Are Electronic Signatures (E-Signatures) Reliable?

  • Home
  • Law
  • Are Electronic Signatures (E-Signatures) Reliable?

In the wake of the COVID-19 pandemic, businesses saw unprecedented logistical and operational challenges as jurisdictions across the globe, imposed travel and social distancing restrictions. This state of affairs had the effect of popularising the use of electronic signatures (also known as E-Signatures), with the scope of accommodating to new realities. E-Signatures provide an alternative to wet ink signatures and can be used to execute transnational contracts and formalise commercial transactions remotely. Albeit a convenient tool, E-Signatures have been welcomed with caution due to potential legal issues and risks associated therewith.

This article focuses on the recognition and effectiveness attributed to E-Signatures by the regulations of the European Union and shall refrain from discussing other legal issues pertinent to E-Signatures, such as capacity and authority of signatories.

According to Regulation (EU) no. 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive, any and all types of E-Signatures should not be denied legal effect as a manifestation of signatories’ consent, nor considered as inadmissible evidence in judicial proceedings on the basis of their electronic form. Regulation 3(10) defines an electronic signature as “data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign” and recognises three different types of E-Signatures which carry differing levels of probative value:-

  • A simple E-Signature is a term coined to cover E-Signatures commonly used due to their simplistic nature. A scanned signature affixed onto an electronic document, or a scanned contract signed in wet ink which is thereafter re-scanned and e-mailed to a counterparty, are both examples of simple E-Signatures.
  • An advanced E-Signature satisfies specific requirements under Article 26 of the Regulation with the scope of offering better security. An advanced electronic signature shall meet the following requirements:

(a) it is uniquely linked to the signatory;

(b) it is capable of identifying the signatory;

(c) it is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and

(d) it is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.

  • A qualified E-Signature satisfies advanced technical requirements and is supported by a certificate of authenticity, which is generated by the accredited E-Signature platform and includes information such as: who applied the signature; when was the document signed; and how was the document accessed (including e-mail address and IP address). Commonly used E-Signature platforms include DocuSign, Adobe Sign or HelloSign. A qualified E-Signature is considered to have the same legal effect which a wet ink signature enjoys.

Unless expressly excluded, all contracts can be executed by an appropriate type of E-Signature, however this rule is not immune to certain exceptions and in a cross-border context, legal advice should be sought in the relevant jurisdictions. Admittedly, the reliability of a wet ink signature is higher than that of an E-Signature as the authenticity of the former can be confirmed by expert evidence using specimen signatures provided. On the other hand, E-Signatures are generated in a standard form of script and therefore do not contain distinguishable features linking the signature to a particular person. The EU Regulation thus encourages the use of either the advanced E-Signature or the qualified E-Signature, as these have the ability to identify a signatory with greater certainty than that of a simple E-Signature.

With regards to qualified E-Signatures, E-Signature platforms can provide basic security to ensure that the signatory is the person whose name is on the signature block, however the probative value and robustness of this security remains untested. Common security measures used by E-Signature platforms include making use of e-mail addresses solely produced by a signatory, implementing access codes, and capturing information through a certificate of authenticity. Notwithstanding, the following tips can be followed by individuals making use of any and all types of E-Signatures to ensure the utmost of security:

  • When assuming the role of signatory – it is advised to request the counterparty receiving the electronically signed document to provide an acknowledgement of receipt.
  • When assuming the role of recipient – it is advised to ensure that the electronically signed document is received from the signatory himself, and if not, the signatory should be requested to confirm that he personally signed the document, and that the E-Signature affixed thereto is indeed his own.

Following these tips should provide useful security should any dispute arise.