A new legal framework for electronic signatures? First insights on the European Trust Services Regulation. | ECM-Forum auf der CeBIT 2014

CEBIT 2014

THE LEGAL

PERSPECTIVE

PROF. DR. PATRICK VAN EECKE

PARTNER - DLA PIPER – BRUSSELS

PROFESSOR - LAW FACULTY - UNIVERSITY ANTWERP

E-SIGNATURES

AGENDA

Legal acceptance of eSignatures in Europe

The future Regulation on Trust Services

Implementing a legally compliant eSignature solution

LEGAL ACCEPTANCE OF

ESIGNATURES IN

EUROPE

3/12/2014 3

4

DIVERSITY OF ESIGNATURES

PIN code

Scanned signature

Signature machine

Dynamic PW

Captured signature

PKI signature

Captcha

Click-wrap

http://www.google.com/url?sa=i&rct=j&q=obama+signature+machine&source=images&cd=&cad=rja&docid=mAbr-ikchKbfRM&tbnid=9uY1Bu5O4KLMDM:&ved=0CAUQjRw&url=http://www.theblaze.com/stories/2011/06/26/obamas-signature-is-it-real-or-is-it-autopenned/&ei=fb5BUYTjBIKWO7XrgfAF&bvm=bv.43287494,d.Yms&psig=AFQjCNEcccm2OjbqgZ4Iq-bzfxpiyuQ1qw&ust=1363349447353461

http://www.google.com/url?sa=i&rct=j&q=ipad+signature&source=images&cd=&cad=rja&docid=2JRrMRosHgG2iM&tbnid=VA5nmoCoisM4_M:&ved=0CAUQjRw&url=http://www.on-site.com/the_buzz/undisputed_leader_apartment_leasing_technology_introduces_touch_sign_mo/&ei=2b5BUfr7H8bntQaR14GQAg&psig=AFQjCNHpQabznpkYVMaaxqPFVxMv5l8stQ&ust=1363349582409098

http://www.google.be/url?sa=i&rct=j&q=agree+button&source=images&cd=&cad=rja&docid=LTlIKJlmaCOVVM&tbnid=j74uK-4yLK1iCM:&ved=0CAUQjRw&url=http://dojotoolkit.org/documentation/tutorials/1.8/dialogs_tooltips/&ei=Yr9BUdSaHsqYtQbXyYDQDA&bvm=bv.43287494,d.Yms&psig=AFQjCNF_sZZw8ViJ2zP8KKBwIgpD-jpHaQ&ust=1363349662328254

http://www.google.be/url?sa=i&rct=j&q=digital+signature&source=images&cd=&cad=rja&docid=v2deDmj4N-u_eM&tbnid=ZRdZR44yDBK_cM:&ved=0CAUQjRw&url=http://www.planetpdf.com/enterprise/article.asp?ContentID=using_digital_signatures_with_&ei=tL9BUdCBOtGVswbB3YHoDQ&bvm=bv.43287494,d.Yms&psig=AFQjCNG2yOUhoIZVzeHwqvfg5MctcpPgaQ&ust=1363349798391064

http://www.google.com/url?sa=i&rct=j&q=scanned+signature&source=images&cd=&cad=rja&docid=vLBaU6kPCbtHVM&tbnid=9SVca3CCiSNR7M:&ved=0CAUQjRw&url=http://lifehacker.com/320508/save-time-and-paper-with-a-scanned-signature&ei=GcJBUZnNL8vItAbllIHoBA&bvm=bv.43287494,d.Yms&psig=AFQjCNF04Z5nyAxR0N6THSLBqGA_ZgLAaQ&ust=1363350407395371

http://www.google.be/url?sa=i&rct=j&q=dynamic+password&source=images&cd=&docid=MWL8-daUfdZn2M&tbnid=-ippZYU_vG6rHM:&ved=0CAUQjRw&url=http://www.made-in-china.com/showroom/yuyufeng/product-detailFSkEyfKrLJBd/China-One-Time-Password-Dynamic-Password-Otp-Token-USB-Kingkey3000-.html&ei=CMNBUYXBKYectQa8v4CYDA&bvm=bv.43287494,d.Yms&psig=AFQjCNHeabyNSdLd0quRV6ZOR7wEau4Blw&ust=1363350649060574

TO BE OR NOT TO

BE LEGALLY

VALID?

ELECTRONIC SIGNATURES

ESIGNATURES

1. Can electronic signatures be used in court?

2. Are electronic signatures a valid legal alternative for

handwritten signatures?

3/12/2014 6

EU DIRECTIVE ON ESIGNATURES

3/12/2014 7

EU DIRECTIVE

"electronic signature"

• data in electronic form

• which are attached to or logically associated

• with other electronic data,

• and which serve as a method of authentication

Legal effect

• Member States shall ensure that an electronic signature is not denied legal effectiveness and admissibility as evidence in legal proceedings solely on the grounds

• that it is in electronic form,

• or not based upon a qualified certificate,

• or not based upon a qualified certificate issued by an accredited certification-service-provider,

• or not created by a secure signature-creation device.

8

EU DIRECTIVE

"Qualified electronic signature"

• Advanced Electronic Signature

• Qualified Certificate

• Secure Signature Creation Device

Legal effect

• Member States shall ensure that advanced electronic signatures which are based on a qualified certificate and which are created by a secure-signature-creation device:

• (a) satisfy the legal requirements of a signature in relation to data in electronic form in the same manner as a handwritten signature satisfies those requirements in relation to paper-based data; and

• (b) are admissible as evidence in legal proceedings.

9

DO WE NEED A

SIGNATURE?

3/12/2014 10

LEGAL CONTEXT

1. Is a contract legally valid?

2. Is a contract legally enforceable?

11

LEGAL CONTEXT

• Basic principle

• Consensus based, no requirements relating to form

• Exceptions

• public government type of contracts (e.g. public procurement)

• solemn contracts, such as donation of real estate, etc

• Electronic?

• Electronic contracts allowed?

• Electronic signatures allowed?

Formal requirements

relating to the validity

of a contract

12

LEGAL CONTEXT (2)

• Contract may be valid but its existence and contents should also be enforceable (is a matter of evidence)

• Basic principle: free evidence in B2B, regulated evidence in B2C

• Exceptions: Specific requirements relating to the form (e.g. statute of frauds)

Formal requirements relating to the enforceability of a contract

13

ESIGNATURE LAWS

Flexible approach towards use of electronic signatures for legal transactions

No specific technical requirements are being mandated when using electronic signatures for standard legal transactions.

Still, for specific transactions and for specific sectors, additional technical criteria may be required.

Less flexible approach towards use of electronic signatures for legal transactions

For standard legal transactions no additional technical criteria are required but the use of specific electronic signature

technology is often promoted by law (e.g. by introducing a presumption of conformity for specific electronic signature

technology).

Stringent approach towards use of electronic signatures for legal transactions

Technology related specific requirements need to be taken into account when using electronic signatures for standard legal

transactions.

14

FLEXIBILITY OF ESIGNATURE

LEGISLATION

15

EXAMPLE

1.

E-signature

legislation

addressing

the topic of e-

signatures in

general

2.

An e-

signature has

the same

status as a

handwritten

signature,

regardless of

the

technology

used

3.

An e-signature

can have the

status as a

handwritten

signature if

certain

technical

requirements

are complied

with (e.g. PKI

signature)

4.

If the answer

to both

statement 2

and statement

3 is "no", are

e-signatures

granted any

legal value in

your

jurisdiction?

5.

Parties can

contractually

agree the

evidentiary

value of e-

signatures

created with a

specific

technology

6.

Generally

speaking, the

rules for

using e-

signatures in

a B2C and a

B2B context

are the same

7.

Sector specific

legislation

which imposes

different or

additional

requirements

compared to

general rules

on signature

requirements

and e-

signatures

16

USA Yes Yes N/A N/A Yes No Yes

Australia Yes No Yes N/A Yes Yes Yes

Canada Yes Yes N/A N/A Yes Yes Yes

Brazil Yes No Yes N/A Yes Yes Yes

Russia Yes Possibly Yes N/A Yes Yes Yes

UNITED STATES

‘‘Electronic Signatures in Global and National Commerce Act’

SEC 101: […] (1) a signature, contract, or other record relating to such transaction may not be denied legal effect, validity, or enforceability solely because it is in electronic form; and (2) a contract relating to such transaction may not be denied legal effect, validity, or enforceability solely because an electronic signature or electronic record was used in its formation.

ELECTRONIC SIGNATURE.—The term ‘‘electronic signature’’ means an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.

CASE LAW?

• Plenty of cases on enforceability of electronic

signatures/contracts

• Move towards trustworthiness of technology used

• Less cases on qualified electronic signatures

3/12/2014 18

THE EUROPEAN EID

AND TRUST

SERVICES

REGULATION

REGULATION ON ELECTRONIC IDENTIFICATION AND

TRUST SERVICES FOR ELECTRONIC TRANSACTIONS

IN THE INTERNAL MARKET

BROAD SCOPE

Electronic signatures

Electronic identification

Electronic seals

Electronic time stamps

Electronic documents

Electronic delivery

Web authentication

services

ELECTRONIC SIGNATURE

Directive

data in electronic form which are attached to or logically associated with other electronic data and which serve as a method

of authentication

Regulation

data in electronic form which are attached to or logically associated with other electronic data and

which are used by the signatory to sign;

ADVANCED ELECTRONIC SIGNATURE

Directive

‘advanced electronic signature ’means an electronic signature which meets the following requirements:

• (a)it is uniquely linked to the signatory;

• (b)it is capable of identifying the signatory;

• (c)it is created using means that the signatory can maintain under his sole control; and

• (d)it is linked to the data to which it relates in such a manner that any subsequent change of the data is detectable;

Regulation

‘advanced electronic signature’ means an electronic signature which meets the following requirements:

• (a) it is uniquely linked to the signatory;

• (b) it is capable of identifying the signatory;

• (c) it is created using electronic signature creation data that the signatory can, with high level of confidence, use under his sole control; and

• (d) it is linked to the data to which it relates in such a way that any subsequent change in the data is detectable;

ELECTRONIC SIGNATURE CREATION

DATA

Directive

"signature-creation data" means unique data, such

as codes or private cryptographic keys, which are used by the signatory

to create an electronic signature

Regulation

"electronic signature creation data" means unique data which are used by the signatory to create an electronic

signature

QUALIFIED ELECTRONIC

SIGNATURE

• means an advanced electronic signature which is created by a qualified electronic signature creation device, and which is based on a qualified certificate for electronic signatures

‘qualified electronic signature’

25

REGULATION IS ON THE TOP OF EU

POLITICAL AGENDA

European Council of 13-14.12.2012:

• Called on the co-legislators to speed up the work on the proposal.

• Invited Council and Parliament to give the proposal the highest priority with a view to its adoption by the end of the current parliamentary cycle at the latest (= June 2014).

European Council of 14-15.3.2013:

• The rapid conclusion of the work is an essential priority,

• Trust Services Regulation is a key file

AGENDA

04/06/2012: Legislative proposal published

07/06/2012: Debate in Council

14/06/2012: Committee referral announced in Parliament


07/02/2013: Referral to associated committees announced in Parliament


14/10/2013: Vote in committee

06/11/2013: Committee report tabled for plenary, 1st reading/single reading


2013-2014: Trialogues

03/04/ 2014: EP Plenary (Vote on 1st reading)

27

TIPS &

TRICKS

IMPLEMENTING LEGALLY COMPLIANT

ESIGNATURE SOLUTIONS

QUESTIONS TO BE ASKED

3/12/2014 29

For which types of transactions do you intend

to use electronic signatures?

In which regions or countries do you intend to use electronic signatures?

Do you intend to use electronic signatures solution for standard

transactions only?

Do you intend to use electronic signatures for

specific transactions with possible additional formal requirements as well (e.g.

employment contracts, real estate, surety)?

Does the law or case law require a handwritten

signature?

Does the law or case law require any specific

conditions to be met for creating a legally valid electronic signature?

Are the ceremonial aspects of the signature important

(warning function)?

Is there a need for trusted signature time?

Is there a need for long term validation of the electronic

signature?

Is it a one off or long term contractual relationship?

Is there a need for a Trusted List Service provider?

DIY, OTS, or EXT?

MORE INFO

Wacom, Hall 3, Stand E29

3/12/2014 30

CONTACT DETAILS

Patrick Van Eecke

DLA Piper, Brussels office

+32 (2) 5001630

[email protected]

31