Introduction to eSign Regulations
An electronic signature, often known as an e-signature, is the digital version of a wet ink signature. These signatures are specific to the document, and must be signed and validated by all parties. Electronic signatures are simple substitutes for written signatures that make signatures quicker and more secure.
eSignatures are a simple and fast way to execute any official agreement. Executing and verifying a document is as simple as entering an OTP obtained through email or mobile phone from the signer. After an agreement is electronically signed, data about the signers, their location, IP addresses, and notes are all saved in order to verify the integrity of the signed document subsequently.
As eSignatures have gained greater acceptance across the world, governments have introduced legislation to formalize the usage of electronic and digital signatures. These eSign regulations and legislations vary from country to country.
Before delving into the regulations proper, let’s first quickly go over the history of E-Signatures.
A Brief History of eSign Legislation
While Signatures trace their origins all the way back to ancient Egypt (or earlier) where scribes would sign their work, digital alternatives to written signatures are older than expected.
Telegraphic messages were ruled to be enforceable in 1869 in the Howley v. Whipple case presided over by the New Hampshire Supreme Court. Faxed documents also served as precursors to eSignatures, as the image of the concerned party’s signature was faxed along with the document.
Ronald Rivest, Adi Shamir, and Leonard Adleman created the first digital signature in 1977, using the RSA encryption method. However, electronic signatures began gaining popularity only in the late 1980s with the invention of Lotus Notes 1.0. Further, PDF documents could only be eSigned by 1999.
In the midst of these developments, the United Nations published the UNCITRAL Model Law on Electronic Commerce in 1996, which would prove to be highly influential in legislating eSignatures.
In 1998, eSignatures were used for the first time to sign an agreement between two sovereign nations – the USA and Ireland.
The definition of eSignatures was set out in the United States in 1999 under the Uniform Electronic Transactions Act (UETA), and the E-SIGN Act was signed into legislation in 2000.
Canada, Australia, and the EU also followed suit in the next decades.
Types of eSign Regulations
eSign regulations are predominantly divided into three different categories:
- Minimalist eSign Regulations
With very few exceptions, these eSign regulations make signatures enforceable in almost every situation. Minimalist rules give the highest level of protection for all engaged and are more widely applicable than other types of eSignature legislation.
These regulations are often technology-agnostic, which means that it makes no difference how an agreement is signed electronically – an eSignature has the same legal weight as a handwritten signature.
- Prescriptive eSign Regulations
Prescriptive eSIgn regulations are the strictest sort of eSignature legislation – and the most difficult to follow if the proper technology is not used. This is due to the fact that there are precise guidelines for creating and signing agreements online.
These laws specify the technical criteria for signing papers. Prescriptive rules specify what techniques and technologies must be used to create a legally enforceable signature.
- Two-tier eSign Regulations
Two-tiered laws, which are a hybrid of minimalist and prescriptive legislation, can be difficult to manage.
Two-tier eSignature laws, like minimalism laws, enable and accept all types of electronic signatures for private agreements (as long as both parties agree). These regulations, like prescriptive laws, govern what methods and technologies must be employed for certain types of contracts.
eSign Regulations Across the Globe
Electronic signatures operate in different ways under different eSign regulations in different countries. To understand their way of operations, let’s have a look at the laws of eSign across the globe. In the following list, some of the World’s biggest economies and their electronic laws are explained. It goes as follows:
Electronic signatures are legally recognised in Australia and are covered by the Electronic Transactions Act of 1999 (“ETA”) and its implementing regulations, the Electronic Transactions Regulations 2000 (Cth) (“ETR”), as well as various State and Territory laws and regulations at the local level.
In general, these obligations for signature, consent, and retention apply when interacting with Commonwealth government organisations or transacting under Commonwealth legislation. As Australia is a federal country, each state and territory has its own electronic signature legislation (“Local ETA”), which broadly follows the ETA but contains additional exclusions and limits.
Electronic signatures are legally recognised in Argentina, as provided for by Legislation 25,506, as modified, including by Law 27,446, [Regulatory] Decree 182, of 2019, and the Civil and Commercial Code, including Article 286, Article 288, and related law requirements.
There are no specific criteria for electronic signatures under Argentine law. A digital signature, however, must meet the following standards, according to the Digital Signature Law:
- The document must be signed during the validity period of the signer’s digital certification in order to be fully validated in accordance with the validity method provided in the digital certification
- The digital certificate must be issued by an authorised licenced certifier.
Since its legalisation in 2001, electronic signatures have been widely employed in Brazil. The adoption of Provisional Measure No. 2.200-2/2001 (“MP 2,200-2/2001”), which, together with the establishment of the Brazilian Public Key Infrastructure – ICP-Brasil, established the legitimacy of electronic signatures in Brazil.
Other eSign regulations, in addition to Provision 2,200-2/2001, provide the foundation for the legality of electronic signatures in Brazil, including the Brazilian Civil Code, Law 13.874/2019 (the Economic Freedom Act), Law 14,063/21 (electronic signatures involving public sector entities and public health-related matters), Law 14,129/2021 (the Digital Government Act), and Law 14,382/2022 (the New Notary Proceedings Law).
As per Part 2 of the Personal Information Protection and Electronic Documents Act (PIPEDA) issued by the government of Canada, a framework at the federal level is established that forms electronic counterparts to paper-based documents and signatures.
Part 2 of PIPEDA defines an e-signature as “a digital signature consisting of one or more letters, characters, numbers, or other symbols included in, attached to, or associated with an electronic document.”
Since PIPEDA is designed to only apply to particular elements of certain federal acts, it creates more holes in the permissibility of electronic signatures than the provincial legislation. However, several other federal legislation has included wording specifically allowing electronic papers and signatures.
All provinces and territories in Canada have passed legislation controlling electronic transactions and trade. Alberta, British Columbia, and Ontario have all passed laws modelled after the Uniform Electronic Commerce Act of Canada (“UECA”):
- Electronic Transactions Act of Alberta (2001) (the “Alberta Act”).
- Electronic Commerce Act of Ontario (2000) (the “Ontario Act”).
- Electronic Transactions Act of British Columbia (2001) (the “BC Act”).
The Electronic Signature Law (ESL) was adopted by the People’s Republic of China (“PRC”) in 2004, with substantial modifications in 2015 and 2019. In March 2020, the PRC Human Resources and Social Security Department issued the Circular on Issues Regarding Electronic Employment Agreement Signing.
China also permits “electronic certificate-based signatures,” or digital signatures. Although the term “electronic certificate-based signatures” is not defined in the ESL, it generally refers to electronic signatures that have been certified by third-party digital certificate service providers to demonstrate that the electronic signature complies with the applicable legal requirements.
Third-party suppliers of digital certification services in China must be pre-approved by Chinese regulatory authorities. An electronic signature is normally considered trustworthy by a court if it is certified by an Electronic Certification Services Provider that has been pre-approved by China’s regulatory authorities.
If the parties do not select a pre-approved service provider, the burden of proving the trustworthiness of the electronic signature is on them.
- European Union (EU)
Electronic signatures are widely utilised in the public and business sectors throughout the European Union. The European Union Regulation (No 910/2014) of the European Parliament and of the Council of July 23, 2014, on electronic identification and trust services for electronic transactions in the internal market (eIDAS) entered into force on July 1, 2016, and established an EU-wide legal framework for electronic signatures and other trust services.
eIDAS regulation is immediately applicable in all 27 EU Member States without the requirement for national implementation and is classified into three types:
- Electronic Signature: This is widely defined as “any data in electronic form that is connected to or conceptually related with other data in electronic form and that is used to sign by the signatory.” (eIDAS, Article 3(10)).
- Advanced electronic signature (AdES): It is a type of electronic signature that meets extra criteria. According to eIDAS Article 26, an AdES must be uniquely connected and capable of identifying the signature. It is often generated using electronic signature generation data that the signatory has sole control over, and it is connected to the data signed in such a way that any later modification in the data is traceable.
- Qualified electronic signature (QES): An AdES generated by a qualified electronic signature creation device (QESCD) (Article 22, eIDAS) that is typically based on a qualified certificate for electronic signatures issued by a qualified trust service provider (QTSP) (Article 3(23), eIDAS).
- Hong Kong
Electronic signatures are legal in Hong Kong and are covered under the Electronic Transactions Ordinance (Cap. 553) (“ETO”). Electronic records and electronic signatures are prima facie admissible as evidence in Hong Kong courts and will not carry less evidential weight just because they are electronic as opposed to hard copy records and wet-ink signatures.
If the document does not need to be signed, the parties can use any type of electronic signature to sign it. If the electronic signature is challenged, the party wanting to rely on it may be required to provide external evidence of its authenticity, such as authentication of the signer, proof that the document was turned tamper-evident after signing, and an audit record.
The Information Technology Act, 2000 (“ITA”) (also known as the eSign Act, 2000), the Indian Contract Act of 1872 (“ICA”), and the Electronic Signature or Electronic Authentication Technique and Procedure Rules, 2015 (“ESEATPR”) all provide for electronic signatures.
SECTION 2(1)(ta) of the eSign Act 2000, defines “electronic signature” as the means of authenticating an electronic record by a subscriber by means of the electronic technique specified in the Second Schedule and includes a digital signature.
Section 10 of the Indian Contract Act outlines the necessary ingredients of a legal contract. These are the components:
- It is entered into by contracting parties who are of legal age;
- It is entered into by parties of their own choice (i.e. genuine proposal and acceptance)
- It calls for the parties’ mutual attention.
- It does not need the performance of any illegal act.
Contracts between private parties do not require a signature under Indian law; the only specified conditions for validity are those listed above.
Certain instruments must be stamped at or before the moment of execution, according to the Indian Stamp Laws or the equivalent stamp act applicable to the state. The Indian Stamp Act, or any other law in force in India, makes no mention of electronic records or the mechanism of stamping electronic documents.
Several states, however, have revised their stamp statutes to expressly include “electronic recordings,” as defined by the India Technology Act, under the definition of a “instrument,” therefore expanding the necessity to stamp an electronic record.
- South Africa
The use of electronic signatures in South Africa is governed under Section 13 of the Electronic Communications and Transactions Act 25 of 2002, as amended (ECTA). Furthermore, the ECTA Accreditation Regulations govern the accreditation of authentication products and services in support of advanced electronic signatures.
There are no South African regulations that restrict the storing and processing of electronic signature data outside of South Africa in general. However, when processing, transmitting or keeping personal information outside of South Africa, the Protection of Personal Information Act 4 of 2013 (POPIA) should be taken into account.
Under Federal Law No. 1 of 2006 Concerning Electronic Transactions and Commerce, electronic signatures are recognised in the UAE (eCommerce Law). According to the Electronic Commerce Act of 2006, electronic contracts cannot be invalidated just because they are electronic. Parties may be required to provide evidence in court to show the validity of a contract.
Leading digital transaction management solutions may generate electronic records that are acceptable in court under UAE law to prove the existence, legitimacy, and legitimate acceptance of a contract.
One of the basic principles of the UAE Electronic Transactions Law is that Electronic Signatures and Electronic Attestation Certificates can be relied on where such reliance is permissible (subject to any restrictions in other eSign regulations).
The Electronic Transactions Law states that if the law requires a document to be signed, an Electronic Signature will meet this need and have the same evidentiary weight, as long as the Electronic Transactions Law standards are met.
As a result of Brexit, the EU’s eIDAS was integrated (with minor changes) into UK domestic law on December 31, 2020, in line with Section 3 of the European Union (Withdrawal) Act 2018. (UK eIDAS).
UK eIDAS is generally similar to eIDAS, with the exception of sections deemed “inappropriate or superfluous” by the UK government. The elimination of references to “Member States” and the abolition of the interoperability framework for national electronic ID (e-ID) systems are among the amendments.
Electronic signatures are governed under the Electronic Communications Act (ECA 2000), the Electronic Identification and Trust Services for Electronic Transactions Regulations 2016, and case law in addition to UK eIDAS. The ECA 2000 makes no explicit mention of the legality of electronic signatures. Case law, which refers to the legislation made by the court, has filled this void.
The Law Commission of the United Kingdom ruled in 2019 said that a combination of UK eIDAS, ECA 2000, and case law can enable any electronic signature fulfil a legislative requirement for a signature provided an authenticating purpose can be established.
In the United States, the Electronic Signatures in Global and National Commerce Act (ESIGN) of 2000 established that electronic signatures are lawful in every state and U.S. territory where federal law applies.
Where federal law does not apply, most states in the United States have adopted the Uniform Electronic Transactions Act (UETA), which was approved by Congress in 1999.
In states that have not approved the UETA esign facility or another law establishing alternative processes for the use of electronic signatures consistent with ESIGN, ESIGN is the default federal law that applies.
In the US, electronic signatures are divided into two parts, primarily:
- Electronic Signatures: refer to any electronic procedure that demonstrates approval of an agreement or document is referred to as an electronic signature (e-signature). In the United States, the majority of electronic signature systems fall under this wide category.
- Digital Signatures: In this, to confirm a signer’s identity, a digital certificate from a trust service provider (TSP), such as a certificate authority (CA), is used. The digital certificates establish proof of signing by encrypting the digital certificate linked with each signature.
Start eSigning Today With Ink.it
Businesses around the world use digital signatures to guarantee that critical documents such as agreements and contracts are signed instantly & securely.
SignDesk provides secure digital and electronic signature workflows to encrypt sensitive documents, verify signatures, and get agreements executed in minutes. With extensive template libraries, configurable workflow options, options to invite multiple signers & sign in bulk, businesses can transform their signature processes & optimize efficiency.
To understand how to utilize digital signatures online and safeguard your document authentication process, schedule a free demo with our solution consultants today.