10-04-2021

How to Make Electronic Signatures Legally Binding in the EU and Globally

Stephen Davidson

Electronic signatures (e-signatures) may include anything from typing your name or adding an image of your handwritten signature, all the way to applying digital signatures which use cryptography to provide a higher level of assurance and security.

The type of e-signature that is appropriate for a use case is always based on the relevant national law, and the legal requirements vary by country. In some cases, as long as the parties agree to a method, an e-signature can be legally valid regardless of the technology or process used. However, there are normally legal and risk-control benefits to using higher quality e-signature methods.

There are essentially two approaches to legal validity in e-signatures. Either the law allows almost every e-signature to be legally enforceable, or the law prescribes specific requirements for the signature to be legally binding, often requiring the use of higher assurance digital signatures. The EU, China and South Korea have some of the more formal e-signature laws in the world, while countries like the United States, Canada and Australia have more flexible e-signature laws, allowing for almost any type of e-signature to carry the same weight as a handwritten signature.

If you are doing business across borders, you may wish to ensure that your e-signatures follow the most stringent country requirements to be legally binding. Laws may also vary depending on the type of contract being signed. We’ll cover a few popular countries and their regulations more in-depth below, but you can also find details on many more countries here.

European Union

To make an electronic signature legally binding in the EU, it must follow the e-Identification and Authentication and Trust Services regulation (EU Regulation 910/2014, known as eIDAS). In place since 2016, eIDAS established a singular framework across all EU countries for the legality of e-signatures and the regulation of Trust Service Providers that help create them.

Under eIDAS, e-signatures are legally valid if businesses obtain prior consent of all parties involved. eIDAS also outlines three levels of signatures. A Qualified Electronic Signature provides legal nonrepudiation, or the same value as a handwritten signature, and the law assumes it is valid, with the burden on the disputant to prove it is not valid. On the other hand, an Advanced Electronic Signature or an Electronic Signature is still legally binding, but the burden of proof lies with the signer to prove that a signature is valid. Qualified signatures are required in use cases that require higher security, like many government filings, legal contracts, property transfers and incorporations, and they also include high confidence in the signature’s authenticity and signer identity verification.

United Kingdom

Currently the UK follows eIDAS regulations for legally binding electronic signatures. Although the UK officially left the EU in January 2020, as of December 2020 the country adopted a UK eIDAS law, which generally follows the same practices as signing in the EU. This enables easier cross-border transactions with the UK and EU countries. Furthermore, the UK has recognized electronic signatures as legally binding for over two decades with parliament’s Electronic Communications Act of 2000.

United States

In the United States, under the Electronic Signatures in Global and National Commerce Act (E-Sign Act) and the Uniform Electronic Transactions Act, electronic signatures generally carry the same weight as traditional wet signatures and cannot be denied legality just because they are in electronic form.

The U.S. government has been using digital signatures for decades, although its approach has been more open, allowing for any technologies for legally valid electronic signatures. Some states have individual restrictions, but for the most part U.S. regulations are technology neutral.

In some use cases, the United States has specific requirements for handwritten signatures, such as for court orders, wills, adoption and divorce papers. However, the U.S. Senate is also currently reviewing a bill that would require digital signatures in sensitive court orders, so we may see more adoption of digital signatures in the United States soon.

Israel

Israel has recognized electronic signatures as legal since the country first passed the Electronic Signature Law in 2001. Israel has three types of e-signatures, each with a different evidentiary weight: basic Electronic Signatures, Secure Electronic Signatures (roughly equivalent to EU Advanced) and Certified Electronic Signatures (similar to EU Qualified). Certified Electronic Signatures are created using a certificate from an accredited CA.

Brazil

Electronic signatures are generally legally binding in Brazil, although methods used must ensure the authenticity of signatures and the integrity of a document’s contents. There are no requirements on how signatures could be executed, but a signer’s willingness to sign must be clear. There are two regulations in Brazil that govern electronic signatures:

  • Article 104 of the Brazilian Civil Code establishes the validity of legal contracts
  • The Provisional Measure 2,200-2, of August 24, 2002 (“MP 2,200-2”) developed the dedicated Brazilian Public Key Infrastructure (known as ICP-Brasil)

The ICP-Brasil tends to be used in corporate or government environments and is normally limited to high-value or high-volume transactions, such as foreign exchange transactions or accounts receivables.

For transactions that use digital certificates, the document is deemed signed and valid. If the document is questioned, the challenging party would be required to prove the digital signature is invalid. Additionally, due to the COVID-19 pandemic, Brazil introduced measures in April 2020 to allow identity verification for the issuance digital certificates to be performed remotely.

Prepare for a Future of Digital Signing Worldwide

As electronic document signing grows in popularity around the world driven by rapid digital transformation, we expect that more and more countries will adopt policies on making digital signatures more prevalent and legally binding.

Many countries are looking to the original EU eIDAS regulation as an example. Since the EU has already established clear cross border transactions and document signing regulations, other countries are likely to follow suit, and in order to sign documents across borders with the EU, processes must be eIDAS compliant anyways. Looking for a digital document signing solution that enables legally binding signatures in the EU and globally? Check out DigiCert® Document Trust Manager.

DigiCert® Document Trust Manager

Document Trust Manager helps to digitally transform organizations by enabling secure signature trust and legally binding digital document signing anywhere, any time and on any device. Organizations using Document Trust Manager can automate the creation of digital signatures for either natural or legal persons (known in Europe as e-Seals).

Document Trust Manger is highly flexible and configurable, providing options such as individual workflows or mass-signing for invoices or e-transactions. It can also be used to add DigiCert certificates (including Adobe Approved Trust List/AATL or eIDAS or Swiss Qualified) to other popular document signing platforms such as AdobeSign, DocuSign or Ascertia SigningHub.

Questions about DigiCert Document Trust Manager? Email docsigning@digicert.com.

UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

07-03-2024

What is a CA’s Role in delivering digital trust?

Why Matter needs to toughen up

National Cybersecurity Awareness Month:
October 2024