXTS AVAILABLE FROM:

Official website: https://zakon.rada.gov.ua/laws/show/764-2024-%D0%BF#Text (available in Ukrainian)

__________