Electronic Certification and Accreditation Council (ECAC) was established by Federal Government of Pakistan under Section-18 of Electronic Transaction Ordinance, 2002 (ETO), is an autonomous body and operates under Ministry of Information Technology & Telecom (MoIT), Government of Pakistan. The primary function of the council is to provide accreditation to certification service providers and cryptography services. The mandate of the council also includes monitoring and ensuring compliance of accredited certification service providers in accordance with the ETO 2002.
Like other countries in the world, Pakistani, legislature has also formulated Electronic Transaction Ordinance (ETO) 2002 to put a legal frame work in order to regulate the electronic transactions and to recognize all means of electronic data and electronic signatures in term of their validity or invalidity. The objective was the establishment of legal obligations on one side and the recognition of electronic records on the other side.
Electronic Certification and Accreditation Council (ECAC), established by Federal Government of Pakistan under Section-18 of Electronic Transaction Ordinance, 2002 (ETO), is an autonomous body and operates under Ministry of Information Technology & Telecom (MoIT), Government of Pakistan. ECAC being fully functional regulatory body has enforcement powers to regulate electronic transactions in public and private sectors. ECAC is mandated to grant accreditation to approved crypto apparatus and accreditation to any Certificate Service Providers who intends to work as an Accredited Service Provider. The Council have started regulating PKI Certification Authority service providers in Pakistan under ETO and regulations framed thereunder. The mandate and domain assigned to ECAC is recognized in all primary and secondary legislation and is respected by all regulatory authorities. All companies / individuals/ firms etc engaged in the business of electronic services, are required to get themselves accredited with ECAC in their own business interest. The Certificate of Accreditation shall make electronic transactions more secure, more reliable and worldwide acceptable.
I, on behalf of the council, expect that the role and the exclusive mandate granted to ECAC will be respected by all stakeholders. By addressing the increasing concern about the privacy and security of the individuals as well as organizations, ECAC endeavors for keeping the nation abreast with the ever-changing trends of E-commerce while protecting the interest of related stakeholders. ECAC is committed to achieving ‘Digital Pakistan’ — a vision of Govt. of Pakistan.
Following are some of the key services of ECAC.
To grant and renew accreditation certificates to certification service providers, their cryptography services and security procedures.
To monitor and ensure compliance by accredited certification service providers with the terms of their accreditation and revoke or suspend accreditation in the manner and on the grounds as may be specified in regulations.
To establish and manage the repository.
To monitor compliance of accredited certification service providers with the provisions of the ETO.
To carry out research and studies in relation to cryptography services and to obtain public opinion in connection therewith.
To recognize or accredit foreign certification service providers.
To encourage uniformity of standards and practices.
To give advice to any person in relation to any matter covered under ETO.
To make recommendations to an appropriate authority in relation to the matters covered under ETO.