Global eSignature compliance
SigniFlow advanced eSignature document workflow software
An overview of SigniFlow's global compliance with international eSignature laws and regulations
With Confidence
SigniFlow in Asia
SigniFlow Asia Pacific distributes SigniFlow advanced eSignature document workflow software through a highly experienced partner network into Asian countries and regions.
Middle-eastern Asian countries like Lebanon, Qatar (QA), and United Arab Emirates (UE) are categorised under the Middle East region.
The primary countries in the Asian region are China, India, Indonesia, Bangladesh, Japan, Philippines, Vietnam, Thailand, Myanmar, Singapore and Malaysia.
SigniFlow has a large team of software engineers and experienced business partners in the region looking after the local markets.
Electronic Signatures in Asia
The global technology landscape is evolving at a rapid pace. Most Asian countries accept electronic and/or digital signatures and have adopted some form of electronic communications legislation to regulate the use of e-signatures, some as far back as 1997.
Integrations with Government initiatives like SingPass Login in Singapore and the POSDigicert (Certificate Authority) licensed Public Key Infrastructure (PKI) in Malaysia are good examples of SigniFlow's commitment to supporting local legislation for the provisioning of compliant, secure e-signatures in Asia.
Most Asian countries are driven to become digital economies. Public sectors are driving digital identity initiatives to secure transactions with their citizens. Private sector businesses have realised the advantages of using digital document platforms that offer secure electronic signatures and workflow.
Join the digital signature solution that is #1 in compliance for signing documents electronically in Asia. SigniFlow supports privacy compliance with locally-based data centres and on-premise solutions.
SigniFlow in Australia
SigniFlow® Asia Pacific (based in Melbourne) distributes SigniFlow advanced electronic signature document workflow software through a highly experienced partner network in Australia, New Zealand, and East Asia.
SigniFlow has a large team of eSign software engineers and experienced business partners in the region that ensure customer success in the local markets.
Electronic Signatures in Australia
Electronic Signatures are recognised in Australia by the Electronic Transactions Regulations Act of 2000. SigniFlow's electronic signing solutions comply with all regulations set by Australian Law to firstly replace wet-ink signatures with electronic signatures, and secondly, to digitise your office using trusted security.
Overview
With many Australian and international businesses shifting to remote working arrangements in light of the government’s COVID-19 response, companies and individuals are likely to need to sign documents without easy access to hard copies or a printer.
The good news is that, generally, under Australian law, an electronic signature is likely to be treated the same as a written signature, provided that certain requirements are met. The bad news is that these requirements are not always clear and that some documents are exempt from the legislation governing electronic signatures.
Electronic signatures (or e-signatures) are common in Australia and regularly used for business transactions. Australian laws regarding electronic transactions start from the basis that all types of electronic signatures are just as enforceable and admissible as traditional “wet” signatures, providing that they meet three conditions. They must:
- Identify the signatory and indicate their intention to sign the relevant document or transaction;
- Be either as reliable as appropriate for the purpose of the transaction or document to be signed; or proven in fact, either by itself or in conjunction with other evidence, to identify the signatory and their intention to sign the relevant document or transaction.
- Show that the person to whom the signature is provided consents to the method of signing used.
Australian laws around electronic transactions are complicated by the federal nature of the country’s government. At the Commonwealth (i.e. national) level, the key legislation is the Electronic Transactions (ET) Act 1999, which applies to transactions governed by Commonwealth laws. The Electronic Transactions Regulations 2000 then set out which transactions and Commonwealth laws are exempt from the Act, and so require a traditional signature. Additionally, each State and Territory in Australia also has its own electronic transactions legislation, which broadly mirror the Commonwealth ET Act but include some specific exceptions that apply when a transaction is governed by the laws of the relevant State or Territory.
Various court cases in Australia have upheld the validity of documents signed electronically. However, the threshold for the “reliability” requirement is reasonably low. For example, the courts have upheld the use of a stylus or finger on a computer trackpad to produce a signature similar in appearance to one sent by fax. Thus, when doing business with other jurisdictions where e-signature validity may be assessed differently or for specific compliance requirements, use of certificate-based digital signatures, such as cloud signatures, should be considered as part of the workflow risk management strategy.
Australian law does not require electronic signature data to be stored only within Australia. However, if electronic signature data contains any personal information, it will fall under the requirements of Australia’s Privacy Act for disclosing personal data overseas.
Special Considerations
In Australia, there are several use cases that generally require a traditional signature. Additionally, there are several instances that require additional consideration for e-signatures legal compliance such as when transacting with public sector entities as well as specific state or territory law that may apply to certain use cases or transactions.
Transacting with public sector entities
Under the Commonwealth ET Act, if you provide an electronic signature to a Commonwealth government department or agency, the method of providing that signature must meet the department’s specific information security requirements.
The Commonwealth Corporations Act
The Corporations Act 2001 is exempt in its entirety from the provisions of the Commonwealth ET Act. This means that any provisions of the Corporations Act requiring a signature can only be satisfied using a traditional wet signature.
As a consequence, a person cannot rely on the statutory presumption in section 129(5) of the Corporations Act where a document has been electronically signed. This section provides that a person may assume a company has duly executed a document if the document appears to have been signed by either two directors of the company, a director and a company secretary of the company, or the director of a proprietary company who is the sole director and sole company secretary. This presumption will only arise where the document has been signed using a wet signature.
Australian state and territorial law
The relevant legislation in each Australian State and Territory is:
- Victoria: Electronic Transactions (Victoria) Act 2000;
- New South Wales: Electronic Transactions Act 2000;
- Queensland: Electronic Transactions (Queensland) Act 2001;
- Western Australia: Electronic Transactions Act 2011;
- South Australia: Electronic Communications Act 2000;
- Northern Territory: Electronic Transactions (Northern Territory) Act 2000;
- Tasmania: Electronic Transactions Act 2000; and
- Australian Capital Territory: Electronic Transactions Act 2001.
As with the Commonwealth ET Act, in some States and Territories regulations set out which transactions and laws are exempt from that State or Territory’s electronic transactions legislation. The particular types of exemption are different in each State or Territory.
The main regulations are:
- Victoria: Electronic Transactions (Victoria) Regulations 2010;
- New South Wales: Electronic Transactions Regulation 2017;
- Western Australia: Electronic Transactions Regulations 2012;
- South Australia: Electronic Transactions Regulations 2017;
- Northern Territory: Electronic Transactions (Northern Territory) Regulations 2001; and
- Tasmania: Electronic Transactions Regulations 2011.
Use Cases that Generally Require a Traditional Signature
The particular exemptions differ in each jurisdiction. However, in general there are five categories of transactions that are exempt:
- Legal proceedings:
- The Commonwealth ET Act cannot be relied on for validation of the use of an electronic signature in relation to the practice and procedure of a court or tribunal, including all matters in relation to which rules of court may be made.
- The New South Wales Regulations provides that documents that must be or are permitted to be lodged, filed, signed, produced or retained in relation to legal proceedings cannot be signed or executed electronically.
- The Queensland Regulations provide that documents that must be or are permitted to be filed, signed, produced or retained in relation to a court or tribunal for a proceeding cannot be signed or executed electronically.
- Personal service:
- In New South Wales and Queensland, documents that must be or are permitted to be served personally or by post cannot be signed or executed electronically.
- In South Australia, documents that must be or are permitted to be served personally cannot be signed or executed electronically. However, this exception does not apply to certain prescribed legal proceedings. Prescribed legal proceedings include proceedings in relation to:
- summary or indictable offences under the Summary Procedure Act 1921 (SA);
- the enforcement of a sentence for an offence;
- enforcement and recovery of fines;
- the issue and recovery of expiation fees;
- court orders of a restrictive nature made under the Summary Procedure Act 1921 (SA); or
- court orders made under the Intervention Orders (Prevention of Abuse) Act 2009 (SA).
- In Victoria, transactions that must be effected by personal service and documents that must be served personally cannot be signed or executed electronically.
- In Western Australia, transactions that must be effected by personal service, and information or documents that must be served personally, cannot be signed or executed electronically.
- In the Northern Territory, information that must be given or documents that must be served personally cannot be signed or executed electronically.
- In Tasmania, transactions that must be effected personally, and information or documents that must be served personally cannot be signed or executed electronically.
- Powers of Attorney:
- In Western Australia, transactions, requirements or permissions in relation to creating an instrument appointing an enduring power of attorney or an attorney to manage a person’s affairs cannot be signed or executed electronically.
- In Tasmania, transactions in relation to the creation of an instrument appointing an enduring guardian or an attorney to manage a person’s affairs cannot be signed or executed electronically. Further, requirements or permissions in relation to enduring guardians or powers of attorney cannot be executed or signed electronically.
- The Northern Territory Regulations provide that transactions in relation to the creation or revocation of a power of attorney cannot be signed or executed electronically. Further, laws that require or permit a person to give, record or retain information in writing in relation to the creation or revocation of a power of attorney, or produce or sign an instrument creating or revoking a power of attorney cannot be signed or executed electronically.
- Wills:
- In Victoria, transactions, requirements or permissions in relation to the creation, execution or revocation of a will, codicil or other testamentary instrument cannot be signed or executed electronically.
- In Western Australia, requirements or permissions in relation to the creation, execution or revocation of a will, codicil or other testamentary instrument cannot be signed or executed electronically.
- In Tasmania, transactions, requirements or permissions in relation to the execution or revocation of a will, codicil or other testamentary instrument cannot be signed or executed electronically.
- The Northern Territory Regulations provide transactions in relation to a disposition of property by, or revocation of, a will cannot be signed or executed electronically. Further, laws that require or permit a person to give, record or retain information in writing in relation to a will or revocation of a will, produce a will or revocation of a will, or signing a will or revocation of a will cannot be signed or executed electronically.
- Witnessing:
- In New South Wales and South Australia, documents that must or are permitted to be verified, authenticated, attested or witnessed by or under a person’s signature who is not the author of the document cannot be signed or executed electronically. However, in South Australia, this exception does not apply to transactions in relation to the disposition of land, an interest in land or prescribed legal proceedings. Prescribed legal proceedings are discussed further above.
- In Queensland, documents that must be or are permitted to be attested, authenticated, verified or witnessed by a person who is not the author of the document cannot be signed or executed electronically.
- In Western Australia, transactions or requirements that a document must be verified, authenticated, attested or witnessed under a person’s signature who is not the author of the document cannot be signed or executed electronically.
Temporary Measures in Response to COVID-19
In response to COVID-19, the Commonwealth and most Australian States and Territories have introduced temporary measures to expand electronic signature use cases.
Commonwealth
Under the new temporary rules set out in the Corporations (Coronavirus Economic Response) Determination (No. 3) 2020 (Cth) (Determination), Australian companies can now execute documents under section 127(1) of the Corporations Act 2001 (Cth) if signed by:
- two directors of the company,
- a director and company secretary, or
- a sole director of a proprietary company who is also the company secretary,
Additionally, each signatory must:
- sign a full copy or counterpart of the document in a physical form (other than the signatures of any other persons signing the document), or
- use a reliable and appropriate electronic method to identify themselves and to indicate their intention to execute the document. Examples of electronic methods used to identify a signatory include:
- pasting an electronic scanned copy of the signatory’s signature into a document,
- signing a PDF on a mobile device using a stylus or finger, or
- using a digital signature that incorporates cryptographic authentication
Australian States and Territories
Many Australian States and Territories have also introduced temporary measures to permit documents such as affidavits, deeds, and wills to be witnessed remotely by audio-visual link. It is important to note that the types of documents that can be witnessed remotely as well as expiration dates for the temporary measures differ between each State and Territory.
External Resources:
https://www.lexology.com/
Davis Collison - https://dcc.com/
Source helpx.adobe.com
Published, January 2021
Legal Notices:
https://helpx.adobe.com/legal/legal-notices.html
SigniFlow recommends Adobe Acrobat Reader to validate digital signatures
Disclaimer:
The information in this website is provided for general informational purposes only. No information contained in this website should be construed as legal advice from SigniFlow or any individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this website should act or refrain from acting on the basis of any information included in, or accessible through, this website without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.
SigniFlow in Brazil
SigniFlow® software is distributed through a highly experienced partner network into South America by SigniFlow Limited.
SigniFlow has a large team of software engineers and experienced business partners in the region looking after the local markets.
SigniFlow eSignature document workflow software meets and exceeds the legal requirements for Basic Electronic Signatures and Advanced Electronic Signatures (AES) in Brazil.
Electronic Signatures in Brazil
In Brazil, the use of electronic and certificate-based digital signatures is growing at a fast pace. The acceptance of electronic signatures and electronic contracts in the business community, as well as the public sector, is increasing.
With thousands of active users in Brazil, SigniFlow is fast becoming the platform of choice to either replace traditional eSign solutions, or to implement the latest in modernised digital automation.
The Use of Electronic Signatures in Brazil
The main laws and regulations that govern the use of electronic signatures and digital signatures in Brazil include:
- The Brazilian Civil Code: Article 104, III of the Brazilian Civil Code establishes the freedom of contract forms, meaning that a legal agreement is valid if it is in a form either prescribed by law or not explicitly prohibited by law.
- The Provisional Executive Act 2.200-2 (“MP 2200”): The Provisional Executive Act of August 24, 2001 provides for the validity of general electronic agreements signed digitally.
Per the Brazilian Civil Code, an electronically signed agreement must have:
- a capable agent;
- a licit, possible and determined or determinable object; and
- a form that is prescribed or not prohibited by law.
Brazil maintains its own public key infrastructure (PKI) for digital certificates called Infraestrutura de Chaves Públicas Brasileira (ICP-Brasil). MP 2200 guarantees the legal validity of digitally signed documents in the following situations:
- documents produced within ICP-Brasil; and
- documents produced outside ICP-Brasil if minimum parameters for evidencing the authorship and integrity are met.
For documents produced outside ICP-Brasil, the validity parameters of authorship and integrity are met when: (1) proof of the signer identification is provided; and (2) proof of the integrity of the signed document is provided, subject to the acceptance of the authentication method by all parties that are signing the document.
Electronic signatures that comply with the Brazilian Civil Code and MP 2200 are considered to have the same legal effect as a handwritten signature. Additionally, digital signatures backed by ICP-Brasil are granted a legal presumption that the signature belongs to the person who signed and that the content of the electronic document remains unchanged. In contrast, electronic signatures created outside of ICP-Brasil do not carry this legal presumption and the authorship and integrity of the document must be proven.
Exclusions
Electronic contracts cannot be used where Brazilian law requires specific formal procedures for a particular activity. For example, contracts constituting, transferring, modifying or waiving rights to real estate with a value higher than thirty times the minimum monthly salary in Brazil must be in the form of a public deed.
Recent changes as a result of COVID-19 crisis (April 2020)
Provisional Measure No. 951/2020 (“MP No. 951/2020”), published on April 15, 2020, changed the procedure for issuing digital certificates within the scope of the ICP-Brasil, thereby authorizing the issuance of digital certificates remotely, without the need for the applicant to be present at the establishments accredited to issue such certificates (Registration Authorities).
MP 951/2020 revoked Article 7 of MP 2,200-2, which required the Registry Authorities to act in person with the applicants in order to validate their identity. With MP 951/2020, Registration Authorities can issue electronic certificates remotely, provided that they adopt other means of verification that guarantee a level of security equivalent to the face-to-face verification, observing the applicable ICP-Brasil’s technical standards.
The amendment follows the legislative changes resulting from the COVID-19 pandemic, which led to social distancing and the determination to close establishments in different locations of the country, so as to avoid presential interactions. This change is crucial to facilitate the issuance of ICP-Brasil certificates remotely, thereby enabling companies to migrate to ICP-Brasil-backed electronic signatures in order to remain carrying out more complex business transactions.
However, further regulation is expected in order to define the procedures to enable the Registration Authorities to carry out remote identity verification to ensure safe and reliable issuance of ICP-Brasil digital certificates.
External Resources
helpx.adobe.com
https://lefosse.com/
https://www.lexology.com/
https://uk.practicallaw.thomsonreuters.com/
Published: January, 2021
Disclaimer:
The information in this website is provided for general informational purposes only. No information contained in this website should be construed as legal advice from SigniFlow or any individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this website should act or refrain from acting on the basis of any information included in, or accessible through, this website without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.
Join the Advanced eSignature document workflow solution that is fully compliant in signing documents electronically in Brazil.
SigniFlow supports privacy compliance with local datacentres (BR) and on-premise solutions.
SigniFlow in Canada
SigniFlow software meets and exceeds global requirements for electronic signatures. SigniFlow advanced eSignature document workflow software is distributed through a highly experienced partner network.
SigniFlow has a large team of software engineers and experienced business partners in the region looking after the local markets.
Electronic Signatures in Canada
Under Canadian common law, an eSignature is binding, provided it communicates the necessary intention to be legally bound to an electronically-signed agreement. To promote uniformity in electronic commerce, all Canadian provinces and territories (with the exception of Quebec) have enacted legislation based on the Uniform Electronic Commerce Act (UECA).
According to Canadian Law experts Baker McKenzie, "Provincial legislation adopting the UECA may modify its provisions".
For example, the law in Ontario provides that an e-signature can satisfy any legal requirement that a document be signed so long as the e-signature is reliable for the purposes of identifying the person and the association between the e-signature and the relevant electronic document is reliable.
Under the UECA "electronic" means "created, recorded, transmitted or stored in digital form or in other intangible form by electronic, magnetic or optical means or by any other means that has capabilities for creation, recording, transmission or storage similar to those means", and "electronic signature" means "information in electronic form that a person has created or adopted in order to sign a document and that is in, attached to or associated with the document."
Provincial legislation adopting the UECA may modify its provisions. For example, the law in Ontario provides that an e-signature can satisfy any legal requirement that a document be signed so long as the e-signature is reliable for the purposes of identifying the person and the association between the e-signature and the relevant electronic document is reliable.viii The law in New Brunswick contains the strictest definition of an e-signatures, limiting them to "electronic representation[s] of the manual signature of the person signing the document".ix Meanwhile, Prince Edward Island's statute applies a strict reliability test including specific criteria to link an e-signature to the identity of the signatory.x
Similar to the US framework, under UECA-based legislation, a contract, record or signature will generally not be denied legal effect or enforceability solely because it is in electronic form, and if a law stipulates that a record is required to be in writing or a signature is required, an electronic record or e-signature will typically comply with law.
2.1 Consumer protection in Canada
In Canada, consumer protection rules relating to electronic transactions between consumers and suppliers of goods are in place at the provincial and territorial level. For example, the consumer protection laws in Ontarioxi require suppliers to:
- Give the consumer an express opportunity to accept or decline an electronic consumer agreement and to correct errors in the agreement
- Provide any information required to be disclosed in a manner that ensures the consumer has accessed the information and is able to print and retain the information
- Provide a copy of the electronic agreement to the consumer
Failure to comply with these requirements could result in the cancellation of an electronic agreement. These rules do not apply to financial products and services, credit agreements or leases, among other excluded types of contracts.
3. Exceptions to the Rules
Some documents require wet ink signatures or are subject to more stringent form requirements, these include:xii
- Negotiable instruments and some types of instruments of title
- Certificated investment securities (such as stock certificates)
- Wills, codicils, and testamentary trusts
- Health care proxies and some types of powers of attorney
- Documents relating to adoption, divorce and other family law matters
- Some types of real estate transfer documents and other real estate agreements
- Court orders, notices, and other court documents like pleadings and motions
- Product recall notices affecting health or safety
- Documents required by law to accompany the transportation of hazardous materials
To confirm whether an electronic contract or record can be created for a particular legal objective, the laws applicable to such legal objective should also be analyzed to determine whether there are any legal form requirements.xiii
i Enacted by Congress in 2000.
ii Approved by the National Conference of Commissioners on Uniform State Laws in 1999.
iii These statutes are the Electronic Signatures and Records Act (ESRA) in New York; the Electronic Commerce Security Act (ECSA) in Illinois, and; the Electronic Authorization Act (EAA) in Washington.
iv Under US law, consumer transaction generally means a transaction between a financial institution and a consumer effected primarily for personal, family or household purposes.
v The term financial institution used in this section 1(c) includes (i) banks, (ii) financial technology companies such as PayPal and Apple Pay, and (iii) non-banking financial institutions such as commercial lenders and microloan organizations.
vi Quebec has adopted its own legislation, An Act to Establish a Legal Framework for Information Technology, which is not based on UECA.
vii Approved by the Uniform Law Conference of Canada in 1999.
viii Electronic Commerce Act, 2000, S.O. 2000, c. 17
ix Electronic Transactions Act, RSNB 2011, c 145
x Electronic Commerce Act, RSPEI 1988, c E-4.1
xi Consumer Protection Act, 2002, S.O. 2002, c. 30, Sched. A.
xii This is not an exhaustive list of exclusions.
xiii For more detail and an overview of the complex international legal landscape of electronic signature laws and form requirements, see Lothar Determann, eSignature Laws Need Upgrades (https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3436327), in 72 Hastings Law Journal 2020; and Lothar Determann, Learning the E-Signature Essentials (https://www.law.com/therecorder/2020/03/26/learning-the-e-signature-essentials/) published by The Recorder.
Source bakermckenzie.com
Disclaimer:
The information in this website is provided for general informational purposes only. No information contained in this website should be construed as legal advice from SigniFlow or any individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this website should act or refrain from acting on the basis of any information included in, or accessible through, this website without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.
Join the digital signature solution that is #1 in compliance for signing documents electronically in Canada.
SigniFlow supports GDPR and local privacy compliance with on-premise and locally-based data center solutions.
SigniFlow in Chile
SigniFlow software meets and exceeds global requirements for electronic signatures. SigniFlow advanced eSignature document workflow software is distributed through a highly experienced partner network into South America by SigniFlow Limited.
SigniFlow has a large team of software engineers and experienced business partners in the region looking after the local markets.
Electronic Signatures in Chile
Electronic signatures are regulated by Chilean Law 19,799 for electronic documents, electronic signatures and certification services ("LFE" - Spanish). As a general rule, contracts executed by means of electronic signatures are valid with the same effect as those executed in writing. For legal purposes, electronic contracts are deemed to be in writing and their signatures are regarded as valid, with certain exclusions (read more below).
The LFE recognizes two types of signatures, the simple electronic signature ("SES") and the advanced electronic signature ("AES"). Both can be used without distinction to execute acts and contracts, with exceptions (b i, ii and iii below).
The Use of Electronic Signatures in Chile
SES (the signer has no personal digital certificate issued by an accredited CA) cannot be used where the law expressly requires the use of AES (the signer has a personal digital certificate issued by an accredited CA), for example:
(i) Public instruments in electronic form must bear the AES of the issuing official: an authorized electronic copy of a public document must bear the AES of the authorizing notary; a certificate of the civil registry must bear the AES of the issuing official, etc.
(ii) Judicial powers-of-attorney granted in an electronic document must be signed with the AES of the principal.
(iii) The forms for the constitution, modification, dissolution or annotations of companies from the Registry of Companies and Corporations must be signed with the AES of the constituents, partners or shareholders; or with the AES of the notary who authorizes the act if they do not have their own AES.
b) An electronic signature (FES or FEA) cannot be used when the LFE or other laws forbid the use of an electronic signature:
i) When the law requires a solemnity that cannot be complied with by electronic document
ii) When the law requires the personal attendance of any of the parties
iii) In acts and contracts related to family law
External Resources
helpx.adobe.com
https://www.carey.cl/
https://www.lexology.com/
https://uk.practicallaw.thomsonreuters.com/
Published: January, 2021
Disclaimer:
The information in this website is provided for general informational purposes only. No information contained in this website should be construed as legal advice from SigniFlow or any individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this website should act or refrain from acting on the basis of any information included in, or accessible through, this website without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.
Join the digital signature solution that is #1 in compliance for signing documents electronically in Chile.
SigniFlow supports privacy compliance with local data centres and on-premise solutions
SigniFlow in Europe
SigniFlow Advanced eSignature document workflow software is distributed by SigniFlow Limited into Europe through a highly experienced partner network.
SigniFlow eSignature document workflow software meets and exceeds requirements for Electronic Signatures, Advanced Electronic Signatures (AES), and Qualified Electronic Signatures (QES) in accordance with eIDAS regulations.
SigniFlow has a large team of software engineers and experienced business partners in the region looking after the local markets.
Qualified Electronic Signatures in Europe
European countries adhere to the EU’s eIDAS regulation that was created to establish trust in electronic transactions between individuals, organisations and government entities across European Member States and the UK.
Overview
Electronic signatures are widely used throughout the European Union (EU). In the EU, the use of electronic signatures is regulated by Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market (eIDAS). The eIDAS Regulation is directly applicable throughout the EU although each member state may have additional laws that should to be considered.
The eIDAS Regulation makes a distinction between three different kinds of electronic signatures:
- An electronic signature (also referred to as a simple electronic signature) encompasses any data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign. When an electronic signature meets certain requirements, it can qualify as “advanced” or “qualified”;
- An advanced electronic signature (AdES) refers to an electronic signature that meets some additional requirements so that a higher level of trustworthiness can be met. These requirements are that the electronic signature is:
- uniquely linked to the signatory; and
- capable of identifying the signatory; and
- created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and
- linked to the data signed in such a way that any subsequent change in the data is detectable;
- A qualified electronic signature (QES) is an advanced electronic signature that is:
- created by a qualified electronic signature creation device; and
- based on a qualified certificate for electronic signatures
QES have the same legal effect as a handwritten signature, meaning that for all situations where a document is signed with a QES, and where the relevant national law allows the contract to be executed electronically, the QES will have the same presumption of enforceability/admissibility as a “wet” signature. However, it is for the Member States to decide what legal effect is given to a handwritten signature. Additionally, for those cases where a QES is required in the EU, a qualified trust services provider (QTSP) should be used. And, it is up to the Member States to decide the cases in which a QES is required and some Member States do require a QES to be used for specific documents.
There are also enforceability/admissibility differences between the three types of electronic signatures. A QES carries a presumption of integrity, accuracy and authenticity in legal proceedings and is given the equivalent legal effect as a handwritten signature. However, simple and advanced electronic signatures (non-qualified e-signatures) are only admissible as evidence in accordance with the non-discrimination principle. The non-discrimination principle essentially means that the legal effect and admissibility of non-qualified e-signatures will not be affected (or discriminated against) based solely on the fact that they are provided in electronic form or because they do not meet the requirements of a QES. Additionally, Member States can also decide which legal effects are given to a non-qualified electronic signature.
Under the eIDAS Regulation national Trusted Lists have a constitutive effect – these are commonly referred to as the EU Trust Lists or EUTLs. In other words, a trust service provider (TSP) and the trust services it provides will be qualified only if it appears in the EUTLs.
Member States also have the obligation to establish, maintain and publish trusted lists of Qualified Trust Service Providers (QTSPs) and the qualified trust services provided by them. A QTSP certified in any EU Member State will be recognized as a QTSP by all other Member States. Accordingly, no EU Member State may question the qualified status once a QTSP has been added to the trusted list by the supervisory authority of another Member State.
Additional considerations
The eIDAS Regulation doesn’t make a general distinction between using electronic signatures in the context of natural persons, companies or governmental entities. However, when contracting with EU institutions, attention should be paid to any additional requirements that might be applicable.
The eIDAS Regulation does not require electronic signature data to be stored within the EU. However, Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) is applicable in the EU and should be respected when processing personal data. Accordingly, the rules on data transfers should be respected when storing and processing personal data outside of the European Economic Area.
National laws of the Member States
Although the eIDAS Regulation is directly applicable in every EU Member State, national laws need to be considered as well. For example, the Regulation does not deal with cases where a signature would be legally required, which is a prerogative of the Member States. However, if such a requirement is specified by national law, the Regulation sets out how this requirement can be met in practice when the activities are carried out in an electronic environment.
The Regulation also allows for the inclusion of specific features in qualified certificates at national level, provided that those specific features are not mandatory and do not hamper cross-border interoperability and recognition of qualified electronic signatures.
The eIDAS Regulation does not specify any documents or agreements that cannot be signed or executed electronically, neither does it specify any processes or workflows that cannot be replicated electronically. However, the E-Commerce Directive (Directive 2000/31) foresees the possibility for Member States to exclude the use of electronic signatures for the following categories:
- contracts that create or transfer rights in real estate, except for rental rights;
- contracts requiring by law the involvement of courts, public authorities or professions exercising public authority;
- contracts of suretyship granted and on collateral securities furnished by persons acting for purposes outside their trade, business or profession;
- contracts governed by family law or by the law of succession.
It is up to the Member States to specify any documents that are excluded from electronic signing and it is possible for Member States to enact national legislation that affects the applicability of the eIDAS Regulation. For further details on the validity and enforceability of electronic signatures in the relevant Member State, please refer to the individual Member State guides
Source helpx.adobe.com
Published, October 5, 2020
Adobe Legal Notices: https://helpx.adobe.com/legal/legal-notices.html
SigniFlow recommends Adobe Acrobat Reader to validate digital signatures
Disclaimer:
The information in this website is provided for general informational purposes only. No information contained in this website should be construed as legal advice from SigniFlow or any individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this website should act or refrain from acting on the basis of any information included in, or accessible through, this website without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.
Join the digital signature solution that is industry-leading in compliance when signing electronic documents in the EU.
SigniFlow supports GDPR compliance with local EU-based data centres and on-premise solutions.
SigniFlow in France
SigniFlow Advanced eSignature document workflow software is distributed by SigniFlow Limited into France through a highly experienced partner network.
SigniFlow eSignature document workflow software meets and exceeds requirements for Electronic Signatures, Advanced Electronic Signatures (AES), and Qualified Electronic Signatures (QES) in accordance with eIDAS regulations.
SigniFlow has a large team of software engineers and experienced business partners in the region looking after the local markets.
Qualified Electronic Signatures in France
France adheres to the EU’s eIDAS regulation that was created to establish trust in electronic transactions between individuals, organisations and government entities across European Member States and the UK.
Overview
Electronic signatures are widely used throughout the European Union (EU). In the EU, the use of electronic signatures is regulated by Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market (eIDAS). The eIDAS Regulation is directly applicable throughout the EU although each member state may have additional laws that should to be considered.
The eIDAS Regulation makes a distinction between three different kinds of electronic signatures:
- An electronic signature (also referred to as a simple electronic signature) encompasses any data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign. When an electronic signature meets certain requirements, it can qualify as “advanced” or “qualified”;
- An advanced electronic signature (AdES) refers to an electronic signature that meets some additional requirements so that a higher level of trustworthiness can be met. These requirements are that the electronic signature is:
- uniquely linked to the signatory; and
- capable of identifying the signatory; and
- created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and
- linked to the data signed in such a way that any subsequent change in the data is detectable;
- A qualified electronic signature (QES) is an advanced electronic signature that is:
- created by a qualified electronic signature creation device; and
- based on a qualified certificate for electronic signatures
QES have the same legal effect as a handwritten signature, meaning that for all situations where a document is signed with a QES, and where the relevant national law allows the contract to be executed electronically, the QES will have the same presumption of enforceability/admissibility as a “wet” signature. However, it is for the Member States to decide what legal effect is given to a handwritten signature. Additionally, for those cases where a QES is required in the EU, a qualified trust services provider (QTSP) should be used. And, it is up to the Member States to decide the cases in which a QES is required and some Member States do require a QES to be used for specific documents.
There are also enforceability/admissibility differences between the three types of electronic signatures. A QES carries a presumption of integrity, accuracy and authenticity in legal proceedings and is given the equivalent legal effect as a handwritten signature. However, simple and advanced electronic signatures (non-qualified e-signatures) are only admissible as evidence in accordance with the non-discrimination principle. The non-discrimination principle essentially means that the legal effect and admissibility of non-qualified e-signatures will not be affected (or discriminated against) based solely on the fact that they are provided in electronic form or because they do not meet the requirements of a QES. Additionally, Member States can also decide which legal effects are given to a non-qualified electronic signature.
Under the eIDAS Regulation national Trusted Lists have a constitutive effect – these are commonly referred to as the EU Trust Lists or EUTLs. In other words, a trust service provider (TSP) and the trust services it provides will be qualified only if it appears in the EUTLs.
Member States also have the obligation to establish, maintain and publish trusted lists of Qualified Trust Service Providers (QTSPs) and the qualified trust services provided by them. A QTSP certified in any EU Member State will be recognized as a QTSP by all other Member States. Accordingly, no EU Member State may question the qualified status once a QTSP has been added to the trusted list by the supervisory authority of another Member State.
Additional considerations
The eIDAS Regulation doesn’t make a general distinction between using electronic signatures in the context of natural persons, companies or governmental entities. However, when contracting with EU institutions, attention should be paid to any additional requirements that might be applicable.
The eIDAS Regulation does not require electronic signature data to be stored within the EU. However, Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) is applicable in the EU and should be respected when processing personal data. Accordingly, the rules on data transfers should be respected when storing and processing personal data outside of the European Economic Area.
National laws of the Member States
Although the eIDAS Regulation is directly applicable in every EU Member State, national laws need to be considered as well. For example, the Regulation does not deal with cases where a signature would be legally required, which is a prerogative of the Member States. However, if such a requirement is specified by national law, the Regulation sets out how this requirement can be met in practice when the activities are carried out in an electronic environment.
The Regulation also allows for the inclusion of specific features in qualified certificates at national level, provided that those specific features are not mandatory and do not hamper cross-border interoperability and recognition of qualified electronic signatures.
The eIDAS Regulation does not specify any documents or agreements that cannot be signed or executed electronically, neither does it specify any processes or workflows that cannot be replicated electronically. However, the E-Commerce Directive (Directive 2000/31) foresees the possibility for Member States to exclude the use of electronic signatures for the following categories:
- contracts that create or transfer rights in real estate, except for rental rights;
- contracts requiring by law the involvement of courts, public authorities or professions exercising public authority;
- contracts of suretyship granted and on collateral securities furnished by persons acting for purposes outside their trade, business or profession;
- contracts governed by family law or by the law of succession.
It is up to the Member States to specify any documents that are excluded from electronic signing and it is possible for Member States to enact national legislation that affects the applicability of the eIDAS Regulation. For further details on the validity and enforceability of electronic signatures in the relevant Member State, please refer to the individual Member State guides
Source helpx.adobe.com
Published, October 5, 2020
Adobe Legal Notices: https://helpx.adobe.com/legal/legal-notices.html
SigniFlow recommends Adobe Acrobat Reader to validate digital signatures
Disclaimer:
The information in this website is provided for general informational purposes only. No information contained in this website should be construed as legal advice from SigniFlow or any individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this website should act or refrain from acting on the basis of any information included in, or accessible through, this website without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.
SigniFlow advanced eSignature document workflow software helps French businesses meet the requirements of eIDAS by using state-of-the-art digital cryptographic signature technology (X.509) that allows businesses and their customers to sign documents remotely and securely, with the sound knowledge that they are signing with legally binding, compliant digital signatures.
Join the digital signature solution that is #1 in compliance for signing electronic documents in France.
Supports GDPR compliance with local EU-based data centres and on-premise solutions.
SigniFlow in the United Kingdom
SigniFlow eSignature document workflow software is distributed by SigniFlow Limited with its headquarters situated in London, United Kingdom.
From here, SigniFlow Ltd distributes SigniFlow software through a highly experienced partner network into England, Wales, Scotland, Northern Ireland, and Europe.
SigniFlow has a large team of software engineers and experienced business partners in the region looking after the local markets.
Electronic Signatures in the UK
The UK Government is incorporating an amended form of the existing eIDAS regulations on digital and e-signatures into domestic law.
After the withdrawal date, the Electronic Identification and Trust Services for Electronic Transactions (Amendment) (EU Exit) Regulations 2019 (SI 2019/89) (Trust Services Brexit SI) amends and removes certain provisions around trust services that will no longer apply following the UK’s departure from the EU.
The Law Society (The Law Society is the independent professional body for solicitors) UK - Their position on the use of virtual execution and e-signature during the coronavirus (COVID-19) pandemic was published here.
Legislation.gov.uk - The Electronic Signatures Regulations 2002
Thomas Reuters Practical Law 14 April 2020 - COVID-19: electronic signatures (Video)
Overview of Electronic Signatures in the UK
In accordance with the above, the eIDAS Regulation is currently directly applicable under English law and sets out minimal, not maximal, standards for e-signatures. Accordingly, it has had a limited effect on pre-existing English law, given the already broad definition of simple electronic signatures that had been adopted under the ECA (defined below), the admissibility of these as evidence in court under the ECA, and the rare use of qualified electronic signatures.
Next to eIDAS, the Electronic Communications Act of 2000 (ECA) is the main legal instrument regulating the use of electronic signatures in England & Wales. In 2016, the UK also enacted the Electronic Identification and Trust Services for Electronic Transactions Regulations 2016, which amended relevant sections of the ECA that dealt with electronic signatures under the previous regime.
Additionally, in 2019, the Law Commission (an independent commission set up by Parliament to review the law of England and Wales and to recommend reforms) published a report on electronic execution, which was intended in particular to address legal uncertainties concerning electronically executed documents. This was endorsed by the UK Government in March 2020.
Under English law, contracts may be made orally, in hard copy or electronically, provided that:
1. the key elements of a contract are present (offer, acceptance, consideration, certainty of terms and an intention to create legal relations); and
2. appropriate formalities or execution procedures are followed in certain cases (this is particularly relevant to deeds).
Simple contracts can therefore be validly concluded with an electronic signature (assuming the parties do not agree otherwise) because there is no legal requirement for a signature in the first place. Simple contracts can be made by various forms of electronic communication, including email, website order/acceptance procedures, fax and text messages and it is permitted to exchange/complete legal documents by email or fax (without the need for “wet” signatures).
The Law Society (2016) and the Law Commission (2019) both confirmed that an electronic signature can be used to validly execute a document if:
(i) the person signing the document intends to authenticate the document; and
(ii) any execution formalities are satisfied.
English law has a broad definition for e-signatures and does not in itself distinguish between various types. Section 7(2) of the ECA stipulates that “an electronic signature is so much of anything in electronic form as is incorporated into or otherwise logically associated with any electronic communication or electronic data and purports to be used by the individual creating it to sign”.
The Law Commission recently decided against prescribing the use of digital signatures as a distinct subset of electronic signatures. However, it noted the prevalence of digital signatures in civil law jurisdictions. From an England & Wales perspective, however, there is no clear distinction, and the term “electronic signatures” is used to include digital signatures.
The ECA states that in “any legal proceedings, an electronic signature incorporated into or logically associated with a particular electronic communication or particular electronic data, and the certification by any person of such a signature, shall each be admissible in evidence in relation to any question as to the authenticity of the communication or data or as to the integrity of the communication or data”. Accordingly, English courts accept documents bearing an e-signature as prima facie evidence that the document is authentic.
The ECA does not directly address the evidential weight to be given to an e-signature. As a result, if the authenticity of an e-signature is challenged, the courts will determine, on a case-by-case basis, whether the e-signature has been correctly used and what weight it should be given against other evidence. In this respect, it is similar to wet-ink signatures. The evidential weight to be assigned to a particular e-signature will, to a large extent, depend on the integrity of the e-signature system employed.
Use cases that generally require a traditional signature
Despite the Law Commission’s guidance, there are circumstances in which it may not be appropriate to use electronic signatures. Electronic records and signatures may not be used for:
- wills;
- registrable dispositions (real estate property documents) that must be submitted for registration with the Land Registry and the Land Charges Registry (with the exception of electronic mortgage deeds, which can be registered using the Land Registry’s digital mortgage service);
- some documents such as company accounts to be registered with Companies House outside its online web-filing service;
- negotiable instruments (such as bills of exchange, promissory notes and chattel mortgages); and
- powers of attorney or statutory assignments.
- deeds that are being witnessed or used in the context of UK real estate
Additionally, where the original version of a document needs to be filed/registered at or sent to a registry/authority, it is recommended that “wet” signature originals are provided, for example, in respect of the registries set out below:
- HM Land Registry and Land Charges Registry;
- Companies House (although Companies House generally accepts electronic signatures via its online filing service);
- HM Revenue and Customs, where stamp duty is payable on a document;
- Stamp Office (for adjudication); and
- Office for the Public Guardian (for lasting powers of attorneys).
Certain other documents are subject to specific formalities imposed by statute or case law, including that the document to be “in writing”, “signed” and/or “executed as a deed”. These include guarantees (which must be signed and in writing) and legal mortgages or charges by way of legal mortgage over land (which must be executed as deeds).
External Resources:
-Legislation.gov.uk
-Thomas Reuters
-helpx.adobe.com
-Adobe Legal Notices: https://helpx.adobe.com/legal/legal-notices.html
Published January 2021
SigniFlow recommends Adobe Acrobat Reader to validate digital signatures
Disclaimer:
The information in this website is provided for general informational purposes only. No information contained in this website should be construed as legal advice from SigniFlow or any individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this website should act or refrain from acting on the basis of any information included in, or accessible through, this website without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.
SigniFlow Electronic Signatures enable businesses across Great Britain to meet and exceed the requirements of UK-eIDAS using Advanced eSignatures. Get ready to conduct business in a digital world with modernised standards.
SigniFlow in Malaysia
Electronic Signatures in Malaysia
On 9 September 2020, the Ministry of Communications and Multimedia Malaysia (MCMM) released a statement urging service providers using internet facilities to use digital signatures regulated under the Digital Signature Act 1997 in the management of their companies. In particular, the MCMM highlighted the fact that Deputy Minister of Communications and Multimedia, Datuk Zahidi Zainul Abidin, deemed the move necessary to prevent a company's network system from being exposed to cyber threats. Specifically, the MCMM noted that, in Abidin's statement, the use of digital signatures was identified as safer, because the public - or users who wanted to use digital signatures - had to register with the Certification Authority for identity verification.
Ministry of Communications and Multimedia urges use of regulated digital signatures
KUALA LUMPUR, 9 Sept 2020 – Syarikat pemberi perkhidmatan yang menggunakan kemudahan internet digesa menggunakan tandatangan digital yang dikawal selia di bawah Akta Tandatangan Digital 1997, dalam pengurusan syarikat mereka.
Timbalan Menteri Komunikasi dan Multimedia Datuk Zahidi Zainul Abidin berkata langkah itu perlu bagi mengelakkan penggunaan sistem rangkaian syarikat berkenaan terdedah dengan ancaman siber.
‘’Kelebihan penggunaan tandatangan digital terserlah, ia boleh meningkatkan kecekapan pengurusan serta penyampaian perkhidmatan oleh mana-mana agensi sektor awam mahupun swasta tanpa perlu bersemuka.
“Sehubungan itu, agensi dan syarikat berkenaan digalak untuk menggunakan tandatangan digital yang dikawal selia oleh akta tandatangan digital,” katanya pada sesi soal jawab persidangan Dewan Negara hari ini.
Beliau berkata demikian ketika menjawab pertanyaan Senator Datuk Lim Pay Hen berhubung usaha kementerian dalam memperkukuh sistem siber termasuk tandatangan digital.
Zahidi berkata penggunaan tandatangan digital itu dilihat lebih selamat kerana orang ramai atau pengguna yang ingin menggunakan tandatangan digital perlu berdaftar dengan Pihak Berkuasa Pemerakuan (PBP) untuk pengesahan identiti.
“Dengan menggunakan tandatangan digital, identiti seseorang pengguna telah ditentusahkan oleh PBP dan penerima dokumen yang ditandatangani dengan tandatangan digital boleh menggunakannya dengan yakin, selamat dan terjamin,” katanya.
-- BERNAMA / https://www.kkmm.gov.my/
We found this interesting article online by Law firm ZUL RAFIQUE & partners (ZRp) - Highly recommended.
Introduction The limitation on movement presents difficulties for corporations and business entities in the execution of documents and contracts, prompting these entities to resort to electronic dealings in an attempt to ensure business efficacy and continuity of commercial transactions. Amongst others, the usage of electronic signatures, also known as e-signatures emerges as the new norm post-MCO and during CMCO as a viable alternative to the traditional wet-ink signature that has long been the practice in commercial transactions. Types of E-Signatures There are two types of electronic signatures legally recognised in Malaysia and they are as follows:-
- Digital signature governed under the Digital Signature Act 1997 (“DSA”); and
ii. Electronic signature regulated under the Electronic Commerce Act 2006 (“ECA”).
The term “digital signature” and “electronic signature” are not to be used interchangeably as it refers to entirely different concepts and are governed by differing statutes.
A. Digital Signature
A digital signature under the DSA is limited to mean “a transformation of a message using an asymmetric cryptosystem”[3] that is verified by reference to the public key listed in a valid certificate issued by a license certification authority. In other words, a digital signature is based on cryptography which is legally recognised if it is created in accordance with the DSA comprising inter-alia of the following:-
- verification by reference to the public key listed in a valid certificate issued by a licensed certification authority[4];
ii. affixed by the signer with the intention of signing the message; and
iii. the recipient has no knowledge or notice that the signer has breached a duty as subscriber OR does not rightfullt hold the private key used to affix the digital signature.[5]
A digital signature bears no physical resemblance to wet-ink signatures as it is created and verified using crytography that concerns itself with transforming messages into seemingly unintelligible form and back to its original form thereafter[6] .However, a digital signature would be as legally binding as a document signed with the traditional wet-ink signatures, an affixed thumb print or any other mark [7] There are instances where digital signatures have been used as an electronic signature in commercial transactions, and in such instances the provisions of the DSA as a whole shall continue to apply in respect of the said digital signatures pursuant to section 9(3) of the ECA.
B. Electronic Signature
An electronic signature under the ECA is defined broadly to include “any letter, character, number, sound or any other symbol or any combination thereof created in an electronic form adopted by a person as a signature”[8]. As a general rule, where any law requires a signature of a person on a document, it will be deemed fulfilled by an electronic signature if it:
- is attached to or is logically associated with the electronic message;
- adequately identifies the person and adequately indicates the person’s approval of the information to which the signature relates; and
iii. is as reliable as is appropriate given the purpose for which, and the circumstances in which the signature is required.[9]
The requirement of reliability of the electronic signature is fulfilled if the creation is linked to or under the control of the person only and any alteration to the electronic signature and the document concerned after time of signing is detectable.[10]In the Federal Court case of Yam Kong Seng & Anor v Yee Weng Kai [2014] 6 CLJ 285, Suriyadi Halim Omar FCJ delivering the judgment of the court held that the legal requirement for an electronic signature pursuant to section 9 of the ECA is fulfilled in the form of a short messaging service (SMS) where the sender is adequately identified i.e. the registered owner of the telephone number from which the SMS was sent. The judiciary further held that signatures need not be written and sufficient if there is any mark which identifies the act of the party or some distinguishing feature peculiar to the person. This case had interpreted broadly section 5 of the ECA that an electronic signature of any letter, character, number, sound or other symbol or any combination created in an electronic form include SMS where the owner of the number is identified thereby paving the possibility of a wider recognition of electronic signatures in various forms.Non-Applicability of E-Signatures Unlike digital signatures, where the DSA is silent as to what specific types of transaction it is applicable to, electronic signatures on the other hand are applicable to any commercial transactions so long as the requirements under the ECA are fulfilled. However, it must be noted that there are four types of transactions or documents which are explicitly excluded from the application of electronic signatures under section 2 of the ECA, namely:-
- Powers of Attorney;
- The creation of wills and codicils;
iii. The creation of trusts; and
iv. Negotiable instruments (such as bills of exchange and cheques).[11]
It must also be noted that under section 16 of the ECA service of documents such as notices of default, notices of demand, notices to show cause, notices of repossession, any notices required to be served prior to commencing a legal proceeding and any originating process, pleading, affidavit or other documents required to be served pursuant to a legal proceeding cannot be effected by service or delivery through electronic means.Points to Ponder on the Use of E-Signatures The adoption of e-signatures may be desirable to reduce turnaround time and ensure business efficacy. The prospect of adopting e-signatures becomes more attractive as social distancing becomes the new norm moving forward as it would ensure human contact during the execution of documents are kept to a minimal. However, there is a need to weigh the convenience of using e-signatures against the legal risks of such e-signatures being challenged. The legal and practical considerations that need to be taken into account are as follows: –
(a) Use not Mandatory
Pursuant to section 9 of ECA, electronic signatures need to be signed on a document in the form of an electronic message. However, section 3 of the ECA provides that the use, provision or acceptance of an electronic message for commercial transaction is not mandatory and is subject to the consent of parties which may be inferred from conduct.[12] This means that the validity of electronic signatures may be challenged if a party to the transaction disputes giving consent to the use of electronic message. Consent must be reached in clear terms by parties for the use, provision and acceptance of commercial transactions by electronic means.
(b) Absence of Technology Neutrality
Confusion can also arise in respect of the usage and effect of digital signatures and electronic signatures as both are treated differently under Malaysian law. An electronic signature created using a normal signing tool would satisfy the requirement of signature [13] and/or witnessing[14] in respect of paper-based documents provided that the threshold tests under the ECA are fulfilled. However, where any law requires a seal to be affixed, a digital signature created based on cryptography under the DSA is required instead. Awareness on the differences between these 2 methods of electronic signatures and its utilisation for different commercial transactions remains a relevant consideration for parties. Parties should avoid the risk of a contract being challenged on the ground that the incorrect method of e-signature was utilised.
(c) Recognition of Foreign Digital Signatures and Electronic Signatures
Unlike Thailand and Vietnam, Malaysia did not adopt ECA and DSA specifically based on or influenced by the UNCITRAL Model Law on Electronic Signatures 2001 (“MLES”)[15]. As such, there is no blanket acceptance or recognition of foreign digital signatures and electronic signatures issued/created outside Malaysia on the principle of substantive equivalence that disregards the place of origin [16]. A digital signature which has been recognised by foreign certification authorities will not have the same effect and validity in Malaysia unless the digital signature satisfies all the requirements under section 62 of the DSA and that the foreign certification authority is recognised under section 19 of the DSA. [17] To date, no foreign certification authorities have received recognition in Malaysia.[18]
The Malaysian position on the recognition of foreign electronic signatures which have been issued and/or created outside Malaysia is also uncertain as there are no specific provisions dealing with this issue under the ECA. In the recent High Court case of SS Precast Sdn Bhd v Serba Dinamik Group Bhd & Ors [2020] MLJU 400, the learned judge Datuk Wong Kian Kheong in allowing the use of an unaffirmed affidavit with counsel’s undertaking to refile the affirmed affidavit after MCO had taken judicial notice of the fact that the affirmation before a Commissioner for Oaths could not be carried out due to the MCO. It therefore follows that affirmations before a Commissioner for Oaths is still subject to the traditional requirement of wet-ink signatures/mark and could not be resorted to e-signatures, possibly in view of the provisions in the ECA and/or the Electronic Government Activities Act 2007 (“EGA”).
(d) Government Dealings
Dealings between the government and the public and the legal recognition of electronic messages and electronic signatures are regulated specifically under the EGA. Similar to ECA, the requirement for a signature on an electronic message can be fulfilled using electronic signatures however the use of electronic messages in dealings with the government is subject to consent.[19]
Section 19 of the EGA further stipulates that documents filed or submitted in the form of electronic message is recognised if:-
(i) it is accessible and intelligible to be usable for subsequent reference; and
(ii) submitted in accordance to such specified form.
The issuance of any license, permit, approval, authorisation or similar document under any law is also fulfilled in the form of an electronic message provided it is accessible and intelligible to be usable for subsequent reference under section 21 of the EGA.
Whilst the usage of e-signatures and electronic messages in dealings between the public and the government would allow for efficacy and expediency in many transactions, the use of the traditional wet-ink signatures cannot be discounted altogether and may still be required for certain transactions.
Conclusion As there are statutory provisions in Malaysia that regulate and explicitly recognises e-signatures, corporations and relevant entities must take steps to understand and be aware of the requirements in law that must be fulfilled before e-signatures are recognised under the provisions of the ECA and/or DSA to ensure that the validity of documentation executed in this manner are not disputed or questioned later on. Corporations are thus advised to seek legal advice and have adequate legal representation who are well-versed in this area of law in these transactions to ensure its rights are protected.
[1] Prevention and Control of Infectious Disease (Measures within the Infected Local Area) (No. 5) Regulations 2020 made on 3 May 2020
[2] Prevention and Control of Infectious Disease (Measures within the Infected Local Area) (No. 6) Regulations 2020 made on 12 May 2020 read together with Prevention and Control of Infectious Disease Measures within the Infected Local Area) (No. 6) (Amendment) Regulations 2020 made on 22 May 2020.
[3] Section 2 of DSA.
[4] There are currently four licensed certification authorities in Malaysia. Further reference could be made to the Malaysian Communication and Multimedia Commission (“MCMC”) portal accessible via this link.
[5] Section 62 of DSA.
[6] UNCITRAL Model Law on Electronic Signatures with Guide to Enactment 2001 at paragraph 36.
[7] Section 62(2) of DSA.
[8] Section 5 of ECA.
[9] Section 9 of ECA.
[10] Section 9(2) of ECA.
[11] Schedule to Section 2 of ECA.
[12] Section 3 of ECA.
[13] Section 9 of ECA.
[14] Section 11 of ECA.
[15] The list of states which adopted domestic legislation based on or influenced by the UNCITRAL Model Law on Electronic Signatures 2001 can be found via this link.
[16] See Article 12 of the MLES.
[17] See regulation 71 of the Digital Signature Regulations 1998 on the criteria for recognition of foreign certification authorities.
[18] List of Recognised Foreign Certification Authorities can be found via MCMC Portal. Click here.
[19] Sections 3 and 13 of EGA.
External Resources
https://www.zulrafique.com.my/
Published, January 2021
Disclaimer:
The information in this website is provided for general informational purposes only. No information contained in this website should be construed as legal advice from SigniFlow or any individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this website should act or refrain from acting on the basis of any information included in, or accessible through, this website without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.
Join the Advanced eSignature document workflow solution for the ultimate in compliance when signing documents electronically in Malaysia. SigniFlow supports privacy compliance with datacentres in Malaysia as well as on-premise solutions.
SigniFlow in Qatar
SigniFlow Software meets and exceeds requirements for Electronic Signatures and Advanced Electronic Signatures (AES) in accordance with the Qatar e-Commerce Law.
SigniFlow advanced eSignature software is distributed by SigniFlow Limited through a highly experienced partner network in the Middle East.
SigniFlow has a large team of software engineers and experienced business partners in the region looking after the local markets.
Electronic Signatures in Qatar
Qatar's first comprehensive e-Transactions and e-Commerce Law was enacted by the Emiri Decree in 2010.
The e-Commerce Law includes provisions on areas such as e-signatures, e-documents and authentication. It covers e-Commerce transactions in Qatar, including e-Government services. The law was modelled on the United Nations and European Union models and directions on e-commerce and electronic signatures, and other international practices.
e-Commerce Law Article 28. An electronic signature shall have evidential weight if the following conditions are met:
- the signature creation information are identified with the signatory and no other person;
- the signature creation information were, at the time of signing, under the control of the signatory and of no other person;
- any alteration to the electronic signature, made after the time of signing, is detectable;
- where a purpose of the legal requirement for a signature is to provide assurance as to the integrity of the information to which it relates, any alteration made to such information after the time of signing is detectable.
The Supreme Council shall issue decisions to determine which electronic signature processes and technologies satisfy the provisions of the preceding provisions.
Article 29. Where initiating an electronic signature, the signatory shall comply with the following:
- exercise reasonable diligence to avoid unauthorised use of its signature creation information. without undue delay, utilise means made available by the certification service provider pursuant to Articles 36 and 37 of this Law to notify any person that may reasonably be expected by the signatory to rely on the electronic signature or to take the necessary measures in support of the electronic signature if the signature creation information has been compromised, or circumstances give rise to a substantial risk that the signature creation information may have been compromised.
- where a certification certificate is used to support the electronic signature, exercise reasonable diligence to ensure the accuracy and completeness of all material representations made by the signatory that are relevant to the certification certificate throughout its life cycle or that are to be included in the certification certificate.
Article 30.
A signatory shall bear the legal consequences of its failure to satisfy the aforementioned requirements as stipulated in the preceding Article.
Article 31.
A relying party shall bear the legal consequences of its failure to take reasonable steps to ensure that the requirements of the electronic signature stated in Article 28 herein have been met, or where an electronic signature is supported by a certification certificate, verify the validity, origin, suspension or revocation of the certificate, or any limitation thereon.
Article 32.
An electronic signature shall be deemed legally effective, regardless of the geographic location where the electronic signature is created or used, or the geographic location of the place of business of the signatory.
Article 33.
An electronic signature created or used outside the State of Qatar shall have the same legal effect in Qatar if the electronic signature offers an equal level of reliability that is not less than the level of reliability required under Article 28 of this Law.
Article 34.
Without prejudice to Article 28 of the Law, parties may agree to the use identified types of electronic signatures provided that the agreement is valid under the law.
External Resources: https://thepeninsulaqatar.com/
https://www.gulf-times.com/
https://almeezan.qa/
Disclaimer:
The information in this website is provided for general informational purposes only. No information contained in this website should be construed as legal advice from SigniFlow or any individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this website should act or refrain from acting on the basis of any information included in, or accessible through, this website without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.
Join the digital signature solution that is #1 in compliance for signing documents electronically in Qatar. SigniFlow supports privacy compliance with locally-based data centres and on-premise solutions.
SigniFlow in Singapore
SigniFlow Asia Pacific distributes SigniFlow advanced eSignature document workflow software through a highly experienced partner network in Singapore.
SigniFlow has a large team of software engineers and experienced business partners in the region looking after the local markets.
SigniFlow is fully integrated with Singapore eGov SingPass and meets and exceeds requirements for Electronic Signatures in accordance with the Singapore Electronic Transactions Act (ETA) 2010.Electronic Signatures in Singapore
In response to the rapid pace at which the global technology landscape is evolving, the Singapore government has announced Singapore's goal to become a leading Digital Economy.
Singapore has legally recognised electronic signatures since 2010, when the Electronic Transactions Act (ETA) was enacted. The ETA provides for the legal recognition and use of electronic signatures. Under section 8 of the ETA, electronic signatures may be recognised as the functional equivalent of "wet-ink" signatures if the method used 1) can identify the signatory and indicates the signatory's intention in respect of the contents of the document; and 2) is appropriately reliable considering the purpose of the document.
Use of electronic signatures in Singapore
At the outset, the Electronic Transactions Act, Chapter 88 of Singapore (the "ETA"), which came into force on 1 July 2010, provides for the legal recognition and use of electronic signatures. Under section 8 of the ETA, electronic signatures may be recognised as the functional equivalent of "wet-ink" signatures if the method used (a) can identify the signatory and indicates the signatory's intention in respect of the contents of the document; and (b) is appropriately reliable considering the purpose of the document or is proven to have fulfilled the requirements in paragraph (a).
While the ETA does not expressly define the term "electronic signature", it is generally understood as an acknowledgement provided by way of technology having electrical, digital, magnetic, wireless, optical, electromagnetic or similar capabilities.
This, however, is differentiated from a "digital signature" under the ETA, which is subject to further requirements under the ETA.
In determining whether something amounts to an electronic signature, the Singapore courts will generally look at whether the method of signature used satisfies the authenticating function of a signature, instead of whether the form of signature used is one which is frequently recognised.
Without a specific definition of "electronic signatures", they can possibly take different forms, subject to the legal requirements in the ETA being satisfied. Some examples of electronic signatures may include:
- a person typing his/her name into a contract or email containing the terms of the contract;
- a person electronically pasting his/her signature (e.g. in the form of an image) into an electronic version of the contract within his/her signature block;
- a person accessing a contract through a web- based signature platform such as DocuSign and Adobe, and clicking to have his/her name inserted into the contract in the appropriate place; and
- a person using a finger, light pen or touchscreen to sign his/her signature in the appropriate place in a contract
Excluded Matters
There are a number of matters that are excluded (the "Excluded Matters") from the application of the ETA. This includes, amongst others, the execution of a will, bills of exchange, bills of lading, the creation of a declaration of trust, power of attorney and any contract for the sale of immovable property.
These exclusions mean that, among other things, parties cannot rely on the ETA to satisfy the legal requirements of writing or signatures in relation to the Excluded Matters. It is therefore recommended that any document or transaction that falls within the scope of Excluded Matters should be signed using a "wet-ink" signature.
That being said, the Infocomm Media Development Authority Singapore ("IMDA") is in the process of reviewing the ETA, to ensure that the ETA continues to be progressive and to strengthen Singapore's position as a hub for electronic transactions.
One of the proposed amendments is to remove most business-related transactions while retaining personal or familial transactions in the list of Excluded Matters.
On 4 January 2021, the Electronic Transactions (Amendment) Bill (“Amendment Bill”) was introduced to Parliament. The Amendment Bill seeks to adopt (with modifications) the UNCITRAL Model Law on Electronic Transferable Records (2017), which enables the use of
electronic transferable records both domestically and across borders, such as bills of exchange, bills of lading, promissory notes and warehouse receipts etc. Consequently, the Amendment Bill seeks to, among other changes, remove such documents from the list of Excluded Matters.
It is noted that the Amendment Bill is part of a wider and ongoing initiative by the Singapore Government to review and support the electronisation of various types of instruments or transactions. We can expect further amendments to the ETA when the legislative and administrative frameworks supporting the electronisation of such instruments or transactions are ready to be enacted or implemented.
Practical issues arising from the use of electronic signatures
Examples of documents where electronic signatures are recognised pursuant to the ETA include the constitution, minutes of board/shareholders' meetings, written resolutions, proxy forms, service agreements, resignation letters and solvency statements. This list is not exhaustive. Companies may consult their lawyers or corporate secretarial agents for advice on whether a document may be signed using an electronic signature.
It should be noted that deeds and powers of attorney, which are commonly entered into by businesses, run the risk of unenforceability if executed by way of electronic signatures. We would thus strongly recommend that businesses avoid the use of electronic signatures in this context.
It is not necessary for companies to amend their constitution to expressly provide for the use of electronic signatures to execute documents, as the ETA may be relied upon for this purpose. Nevertheless, to address electronic risks, companies may consider
adopting internal guidelines relating to the use of electronic signatures, such as the method of electronic signatures approved for use by the company and security measures that may be implemented by the company. Companies may consult their lawyers or corporate secretarial agents for assistance in this regard.
To satisfy the requirements for an electronic signature under the ETA, the method of the electronic signature must be appropriately reliable, taking into account all relevant circumstances such as the purpose of the document. Appropriate safeguards should therefore be implemented to address the electronic risks that arise from the use of electronic signatures. We elaborate on this in the next section below.
Electronic risks
Technological advancement can be a double-edged sword. While electronic signatures and records can facilitate transactions for businesses, they are more susceptible to being tampered, modified or forged due to its very nature. For instance, an electronically scanned signature used legitimately in a transaction can be easily copied and used by a fraudster for a different document.
The pertinent challenges that businesses generally face include, without limitation:
- whether an electronic record/contract has been altered, modified or tampered with;
- whether there are adequate security measures put in place to protect the electronic signatures and electronic records;
- whether the identities of the parties involved can be ascertained;
- whether the parties involved in the transaction can trust each other due to the lack of a face-to- face meeting;
- if applicable, whether both parties have access to the third-party e-signature platforms, whether such platforms are secure, and whether such platforms are willing or able to provide evidence should a dispute arise; and
- if applicable, whether the corporate representatives of the parties involved have the relevant authorities to transact on behalf of their principals.
With these potential challenges looming, the use of electronic signatures should be evaluated with caution, especially with high-value transactions, transactions that require large payments to be advanced or transactions that are concluded entirely online without sufficient verification and authentication.
Ultimately, one should perform a cost-benefit analysis to determine whether the use of electronic signatures should be adopted in specific transactions.
There are practical measures, though not fool-proof, that may alleviate the risks of using electronic signatures, including:
- performing extensive "know-your-client" checks to assess the risk profiles of the counterparty;
- maintaining a list of authorised personnel who
A flourishing digital economy?
The use of electronic signatures in Singapore is no longer in its infancy and should be welcomed especially given Singapore's vision to become a Smart Nation powered by digital innovation. However, caution ought to be exercised and appropriate safeguards should be implemented to ensure that electronic signatures are securely used.
Due to the emergence of new technologies such as the Distributed Ledger Technology, Smart Contracts and biometrics, the nature of electronic transactions is also rapidly evolving. New legislative and regulatory developments will therefore arise from time to time, resulting in further implications for businesses, and businesses should keep abreast of these developments so that they can stay ahead.
This article was written by Virtus Law LLP (a member of the Stephenson Harwood (Singapore) Alliance). For more information, please do not hesitate to contact any of the team at Stephenson Harwood (Singapore) Alliance. We remain committed to assisting our clients during this challenging period.
using electronic signatures;
- performing call-back verification with the signatory;
- adopting technical security measures such as encrypted passwords and two-factor authentication, including the use of "digital signatures" as expounded under the ETA;
- adopting the use of "secure electronic records" and "secure electronic signatures" as expounded under the ETA; and
- engaging a Certification Authority who acts like trusted electronic notaries, certifying the electronic identities of users and organisations by verifying and vouching for the identity of the subscribers and providing certificate management services to support trusted and secure
External Resources
This article was written by Virtus Law LLP (a member of the Stephenson Harwood (Singapore) Alliance). For more information, please do not hesitate to contact any of the team at Stephenson Harwood (Singapore) Alliance.
Published, January 2021
Disclaimer:
The information in this website is provided for general informational purposes only. No information contained in this website should be construed as legal advice from SigniFlow or any individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this website should act or refrain from acting on the basis of any information included in, or accessible through, this website without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.
SigniFlow Advanced eSignature document workflow software assists businesses in Singapore in becoming more efficient and more secure. Get ready to conduct business in a digital world with modernised standards.
Join the Advanced eSignature document workflow solution that offers the ultimate in compliance when signing documents electronically in Singapore.
SigniFlow supports privacy compliance with locally-based data centres in Singapore as well as on-premise solutions.
SigniFlow in South Africa
SigniFlow is distributed in Africa by PBSA with its headquarters situated in Midrand, Gauteng.
From here, PBSA distributes SigniFlow Software through a highly experienced partner network into South Africa and SADC regions.
SigniFlow has a large team of software developers, business analysts, support agents, and partners situated in South Africa and across other African countries.
Electronic Signatures in South African Law
SigniFlow is a certificate-agnostic digital signature workflow platform that caters for all SAAA Accredited South African Advanced Electronic Signature (AES, AESign) types, as described in the Electronic Communications and Transactions (ECT) Act of 2002, as well as internationally accredited Advanced Electronic Signatures (AES).
Legality of Electronic Signatures in South Africa
LEGISLATION RELATING TO SIGNATURE VALIDITY
The Legality of Electronic Signatures is established in the Electronic Communications and Transactions Act of 2002, with amendments being made in 2011.
Section 1 - Definition of Electronic Signature & Advanced Electronic Signature
An electronic signature is defined as “data attached to, incorporated in, or logically associated with other data and which is intended by the user to serve as a signature”. An advance electronic signature is defined as “an electronic signature which results from a process which has been accredited by the Authority as provided for in section 37”.
Section 11 - Legal recognition of data messages
This section provides that “information is not without legal force and effect merely on the grounds that it is wholly or partly in the form of a data message”, therefore providing authorisation to draft, store and access information in electronic format.
Section 12 – Writing
Section 12 addresses the requirement in most corporate agreements, which relates to a document and its amendments to be in writing. This section provides that the “requirement in law that a document or information must be in writing is met if the document or information is
(a)in the form of a data message; and
(b)accessible in a manner usable for subsequent reference.”
Section 13- Signatures
Section 13 is the most important section for the purpose of this document as it specifically deals with electronic signatures. The section provides that:
“(1) Where the signature of a person is required by law and such law does not specify the type of signature, that requirement in relation to a data message is met only if an advanced electronic signature is used”.
“(2) …an electronic signature is not without legal force and effect merely on the grounds that it is in electronic form”.
“(3) Where an electronic signature is required by the parties to an electronic transaction and the parties have not agreed on the type of electronic signature to be used, that requirement is met in relation to a data message if-
(a) a method is used to identify the person and to indicate the person’s approval of the information communicated; and
(b) having regard to all the relevant circumstances at the time the method was used, the method was as reliable as was appropriate for the purposes for which the information was communicated”.
“(4) Where an advanced electronic signature has been used, such signature is regarded as being a valid electronic signature and to have been applied properly, unless the contrary is proved”.
“(5) Where an electronic signature is not required by the parties to an electronic transaction, an expression of intent or other statement is not without legal force and effect merely on the grounds that -
(a) it is in the form of a data message; or
(b) it is not evidenced by an electronic signature but is evidenced by other means from which such person’s intent or other statement can be inferred” .
How SigniFlow conforms to the legislative requirements are set out in point 3.4 and 3.5 of this document.
TYPES OF ELECTRONIC SIGNATURES IN SOUTH AFRICA
Electronic Signatures
Provision is made for the legal recognition of electronic signatures and the ECT Act does not prescribe what type of technology must be used. Examples of electronic signatures include:
- your typed name at the end of your e-mail,
- a scanned image of your handwritten signature embedded into a Word document and
- a so-called digital signature.
The definition of an electronic signature ,as provided above in the ECT Act, is not very clear, however it can be simplified a bit and interpreted as the following - an electronic signature must be able to identify the signatory, the signature must be verifiable and it must be visible.
These characteristics all have to be in electronic format for it to qualify as an electronic signature. For an electronic signature to be recognised, the simple intention to sign is required, therefore if the intention for a name at the end of an email is to serve as an electronic signature, as discussed in the Spring Forest Trading v Wilberry judgment, it will be sufficient.
Digital Signatures
A digital signature (although not defined in the ECT Act), is a signature that originates with a digital certificate. A digital certificate is issued to a person, however that person first must be verified as the person who they are claiming to be. A digital signature requires not only a positive act of intending to sign the document but also has verifiable integrity as a result of the issued digital certificate.
A digital certificate is a positive identification of a device/server or entity that operates very similar to how an identity document identifies a specific person. A digital certificate is managed by a Public Key Infrastructure (PKI), which is a combination of hardware, software and procedures implemented in order to manage digital certificates
Advanced Electronic Signatures
An AES is defined in the ECT Act as “an electronic signature which results from a process which has been accredited by the Authority as provided for in section 37”. In short, an AES is a digital certificate-based signature, which utilises mechanisms to ensure security and integrity, as well as to confirm and verify the identity of the signatory. For clarity, AES consists of a positive act, the intent to sign, together with verifiable integrity (a person specific digital certificate based on confirmation of the identity of the applicant) with an added face-to-face verification mechanism, as well as 3-factor authentication (or similar).
As was seen in section 13(4) of the ECT Act, this signature is presumed to be valid, unless proven otherwise, therefore shifting the burden of proof away from the signatory and onto to the person who alleges.
LEGISLATION RELATING TO THE PRODUCTION AND RETENTION OF ELECTRONIC DOCUMENTS
How SigniFlow conforms to the legislation relating to the protection, production and retention of electronic documents is discussed in point 3.5 of this document. The following is only the legislative requirements set out in the ECT Act.
Section 14 -Original
(1) Where a law requires information to be presented or retained in its original form, that requirement is met by a data message if—
(a) the integrity of the information from the time when it was first generated in its final form as a data message or otherwise has passed assessment in terms of subsection (2); and
(b) that information is capable of being displayed or produced to the person to whom it is to be presented.
(2) For the purposes of subsection 1(a), the integrity must be assessed—
(a) by considering whether the information has remained complete and unaltered, except for the addition of any endorsement and any change which arises in the normal course of communication, storage and display;
(b) in the light of the purpose for which the information was generated; and
(c) having regard to all other relevant circumstances.
Section 15- Admissibility and evidential weight of data messages
(1) In any legal proceedings, the rules of evidence must not be applied so as to deny the admissibility of a data message, in evidence—
(a) on the mere grounds that it is constituted by a data message; or
(b) if it is the best evidence that the person adducing it could reasonably be expected to obtain, on the grounds that it is not in its original form.
(2) Information in the form of a data message must be given due evidential weight. (3) In assessing the evidential weight of a data message, regard must be had to—
(a) the reliability of the manner in which the data message was generated, stored or communicated;
(b) the reliability of the manner in which the integrity of the data message was maintained;
(c) the manner in which its originator was identified; and (d) any other relevant factor.
(4) A data message made by a person in the ordinary course of business, or a copy or printout of or an extract from such data message certified to be correct by an officer in the service of such person, is on its mere production in any civil, criminal, administrative or disciplinary proceedings under any law, the rules of a self-regulatory organisation or any other law or the common law, admissible in evidence against any person and rebuttable proof of the facts contained in such record, copy, printout or extract.
Section 16- Retention
(1) Where a law requires information to be retained, that requirement is met by retaining such information in the form of a data message, if—
(a) the information contained in the data message is accessible so as to be usable for subsequent reference;
(b) the data message is in the format in which it was generated, sent or received, or in a format which can be demonstrated to represent accurately the information generated, sent or received; and
(c) the origin and destination of that data message and the date and time it was sent or received can be determined.
(2) The obligation to retain information as contemplated in subsection (1) does not extend to any information the sole purpose of which is to enable the message to be sent or received.
Section 17 - Production of document or information
(1) Subject to section 28, where a law requires a person to produce a document or information, that requirement is met if the person produces, by means of a data message, an electronic form of that document or information, and if—
(a) considering all the relevant circumstances at the time that the data message was sent, the method of generating the electronic form of that document provided a reliable means of assuring the maintenance of the integrity of the information contained in that document; and
(b) at the time the data message was sent, it was reasonable to expect that the information contained therein would be readily accessible so as to be usable for subsequent reference.
(2) For the purposes of subsection (1), the integrity of the information contained in a document is maintained if the information has remained complete and unaltered, except for—
(a) the addition of any endorsement; or
(b) any immaterial change, which arises in the normal course of communication, storage, or display.
DOCUMENTS THAT CAN OR CANNOT BE SIGNED ELECTRONICALLY
Where the use of Electronic Signatures are concerned there are three types of documents, those that are not allowed to be signed using any electronic signature, those that can be signed electronically and the documents that require an Advanced Electronic Signature to be valid.
Documents that are, by law, not allowed to be signed electronically includes:
- Sales Agreements for land or buildings
- Wills
- Any document where another type of signature (i.e. non-electronic) has been agreed to
- Any document where the law requires another type of signature
- Long term lease agreements of 20 years and longer
Document that can be signed using an electronic signature:
- Service, sales, or lease agreements (except alienation of land)
- Non-exclusive licencing agreements
- Contracts of employment
- Credit agreements (subject to compliance with certain provisions of National Credit Act)
- Company Administration Documents (resolutions, share certificates etc.)
- FAIS mandates (mandates to intermediaries)
- VAT invoices
- Insurance Documentation
- Cessions
- Debit orders (depending on agreement with PASA)
- Declarations or waivers, except if subject to other Laws
- Emails and letters
Documents that require an Advanced Electronic Signature to be valid
- Documents containing suretyships
- Assignment or exclusive licensing agreement
- Documents used for pension fund administration
- Credit Agreements (without additional requirements for Electronic Signatures)
- Where there is a legal requirement for the document, signature, or statement to be notarised, acknowledged, verified, or made under oath
- Any document where a signature is required, by law, for the transaction to be valid
- Certification of documents as true copies of the original document
- Notarisation of documents required by law
Disclaimer:
The information in this website is provided for general informational purposes only. No information contained in this website should be construed as legal advice from SigniFlow or any individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this website should act or refrain from acting on the basis of any information included in, or accessible through, this website without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.
SigniFlow in United Arab Emirates (UAE)
SigniFlow software meets and exceeds requirements for Electronic Signatures and Advanced Electronic Signatures (AES) in accordance with the UAE E-Commerce Law (Law No (1) of 2006 on Electronic Commerce and Transactions).
SigniFlow advanced eSignature software is distributed by SigniFlow Limited through a highly experienced partner network in the Middle East.
SigniFlow has a large team of software engineers and experienced business partners in the region looking after the local markets.
Electronic Signatures in the UAE
Businesses within the United Arab Emirates (UAE) are increasingly using electronic methods to execute agreements. In fact, the UAE government has a solid paperless framework. However, it is important to distinguish between the UAE in general and the Dubai International Financial Centre (DIFC) as an independent jurisdiction within the UAE that does not yet commonly use electronic and certificate-based digital signatures.
Laws and regulations governing the use of electronic signatures and digital signatures in the UAE include:
- The E-Commerce Law (Law No. (1) of 2006 On Electronic Commerce and Transactions) which is the key piece of legislation governing the use of electronic signatures in the UAE.
- Ministerial Resolution (Minister of Economy Resolution No. 1 of 2008 issuing the list of the Electronic Certification Services Providers), which addresses regulation of Certification Service Providers (as defined under the E-Commerce Law) by the Telecommunications Regulatory Authority.
- Civil Evidence Law (Federal Law No. 10 of 1992 concerning Law of Evidence in Civil and Commercial Transactions (as amended by Federal Law No. 36 of 2006)) which clarifies that Electronic Signatures (as defined under the E-Commerce Law) carry the same evidential weight as handwritten signatures, provided they meet the standards prescribed in the E-Commerce Law.
The E-Commerce Law distinguishes between Electronic Signatures and Secure Electronic Signatures per the following descriptions:
- An Electronic Signature is defined as any letters, numbers, symbols, voice or processing system in electronic form applied to, incorporated in, or logically associated with an electronic message with the intention of authenticating or approving the same.
- A Secure Electronic Signature is one by which, through the application of a prescribed or commercially reasonable Secure Authentication Procedure agreed to by the parties, it can be verified that an Electronic Signature was, at the time of its execution:
- Limited to the person using it;
- Capable of verifying the identity of that person;
- Under that person's full control, whether in relation to its creation or the means of using it at the time of signing; and
- Linked to the electronic message to which it relates, in a manner which provides reliable assurance as to the integrity of the signature, so that if the electronic record is changed, then the Electronic Signature shall become unprotected.
In the UAE, an Electronic Authentication Certificate issued by an accredited Certification Service Provider may be used to fulfill the requirements of a Secure Electronic Signature if it verifies:
- The identity of the certification services provider;
- That the person whose identity is determined in the electronic authentication certificate had control at the time (of signing) of the Electronic Signature creation tool stated in such certificate;
- That the signature creation tool was valid on or before the date of issue of the electronic authentication certificate;
- Whether or not there are any limitations to the purpose or value for which the signature creation tool or the electronic authentication certificate may be used;
- Whether or not there are any limitations to the scope or extent of liability accepted by the certification services provider to any third party.
In the UAE, a Certification Service Provider is defined as an accredited or authorized person or organization that provides services in connection or relation to Electronic Signatures. Authorized Certification Service Providers are listed at Telecommunications Regulatory Authority (TRA). To date, the only Certification Service Provider currently located and licensed in the UAE by the TRA is Dark Matter L.L.C. However, unregistered Certification Service Providers may be used if they have a level of reliability at least equal to that required by the E-Commerce Law (taking into consideration recognized international standards).
A key principle of the UAE E-Commerce Law is that Electronic Signatures and Electronic Authentication Certificates can be relied upon where reliance is acceptable (subject to any restrictions in other laws or regulations). In order to determine if it is acceptable to rely on an Electronic Signature or an Electronic Authentication Certificate, the following factors should be considered:
- The nature of the underlying transaction;
- The value or importance of the underlying transaction, if known;
- Whether the relying party has taken appropriate steps to determine the reliability of the Electronic Signature or the Certificate;
- Whether the relying party in respect of the Electronic Signature or certificate took reasonable steps to verify if the Electronic Signature was supported by an Electronic Authentication Certificate, or if it should be expected to be so supported;
- Whether the relying party knew or ought to have known that the Electronic Signature or the Certificate had been compromised or revoked;
- Any agreement or course of dealing between the originator and the relying party, or any trade usage which may be applicable;
- Any other relevant factor.
While the above factors should be considered when determining if reliance on any Electronic Signature is acceptable, a Secure Electronic Signature carries a rebuttable presumption that reliance is acceptable (absent any proof to the contrary).
The E-Commerce Law confirms that if the law requires a document to be signed, an Electronic Signature will satisfy this requirement and have the same evidential weight, provided that the requirements of the E-Commerce Law are met. The E-Commerce Law also provides that in any legal proceedings, the rules of evidence cannot prevent the admission of a data message or Electronic Signature:
- on the grounds that the message or signature is in electronic format; or
- if the data message or Electronic Signature is the best evidence that could be obtained in lieu of the original.
Special Considerations
In the UAE, there are several items that require specific consideration, most notably that there are unique laws that govern the DIFC, an independent jurisdiction within the UAE. Additionally, special consideration should be noted regarding the laws that regulate the transfer and use of personal and transactional data in the UAE including:
- The UAE Central Bank’s Regulatory Framework for Stored Values and Electronic Payment Systems, which regulates payment service providers;
- The TRA UAE’s Internet of Things Regulatory Policy (IoT Policy)
Transacting with public sector entities
According to the E-Commerce Law Article 6(3), the government must expressly consent to conducting business electronically. Additionally, certain government entities may have specific requirements or procedures regarding the electronic execution of documents. Thus, when contracting electronically with the government, it is recommended to include specific wording stating that the government expressly acknowledges that the electronic execution of the document will be valid and binding.
Use cases that generally require a traditional signature
Under the E-Commerce law, Electronic Signatures cannot be used for the following documents:
- Transactions and matters concerning civil status like marriage, divorce and wills;
- Title deeds of real estate;
- Bonds in circulation (i.e. negotiable instruments);
- Transactions concerning the sale and purchase of real estate, its disposition and rental for periods in excess of ten years and the registration of any other rights related to it;
- Any document required by law before Notary Public; and
- Any other documents or transactions to be excluded by a special legal term.
Dubai International Financial Centre (DIFC)
As an independent jurisdiction within the UAE, the DIFC is governed by the Electronic Transactions Law No. 2 of 2017 (Electronic Transactions Law) which is the primary legislation governing electronic signatures. The Electronic Transactions Law was designed to:
- facilitate electronic transactions in DIFC and eliminate barriers to electronic transactions resulting from uncertainties over writing and signature requirements;
- promote the development of the legal and business infrastructure necessary to implement secure electronic transactions in DIFC; and
- help establish uniformity of rules, regulations and standards in DIFC regarding the authentication and integrity of electronic records.
The Electronic Transactions Law defines an Electronic Signature as an electronic sound, symbol or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record. Additionally, the Electronic Transactions Law requires that an Electronic Signature be attributable to the person signing, which requires that it be shown that it was the act of the person. The act of the person may be shown in any manner, including a showing of the efficacy of any security procedure applied to determine the person to which the electronic record or Electronic Signature was attributable. The effect of an Electronic Signature attributed to a person is determined from the context and surrounding circumstances at the time of its creation, execution, or adoption, including the parties’ agreement, if any, and otherwise as provided by law.
In the DIFC, an Electronic Signature is deemed to identify the relevant person and to indicate that person’s intention in respect of the Information contained in the Electronic Record provided that the Electronic Signature is:
- as reliable as appropriate for the purpose for which the document or record was generated or communicated, in the light of all the circumstances, including any relevant agreement; or
- proven in fact to have fulfilled the functions described in paragraph (a), by itself or together with further evidence.
The Electronic Transactions Law confirms that if any law requires a document to be signed, an Electronic Signature will satisfy the requirement. The law also states that nothing shall prevent the admission of an Electronic Signature in evidence on the grounds that the signature is in electronic format. Although there is no express provision within the Electronic Transactions Law for the use of certificate-based digital certificates, an entity registered in the DIFC may choose to use a certificate-based digital signature to add an increased layer of protection to its Electronic Signatures and demonstrate that it had met the attribution requirements under the Electronic Transactions Law.
DIFC Special considerations
Under DIFC Data Protection Law No. 1 of 2007 (Data Protection Law), personal data can only be transferred out of the DIFC under the limited circumstances set out under the Data Protection Law. However, the obligations of the Data Protection Law only apply to Data Controllers.
DIFC Use cases that generally require a traditional signature
Article 8 of the Electronic Transactions Law states that the following types of transactions are excluded from being conducted electronically:
- Creation, performance or enforcement of a power of attorney
- Creation, performance or enforcement of a declaration of trust (with the exception of implied, constructive and resulting trusts) and any provision in the Trust Law 2005 requiring Information to be written or in writing
- Creation and execution of wills, codicils or testamentary trusts
- Creation, execution and use of affidavits or affirmations as evidence in court proceedings pursuant to rule 29 of the Rules of the Dubai International Financial Centre Courts 2014
- Sale, purchase, lease (for a term of more than 10 years) and other disposition of immovable property and the registration of other rights relating to immovable property
Source helpx.adobe.com
Published, December 9, 2020
Adobe Legal Notices: https://helpx.adobe.com/legal/legal-notices.html
SigniFlow recommends Adobe Acrobat Reader to validate digital signatures
Disclaimer:
The information in this website is provided for general informational purposes only. No information contained in this website should be construed as legal advice from SigniFlow or any individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this website should act or refrain from acting on the basis of any information included in, or accessible through, this website without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.
Join the digital signature solution that is #1 in compliance for signing documents electronically in the UAE.
Supports privacy compliance with locally-based data centres and on-premise solutions.
SigniFlow in the United States
SigniFlow advanced eSignature document workflow software is distributed through a highly experienced partner network into the United States by SigniFlow Limited.
SigniFlow has a large team of software engineers and experienced business partners in the region looking after the local, and some international, markets.
Electronic Signatures in the United States
Both the United States Electronic Signatures in National and Global Commerce (eSign Act), and the Uniform Electronic Transactions (UETA) Act (enacted across all States), have four primary requirements for an electronic signature to be valid under US Law. Those requirements are: Intent (to sign), Consent (to do business electronically), Association (of the signature with the electronic record) and Record Retention (retention and reproduction of records for all persons).
Comment Concerning Use of Electronic Signatures and Third-Party Opinion Letters
By: TriBar Opinion Committee, American Bar Association
Parties to business transactions and their counsel seldom gather in the same location to exchange manually-signed agreements and other documents; virtual closings have been and are the norm.* The COVID-19 crisis has resulted in increased focus on the widespread practice of giving opinions on the execution of agreements signed electronically. This Comment explains the legal basis for the conclusion underlying those opinions that the electronic signatures on those agreements have the same legal effect as manual signatures.
The Uniform Electronic Transactions Act (UETA) is the law in all but a few United States jurisdictions, and the Electronic Signatures in Global and National Commerce Act, 15 USCA §§ 7001 et seq. (E-SIGN), is federal law. E-SIGN provides substantially the same rules as UETA.
The interplay of UETA and E-SIGN is as follows:
- E-SIGN is the law in states that have not adopted UETA or a statute providing alternative procedures for the use of electronic signatures consistent with E-SIGN.
- If a state has adopted UETA, E-SIGN does not pre-empt UETA in that state, except to the extent the state’s version of UETA is inconsistent with E-SIGN.
- If a state has adopted alternative procedures for the use of electronic signatures consistent with E-SIGN, E-SIGN does not pre-empt those procedures.
The net effect of these rules is that every jurisdiction in the United States has substantially the same rules for the use of electronic signatures. (New York has enacted the Electronic Signatures and Records Act, State Technology Law §§ 301-309 (ESRA). ESRA is different from UETA but that should not change the result that an electronic signature will ordinarily be effective because if ESRA is not consistent with E-SIGN, it is pre-empted by E-SIGN.)
Generally, UETA and E-SIGN provide that a signature may not be denied legal effect solely because it is in electronic form. UETA § 7; E-SIGN, 15 USCA § 7001(a). When the parties to a business contract subject to one of these statutes agree to use an electronic signature, the electronic signature ordinarily will have legal effect. The agreement of the parties can be implicit and can be based on all the circumstances broadly construed. UETA § 5(b). An opinion, therefore, that a business agreement has been duly executed can be based on the parties’ conduct. Under UETA, the exchange of electronically-signed documents manifests the requisite agreement of the parties to use electronic signatures.[1] Electronic signatures include signatures in emails, PDFs, and faxes and signatures provided by processes offered by commercial firms, [redacted] so long as they are affixed to or associated with the relevant agreement with an intent to sign by the persons providing them.
Except for agreements governed by Articles 2 (sales of goods) and 2A (leases of goods) of the Uniform Commercial Code (UCC), UETA and E-SIGN do not apply to agreements to the extent the agreements are governed by the UCC. The UCC governs only certain aspects of transactions within its scope, leaving the remaining issues to be governed by other law. The definition of “sign” in Article 1 and the definition of “authenticate” in Article 9 provide substantially the same rules as UETA and E-SIGN for the use of electronic signatures. Thus, for example, in cases where an agreement that bears an electronic signature does not qualify as a “negotiable instrument” for UCC purposes because it is not a “writing,” execution by electronic signature pursuant to UETA or E-SIGN (or other consistent state law) is still sufficient to create an enforceable agreement as a matter of contract law.
Agreements sometimes require that they and any amendments be signed manually. When giving a duly executed opinion, therefore, on an agreement or amendment that has been signed electronically, the opinion giver must confirm that the agreement does not prohibit electronic signatures.
As a matter of customary practice,[2] duly executed opinions can be based on an assumption, which may be unstated, that all signatures are genuine. That assumption applies to electronic as well as manual signatures.
The legal effect of the execution of a business agreement by a legal entity could also depend on the statute under which the entity was formed and the provisions in the entity’s constituent documents relating to its internal actions. For example, the entity statutes of some states provide rules for the electronic execution of documents needed to create the entity and written consents authorizing the signing of agreements on its behalf. See, e.g., Delaware Limited Liability Company Act § 18–113; Delaware General Corporation Law §§ 141(f) and 228(d)(1).
*The TriBar Opinion Committee currently includes designees of the following organizations functioning as a single Committee: (i) Special Committee on Legal Opinions in Commercial Transactions, New York County Lawyers’ Association; (ii) Corporation Law Committee, The Association of the Bar of the City of New York, and (iii) Special Committee on Legal Opinions of the Business Law Section, New York State Bar Association. The Committee also includes members of the state bars of California, Delaware, Georgia, Michigan, North Carolina, Pennsylvania, Texas, and Washington, of the Bar Association of the District of Columbia, and of the Boston Bar Association, and the Chicago Bar Association. The views expressed in this Comment reflect a consensus of the members of the TriBar Opinion Committee and on any particular point are not necessarily those of particular members of the Committee or the law firms and other organizations with which the members are associated.
[1] Although not applicable to the question whether an electronic signature on an agreement is valid, the Committee notes that the Governor of New York issued an Executive Order on March 19, 2020 in connection with the COVID-19 crisis providing for the use of audio-video technology for notarial acts.
[2] See TriBar Opinion Comm., Third-Party “Closing” Opinions, 53 Bus. Law. 591, § 2.3(a) at 615 (1998).
Source: American Bar Association
americanbar.org
Dated: April 07, 2020
ABA Terms of use: https://www.americanbar.org/about_the_aba/terms/
Disclaimer:
The information in this website is provided for general informational purposes only. No information contained in this website should be construed as legal advice from SigniFlow or any individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this website should act or refrain from acting on the basis of any information included in, or accessible through, this website without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue.
SigniFlow advanced eSignature document workflow software helps US businesses meet and exceed regulatory requirements for electronic signatures.
Join the digital signature solution that is #1 in compliance for signing documents electronically in the US.
Supports privacy compliance with locally-based data centres and on-premise solutions.
Call us +1-646-346-6059
Public Key Infrastructure
AFRICA
South Africa - North and South.
ASIA PACIFIC
Australia East, Malaysia and Singapore.
EUROPE
Netherlands - North.
SOUTH AMERICA
Brazil - Sao Paulo.
UNITED KINGDOM
United Kingdom - London.
UNITED STATES OF AMERICA
United States East - Virginia
24/7 Online support
We understand your office hours. SigniFlow offers 24/7 online support to all customers.
No matter where you are and no matter what time it is, we are always online to help you meet your deadlines.