How to trust a signature without ink
22 November 2019
Electronic signatures are fast becoming a common aspect of day-to-day business as firms are striving to make the customer experience as quick and easy as possible. These days, you can do just about anything online, pay bills, shop, do groceries, book flights and entertainment, book medical appointments, and transfer property, so it makes sense that you can form contracts online, and sign them electronically.
Part 4 of the Contract and Commercial Law Act 2017 (CCLA) aims to ensure that in a function sense, electronic transactions can occur in the same way as paper-based transactions in New Zealand. Where a signature is required by law, this can be accepted electronically provided certain conditions are met. The basic principles of contract formation still apply to electronic transactions as well, including an intention by the parties to be bound to the contract, offer, acceptance, consideration and certainty as to terms.
There are broadly two types of electronic signatures; those that use unsophisticated systems, such as email, and digital signatures that use complex, cloud-based systems.
As such, any one of the following ways of signalling agreement to something, is an electronic signature for the purposes of the CCLA:
- Email signoff;
- Clicking an "I agree" checkbox (known as "clickwrap");
- Copying and pasting a signature into a document;
- Signing a paper document to scan back to soft copy and present electronically;
- Hand-signature using finger or stylus on a tablet; and
- Digital signature.
However, the enforceability of these types of signature hinges on how well they comply with the legal requirements for acceptable electronic signatures. The CCLA requires the signature to:
1. Adequately identify the signatory and adequately indicate the signatory's approval of the information to which the signature relates; and
2. Be as reliable as is appropriate given the purpose for which, and the circumstances in which, the signature is required.
A signature will be presumed to be "as reliable as is appropriate" if:
1. The means of creating the signature is linked to, and under the control of, the signatory alone;
2. Any alteration to the signature made after the time of signing is detectable; and
3. Where the purpose of the signature is to confirm validity or accuracy of information to which it relates, any alteration made to that information after the time of signing is also detectable.
What is "as reliable as is appropriate" is likely to vary depending on the transaction in question. For example, an email agreement including an electronic signature may be enforceable for a $200.00 guarantee, but not for a $1,000,000 guarantee. Other considerations for reliability include:
- How sophisticated (and secure) each parties' electronic system is;
- The nature of each party's trade activity and the frequency with which they do business with each other; and
- The size of the transaction (and level of risk).
It is also important to note that, where information is legally required to be given to a person, this requirement can only be met by means of an electronic signature if the recipient consents. Furthermore, where documents require a very high level of integrity, such as deeds and guarantees, affidavits, wills and powers of attorney etc, they cannot be signed electronically.
Clickwrap agreements, where acceptance occurs when a user clicks "I accept", have not yet been tested in New Zealand, but they are likely to be enforceable. Ensuring that the person accepting the agreement has proper notification of the terms is the most common problem. To strengthen the enforceability of a clickwrap agreement, firms should ensure terms are clearly visible and easy to understand and require users to scroll to the bottom of the terms before clicking "I accept".
Of all the types of electronic signatures, digital signatures are the most likely to be deemed by New Zealand courts to be reliable enough to be used and trusted in the same way as handwritten signatures. There are many examples of cloud-based services for digital signatures. These services allow users to create a digital signature that, once activated, verifies the signatory and secures the signature by encryption. Digital signatures bind the entire document, cannot be backdated or duplicated and contain multiple authentication methods to guarantee the signatory's identity. As such, digital signatures carry a greater evidentiary value than other forms of electronic signatures.
The difficulty with digital signature systems is that they can be less user-friendly and require system management over time. However, the benefits of the security that digital signatures provide likely outweighs the risks associated with the use of unsophisticated electronic signatures, which are easily copied or forged, and documents can be altered after signing without detection.