CEBIT 2014 THE LEGAL PERSPECTIVE PROF. DR. PATRICK VAN EECKE PARTNER - DLA PIPER – BRUSSELS PROFESSOR - LAW FACULTY - UNIVERSITY ANTWERP E-SIGNATURES
Oct 20, 2014
CEBIT 2014
THE LEGAL
PERSPECTIVE
PROF. DR. PATRICK VAN EECKE
PARTNER - DLA PIPER – BRUSSELS
PROFESSOR - LAW FACULTY - UNIVERSITY ANTWERP
E-SIGNATURES
AGENDA
Legal acceptance of eSignatures in Europe
The future Regulation on Trust Services
Implementing a legally compliant eSignature solution
LEGAL ACCEPTANCE OF
ESIGNATURES IN
EUROPE
3/12/2014 3
4
DIVERSITY OF ESIGNATURES
PIN code
Scanned signature
Signature machine
Dynamic PW
Captured signature
PKI signature
Captcha
Click-wrap
TO BE OR NOT TO
BE LEGALLY
VALID?
ELECTRONIC SIGNATURES
ESIGNATURES
1. Can electronic signatures be used in court?
2. Are electronic signatures a valid legal alternative for
handwritten signatures?
3/12/2014 6
EU DIRECTIVE ON ESIGNATURES
3/12/2014 7
EU DIRECTIVE
"electronic signature"
• data in electronic form
• which are attached to or logically associated
• with other electronic data,
• and which serve as a method of authentication
Legal effect
• Member States shall ensure that an electronic signature is not denied legal effectiveness and admissibility as evidence in legal proceedings solely on the grounds
• that it is in electronic form,
• or not based upon a qualified certificate,
• or not based upon a qualified certificate issued by an accredited certification-service-provider,
• or not created by a secure signature-creation device.
8
EU DIRECTIVE
"Qualified electronic signature"
• Advanced Electronic Signature
• Qualified Certificate
• Secure Signature Creation Device
Legal effect
• Member States shall ensure that advanced electronic signatures which are based on a qualified certificate and which are created by a secure-signature-creation device:
• (a) satisfy the legal requirements of a signature in relation to data in electronic form in the same manner as a handwritten signature satisfies those requirements in relation to paper-based data; and
• (b) are admissible as evidence in legal proceedings.
9
DO WE NEED A
SIGNATURE?
3/12/2014 10
LEGAL CONTEXT
1. Is a contract legally valid?
2. Is a contract legally enforceable?
11
LEGAL CONTEXT
• Basic principle
• Consensus based, no requirements relating to form
• Exceptions
• public government type of contracts (e.g. public procurement)
• solemn contracts, such as donation of real estate, etc
• Electronic?
• Electronic contracts allowed?
• Electronic signatures allowed?
Formal requirements
relating to the validity
of a contract
12
LEGAL CONTEXT (2)
• Contract may be valid but its existence and contents should also be enforceable (is a matter of evidence)
• Basic principle: free evidence in B2B, regulated evidence in B2C
• Exceptions: Specific requirements relating to the form (e.g. statute of frauds)
Formal requirements relating to the enforceability of a contract
13
ESIGNATURE LAWS
Flexible approach towards use of electronic signatures for legal transactions
No specific technical requirements are being mandated when using electronic signatures for standard legal transactions.
Still, for specific transactions and for specific sectors, additional technical criteria may be required.
Less flexible approach towards use of electronic signatures for legal transactions
For standard legal transactions no additional technical criteria are required but the use of specific electronic signature
technology is often promoted by law (e.g. by introducing a presumption of conformity for specific electronic signature
technology).
Stringent approach towards use of electronic signatures for legal transactions
Technology related specific requirements need to be taken into account when using electronic signatures for standard legal
transactions.
14
FLEXIBILITY OF ESIGNATURE
LEGISLATION
15
EXAMPLE
1.
E-signature
legislation
addressing
the topic of e-
signatures in
general
2.
An e-
signature has
the same
status as a
handwritten
signature,
regardless of
the
technology
used
3.
An e-signature
can have the
status as a
handwritten
signature if
certain
technical
requirements
are complied
with (e.g. PKI
signature)
4.
If the answer
to both
statement 2
and statement
3 is "no", are
e-signatures
granted any
legal value in
your
jurisdiction?
5.
Parties can
contractually
agree the
evidentiary
value of e-
signatures
created with a
specific
technology
6.
Generally
speaking, the
rules for
using e-
signatures in
a B2C and a
B2B context
are the same
7.
Sector specific
legislation
which imposes
different or
additional
requirements
compared to
general rules
on signature
requirements
and e-
signatures
16
USA Yes Yes N/A N/A Yes No Yes
Australia Yes No Yes N/A Yes Yes Yes
Canada Yes Yes N/A N/A Yes Yes Yes
Brazil Yes No Yes N/A Yes Yes Yes
Russia Yes Possibly Yes N/A Yes Yes Yes
UNITED STATES
‘‘Electronic Signatures in Global and National Commerce Act’
SEC 101: […] (1) a signature, contract, or other record relating to such transaction may not be denied legal effect, validity, or enforceability solely because it is in electronic form; and (2) a contract relating to such transaction may not be denied legal effect, validity, or enforceability solely because an electronic signature or electronic record was used in its formation.
ELECTRONIC SIGNATURE.—The term ‘‘electronic signature’’ means an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.
CASE LAW?
• Plenty of cases on enforceability of electronic
signatures/contracts
• Move towards trustworthiness of technology used
• Less cases on qualified electronic signatures
3/12/2014 18
THE EUROPEAN EID
AND TRUST
SERVICES
REGULATION
REGULATION ON ELECTRONIC IDENTIFICATION AND
TRUST SERVICES FOR ELECTRONIC TRANSACTIONS
IN THE INTERNAL MARKET
BROAD SCOPE
Electronic signatures
Electronic identification
Electronic seals
Electronic time stamps
Electronic documents
Electronic delivery
Web authentication
services
ELECTRONIC SIGNATURE
Directive
data in electronic form which are attached to or logically associated with other electronic data and which serve as a method
of authentication
Regulation
data in electronic form which are attached to or logically associated with other electronic data and
which are used by the signatory to sign;
ADVANCED ELECTRONIC SIGNATURE
Directive
‘advanced electronic signature ’means an electronic signature which meets the following requirements:
• (a)it is uniquely linked to the signatory;
• (b)it is capable of identifying the signatory;
• (c)it is created using means that the signatory can maintain under his sole control; and
• (d)it is linked to the data to which it relates in such a manner that any subsequent change of the data is detectable;
Regulation
‘advanced electronic signature’ means an electronic signature which meets the following requirements:
• (a) it is uniquely linked to the signatory;
• (b) it is capable of identifying the signatory;
• (c) it is created using electronic signature creation data that the signatory can, with high level of confidence, use under his sole control; and
• (d) it is linked to the data to which it relates in such a way that any subsequent change in the data is detectable;
ELECTRONIC SIGNATURE CREATION
DATA
Directive
"signature-creation data" means unique data, such
as codes or private cryptographic keys, which are used by the signatory
to create an electronic signature
Regulation
"electronic signature creation data" means unique data which are used by the signatory to create an electronic
signature
QUALIFIED ELECTRONIC
SIGNATURE
• means an advanced electronic signature which is created by a qualified electronic signature creation device, and which is based on a qualified certificate for electronic signatures
‘qualified electronic signature’
25
REGULATION IS ON THE TOP OF EU
POLITICAL AGENDA
European Council of 13-14.12.2012:
• Called on the co-legislators to speed up the work on the proposal.
• Invited Council and Parliament to give the proposal the highest priority with a view to its adoption by the end of the current parliamentary cycle at the latest (= June 2014).
European Council of 14-15.3.2013:
• The rapid conclusion of the work is an essential priority,
• Trust Services Regulation is a key file
AGENDA
04/06/2012: Legislative proposal published
07/06/2012: Debate in Council
14/06/2012: Committee referral announced in Parliament
20/12/2012: Debate in Council
07/02/2013: Referral to associated committees announced in Parliament
06/06/2013: Debate in Council
14/10/2013: Vote in committee
06/11/2013: Committee report tabled for plenary, 1st reading/single reading
05/12/2013: Debate in Council
2013-2014: Trialogues
03/04/ 2014: EP Plenary (Vote on 1st reading)
27
TIPS &
TRICKS
IMPLEMENTING LEGALLY COMPLIANT
ESIGNATURE SOLUTIONS
QUESTIONS TO BE ASKED
3/12/2014 29
For which types of transactions do you intend
to use electronic signatures?
In which regions or countries do you intend to use electronic signatures?
Do you intend to use electronic signatures solution for standard
transactions only?
Do you intend to use electronic signatures for
specific transactions with possible additional formal requirements as well (e.g.
employment contracts, real estate, surety)?
Does the law or case law require a handwritten
signature?
Does the law or case law require any specific
conditions to be met for creating a legally valid electronic signature?
Are the ceremonial aspects of the signature important
(warning function)?
Is there a need for trusted signature time?
Is there a need for long term validation of the electronic
signature?
Is it a one off or long term contractual relationship?
Is there a need for a Trusted List Service provider?
DIY, OTS, or EXT?
MORE INFO
Wacom, Hall 3, Stand E29
3/12/2014 30