Skip to content

EU electronic signature regulation, November 2016

Briefing
23 November 2016
8 MIN READ
1 AUTHOR

The eIDAS Regulation1, directly effective in EU Member States, aims to ensure that electronic measures, such as e-Signatures and e-Seals, are mutually recognised between Member States and have the same legal status and validity as their traditional paper-based equivalents. The Regulation is one of the 12 initiatives proposed in the Commission’s Single Market Act Communication of 20112. As explained below, the impact of the Regulation will depend on the uptake of Qualified Electronic Signatures, which are equivalent to handwritten signatures and must be recognised in all EU Member States

.

Currently in the UK, where parties to a transaction are not physically in the same place to sign the documents, the most popular form of signature is via email. Typically a signatory will sign a hard copy and then convert the document into electronic form to send via email. However, electronic signatures are becoming increasingly common. This term encompasses a number of different processes, for example where a party types his or her name at the bottom of an email containing the terms of the contract, pastes his signature into a soft copy of the contract or signs the relevant place in the electronic contract with a stylus on a touchscreen.

An ‘electronic signature’ is defined in the eIDAS Regulation as “data in electronic form which is attached or logically associated with other data in electronic form and which is used by the signatory to sign”. The concept of the e-signature remains substantively similar to that under the Electronic Signature Directive3. The Regulation also introduces the concept of a ‘Qualified Electronic Signature’, an “Advanced Electronic Signature that is created by a qualified electronic signature creation device, and which is based on a qualified certificate for electronic signatures”.

An ‘Advanced Electronic Signature’ is defined as a signature which must meet the following criteria4:

  • Uniquely linked to the signatory.
  • Capable of identifying the signatory.
  • Created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control.
  • Linked to the data signed therewith in such a way that any subsequent change in the data is detectable.

The Regulation specifies that a Qualified Electronic Signature shall have the equivalent legal effect of a handwritten signature5 and that a Qualified Electronic Signature based on a qualified certificate issued in one Member State shall be recognised in all other Member States6. The Regulation also provides that a Qualified Electronic Signature cannot be held inadmissible as evidence in legal proceedings for the sole reason that it is in electronic form7. Qualified Electronic Signatures form part of a ‘trust service framework’8 implemented by the Regulation.

The impact of the Regulation will depend on the uptake of Qualified Electronic Signatures and the ‘trust service framework’ as a whole. The framework is voluntary, existing signature and authentication services will not be obliged to implement the new system. Uptake of the scheme in the UK, as with the e-signature directive9, could be fairly low. The public sector is likely to lead the way in encouraging the use of such methods, which could result in the private sector following suit if there is sufficient demand. To date commercial parties have relied more frequently upon non-certified or non-qualified electronic signatures. The legal effect of such electronic signatures is not governed by the eIDAS Regulation, but by national law.

In the UK, the position of non-qualified electronic signatures is determined by the Electronic Communications Act (ECA) 2000 and by general principles of English common law. The ECA provides that electronic signatures are admissible as evidence on the authenticity or integrity of the communication or data to which they are related10. The burden of proof would be on the opponent to produce evidence to the contrary.

The general rule under English law is that a contract does not need to be in any specific form to be legally binding, therefore electronic signatures are permissible. Where a contract is required by statute to be in writing and/or signed11, case law indicates that documents including electronic signatures are capable of meeting such requirements. Electronic signatures have been deemed to have the same legal status as wet ink signatures, the focus being on whether the signature has been inserted with the purpose of authenticating the document. In addition, typing a name into an email has been held to be sufficient to constitute a signature for the purposes of the Statue of Frauds. In the opinion of leading counsel, deeds can be validly delivered by means of the circulation of the executed deed in electronic form, and can be validly executed by electronic signature if a witness is physically present when the party signs electronically12.

The established principles of English common law governing uncertified electronic signatures will remain unchanged by Brexit. The effect of the eIDAS Regulation could also be likely to be preserved under the UK Government’s proposed Great Repeal Bill. The Electronic Identification and Trust Services for Electronic Transactions Regulations 2016 will still apply in the UK. These Regulations implement elements of the eIDAS Regulation into domestic law, for example they designate the Information Commissioner’s Office as the supervisory authority in charge of approving qualified trust service providers.

Footnotes

  1. Regulation EU 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market
  2. COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS Single Market Act Twelve levers to boost growth and strengthen confidence “Working together to create new growth” /* COM/2011/0206 final */
  3. Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures
  4. Article 36 Regulation EU 910/2014
  5. Article 25(2) Regulation EU 910/2014
  6. Article 25(3) Regulation EU 910/2014
  7. Article 7(1) Electronic Communications Act 2000
  8. ‘Trust Services’ are a concept defined in Regulation 910/2014 to include electronic services, consisting of the creation, verification, validation and preservation of e-Signatures, e-Seals or time stamps, e- registered delivery services and certificates for website authentication. This concept goes beyond that of ‘certification services’ under the E-Signature Directive (Directive 1999/93/EC) as it encompasses delegated and cloud-based signature services. A Trust Service Provider (TSP) will now be able to manage an electronic signature remotely on the signatory’s behalf, if its procedures ensure that the signatory remains in sole control.
  9. Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures
  10. Section 7 ECA 2000 (as amended by the Electronic Identification and Trust Services for Electronic Transactions Regulations 2016 (2016/696).
  11. For example a disposition of an equitable interest or mortgage of a legal estate in land, an assignment of copyright or a transfer of registered shares
  12. Law Society Practice Note on 21st July 2016 on the Execution of a document using an electronic signature, pg 4 http://www.citysolicitors.org.uk/attachments/article/121/LSEW%20%20CLLS%20Joint%20Working%20Party%20-%20Note%20on%20the%20Execution%20of%20a%20Document%20Using%20an%20Electronic%20Signature.pdf
Download Briefing

Download a PDF version of ‘EU electronic signature regulation, November 2016’

Download