According to the federal electronic signatures in global and national commerce act:

The world of electronic transactions has galloped far beyond the efforts of the legal community to develop laws to facilitate traffic on today’s electronic transaction raceway. Some states enacted versions of the Uniform Electronic Transactions Act. International rules of electronic commerce are developing, but there was no overarching federal law in place designed to eliminate the paper – until now.

On June 30, 2000 President Clinton signed in Philadelphia the "Electronic Signatures in Global and National Commerce Act" (the "E-Signature Act"). When most of the new law’s provisions take effect October 1, 2000, there will be in place for the first time a national framework for giving validity to transactions handled electronically.

In brief, the E-Signature Act allows electronic signatures or documents to satisfy most existing legal requirements for written signatures, disclosures, or records. On the other hand, the Act neither entirely eliminates risks related to e-signatures and electronic documents, nor ensures their enforceability. Instead, the E-Signature Act simply provides the opportunity for businesses and government to adopt technologies and procedures that themselves provide necessary assurances of attribution, non-repudiation, data integrity, and reliability.

The limitations of the E-Signature Act require elaboration. Suppose Bank A and Bank B electronically exchange a contract that is purportedly executed in the body of the contract itself. (In other words, each Bank "executes" the contract by typing in a "signature.") Although the E-Signature Act does not prohibit enforcement of these "electronic signatures," it likewise says nothing about their enforceability. In fact, such simplified electronic signatures are unlikely to withstand legal challenge, because they lack any necessary safeguards.

In the hypothetical, for example, no safeguards assure:

• Data Integrity 
– How do Banks A and B know that they have "signed" the same contract?
• Attribution 
– How do Banks A or B know that the other party, as opposed to a third party, actually signed the contract?
• Non-repudiation 
– How could Banks A or B disprove a false assertion that the other party never executed the contract?
• Reliability 
– How can Banks A or B prove that neither side has altered the contract subsequent to its execution?

Fortunately, technology has been developed (and is continuing to develop) that would allow both parties (and the courts) reasonably to rely on each other’s electronic "signature." Currently, the most commonly used technology is a "public key infrastructure" ("PKI") that allows for the creation of what are generally referred to as "digital signatures."

A common form of digital signature uses cryptography based upon two different (or asymmetric) "keys," and a "hash" function. One key can encrypt a message, the other can decrypt the message, but neither key can do both. A hash function translates a long document into a short alphanumeric code of a specified length. Together the keys and the hash function provide safeguards for electronic signatures as follows:

• The signer uses the hash function to create a unique identifier for the document (the "signature").
• The signer uses his or her key to encrypt the identifier and the related document.
• The receiver uses his or her key to decrypt the identifier and the related document. This assures that the document was sent by the party with the encryption key.
• The receiver uses the same hash function as on the document to create a matching identifier. (By comparing the output of the hash function on the received document with the decrypted identifier, the receiver can be certain that the document received is the same as the "signed" document.)

An additional level of protection can be provided to electronic documents through the use of digital "certificates" which attempt to assure that the senders and/or receivers of electronic materials are who they purport to be. (Certificates are based on a process of registering "keys" with a third-party agency.)

In adopting legislation that allows for electronic signatures, but which does not specify the use of particular safeguards or technology, the E-Signature Act will allow for the continued development and improvement of e-commerce mechanisms. On the other hand, the failure to adopt specific requirements or presumption of reliability implies that efforts to rely exclusively on electronic signatures or documents will not be without risk, at least until there is a greater body of case law addressing their enforceability.

E-Signature Act Definitions

Among the terms used throughout the E-Signature Act is "consumer," which generally means an individual that obtains products or services primarily for personal, family or household purposes, and that individual’s legal representative. Special provisions for consumer consent to do business electronically are discussed below.

An "electronic agent" is the computer program, or an automated means to initiate an action without review of the action by the individual. The term "record" means information inscribed on a tangible medium that is stored in an electronic or other medium and is retrievable. The "electronic record" is the contract or other record created, received or restored by electronic means such as e-mail.

An "electronic signature" is the electronic sound, symbol or process attached to or associated with the contract or other record and adopted by the person with the intent to sign the record. Various technologies are emerging to effectuate electronic signatures, and the E-Signature Act will certainly unleash aggressive marketing of new products.

Finally, the term "transaction" means any actions relating to the conduct of business, consumer or commercial affairs between two or more persons including sales and leasing of personal property and real property. As you might suspect, the scope of the E-Signature Act is very broad, with a few limited exceptions noted below.

Legal Legitimacy Of Electronic Commerce

At the heart of the E-Signature Act is its pronouncement that a signature or contract may not be denied legal effect or enforcement solely because it is in an electronic form. Put another way, a contract relating to a "transaction" cannot be denied legal effect and enforceability solely because of an electronic signature or e-mail used in its formation. The E-Signature Act, however, does not require any person to agree to use electronic signatures.

As you can see, the E-Signature Act does not identify a list of laws to be repealed or amended. Rather, the E-Signature Act functions as an overlay to not disturb existing law except when consensual electronic commerce is threatened.

Security & Attribution

The E-Signature Act establishes certain conditions on the enforcement of electronic transactions. Specifically, when an existing law requires that a contract be in writing, the enforceability of an electronic record of such a contract depends upon the contract being in a form that is capable of being retained and "accurately reproduced" for later reference by all parties entitled to retain such contract.

Also, an electronic transaction in interstate commerce "may not be denied legal effect, validity and enforceability solely because its formation, creation or delivery" involved any particular "electronic agent," provided the action of any such electronic agent is "legally attributable to the person to be bound." "Attribution" means that the system must have safeguards that assure the identity of parties to a transaction.

As noted above, various technologies have developed to assure proper attribution and data integrity. Over time, it is likely that meaningful standards will emerge to guide parties in developing enforceable electronic agreements.

Electronic Consumer Disclosures

Many consumer protection laws, such as the federal Truth in Lending Act, require disclosures to consumers in writing. The E-Signature Act states that an electronic record (i.e., an e-mail or web posting) will satisfy the requirement that the consumer disclosure be in writing if certain conditions are met. First, the consumer must have "affirmatively consented" to the use of electronic communication and has not withdrawn such consent. Presumably, state and federal regulators will elaborate on the meaning of affirmative consent.

Second, prior to consenting, the consumer must receive a "clear and conspicuous" statement which

1. informs the consumer of any right to have the record provided on paper and the right to withdraw the consent to have the record provided in electronic form, together with any conditions or fees that may arise in the event of such withdrawal;
   
2. informs the consumer whether the consent applies only to a particular transaction or to categories of records that may be provided during the course of the parties' relationship;
   
3. describes the procedures needed to withdraw consent and update information needed to contact the consumer electronically;
   
4. informs the consumer how it may obtain a copy of the electronic message and whether any fee will be charged for such a copy.

Third, prior to consenting, the consumer must be provided with a statement of the hardware and software requirements for access to and retention of the electronic record. The consumer must then consent electronically or confirm his consent electronically in a manner that demonstrates that the consumer can access the information.

The E-Signature Act also addresses existing consumer laws which require that consumer disclosure information be verified or acknowledged (perhaps, for example, New Jersey’s residential mortgage application disclosure requirement). Such information may be made available electronically "only if the method used provides verification or acknowledgement of receipt…" Presumably, this means that electronic delivery of such a consumer disclosure should automatically trigger an opportunity for delivery of a consumer’s electronic signature.

For federal consumer disclosure laws, we expect federal regulatory agencies such as the Federal Reserve Board to continue their promulgation of electronic disclosure procedures that are consistent with the E-Signature Act. State regulators will presumably initiate or continue similar processes.

A federal regulatory agency may by regulation exempt a specific category or type of record from the above-explained consumer consent requirement if such exemption is necessary to eliminate a "substantial burden to electronic commerce and will not increase the material risk of harm to consumers." Furthermore, for certain investment company disclosures, the Securities and Exchange Commission must issue a regulation or order exempting from the consent provision the electronic delivery of certain records required to be provided.

Record Retention

Many federal and state laws require certain records to be maintained for a defined period of time. Well, the record warehouse industry will eventually face tough times. The E-Signature Act states that if an existing statute or regulation requires records to be retained, that requirement is met by retaining an electronic record of the information.

However, such electronic record must "accurately reflect" the information set forth in the contract or other record and "remain accessible" in a form capable of being "accurately reproduced for later reference, whether by transmission, printing or otherwise." Again, the E-Signature Act provides the opportunity for businesses to replace paper records with electronic ones but does not create a precise road map for doing so. In substituting electronic records for paper records, a firm may need to adopt technological, procedural, and administrative safeguards that assure (1) that the electronic records are an accurate reproduction of original materials; and (2) that the electronic records have not been tampered with.

Although the benefits of electronic records are clear, they also pose significant risks that should be considered whenever a firm is contemplating a transition to "paperless" recordkeeping. First, electronic records may be subject to electronic theft and/or improper use, which could raise significant privacy concerns. Second, electronic records have proven a fertile ground for discovery in litigation (witness the implications of e-mail in the Microsoft antitrust case). Accordingly, a transition to electronic recordkeeping should be accompanied by a review of both security and record retention practices.

Originals And Checks

Another overlay of existing law involves original documents. If an existing law requires a contract or other record to be retained in its original form, the E-Signature Act states that such requirement is satisfied by retaining an electronic record. Again, however, such electronic record of the original must "accurately reflect" the information set forth in the original and "remain accessible" in a form capable of being "accurately reproduced for later reference, whether by transmission, printing or otherwise."

Similarly, if a law requires retention of a check, the E-Signature Act states that such law is now satisfied by the retention of an electronic record of the information on the front and back of the check. Again, however, such electronic record must "accurately reflect" the information set forth in the check and "remain accessible" in a form capable of being "accurately reproduced for later reference, whether by transmission, printing or otherwise." Check-imaging is sure to receive a boost from these provisions.

Posting Of Notices

The E-Signature Act does not limit or affect existing laws requiring a warning, notice or disclosure to be posted or displayed.

Notarization

Current law requires forms recorded in real estate transactions and other formal documents to be notarized according to state law. The E-Signature Act provides a mechanism for electronic notarization if the document bears the electronic signature of the notary together with the other required information, and is "attached to or logically associated with a signature or record."

This is one of the E-Signature Act provisions that should enable real estate transactions to be conducted electronically. It would seem that state authorities that regulate the notarization process should begin gathering information on electronic signature technology so notaries can be trained accordingly. It would also seem that security devices that verify the identity of the notary would need to be coupled with the electronic signature technology.

Scope: Transactions Not Subject To The E-Signature Act

Certain transactions will still be governed by laws that require a writing. For example, laws involving wills and certain trusts are not covered by the E-Signature Act. Laws involving adoption, divorce or other matters of family law are not covered by the E-Signature Act. Finally, sections of the Uniform Commercial Code such as Article 9 are not disturbed by the E-Signature Act.

The E-Signature Act also does not cover court orders or official court documents including briefs, and pleadings which are required to be in writing, and any cancellation notice of utility services and health insurance plans or benefits. The E-Signature Act does not cover default and acceleration notices involving the primary residence of any individual or notices involved with a recall of a product endangering health or safety. Finally, any document involved with the transportation of hazardous materials is not covered by the E-Signature Act. This does not mean that a particular law involving any of these types of situations cannot itself provide for electronic delivery, only that the E-Signature Act will not preempt laws as now written. The E-Signature Act commissions the Secretary of Commerce to study these exceptions and through rulemaking eliminate one or more of them.

Preemption Of State Law

In general, the E-Signature Act principles that validate electronic commerce overcome not only federal but also state laws that interfere with electronic commerce. However, this preemption of state law is limited if a particular state has enacted the Uniform Electronic Transactions Act ("UETA"). The state UETA will apply instead of the E-Signature Act. However, any state UETA limitations on the UETA’s scope that are inconsistent with the scope of the E-Signature Act are preempted. Pennsylvania, for example, is a state that has enacted the UETA. (Upon your request, we can provide a copy of our Bulletin No. 99-28 entitled "Pennsylvania Starts the Millennium Under an Electronic Commerce Act.") Depending on the states where an entity does business, there may or may not be state law counterparts to the E-Signature Act.

In addition, a state law that specifies alternative procedures or requirements for using electronic signatures will apply if (a) such alternative procedures are consistent with the E-Signature Act, (b) such alternative procedures do not require implementation of a specific technology involving electronic signatures and (c) such laws are enacted after the date of the E-Signature Act.

Applicability To Federal And State Government Agencies

The E-Signature Act does not limit or supersede any federal or state agency requirement that records be filed with such agency in accordance with specified standards or format. Furthermore, a federal regulatory agency or state regulatory agency can issue rulemaking to interpret the E-Signature Act and apply it to that agency’s area of expertise. The E-Signature Act limits the interpretation authority of such federal or state regulatory agency to the extent any regulation is not consistent with the E-Signature Act.

A federal or state regulatory agency can specify performance standards to assure accuracy, record integrity and accessibility of records that are required to be maintained. A state or federal regulatory agency can require retention of a record in a tangible printed or paper form if there is a compelling "governmental interest relating to law enforcement or national security" and such requirement is essential to attaining such interest.

Effective Date

The provisions of the E-Signature Act, Title 1, discussed above become effective October 1, 2000. However, as applied to record retention requirements, these E-Signature Act provisions become effective March 1, 2001, although that period can be delayed until June 1, 2001 if a rulemaking proceeding is underway.

Negotiable Instruments & Real Estate

Title 2 of the E-Signature Act deals with "transferable records" which are defined to mean electronic records that would be notes under the Uniform Commercial Code if (a) such record were in writing, (b) the issuer expressly agrees that the document is a "transferable record," and (c) the transaction involves a loan secured by real property. In such cases, a transferable record may be executed using an electronic signature.

If someone establishes "control" of the transferable record that bears an electronic signature, that person is entitled to the benefits of being a "holder" under the Uniform Commercial Code and would have the same rights of a holder of an equivalent record or writing. In other words, the rights and defenses of the holder in due course or a purchaser, respectively, are available to someone having control of a transferable record. Delivery, possession and endorsement are not required to obtain these rights.

The E-Signature Act states that a person has "control" of a transferable record if the system employed for evidencing the transfer of interest in that transferable record, "reliably establishes that person as the person to which the transferable record was issued or transferred." Control can be established if the record is created, stored and assigned in a manner that there is a single authoritative copy which is unique, identifiable and unalterable, and identifies the person asserting control as the person to whom the record was issued or assigned.

For notes not related to real estate transactions and thus not "transferable records," it appears that provisions of the new Article 9 of the UCC will establish the concept of "control." Title 2 of the E-Signature Act involving transferable records becomes effective 90 days after the date of enactment.

International Transactions

Finally, the Secretary of Commerce is instructed to promote the acceptance and use, on an international basis, of electronic signatures. The Secretary is instructed to remove obstacles to electronic transactions by adopting relevant principles from the Model Law on Electronic Commerce adopted in 1996 by the United Nations Commission on International Trade Law.

Conclusion

The E-Signature Act should give a big boost to advocates of electronic transactions. However, technology to develop reliable electronic signatures and reliable security procedures will still need to be learned and understood in order to be implemented. It is difficult for a law to predict all of the twists and turns of technological developments. Now, at least, Congress has given an unequivocal green light to those exploring the realm of electronic commerce.

What are the four requirements for an electronic signature to be valid?

What is the impact of electronic signature on the Philippine legal system?

Is electronic signature legally binding in USA?

Does FDA accept electronic signatures?