There are situations when EDS legal entity or citizen must be transferred to another physical face to perform any transactions. In this case, it is necessary to follow the rules of regulatory legal acts of the Russian Federation, but it is not included in them law on transfer of digital signature to another person.

IN in this case it makes sense to refer to the Federal Law "On electronicsignatures" dated 04/06/2011 No. 63 —Federal Law and specifically to point 1 st.10. law. This paragraph states that the owner EDS obliged to ensure confidentiality key, and in particular do not allow the use key without the consent of the owner. We conclude that if there is consent, then another person can legally use electronic key digital signature .

In this case, three scenarios are possible:

1. Owner certificate And key is legal face, and he needs to transfer them to usage to your employee.

   Is it possible by law to transfer an EDS to another person?

   In this case transmission issued by order general activities enterprises.

2. Holder certificate And key- legal face, and their broadcast produced to another to a person - not an employee of the company. In this scenario use of digital signature by another person executed using a power of attorney.
3. Broadcast physical face his key And certificateEDSto another physical face also issued by a power of attorney.

Order an electronic signature

On the other side, transfer of an electronic signature to another person falls under st.209 part 2 of the Civil Code of the Russian Federation, since electronic signature- This is a kind of property of the owner. He can do with EP any actions that do not contradict law and the interests of third parties, including transferring for temporary possession and use.

Based on the Civil Code of the Russian Federation and Law we conclude that transfer of digital signature to another person- a completely legal action for which it is necessary to formalize the appropriate document.

Use of digital signature in an enterprise

Law on transfer of digital signature to another person

Let us note the following inconsistency: transfer of electronic signature And EDS key according to Federal law is associated with maintaining confidentiality, that is, the secrecy of information from third parties. Besides, law №63 —Federal Law indicates that using electronic signature its owner can be identified. Even with handing over the key or without it it is impossible to actually establish who exactly is signing document by using EDS- owner, employee or stranger Human. In this case, the user receiving documentation and information, does not have reliable information and relies on the owner’s honesty and law-abiding behavior.

EDS of legal entities for public services

Although there is a contradiction, in practice the Ministry of Telecom and Mass Communications and the Federal Tax Service do not highlight this issue as a problem - in their opinion, EDS can be transferred, but only with the consent of the owner electronic signature. Wherein responsibility for using an electronic signature entrusted as owner, and on the person who received signature.

Judicial practice confirms that all risks and electronic signature responsibility when transferring it, the owner bears the responsibility. For example, if scammers use EDS illegally transferred cash company, then it will not be possible to collect them from the bank - court will be on the side credit institution, because it fulfilled its obligation to process a correctly drawn up payment order.

EDS for tax

Perhaps it would be better if director's electronic signature should stay with him and make a new one for another employee EDS. In this case you can use A single directory electronic signature, the advantages of which are:

• A large selection of certification centers and up-to-date information on them.
• Responsibility for providing quality and timely services.
• Professionalism when performing any task.

Chelyabinsk "___"______________201___

In accordance with the Agreement between the Committee and the Branch on the exchange of documents in in electronic format No.____________ dated “___”______________ 201__ (hereinafter referred to as the Agreement), the Parties have drawn up this Act in that “___”____________ 201__ the Department transferred and the Committee accepted the digital signature certificate:

The Committee handed over and the Department accepted the digital signature certificate:

Appendix 5

In accordance with the Agreement between the Committee and the Branch on the exchange of documents in electronic form dated “__” ___________ 201__. No._______________ The parties have agreed on the following:

1. This Agreement defines the possibility of using open public communication networks based on the use of TCP/IP protocols (hereinafter referred to as the Internet) as a communication medium for the exchange of messages between the Committee and the Branch.
2. Additional software and hardware for protecting the information resources of the Committee and the Branch when connected to the Internet (such as FIREWALL) are purchased by the Parties independently.
3. The parties independently select organizations (providers) that provide access to the Internet and connect to the Internet at the expense of own funds. All costs associated with the further operation of the Internet connection and data transmission through the EDI System are carried out by the Parties at their own expense. Specifications data transfers via communication channels are negotiated between the Parties in each individual case, depending on the file sizes (volumes) of the transmitted information.
4. The parties fully bear the risks associated with connecting computing facilities to the Internet. The parties independently ensure the protection of their own computing facilities and cryptographic keys from unauthorized access and virus attacks from the Internet. The Committee (Department) does not bear any responsibility, including financial, in the event of destruction of information on computing facilities Branches (Committee) connected to the Internet to ensure exchange within the System electronic document management. The parties also acknowledge that failure software parts of the Document Management System installed at the Department (Committee), as a result of interference from the Internet, is considered as a failure due to the fault of the Department (Committee).
5. The parties are not responsible for the malfunction of equipment and software of third parties, which resulted in the inability of the Division (Committee) to access the Electronic Document Management System and, accordingly, resulting from a delay in the transfer of documents.
6. The parties have the right to introduce restrictions or completely stop the exchange of information over the Internet if signs of a security breach are detected on the part of the Branch or the Committee, respectively (attempts to scan and attack the information resources of the Committee or the Branch, respectively, etc.).

Appendix 6

to the Agreement between State Committee for archives of the Chelyabinsk region and Government agency– Department Pension Fund Russian Federation in the Chelyabinsk region on the exchange of documents in electronic form

reception and transmission of Electronic documents
on machine media

In accordance with the terms of the Agreement between the Committee and the Branch on the exchange of documents in electronic form No.____________ dated “___”______________ 201__ (hereinafter referred to as the Agreement), the Branch, represented by _________________________________________________,

(Full name, position of the person who presented the computer media with documents)

transmits, and the Committee, represented by ________________________________________________________________,

(Full name, position of the person receiving the computer media with documents)

acting_____ on the basis_______________________________________________________________

 accepts Electronic documents on __________ media___ – ______________________

________________________________________________________________________________

The result of checking the digital signature is that the signature is correct.

The presented media is suitable for storage and use in accordance with the requirements of the Agreement.

 refuses to accept Electronic documents on__________ media___ – _____________

(quantity) (type of machine media)

the following reasons:_______________________________________________________________________________________________________________________________________________________

This Act is drawn up and signed in two copies of equal legal force, one copy for each of the Parties.

Appendix 7

to the Agreement between the State Committee for Archives of the Chelyabinsk Region and the State Institution - Branch of the Pension Fund of the Russian Federation for the Chelyabinsk Region on the exchange of documents in electronic form

Procedure technical expertise in case of disagreement and controversial situations related to acceptance or non-acceptance and/or execution or non-execution of an electronic document

1. In this document, the Parties have agreed to use the terminology and abbreviations adopted in the Agreement on the Exchange of Electronic Documents.

2. If disagreements arise between the Parties in connection with the exchange of documents in electronic form using the Electronic Document Management System, as well as in other cases of controversial situations arising in connection with the operation of the System, the exchange of documents in electronic form using the System between the Parties is immediately terminated.

3. The party declaring a disagreement (the initiator of the dispute) is obliged to send to the other Party a statement of disagreement, signed official The parties vested with the appropriate powers, with a detailed statement of the reasons for the disagreements and a proposal to create a conciliation commission. The application must contain the names of representatives of the Party initiating the dispute who will participate in the work of the commission, the place, time and date of the meeting of the commission. The commission collection date must be no later than 10 days from the date of receipt of the application by the other Party.

4. The commission must include an equal number of representatives from each of the Parties (up to five people from each). If necessary, with the written consent of both Parties, third-party experts may be additionally included in the commission. The composition of the commission must be recorded in an act, which is the final document reflecting the results of the commission’s work. The powers of the commission members are confirmed by powers of attorney issued in in the prescribed manner. The duration of the commission’s work is no more than five working days. In exceptional situations, this period may be increased by mutual agreement of the Parties.

5. The parties contribute to the work of the commission and do not allow refusal to provide necessary documents. If necessary, the Parties are obliged to provide the commission with the opportunity to familiarize themselves with the conditions and operating procedures of the System.

6. If a Party has any claims against the other Party regarding the correctness of actions performed as part of the fulfillment of obligations under the Agreement related to the acceptance or non-acceptance of an electronic document and/or the compliance of the actions performed by the Party that received the electronic document with the contents of the electronic document received by it, the commission must :

• check the authorship of the ED submitted by the Party responding to the claim and received from the Party making the claim, in accordance with which the actions were taken;
• check that the actions taken by the Party responding to the claims correspond to the contents of the ED.

7. If a Party has any claims against the other Party regarding failure to perform assigned actions in accordance with clauses. 6.1.3-6.1.4 and 6.3.2-6.3.3 of the Agreement, the commission must:

• check the authorship of the Party making the claim that it received from the Party responding to the claims, a delivery receipt signed with an electronic signature, or whether the Party making the claim has an Acceptance Certificate (in the case of transfer of an electronic document on computer media), confirming receipt of the disputed document;
• if necessary, check the authorship of the document submitted by the Party responding to the claim, received from the Party making the claim.

8.1. A file containing an electronic document is identified, the authorship of which must be verified in connection with a controversial situation based on a correctness check EDS file containing the disputed document.

8.2. From electronic archive The party that received the electronic document is presented to the commission with a file with an electronic signature containing the disputed electronic document.

8.3. The examination of a disputed electronic document is carried out in three stages:

8.3.1 checking equipment and software and testing their performance;

8.3.2 control of the integrity of the disputed electronic document by checking the digital signature using public key EDS submitted by the party;

8.3.2 checking the ownership, relevance and integrity of the certificate used by the commission to verify the digital signature.

8.4. The functionality of equipment and software is checked by conducting trial signature tests and verifying the signature in the presence of commission members.

8.5. The integrity of the disputed electronic document is monitored through the standard procedure of importing electronic document files with digital signature and certificate into VIPNet software and then checking the digital signature of the imported electronic document in accordance with the user manual.

8.6. Checking the ownership, relevance and integrity of signature key certificates is carried out by calling the program to view the certificate presented along with the ED. The certificate being viewed is printed on on paper, and is transmitted to the members of the commission.

8.6.1 If the certificate used to verify the signature was issued on the basis of a written request from the user, then to prove the relevance and integrity of the certificate used to verify the digital signature, the Security Administrator of the VIPNet Branch and the relevant Party to the commission shall present certificates on paper, issued at receiving a certificate. Members of the commission visually compare these certificates with the printed certificate used to sign the disputed document.

8.6.2 If the certificate was issued on the basis of an electronic request signed with an electronic signature using a previously issued officially issued certificate, the commission is presented with a logically connected chain of requests for certificates and certificates printed on paper, which together confirm that the certificate belongs to the person who generated the digital signature . Printing of these requests and certificates on paper is carried out by the Security Administrator in the VIPNet automated workplace. The request chain is considered valid and the certificate belongs to the specified owner if the following conditions are met:

8.6.2.1 the chain is logically connected, i.e. each subsequent request is signed using a certificate issued based on the previous request;

8.6.2.2 the signature under each request in the chain is valid at the time of issuing the certificate for this request;

8.6.2.3 the certificate with which each request is signed is valid at the time the request is signed;

8.6.2.4 the last element in the chain is electronic certificate(printed), corresponding (by visual comparison) to the certificate used by the commission to verify the digital signature of the disputed electronic document;

8.6.2.5 the certificate that verifies the first request in the chain (printed) corresponds (by visual comparison) to the officially issued certificate presented to the commission.

8.7. Confirmation of the authenticity of the disputed electronic document is the one-time fulfillment of the following conditions:

8.7.1 checking the digital signature of the disputed electronic document with the certificate of signature keys presented by the Party (clause 8.5) gave a positive result;

8.7.2 the ownership, relevance and integrity of the Party’s user signature key certificate (clause 8.6) is confirmed, with the help of which the digital signature of the disputed electronic document is verified;

8.7.3 if the applicant has no doubts about the ownership of the certificate, then check according to clause 8.6. may not be carried out.

8.8. If it is necessary to confirm the fact of delivery and the timing of delivery of an electronic document, an examination of the delivery notice provided by the sender of the electronic document and the digital signature signed by the recipient of the electronic document is carried out. The notification contains checksums of the received electronic document from the digital signature of this electronic document, which uniquely identify the electronic document for which it was generated.

The director decided to transfer his electronic signature

Verification of the authenticity of the notice is carried out similarly to the procedures for verifying an electronic document given above.

9. Based on the results of the commission’s work, an act is drawn up, in which mandatory reflected:

• composition of the commission members;
• established circumstances;
• actions of commission members;
• conclusions affecting the possibility of establishing the authenticity of the disputed document;
• the grounds that served to form the conclusions.

In this case, the act is recognized by the Parties as proper.

10. If the proposal to create a commission is left unanswered by the other Party, or the Party refuses to participate in the commission, or obstacles were created in the work of the commission that did not allow the commission to draw up an appropriate act, the interested Party in unilaterally draws up an act indicating the reason for its preparation. The said act records circumstances that allow one to conclude that the disputed document produced under the Agreement is appropriate, or a conclusion to the contrary is formulated. Said act sent to the other Party for information. When considering disputes in court about the presence or absence of a document executed or not executed using the System or about the authorship of the electronic document, the interested Party is obliged to provide the court with an act drawn up in accordance with this Procedure.

11. The act drawn up by the commission is the basis for making a final decision between the Parties. This decision must be signed by the Parties no later than 10 days from the end of the commission’s work. If the signing of the decision does not take place within this period, the interested Party has the right to apply to arbitration court and without a decision developed by the Parties, but as evidence in a legal dispute, present an act drawn up in accordance with this Procedure.

Committee _________________ Department _________________

Electronic signature no longer belongs to the category of “young” and “immature” technologies. Rather, she is already quite “adult” and reliable. And yet, from time to time, the electronic signature and the procedure for its registration become overgrown with questions. Specialists of the certification center BTP LLC, which has been working in this direction for 8 years, provided the most popular questions that clients have and answered them.

Q: How can I get an EP?

A: The electronic signature is issued after completing the registration procedure:

1. Submitting an application for an electronic signature;
2. Registration of an organization in your personal account;
3. Attaching scanned copies of documents;
4. Payment of bills;
5. Obtaining an electronic signature at the CA/RC office.

Q: For how long is an EP issued?

A: The validity period of the electronic signature verification key certificate is 12 calendar months from the date of its creation.

Is it possible to transfer an EDS to another person?

The procedure for re-issuing an electronic signature is carried out no later than 1 month in order to issue a new one by the end of the validity period of the previous key.

Q: The person responsible for the electronic signature has resigned, can another person use his signature?

A: It is not allowed to use this electronic signature; you may incur administrative and criminal liability. It is necessary to revoke the electronic signature verification key certificate of the resigned employee and reissue the electronic signature certificate to the current employee.

Q: The ES key was lost/stolen

A: In this situation, you must revoke the certificate immediately. Call the office of the certification center and write an application for revocation (cancellation) of the signature certificate.

Q: Why doesn't the CryptoPro unlimited license work?

A: Because the unlimited CryptoPro license is designed for one version of CryptoPro, upon release new version CryptoPro this license ceases to be valid and you must purchase a new license. Based on this, it is better to purchase a license for a period of 1 year, since even if a new version of CryptoPro is released during the validity period, this license will be relevant.

Q: Is it possible to get an ES for individual?

A: Yes, you can. To do this, you need to go through the procedure for obtaining an electronic signature, similar to legal entities and individual entrepreneurs, provide a package of documents (passport, TIN certificate, SNILIS, application) and pay the invoice for the production of the electronic signature.

Q: ED does not work inMicrosoftWord 2010

A: If you have Microsoft Word 2010, then you must purchase a license for the right to use CryptoPro Office Signature.

Q: Is it possible to record an electronic signature on a floppy disk or other media?

Oh no. Since the electronic signature is recorded on a special certified secure key medium.

Q: Is it possible to start participating in electronic auction with one EP, and continue with another EP?

A: It is possible. To do this, you need to add a new user on the electronic trading platform or a new electronic signature verification key certificate (if the owner of the signature has not changed).

Q: The electronic signature does not work on the computer on which “Bank - Client” is installed.

A: The CryptoPro CSP and Bank-Client programs have similar encryption methods. Therefore, a program conflict may occur. It is recommended to install the electronic signature on a computer on which the Client Bank is not installed.

Q: I have an electronic signature, can I use it to participate in an electronic auction on behalf of another organization?

Oh no. The electronic signature is issued to a specific organization; in order to participate in auctions, this organization must obtain accreditation on the electronic trading platform; accordingly, with the electronic signature of another organization, it will not be possible to enter Personal Area on the electronic trading platform, submit a price proposal, sign a contract. Also, the electronic signature is equivalent to a handwritten signature, that is, it will actually follow that another organization signs and stamps it on behalf of the organization participating in the order placement.

Q: Is it possible to install one electronic signature on several computers?

A: Yes, you can. To do this, electronic signature software must be installed on all computers, including the CryptoPro program, and a license to use this program must be purchased for each workstation.

Q: How much does EP cost?

A: Depending on the purpose of the electronic signature, the production of a certificate ranges from 2000 rubles.

Q: Where are ES used?

Electronic signatures can be used for:

1. participation in electronic trading on federal and commercial electronic trading platforms;
2. Customers in accordance with the Federal Law of July 18, 2011. No. 223-FZ “On the procurement of goods, works, services certain types legal entities";
3. electronic document management with government agencies: with the Federal Tax Service, Federal Tariff Service, Federal Customs Service, Social Insurance Fund, Rosstat, Rosimushchestvo, Rosreestr, Rosalkogolregulirovanie, Rosfinmonitoring, Rospatent, Rosprirodnazor, Bank of Russia;
4. exchange of information between legal entities and/or individuals in electronic form, as well as for document flow within the corporate system;
5. access to the AIS “Electronic Employer”;
6. telecom operators for the purpose of uploading domain names to the Unified Register;
7. work in the United federal register information about the facts of activities of legal entities;
8. transfer of information to authorities local government, organizations working in the housing and communal services sector;
9. signing regulatory reports submitted by insurance companies to the NSSO;
10. work in EGAIS;
11. transferring information to the labeling system for products made from natural fur;
12. other areas of application.

Q: Is it possible to use a digital signature issued for tax reporting, for electronic trading?

Oh no. Electronic signatures prepared for tax reporting are not used by electronic trading platforms. When preparing an ES, you choose where you will use the ES; if a signature is required to participate in tenders and send documents to the Federal Tax Service, then signatures are issued separately for each direction.

Q: Can one person have several ES?

Oh yeah. One person can have several ES.

Hello! My loved one was imprisoned, but other than noodles and dry mashed potatoes, no food is allowed. I’m wondering if it’s possible to pass on food prepared at home, since the internal regulations do not indicate a ban on it?

The list of permitted products includes quite a few. This includes smoked sausage, lard, canned food, fruits, vegetables, and much more. Yes, homemade food is not allowed, anything that requires long preparation is not allowed. You can use cereals, for example, in quick-cooking bags, concentrated soups, bouillon cubes. Here, I advise you to read: Food parcels in a pre-trial detention center (how to collect and transfer food parcels to a pre-trial detention center).

Transfer of digital signature. Power of attorney for transfer of digital signature

Usually boiled potatoes, salted herring, dried fish, fish in plastic jars, often fried chicken and cutlets are allowed. Everything is clear here - prisoners have nowhere to store food, especially ready-made food. You need to eat this one right away or it will disappear. Do not forget - the number and weight of parcels are limited, it is better to deliver what is needed and the prisoner will be full until the next transfer, or he will eat enough today and will be slurping gruel for half a month.

Sometimes it’s even more profitable not to send food from home, but to buy some at the store at the camp when delivering the parcel. The point here is that what you buy in such stores does not need to be opened. This means that the canned food will arrive intact and no one will cut the sausage into pieces, cigarettes do not need to be taken out of blocks and packs, sweets do not need to be unwrapped and all that. True, the assortment of such stores is very different. There are some stores (albeit in single copies so far) that are no worse equipped than in the wild. The assortment is again quite good. In some areas there is a cafe for dates, also with commercial equipment and a cozy design. And you can eat in such a cafe and buy something for the prisoner. But in most camps the store can only be compared to a poor stall in terms of assortment. IN Lately Online stores have begun to appear in some pre-trial detention centers, where there is a pretty good selection. You can pay electronically and the carer will receive everything purchased within a day. I think this initiative will develop; over time, such stores will appear in all pre-trial detention centers and even in camps.

sale commercial equipment

Steel Design, comprehensive store fittings, design, engineering, large range of retail equipment, modular systems, hung, mannequins, economy panels

The electronic digital signature contains confidential information, and allows you to certify the document, confirms the authorship and immutability of the content. Today, digital signatures are used in electronic document management, on trading platforms, in working with government agencies and organs, etc. The activity and strength of a digital signature is regulated by federal bill, a separate article of which also stipulates responsibility for using someone else’s digital signature or compromising a certificate.

The need to adopt a federal law was due to the fact that digital signature provides new rights and obligations to subjects of legal relations, and a whole system has been formed to certify the authenticity of a signature specialized organizations. All by-laws adopted following the Federal Law only specify legal mechanisms and complement legislative framework about EDS.

The Federal Law defines the conditions for the use of digital signatures, compliance with which not only recognizes electronic digital signatures as reliable, but also makes it possible to ensure safety personal information and secure data transmission even over open communication channels.

The law also prescribes the responsibility of the owner of the key certificate. According to the Federal Law, the owner of a digital signature is obliged to:

• keep the private EDS key secret;
• do not use digital signature keys if it is known that their confidentiality has been violated;
• demand suspension EDS certificate if there is a suspicion of violation of confidentiality private key.

If the requirements are not met, then all responsibility and compensation for possible losses falls on the owner of the digital signature certificate.

Responsibility for violation of the law

The Federal Law on EDS was adopted on January 10, 2002, and came into force on the territory of the Russian Federation on January 22, 2009. The bill not only covers all areas of the EDS, but also contains the main punishable cases for violating the rules for using a digital signature.

According to the Federal Law, the following persons bear criminal liability:

• unlawfully using the digital signature of another person, incl. unauthorized access to the private key of the certificate;
• who have gained unlawful access to digital signature funds;
• illegally creating and/or using electronic digital signatures.

Civil liability is imposed:

• if losses were caused due to non-compliance of the electronic digital signature declared by the manufacturing company;
• in case of violation of the digital signature verification process.

Compensation for losses is possible if:

• losses were caused to the user of the public key of the digital signature due to unauthorized access of third parties to the private key;
• the guilt of the owner of the public key, who received access from the owner of the private key under an agreement for the use of an electronic digital signature, has been proven.

If it has been proven misuse electronic signature or gaining access to a private key, then on a par with criminal liability civil or administrative liability may be imposed. This is explained by the fact that we punish not the fact of using the digital signature key, but its consequences (theft of money, information, intellectual property

etc.).

Digital signature transfer process

A digital signature is identical to a handwritten original signature used in the electronic document management space. Transfer of digital signature to third parties is prohibited and contradicts the main Federal Law-63. The main provision of this bill is that an electronic digital signature identifies its owner. However, if necessary, you can draw up an act of transferring an electronic signature, which must comply with the provisions of federal law. According to Federal Law 63, all EDF participants have the right to use an electronic signature of any type, but are required to ensure confidentiality. The owner is responsible for the safety of the signature and the scope of application of the details. In case of disputes, such a document will have legal force. A power of attorney drawn up orally between company employees when resolving issues in judicial procedure

will not have legal force.

Certificate of acceptance and transfer of signature

Example of an EDS acceptance and transfer certificate:

• The document can be drawn up in any form, since there are no direct legal requirements for this document. It must include information such as:
• date of compilation;
• Full name of the owner of the digital signature and the person accepting the signature for storage;
• name of the details transferred for storage and use;
• number of copies;

signatures of the parties.

Additionally, you can include the purpose of transferring the signature and the validity period of the agreement, responsibility for the use of the digital signature, conditions for its storage and compensation for damage in case of loss or compromise of the key. Sometimes the cost of the certificate is additionally indicated. If the electronic signature is transferred to more than one person, then several people are indicated in the transfer act.

Compromise of the ES key

In the current Federal Law on electronic signatures, there is no definition of compromise, but it is usually understood as a loss of trust in the private key. However, according to the Federal Law, responsibility for compromising a key lies not only with the owner, but also with the CA that issued the digital signature (clause 4, part 2, article 13).

• In practice, several situations have been identified when the safety and validity of the key can be doubted. These include:
• loss of a key and its subsequent recovery. There is a chance that third parties could have used the key during this period;
• storing the key in a publicly accessible place or in a safe on which signs of forced entry were found;
• violation of the integrity of the key.

If a compromise has been discovered or there are suspicions that third parties have gained access to digital signature funds, then it is necessary:

• stop work that requires the use of an electronic signature;
• contact the CA that issued the electronic signature with a statement about the fact of compromise;
• revoke an EDS key that has lost trust. This can only be done by the owner of the digital signature in person at the CA office.

A compromised electronic signature is usually recalled within 30-40 minutes after being contacted, however, it is stored in the system for several months.

Next, the user needs to issue a new electronic signature, providing a complete package of documents and paying for the details according to the selected tariff.

Compliance with the basic safety provisions when working with digital signatures will allow you to avoid many unpleasant situations, incl. compromising the activities of a company or legal entity. The transfer of rights to use an electronic digital signature is not prohibited by law, but is undesirable: violation of the confidentiality of a private key can lead to financial or other losses, and it is not always possible to prove in court the fact of violation or theft.

M.G. Moshkovich, lawyer

Who is responsible for the electronic signature?

We study the consequences of transferring our electronic signature to other employees Discussed in the article court decisions can be found:

section “Judicial Practice” of the ConsultantPlus system

The use of electronic signature (ES) has become widespread in business practice. However, the electronic signature is perceived more as a convenient document management tool than as a personal signature of a specific person. Obtaining it is not cheap, therefore, instead of issuing an electronic signature for several employees, the electronic signature of one person is often transferred for use to another. And sometimes they even formalize this fact with an order (for example, when the manager or chief accountant goes on vacation or is absent from the office for other reasons).

Let's consider how legal this is and what the consequences of such actions may be.

What the law says According to the Civil Code of the Russian Federation, an electronic signature is an analogue of a handwritten signature and clause 2 art. 160 Civil Code of the Russian Federation

The personal nature of the electronic signature also excludes the issuance of a power of attorney for its use. You can authorize another person to do something on your behalf, which requires them to sign for you. But the representative, of course, will put his signature on the documents, not yours.

It would seem that everything is obvious, but we also have the Law on Electronic Signatures. His wording is quite contradictory and has misled many.

Thus, the Law obliges the owners of the electronic key to maintain its confidentiality and not to use the key if it is violated. subp. 2 p. 2 art. 9, pp. 1, 3 tbsp. 10 of the Law of 04/06/2011 No. 63-FZ (hereinafter referred to as Law No. 63-FZ). What is privacy? This is maintaining the secrecy of information from other persons and preventing its leakage. This means that no one except you should have access to the key.

The law also says that the electronic signature must make it possible to identify the specific person signing the document clause 1 art. 2 of Law No. 63-FZ. If the electronic signature is used by its owner, then this condition is met. What if it’s a different person? The user of the electronic document still sees only the owner’s data; there is no way to understand who “replaces” him. Consequently, the user will receive incorrect information, in other words, will be deceived.

However, there is no direct prohibition on the transfer of an electronic signature key in the Law.

Moreover, as a clarification of the confidentiality rule, the Electronic Signature Law requires that the use of an enhanced electronic signature key not be allowed without the consent of its owner clause 1 art. 10 of Law No. 63-FZ. This gives rise to the erroneous opinion about the legality of the transfer of digital signature if its owner does not object to it.

What happens in practice

So, even the Ministry of Telecom and Mass Communications, authorized body in the field of electronic signature use clause 1 of the Regulations, approved. Government Decree No. 418 dated June 2, 2008, does not see a problem in transferring an electronic signature issued in the name of one person to another person. The department's press service told us the following.

FROM AUTHENTIC SOURCES

Press service of the Ministry of Telecom and Mass Communications

“ Participants electronic interaction are obliged not to allow the use of electronic signature keys belonging to them without their consent Art. 10 of Law No. 63-FZ. That is, in principle, the use of an electronic signature key belonging to one person by another person is permitted; there is no direct prohibition on this in the law.

At the same time, you can transfer the electronic signature verification key certificate to another employee of the organization only if he is given the authority to act on behalf of the company to the same extent as the employee who is the owner of the qualified certificate. The granting of authority is formalized by order of the head of the organization; it is also necessary to obtain the consent of the owner of the verification key certificate for the use of this certificate by another person.

A similar opinion was expressed by a specialist from the Federal tax service.

FROM AUTHENTIC SOURCES

State Advisor civil service RF 2nd class

“When using enhanced electronic signatures, participants in electronic interaction are obliged to ensure the confidentiality of electronic signature keys, in particular, to prevent the use of digital signature keys belonging to them without their consent clause 1 art. 10 of Law No. 63-FZ. Thus, if there is an expression of will, a participant in electronic interaction may allow the use of the electronic signature key by a third party.

But the software developer we contacted for advice doubts the legality of transferring the digital signature key.

FROM AUTHENTIC SOURCES

Lead Developer software products Bukhsoft.ru company

“ The use of any type of electronic signature must somehow indicate that the signature has been made specific person m Art. 5 of Law No. 63-FZ. For this purpose, the Law stipulates the obligation to ensure the confidentiality of keys. Therefore, I consider the meaning of issuing an order to transfer the key to be controversial.”

Possible risks of EP transmission

Since there is no normative prohibition, people often reason in this way: well, yes, it is wrong to use someone else’s digital signature, but we are doing business, no one will be worse off from this, and users of our electronic documentation will not learn anything. However, this is not always the case. First of all, when you trust your electronic signature to other people, control over the confidentiality of the keys is inevitably reduced. Your “deputy” may simply be inattentive and allow an outsider to use the electronic signature, or he may inadvertently catch a virus that downloads the information. As a result, the electronic signature will fall into the hands of scammers and the organization will lose money or information. But there are other dangers.

Let's consider judicial practice from various areas of application of electronic signatures.

Banks

As a rule, bank employees are aware that the electronic signature is not always used by the person for whom it is registered. Which does not mean that the bank recognizes it as legal. It’s just that the risks associated with violating the confidentiality of the digital signature are borne by the client. This follows from Law a clause 1 art. 854, paragraph 1, art. 845, paragraph 3 of Art. 847 Civil Code of the Russian Federation and is always clearly stated in the contract. Therefore, if money is illegally debited from an organization’s account using your digital signature, it will not be possible to recover losses from the bank. Resolution of the AS ZSO dated February 20, 2015 No. A27-5335/2013; FAS MO dated 05.08.2014 No. A40-82734/2013. The courts believe that the bank is obliged to comply payment order, signed by a correct electronic signature clause 1 art. 845 Civil Code of the Russian Federation. Compensation for damage incurred can only be demanded from attackers who somehow gained access to the employee’s electronic signature. But to do this, they must first be installed.

It is important to note that the facts of transfer of digital signature to other persons revealed in court are always assessed as a violation of the contract on the part of the bank client.

Thus, during a sudden shutdown of the computer on which the Client-Bank program was running, more than 1.7 million rubles were written off from the LLC’s current account. The company lost the dispute with the bank regarding the recovery of losses. The judges indicated that the payment order was signed by the director's current signature, and the LLC violated the terms of the confidentiality agreement with the bank. In particular, the medium with the master key and the ES of the director of the LLC was handed over to the chief accountant, who kept it in a safe Resolution of the Federal Antimonopoly Service dated September 3, 2013 No. A35-10589/12.

In another case, 96 thousand rubles. “left” the LLC account on the basis of a payment order signed by the electronic signature of the already dismissed director (they did not inform the bank about the appointment of a new one). And, as the investigation established, this electronic signature was used by an accountant. The court noted that the LLC did not ensure the secrecy of the ES key and transferred it for use to a third party, thereby violating the requirements of the ES Law. The collection of money from the bank was refused Resolution of the Federal Antimonopoly Service ZSO dated December 5, 2011 No. A21-8586/2010.

Counterparties

If a document with which an organization does not agree is signed by a valid electronic signature of its employee, then it is unlikely that it will be possible to wriggle out of the document. Thus, the court decided to collect the debt from the LLC under the supply agreement, although the organization claimed that it had not received the disputed goods. At the same time, there was a delivery note signed by a company employee. According to the organization, this electronic signature was used by a certain unauthorized person. During the trial, it was established that the LLC’s agreement with the supplier provided for the use of an electronic signature when drawing up the primary form, including form No. TORG-12. The electronic signature of the responsible person was recognized as valid Resolution of the Federal Antimonopoly Service of the Eastern Military District dated August 11, 2010 No. A43-5226/2010.

If there is no dispute, but the counterparty finds out that the manager’s signature was used by another employee, for example, when signing a contract, this is not so scary. According to the rules of the Civil Code of the Russian Federation, an organization can send a letter to the other party stating that it approves of a transaction made by an unauthorized person, and thus remove problems from clause 1 art. 183 Civil Code of the Russian Federation.

Government procurement

Enough unpleasant consequences organizations participating in government procurement may use someone else’s digital signature. IN judicial practice there is a case where an LLC ended up in the register for 2 years unscrupulous suppliers. And it happened like this: the general director signed a government contract based on the results open auction the electronic signature of his predecessor (he did not have time to issue his own electronic signature at the time of signing). When information about the date of appointment of a new director appeared on the website of the electronic trading platform, the customer noticed the inconsistency. He sent a complaint to the Federal Antimonopoly Service, indicating that the contract was signed by an unauthorized person. As a result, antimonopoly officers came to the conclusion that the LLC evaded concluding a government contract and punished the organization Resolution of the Federal Antimonopoly Service dated March 5, 2012 No. A23-2637/2011.

Inspectorate of the Federal Tax Service

As practice shows, signing declarations by an unauthorized person can sometimes create problems for the organization. For example, in Novosibirsk, tax officials blocked a company account, having accidentally learned from an interrogation of the director that his electronic signature was used by another employee when signing a previously submitted declaration. The inspectors decided that such a declaration should be considered not filed, but the court stood up for the organization. The fact is that the declaration cannot be rejected according to the TKS if it complies with the format of clause 4 art. 80 Tax Code of the Russian Federation. And since it was accepted, it means the blocking is illegal Resolution of the FAS ZSO dated June 21, 2011 No. A45-20993/2010.

To be fair, we note that inspectors themselves do not attach importance to information about who used the manager’s electronic signature if it is in their interests. So, they accepted the declarations signed by the former director’s electronic signature (although the data on the termination of his powers had already been entered into the Unified State Register of Legal Entities), and calculated arrears, penalties and fines on their basis. In the bankruptcy proceedings of this organization, the bankruptcy creditor tried to exclude the claims of the Federal Tax Service from the register, proving that such declarations were invalid, but the court refused him Resolution of the Federal Antimonopoly Service of Ukraine dated 08/04/2014 No. F09-6411/12. I couldn’t challenge the actions of the tax authorities myself former director, who declared in court about the use of his electronic signature by other persons. The court decided that the Federal Tax Service was obliged to accept declarations signed by the current electronic signature Appeal ruling of the Judicial Collegium for Civil Courts of the Chelyabinsk Regional Court dated 04/07/2014 No. 11-3065/2014.

As we see, the courts did not consider the issue of the legality of using the director’s electronic signature by another employee, but simply proceeded from the grounds for refusing to accept the declaration. It is difficult to say how the issue will be resolved if the tax authorities also accidentally (for example, from an order on the transfer of powers) learn that the chief accountant’s electronic signature was used by another employee when signing electronic invoices. By at least, the possibility of refusal to refund VAT to your counterparties cannot be excluded pp. 2, 6 tbsp. 169 Tax Code of the Russian Federation.

Do I need an order to transfer electronic signature?

Banks. Bank employees are well aware that digital signatures are often used by someone other than the person for whom it was issued. The bank, as a rule, does not attach any importance to this, because the contract clearly states that the client is responsible for maintaining the confidentiality of the digital signature. If money is debited from the organization’s current account using your digital signature, it will not be possible to recover losses from the bank. The courts believe that the bank is obliged to execute a payment order signed with a correct digital signature; the facts of transfer of the digital signature to other persons revealed in court are always assessed as a violation of the contract on the part of the bank’s client.
So, 96,000 rubles. “left” the LLC account. During the investigation, it was found out that the money was written off on the basis of a payment order signed with the digital signature of the dismissed director (the appointment of a new one was not reported to the bank). In addition, it turned out that he signed the document in general Chief Accountant. The court refused to collect money from the bank, noting that the LLC did not ensure the secrecy of the key, thereby violating the requirements of the Law on Electronic Signatures.

Counterparties. If a document with which the organization does not agree is signed with a valid digital signature, then it will most likely not be possible to wriggle out of the document.

Thus, the LLC refused to pay for the goods, insisting that it had not received it. At the same time, there was a delivery note signed with the digital signature of a company employee. According to the LLC, this electronic signature was used by an unauthorized person. During the trial, it was established that the LLC’s agreement with the supplier provided for the use of an electronic digital signature when drawing up the primary document. The court decided to collect the debt from the LLC under the supply agreement, and the invoice signed with an electronic signature was recognized as valid.

Government procurement. Organizations participating in government procurement can have very serious consequences for using someone else’s digital signature. There is a case where an LLC was included in the register of unscrupulous suppliers for 2 years. The general director signed the government contract, won following an open auction, with someone else’s electronic signature (the signature was issued on the previous general director, and own EDS for new the director didn’t have time to do it). The customer noticed the discrepancy with the appointment date and sent a complaint to the Federal Antimonopoly Service, saying that the contract was signed by an unauthorized person. Antimonopoly officers came to the conclusion that the LLC was thus trying to evade concluding a government contract and punished the organization.

Inspectorate of the Federal Tax Service (IFTS). Signing declarations with someone else's digital signature can also create problems for the organization. In Novosibirsk, tax officials blocked the company's current account, having accidentally learned from the interrogation of the director that his digital signature was used by another employee when signing the declaration. It was decided that such a declaration was considered not filed.

To be fair, it is worth saying that the court considered the actions of the tax service to be unlawful, since the declaration cannot be rejected under the TKS if it complies with the format. And since it was accepted, it means the blocking is illegal. True, anyone who has experienced the blocking of a current account knows what a blow this can cause to a business.

To summarize, we can say this: it is safer for every employee who needs to use it to have an electronic digital signature. If for some reason this option is not suitable, then you can give your irreplaceable employee remote access to the electronic document management service so that he can sign the document from anywhere.
It is better for the employee not to agree to transfer the right to use his digital signature to other persons - he will not have to answer for other people’s mistakes or for something worse. It's like leaving your colleagues a stack of blank sheets with your signature.

Having considered the issue, we came to the following conclusion:
Transferring an electronic signature key to another person by proxy is not provided for by law. The owner of an electronic signature has the right only to coordinate its technical use with the consent and under the control of the owner, subject to the confidentiality of the key of such a signature. The use of an electronic signature in violation of the confidentiality of the corresponding key does not relieve the owner from liability for adverse consequences resulting from such use.

Rationale for the conclusion:
First of all, we note that the signature is required details any document giving it legal force (Civil Code of the Russian Federation, Labor Code of the Russian Federation, Tax Code of the Russian Federation, Federal Law of December 6, 2011 N 402-FZ “On Accounting”).
An electronic signature (hereinafter referred to as ES) is an analogue of a handwritten signature; its use is permitted in cases and in the manner provided by law, other legal acts or by agreement of the parties (Civil Code of the Russian Federation, Federal Law of 04/06/2011 N 63-FZ “On Electronic Signature”, hereinafter referred to as Law N 63-FZ). N 63-FZ regulates relations in the field of using digital signatures when making civil transactions, providing government and municipal services, performance of state and municipal functions, when performing other legally significant actions, as well as in all cases established federal laws(Law No. 63-FZ). Electronic signature means information in electronic form, which is attached to other information in electronic form (signed information) or is otherwise associated with such information and is used to determine the person signing the information (Law No. 63-FZ).
In accordance with Law N 63-FZ, types of electronic signature are established: simple and enhanced. Enhanced electronic signature can be unqualified or qualified.
An enhanced electronic signature is distinguished from a simple one by the mandatory presence of an electronic signature key (a unique sequence of characters intended to create an electronic signature) and an electronic signature verification key (a unique sequence of characters uniquely associated with the electronic signature key and intended to verify the authenticity of the electronic signature) specified in the corresponding certificate - electronic document or a document on paper issued by a certification center or an authorized representative of the certification center and confirming that the ES verification key belongs to the owner of the ES verification key certificate (Law N 63-FZ).
For an unqualified ES, an electronic signature verification key certificate may not be created if the compliance of such ES with the characteristics of an unqualified ES can be ensured without the use of this document (Law No. 63-FZ). While one of the requirements that a qualified electronic signature must meet is the requirement to indicate the electronic signature verification key in qualified certificate(Law No. 63-FZ). As follows from Law No. 63-FZ, an ES verification key certificate can be issued and legal entity. In this case, it indicates the name and location of the legal entity, as well as the individual acting on behalf of the legal entity on the basis constituent documents legal entity or power of attorney. In other words, it can be either a manager or another person authorized by a power of attorney. However, there are no restrictions on the number of certificates issued to one legal entity. In other words, an electronic signature can be issued both to the manager and to another person acting on the basis of a power of attorney.
At the same time, in accordance with Law N 63-FZ, when using enhanced electronic signatures, participants in electronic interaction are obliged, among other things, to ensure the confidentiality of electronic signature keys, in particular, to prevent the use of digital signature keys belonging to them without their consent. This formulation allows us to draw a conclusion about the possibility of using electronic keys by other persons with the consent of the participant in the electronic interaction. IN otherwise We are talking about a violation of the confidentiality of an electronic signature key, about which its owner is obliged to notify the certification center that issued the digital signature verification key certificate and other participants in electronic interaction within no more than one business day from the date of receipt of information about such a violation. He is also obliged not to use the electronic signature key if there are grounds to believe that the confidentiality of this key has been violated (Law No. 63-FZ).
However, the norm of Law N 63-FZ does not imply the transfer of the right to use an enhanced digital signature to another person on the basis of any administrative document or a power of attorney (Civil Code of the Russian Federation), but only indicates technical feasibility affixing the electronic signature by another person (for example, technical specialist) with the consent and under the control of the owner of the electronic signature verification key certificate. This interpretation of the norm of Law No. 63-FZ is also found in judicial practice (see, for example, appellate ruling Investigative Committee for Civil Cases of Chelyabinsk regional court dated 12/14/2015 in case No. 11-14292/2015, decision of the Soviet district court Makhachkala, Republic of Dagestan dated 09/08/2016 in case No. 12-636/2016).
As mentioned above, an electronic signature is analogous to a handwritten signature, the responsibility for the execution of which lies with its owner. No. 63-FZ does not directly imply the transfer of the right to use a digital signature from its owner to another person. The use of an electronic signature in violation of the confidentiality of the corresponding key does not relieve the owner from liability for adverse consequences resulting from such use (see, for example, the Fifth Arbitration Court court of appeal dated March 14, 2016 No. 05AP-1119/16, Leninsky District Court of Vladivostok, Primorsky Territory dated December 8, 2014 in case No. 5-1087/2014).

Prepared answer:
Service Expert Legal consulting GUARANTEE
Pavlova Natalia

The answer has passed quality control