Is Electronic Signature Safe and Legally Binding?

CRX_Blog_e.signature_v.1.0

In a world where technology is developing faster than legislators can handle, are we getting carried away with accepting new technology products before stopping to consider their legal effects? While security and consumer protection are indeed highly-debated issues in e-commerce, does anyone really have time to print out an agreement or a form, sign, scan, and return to sender?

Back in 1999, EU legislators sought to catch up with technology by providing a harmonized law regulating e-signatures and e-signature certification service providers by publishing Directive 1999/93/EC. To put this in perspective:  In 1999, the EU was comprised of just 15 Member States. This directive was a good start, but like every new piece of legislation on a new area or sector, there was room for improvement, especially since the legal instrument of choice was a directive, therefore allowing Member States to interpret the law in accordance with their national interests and to impose their own restrictions and exceptions.

In 2014, 15 years and 13 Member State accessions later, the EU published Regulation (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market, known as the eIDAS Regulation. The Regulation establishes criteria for e-signature providers (now referred to as ‘trust services’) in order to ensure that such providers are secure, and to enhance consumer confidence in e-services in general. Moreover, the Regulation also regulates electronic identification schemes which have become popular, especially in the realm of public services.

With competition as a driving force, many trust services are seeking to provide the best products for all types of businesses and agencies, which in turn are constantly striving to provide the best and quickest service possible for their clientele. Customers will no longer have to physically visit an agency or fill out a form, or as the European Commission says:

Indeed, rolling out eIDAS means higher security and more convenience for any online activity such submitting tax declarations, enrolling in a foreign university, remotely opening a bank account, setting up a business in another Member State, authenticating for internet payments, bidding to on line call for tender, etc.

How eIDAS offers protection
The new Regulation also introduces two concepts that go hand-in-hand, and this sets it apart from its predecessor:

  • mutual recognition of electronic signatures; and
  • advanced electronic signatures

The eIDAS sets out the principle of “mutual recognition,” which provides that if a Member State offers a particular service via electronic identification and authentication, then “the electronic identification means issued in another Member State shall be recognized in the first Member State for the purposes of cross-border authentication for that service online” provided, of course, that certain criteria are met as laid down in the Regulation.

The “advanced electronic signature” is a more secure form of the basic electronic signature introduced back in 1999, which allows unique identification and authentication of the signer, amongst other features. This allows certain service providers to request an advanced electronic signature from their customers; an important feature for ‘obliged entities’ subject to the anti-money laundering KYC obligations.

The eIDAS provides that legal persons making use of an electronic seal “shall not be denied legal effect and admissibility as evidence in legal proceedings solely on the grounds that it is in an electronic form or that it does not meet the requirements for qualified electronic seals.” Nonetheless, a company may obtain a qualified electronic seal which is more secure and therefore more desirable, or opt for an intermediate level seal called an “advanced” electronic seal.

The eIDAS Regulation came into effect on 1st July 2016.

For those of you who are wary of concluding an electronic agreement, the Regulation also confirms the legal effect and admissibility of such agreements as evidence in legal proceedings.

Credorax makes use of one of the most trusted and qualified e-signature providers, DocuSign, in order to conclude merchant agreements. Merchants that are onboarded by Credorax enjoy the advantage of being able to sign a merchant agreement electronically, which means that they can also sign by using their smart phone. Completely paperless and free of hassle!

Rachel Gauci is Legal Counsel for Credorax. 

  •  
  •  
  •  
  •  
About Rachel Gauci

Rachel Gauci serves as Legal Counsel for Credorax, forming part of the legal team in the Malta office. She has over 3 years of experience in payment services legislation and anti-money laundering law.

Adv. Gauci holds a law degree from the University of Malta. Credorax, was the subject of the case study in her doctoral dissertation entitled, 'A Critical Analysis of the Payment Services Directive and its Practical Application'.

Prior to her role as Legal Counsel, Rachel was a Compliance Officer and an Anti-Money Laundering Legal Officer at Credorax.
Rachel provides legal advice on licensing requirements, contract negotiations, and any other ancillary issues concerning merchants, as well as legal advice concerning Credorax's core regulatory issues.
Connect with her: LinkedIn