Professional Documents
Culture Documents
The Principles of Electronic Agreement Legal Admissibility WP 8 07
The Principles of Electronic Agreement Legal Admissibility WP 8 07
Table of Contents
Introduction 3
Components of an Electronic Signature 3
Electronic Signature Legislation — A Non Discrimination Act 4
The Principles of Electronic Agreement Admissibility 6
Principle 1: Electronic Signature Reliability 7
Criteria 1: Electronic Signature to Electronic Document Binding 7
Criteria 2: Identity Authentication 8
Criteria 3: Electronic Signature Integrity 8
Criteria 4: Electronic Document Integrity 8
Principle 2: Sole Control over Act of Signing 9
Criteria 5: Privacy of Unique Identifier 9
Criteria 6: Sole Control Over Unique Identifier 9
Criteria 7: Revocation of Unique Identifier 9
Principle 3: A State of Informed Consent in the Act of Signing 10
Criteria 8: Awareness of Engaging in a Process of Agreement Formation 11
Criteria 9: Awareness of Intent and Implications of Act of Signing 11
Criteria 10: Notice of Rights 11
Principle 4: The Digital Chain of Admissibility 11
Criteria 11: Audit Trail of How, Who, What and When 12
Criteria 12: Retention 12
Principle 5: Electronic Agreement Trustworthiness 13
Criteria 13: Level of Electronic Signature Reliability 13
Criteria 14: Degree of Control over the Act of Signing 14
Criteria 15: Extent of a State of Informed Consent 14
Criteria 16: Trustworthiness of the Digital Chain of Admissibility 14
Conclusion: A Trusted Electronic Agreement Process 15
Evaluation Matrix: Criteria for Legal Admissibility
ProofSpace of Electronic Agreements 16
900 Clancy Ave NE
Grand Rapids, MI 49503
(312) 933.8823
www.proofspace.com The Principles of Electronic Agreement Legal Admissibility — Revised March 2003
ProofSpace White Paper
Introduction
In its most basic sense, an agreement is a commitment between two or more parties
to perform obligations in exchange for consideration. The agreement cannot be
subject to imperfect memory, competing claims or repudiation. There must be a state
of awareness that an agreement was being entered into and that a state of informed
consent existed during the act of signing. There must be sufficient proof to establish
the identities involved, the specifics of the agreement and the time the agreement was
entered into; all of which must be retained for a prescribed period.
The transformation from a paper-based agreement process to an electronic equivalent
makes no difference to the ongoing need to adhere to legal standards, meet legislative
requirements and comply with regulatory requirements. However, the electronic
paradigm will create many new legal and technical challenges and present risks that
will radically change the methods of meeting the standards and requirements and
demonstrating their adherence and compliance.
This paper will discuss a set of five principles that are essential to the legal admissibility
of an electronic agreement. These principles are prerequisites to enforceable electronic
agreements as required by existing legal standards and electronic signature legislation.
Admissibility can be understood to mean meeting the prerequisite requirements
necessary to hold an individual accountable, to obtain a successful dispute resolution
judgment or to obtain a favorable court adjudication. This paper will also specify sixteen
measurement criteria that can be used as metrics to assess whether the architecture
of an electronic transaction will meet the requirements of admissibility. But first, let
us define the essential components of an electronic signature and discuss the legal
significance of electronic signature legislation — the elimination of a key barrier to
executing end-to-end electronic agreements.
(312) 933.8823
www.proofspace.com The Principles of Electronic Agreement Legal Admissibility — Revised March 2003
ProofSpace White Paper
All three definitions require the signature to be affixed to or associated with what is
being signed. Therefore an electronic signature cannot exist without a context and the
specifics of what is being signed. Furthermore, the UN Model Law and the e-Sign Act
definitions add that the act of signing must be an act of approval or intent, respectively
and the EU Directive defines the intent as a method of authentication. Therefore an
electronic signature cannot further exist without the existence of intent. Consequently,
in the most general sense these definitions describe more the formation of an electronic
agreement — a signature in electronic form linked to a record in electronic form with
the act of signing performing a purpose, either approval, authentication or intent.
The objective of electronic signature legislation is then to articulate that these
electronic entities, whether they are called signatures or agreements, are equivalent in
terms of legal effect and validity as their physical counterparts. This is the focus of the
following section.
(312) 933.8823
www.proofspace.com The Principles of Electronic Agreement Legal Admissibility — Revised March 2003
ProofSpace White Paper
right to exist and be equally considered, subject to specific requirements being met.
These requirements are the focus of the Principles of Legal Admissibility.
The intent of the UN Model Law is to facilitate the creation of a harmonized and
coherent international legal framework for the recognition of electronic signatures.
This international legislative interoperability will consequently result in “frictionless”
international e-business. This enables an agreement executed or formed in one
territory to be legally recognized by another and the creation of a normalized set of
industry best practices and standards governing e-business and e-commerce that can
interoperate.
The UN Model Law 7 states that:
“Where the law requires a signature of a person, that requirements is met… if an electronic
signature is used which is as reliable as was appropriate for the purpose for which the data
message was generated…”
The UN Model Law further states that an electronic signature meets the requirement
of law if it is sufficiently reliable (trustworthy) as required by the significance of the act
of signing. This “level of reliability” requirement is the subject of Principle 5: Electronic
Agreement Trustworthiness and will be further discussed in Section 4.
While UN model law and the e-Sign act are “technology neutral,” the EU Directive
strongly favors cryptographically based electronic signatures, called Digital Signatures,
while still ensuring “neutrality” in terms of the legal effect and admissibility of all
forms of electronic signatures. To accommodate this, the EU Directive has articulated
two classes of electronic signatures with distinct levels of trustworthiness designed to
convey two distinct levels of legal recognition — legal effect and legal admissibility.
The first form of electronic signature that is afforded legal effect and validity
is a General Electronic Signature (GES). However its admissibility in a court of
law is predicated upon its specific ability to meet the requirements of reliability
commensurate with the purpose of the signature. The second form of electronic
signature, called an Advanced Electronic Signature, is granted a much higher legal
recognition. It is guaranteed admissibility in a European Union court of law. This
distinction of legal recognition, the right to exist legally (legal effect) and the right to be
granted equivalence to a handwritten signature (legal admissibility) in a court of law, is
exactly the focus of this paper. It will be further discussed in the following section under
Principle 5: Electronic Agreement Trustworthiness.
The EU Directive 8 articulates the requirements of legal effect and validity and
technology neutrality as follows:
“Member States shall ensure that an [GES] electronic signature is not denied legal
effectiveness and admissibility as evidence in legal proceedings solely on the grounds that
it is in electronic form, or… not based on an Advanced Electronic Signature.”
ProofSpace
900 Clancy Ave NE 7 UNCITRAL Model Law on Electronic Signatures Article 6.1
Grand Rapids, MI 49503 8 European Union Electronic Signature Directive Article 5.2
(312) 933.8823
www.proofspace.com The Principles of Electronic Agreement Legal Admissibility — Revised March 2003
ProofSpace White Paper
The US e-Sign act 9 ensures the non-discrimination of electronic ensuring their legal
effect and validity, as follows:
1) A signature, contract, or other record relating to such transaction may not be denied
legal effect, validity, or enforce-ability solely because it is in electronic form; and
2) A contract relating to such transaction may not be denied legal effect, validity, or
enforceability solely because an electronic signature or electronic record was used in its
formation.
The key point to recognize is that electronic signature legislation ensures that electronic
signatures and records will not be denied enforceability solely for being electronic.
Rather they place the condition of admissibility squarely on the level of reliability of the
signature and the level of trustworthiness of the agreement formation process.
So the key question becomes, how to get from legal effect and validity, as provided by
electronic signature legislation, to legal admissibility in a court of law, a prerequisite
of enforceable electronic agreements. This is achieved by adhering to the Principles of
Electronic Agreement Admissibility, discussed in the next section.
ProofSpace
900 Clancy Ave NE
Grand Rapids, MI 49503 9 United States Electronic Signatures in Global and National Commerce Act: Section 101 General Rule of Validity
(312) 933.8823
www.proofspace.com The Principles of Electronic Agreement Legal Admissibility — Revised March 2003
ProofSpace White Paper
From these three definitions, one can identify the common attributes of an electronic
signature that determines its reliability. Note that the one essential requirement falls
outside of the technical realm and to informal notions of informed consent — approval
and intent, which relates more to the agreement formation process. This will be
addressed further in the discussion on Principle 3: A state of Informed Consent in the
Act of Signing.
The technical robustness attributes of an electronic signature in the form of
measurement criteria are:
How can the true identity of the signatory be established and the basis of denial
controlled to the necessary level? This chain of trust is derived from the architecture of
the processes involved in identity management. It starts with the method of vetting the
true identity of the individual and generating a unique private identifier 11 that can only
be associated with the individual. The chain of trust is then derived from the method
of binding the public electronic credential 12 to the registered identity, the method used
to transmit with confidentiality the private identifier to the individual and the method
of protecting and accessing the private identifier to perform the act of signing. This
complex chain of trust is called the Digital Chain of Accountability™ 13 and is outside the
scope of this paper. For more information, see www.trustera.com.
Grand Rapids, MI 49503 14 UNCITRAL Model Law on Electronic Signatures Article 6.3.c
(312) 933.8823
www.proofspace.com The Principles of Electronic Agreement Legal Admissibility — Revised March 2003
ProofSpace White Paper
ProofSpace
900 Clancy Ave NE 15 UNCITRAL Model Law on Electronic Signatures Article 6.3.d
Grand Rapids, MI 49503 16 UNCITRAL Model Law on Electronic Signatures Article 6.3.b
(312) 933.8823
www.proofspace.com The Principles of Electronic Agreement Legal Admissibility — Revised March 2003
ProofSpace White Paper
It should be noted that failure to provide immediate notification of a breach could result
in an individual’s liability for any damages suffered by a party’s reliance on a breached
identity or fraudulent electronic signature.
The UN model law 18 articulates this notion of liability as follows:
(2) A signatory shall bear the legal consequences of its failure to satisfy the requirements
of paragraph (1).
In summary, the sole control over the act of signing is dependent on ensuring that
the unique identifier remains confidential, that the registered individual has the sole
ability to execute the act of signing and measures are in place to notify the issuer of any
breach to privacy or access to the identifier. The reliability of an electronic signature
and the sole control over the act of signing are necessary but insufficient requirements
for legal admissibility. It is also dependent on ensuring the act of signing is an act of
informed consent, the focus of the next principle.
(312) 933.8823
www.proofspace.com The Principles of Electronic Agreement Legal Admissibility — Revised March 2003 10
ProofSpace White Paper
ProofSpace
900 Clancy Ave NE 20 United States Electronic Signatures in Global and National Commerce Act: Section 101 General Rule of
Grand Rapids, MI 49503 Validity subsection c on Consumer Disclosures
(312) 933.8823
www.proofspace.com The Principles of Electronic Agreement Legal Admissibility — Revised March 2003 11
ProofSpace White Paper
There is also the issue of Retention Period, which is a significant legal requirement
irrespective of the form of the contract — electronic or paper. All electronic agreements
must be retained for the legally required Retention Period in a form that can be
demonstrated to be accurate and complete. Retention periods can be as short as one
week, and as long as a several decades.
The e-Sign Act 23 articulates this requirement as follows:
“If a… rule of law requires that a… record relating to a transaction… be retained, that
requirement is met by… an electronic record… that: accurately reflects the information
set forth in the contract or other record [transaction]; remains accessible to all persons
entitled to access… for the period required… in a form that is capable of being accurately
reproduced…”
The reliability of an electronic signature, the sole control over the act of signing, a
state of informed consent during the act of signing and the capture and preservation
of the electronic forensic evidence of the agreement are necessary but insufficient
requirements for admissibility. It is also dependent on ensuring that the required level
of overall trustworthiness of the agreement formation process is met, the focus of the
final principle.
900 Clancy Ave NE 22 United States Electronic Signatures in Global and National Commerce Act: Section 101 (e)
Grand Rapids, MI 49503 23 United States Electronic Signatures in Global and National Commerce Act: Section 101 (d)
(312) 933.8823
www.proofspace.com The Principles of Electronic Agreement Legal Admissibility — Revised March 2003 12
ProofSpace White Paper
ProofSpace
900 Clancy Ave NE 24 UNCITRAL Model Law on Electronic Signatures Article 6.1
Grand Rapids, MI 49503 25 European Union Electronic Signature Directive Article 5.1
(312) 933.8823
www.proofspace.com The Principles of Electronic Agreement Legal Admissibility — Revised March 2003 13
ProofSpace White Paper
“Member States shall ensure that advanced electronic signatures that are based on a
qualified certificate and that are created by a secure signature creation device:
a) satisfy the legal requirements of a signature in relation to data in electronic form in
the same manner as a handwritten signature satisfies that requirement in relation to
paper-based data; and
b) are admissible as evidence in legal proceedings.”
An AES involves a very high prescribed level of reliability with specified compliance
requirements for all aspects of the electronic signature formation process including its
corresponding support infrastructure. It exchanges a measurable level of “reliability,”
for a guaranteed level of legal recognition — legal admissibility in a court of law.
(312) 933.8823
www.proofspace.com The Principles of Electronic Agreement Legal Admissibility — Revised March 2003 14
ProofSpace White Paper
at any future time. Methods should be used to verify and demonstrate that the audit
trail has not been altered or manipulated in any way since it was created - that is,
its integrity been maintained. This is a fundamental prerequisite. If this cannot be
demonstrated, it invalidates any audit trail irrespective of the level or reliability of the
information it contains.
eCompliance
Electronic Transactions
that Adhere to Legal Standards
& eSign Legislation
eAdmissibility
Reliable Electronic
Signatures
Authentic Records eIntegrity
& Time Stamps
Legal Effect
& Validity
These five principles are collectively sufficient to ensure that the electronic agreement,
ProofSpace its electronic signature and records will be granted legal admissibility in a court of law.
900 Clancy Ave NE This framework of requirements for legal admissibility is illustrated in the figure above.
Grand Rapids, MI 49503
(312) 933.8823
www.proofspace.com The Principles of Electronic Agreement Legal Admissibility — Revised March 2003 15
ProofSpace White Paper
The paper also specified sixteen criteria that can be used as a guide to assess the
degree of confidence that an electronic agreement executed by a particular agreement
formation process will be deemed legally admissible in a court of law. These criteria are
presented in an evaluation table as follows:
ProofSpace
900 Clancy Ave NE
Grand Rapids, MI 49503
(312) 933.8823
©2007 ProofSpace. All Rights Reserved. ProofSpace, Transient Key, the ProofSpace logo, ProofMark and the ProofMark
System are trademarks of ProofSpace Inc. All other trademarks are owned by their respective companies. 16