E-Signature: What It Is and Why It Is The Way You Should Sign On The Dotted Line.

Cybersecurity Law and Framework in Malaysia
January 1, 2019
Developing and Launching a Technology Startup
January 1, 2019

Professor Chris Reed in his article “What is a Signature?” states that the principal function of a signature is to provide evidence of three matters: (i) the identity of the signatory; (ii) the intention to make a signature to indicate agreement and willingness to be bound by the contents of the document; and (iii) that the signatory adopts the contents.

In other words, the signature demonstrates that the signatory had the intention to authenticate the document, which serves as a form of evidence in the event of a dispute.

Generally, many people still prefer to sign on a printed form of contract. While this approach is widely adopted, it comes with several risks and challenges. How does the recipient know the signature is not forged? How does the signatory know that his signature is linked with the contract or that the contract that he agreed is the contract he “signed”? It is a recognized fact that physical documents can be easily altered and signatures can be forged.

With the advancement of technology and wide availability of online E-Signature services, it is, therefore, a high time for us to examine an alternative form of signing via electronic means, known as “E-Signature”. Since contracts can be prepared electronically, it is only natural that signing should also take place electronically.

Types of E-Signature

Since a traditional handwritten signature is not possible on an electronic contract, people have used several different methods to indicate their E-Signatures, including:

  • typing the signatory’s name or a placing a unique representation of mark into the signature area;
  • scanning a physical manuscript signature;
  • pasting a scanned version/image file of the signatory’s signature into the signature area;
  • signing with a special pen on a pad which is used to measure and record the actions of the person as he signs;
  • clicking on a website button/ticking off a tick box to this effect (for e.g. “I Agree”, “I Accept”, “Confirm Order”);
  • inserting an E-Signature via an online E-Signature service;
  • attaching a digital signature created by cryptographic means whereby the sender affixes the signature using his private key and the recipient checks the signature using his public key (more commonly known as “digital signature”).

I would not recommend the first 3 methods as they provide very little security against forgery and misuse, and they are more vulnerable to identity theft if the communication is intercepted.

Legal Status of E-Signature

The issue is whether E-Signature is legally recognized under the law. In 1996, the United Nations published the UNCITRAL Model Law on Electronic Commerce which was highly influential in the development of E-Signature around the world.

It was the first model law that sets forth the principle of non-discrimination in order to ensure that a document is not denied legal effect, validity or enforceability solely on the grounds that it is in electronic form. Subsequent to this, the UN further published UNCITRAL Model Law on Electronic Signatures (2001) and the United Nations Convention on the Use of Electronic Communications in International Contracts (2005) to affirm the notion that electronic contracts and electronic signatures are as valid and enforceable as their paper-based equivalents. As a result of this, many countries around the world have enacted their own legislation to give effect to the validity and enforceability of electronic contracts and electronic signatures.

In Malaysia, the Electronic Commerce Act 2006 (”Act”) recognizes “any letter, character, number, sound or symbol or any combination thereof created in the electronic form adopted by a person as a signature” as an E-Signature.

The Act also states that if the document is created electronically, it can now be signed by an E-Signature. This is, of course, subject to the conditions that the E-Signature has to be attached to or is associated with the electronic document, adequately identify the person and adequately indicate the person’s approval of the contents in the electronic document and be reliable.

Reliability of an E-Signature is established when the means of creating the E-Signature is linked to and under the control of that person only and as long as any alteration made to the E-Signature or to that document after the time of signing is detectable.

Under Malaysian law, a handwritten signature is not necessarily required for a valid contract. Contracts are generally valid if parties have reached an agreement and intend to be bound by the agreement, whether they agree verbally, electronically or in writing.

The Act specifically confirms that contracts cannot be denied enforceability merely because they are concluded electronically, although certain documents and deeds may require additional formal requirements such as notarization or attestation (for example, power of attorney, wills and codicils, trust documents, negotiable instruments, real property transfers, statutory declarations, bills of sale, etc). The principles behind the use of signatures have not changed, what the law does is to facilitate paperless signing via electronic means.

Why Use E-Signature Service?

Using E-Signature service in high value or important transactions can provide the level of assurance needed, build trust in the underlying system as well as improve overall customer satisfaction as the documents are more securely held and the signing process is carried out more efficiently.

A good quality E-Signature service can offer the following features:

  • Signature authentication: Anyone who signs a document via an E-Signature service must have log-in information or have received in his email account a request for signature so that you know exactly the identity of the person who signs your document.
  • Signature affixation: Each signature on a contract is imposed and affixed to the contract. There is an audit trail that tracks who has opened, viewed and signed the document and when. The audit trail is appended to all signed documents and forms a court-admissible document log.
  • Signature integrity: The service allows any changes to the contents to be detected more easily, showing whether the contents have been altered/tampered during and after the signing process and ensuring that the contents remain confidential and secure.
  • Court-admissible transactions log: The service creates a comprehensive transaction log that shows the detailed transaction history, track and timestamp various information from the moment the document is submitted for signature to when it is completely signed and secured, thus creating a full action list and document history that are more likely to pass the evidence admissibility threshold.
  • Secure records retention system: Information transmitted is encrypted (preferably using SSL, 256-bit encryption) and stored on secure servers in multiple data centers, hence keeping the documents private and secure and easy to retrieve and the whole process, from signing, completion to storage is carried out electronically, resulting in time and costs savings in terms of internal administration and record keeping.

Conclusion

E-Signatures are increasingly used in e-commerce and in regulatory filings. Many businesses, individuals and governments now conduct transactions over the Internet. E-Commerce aside, most of you would be familiar with the annual tax filings which can be conducted entirely over the Internet.

You can also renew road tax and pay summons over the Internet. All these dealings between the Government of Malaysia and the public are legally recognised under the Electronic Government Activities Act 2007.

The E-Signature technology is still developing and you should carefully choose the right service that offers some, if not, all the features mentioned above. It is believed that a secure method of E-Signature will become a commonplace in the near future, as we slowly transition to a paperless world.

*****

About the author:
This article was written by Edwin Lee Yong Cieh, Partner of this Firm
This article was first published in CHIP Magazine Malaysia.
The view expressed in this article is intended to provide a general guide to the subject matter and does not constitute professional legal advice. You are advised to seek proper legal advice for your specific situation.

Comments are closed.