Electronic
2 5 2 [ N o . 21 o f 2 0 0 9
and
Communications
Transactions
(c) afforded the authentication service provider the opportunity
to—
(i) respond to the allegations in writing; and
(ii) remedy the alleged breach within a specified
period.
(3) The Accreditation Authority may suspend the accreditation
or recognition of an authentication service provider with immediate
effect for a period not e x c e e d i n g ninety days, p e n d i n g t h e
implementation of the procedures required under subsection (2), if
the continued accreditation or recognition of the authentication
service provider is likely to result in irreparable harm to consumers
or any person involved in an electronic transaction in Zambia.
(4)
An authentication service provider whose products or
services have been accredited under this Part may terminate the
accreditation at any time, subject to such conditions as the Authority
may determine at the time of accreditation or thereafter.
Recognition
of accredited
foreign
products
and services
3 2 . (1) T h e M i n i s t e r may, on t h e r e c o m m e n d a t i o n o f t h e
Authority, by statutory notice, and subject to such conditions as the
Minister may determine, recognise the accreditation or recognition
granted to any authentication service provider or its authentication
products or services in any foreign jurisdiction.
(2) An authentication service provider w h o falsely holds out
any products or services as recognised by the Minister under
subsection (1), commits an offence and is liable, upon conviction,
to a fine not exceeding one hundred thousand penalty units or to
imprisonment for a period not exceeding one year, or to both.
Accreditation
regulations
3 3 . T h e M i n i s t e r m a y , by s t a t u t o r y i n s t r u m e n t ,
regulations to provide for—
make
(a) the rights and obligations of persons relating to the provision
of accredited products and services;
(b) the manner in which the Accreditation Authority shall
administer and monitor compliance with accreditation
obligations;
(c) the procedure for the granting, suspension and revocation
of accreditation;
(d) the fees to be paid for accreditation;
(e) information security requirements or guidelines; and
(f) any other matter necessary for the implementation of this
Part.