Digital signatures

The need for convenience

After decades of talk of the paperless office, the need to print out reams of documents is finally coming to an end.

Arran Hunt 

While offices may push the PR spin of saving the planet and being carbon neutral, the reality is that there is money to be saved in not printing, and that we are no longer tied to our desk when we work.

Our work is now coming with us, on our laptops, tablets and mobiles. We do not want to carry around heavy folders filled with documents. We want documents to be electronic.

However, while the electronic document is convenient, it cannot be signed by the traditional method of ink on paper. Hence the development of electronic signatures, digital certificates and the Electronic Transactions Act 2002 (the Act).

Paper documents

The Act looks to allow for an electronic version of what currently takes place. To provide a very simple starting point, a contract between two parties must have an offer and acceptance of that offer. Unless otherwise required by legislation, a contract can be formed verbally. The reason that we put it in writing is so that all of the terms are clearly stated and the parties can indicate that they agree with the terms.

The legislation

Therefore, the Act is about how an electronic document can replace a physical one, and how that electronic document can be signed.

Sections 22 and 23 (for witnesses) cover the legal requirements for an electronic signature. It must adequately identify the signatory and adequately show the signatory’s approval to the terms. The approval of the information to which the signature relates is easy to show by having the signature in the right place (on the signature line).

The question comes down to what an electronic signature actually is.

An electronic signature – “electronic” vs “digital”

The Act defines an electronic signature as a method used to identify a person and to indicate that person’s approval of that information. However, it does not state how that identification is to take place.

The United Nations document on which the Act is based describes two possibilities, an electronic signature and a digital certificate.

The first is an electronic representation of a physical signature, effectively a picture of a signature (whether saved and reused, or signed on the screen each time). It seeks to emulate how current documents are signed, through putting a picture of a signature on a page, and seems the most natural electronic version of what we currently do.

This can be done either manually by the user or through a third party service which will have software that allows the user to easily and quickly sign the document on almost any device.

The second is a digital certificate, an encrypted sequence of characters, possessed by just one machine/device or verified by the user logging in to a online service.

This will typically just be shown as printed words confirming the signature without showing a signature itself, seeking to show authenticity by having the signatory either use a digital certificate file or by signing on to an online service.

Despite the Act being 13 years old, the question of which method the courts will look for has not been approached. In the one case where it was mentioned (Country Club Apartments Limited v MFT Properties Limited [2001] NZCA 560), the Court found that an email, which contained neither an electronic signature or a digital certificate, could be used to enforce an agreement. This provides us with very little real guidance.

Section 24 – reliability

Section 24 of the Act requires that the means of creating the electronic signature is linked to the signatory and no other person, was under the control of the signatory and no other person, and that any alteration to the electronic signature made after the time of signing is detectable.

Taken at face value, these requirements are more stringent than those for physical contracts – i.e. there is no way to link a signature to a particular person, prevent someone from forging it or prevent later alterations.

While the use of a picture of a signature is the simplest method, it is an insecure approach as anyone could simply scan and paste it from a previous document. From just looking at a signed document, there can be no certainty that it was signed by the correct person.

To provide that certainty, you can look at the source of any signed documents. As they are electronic files they will either be provided by email or accessed through a third party service such as “Echosign” or “Docusign”. Saving the email will help you prove from whom you received the document and the then current form. If you received the signed document by email from the signatory by email or their solicitor, or they logged into a signing service like Docusign, then this will provide more certainty that the correct party signed the document, while keeping a record of the terms of the document.

This can also act as a pseudo-digital certificate by requiring the signatory to have access to his or her email from which to send the signed document, a system to which only he or she should have access.

Best of both worlds – third party service

As mentioned above, the use of a third party service could provide the best solution, providing both convenience, certainty and the ability to be tracked.

You will need an account to use the service, and the cost depends on the frequency that you wish to use it, with most being around NZ$25 per month for unlimited uses.

You upload a document in PDF format to the third party service. You then mark where each party is to sign, initial etc.

The service will then notify the other party that the document is there to be signed. They then load the service (on their computer, through an app on their smartphone or tablet etc), sign or initial as required and then confirm the document is complete. The service will then notify you.

The service will be able to record when they signed, to whom the notification was sent and the exact terms that were signed. This provides you with some certainty as to who has signed the document. You are also able to remove the document if the offer is to be withdrawn.

Conclusion

While it can be extremely convenient, the use of electronic signatures needs to be conducted carefully. While a digital certificate-based signature is more secure, a picture-based signature can provide substantial certainty of the signatory’s signature if it is provided from an email (remember to save the email) that you know is theirs, it comes from their solicitor (ask the solicitor to confirm that it was received from their client) or they sign it through a third party service.

A third party service provides the additional benefit of automating the procedure, allowing a party to easily sign the document and even directing them to where they need to sign the document. 

Leave a comment

Contact Us
Phone 09 303 5270
Fax 09 309 3726
Email reception@adls.org.nz