Regulations and Laws on Electronic Signatures

The "European Parliament and Council Directive 1999/93/EG about a Framework for Electronic Signatures" supports a broad technological approach to electronic signatures. It became law in the European countries subsequently beginning in the year 2000. Law makers are gradually reflecting "biometric signatures" now. The European directive does not automatically specify a certain technology. It defines levels of electronic signatures which are considered as "simple", "advanced" or "qualified".

There are several ways how dynamic signatures may be used to create electronic signatures:

• The simple embedding of dynamic signature data into a document results in a "simple" electronic signature.
• The definition of “advanced electronic signatures” reflects that the trustworthiness of electronic documents is closely linked to the power of proof for authenticity and integrity in the particular application and workflow. The idea of an advanced electronic signature is to provide a proof of intent of a signer and legally binding evidence of a transaction.

  In addition to the option to verify the dynamic signature, this form of signature requires encryption and the option to check that a document has not been tampered with (integrity check, typically via a hash code comparison).

  • Article 2 of the directive has the following definitions:
    1. "electronic signature" means data in electronic form which are attached to or logically associated with other electronic data and which serve as a method of authentication;
    2. "advanced electronic signature" means an electronic signature which meets the following requirements:
    (a) it is uniquely linked to the signatory;
    (b) it is capable of identifying the signatory;
    (c) it is created using means that the signatory can maintain under his sole control; and
    (d) it is linked to the data to which it relates in such a manner that any subsequent change of the data is detectable;
• Only "qualified electronic signatures" require the usage of digital certificates and trustworthy devices to carry those (usually a smart card but also possible on USB-tokens). Dynamic signatures may be used in this environment to replace PINs and enhance the usability of this kind of electronic signatures. The German law and regulation on electronic signatures has allowed this explicitly since mid-2001.

The terminology of an "advanced electronic signature" is not a global term. The United Nations Commission on International Trade Law (UNCITRAL) published a model law which includes terminology recommendations however they are not binding.
UNCITRAL Model Law on Electronic Signatures with Guide to Enactment One United Nations Commission on International Trade Law
 
Hence similar requirements as outlined in the European directive for "advanced electronic signature" are defined with in a different wording in several countries. Some examples:

• The Australian Electronic Transactions Act 1999 defines in §10 similar requirements for electronic signatures without using a specific signature classification.
• Even within the European Union some laws in some countries are not equivalent to the EU-legislation: The Austrian law uses the equivalent of a “secure electronic signature” instead of the EU-terminology of a “qualified electronic signature” and so does the law in Poland.
• Indonesia: Law No 11 of 2008 regarding Information and Electronic Transactions (Undang-undang Informasi dan Transaksi Elektronik / UU ITE – also called “ETI law”)
• Singapore: §17 of the Electronic Transactions Act 1998 describes the requirements of a "secure electronic signature".
• United Arab Emirates: §20 of the Electronic Transactions and Commerce Law No.2/2002 describes the requirements of a "Protected Electronic Signature".

SignDoc facilitates the compliance of processes conforming to regulations and laws on electronic signatures such as the following ones: Australian Act on Electronic Signatures 1999 EU Directive 1999/93/EG about a framework for electronic signatures Germany: German Digital Signature Law "SigG", 2001 Italy: Law on Electronic Signatures, 2010 (PDF) Russia: Federal Law on Electronic Signatures 2011South Africa: Electronic Communications and Transactions Act, 2002 United Kingdom: The Electronic Signatures Regulations, 2002 United States: Electronic Signature in Global and National Commerce Act (E-SIGN ACT), 2000 (PDF) United Arab Emirates: Electronic Transactions and Commerce Law No.2/2002 

Corresponding Laws

Depending on the application, the vertical and the country in which the application is intended for use additional legislations regulations and standards may need to be considered.

United States Uniform Electronic Transactions Act (UETA)
Model act and legal framework for electronic transactions giving electronic signatures and records the same validity and enforceability as manual signatures and paper-based transactions.

Besides the laws on electronic signatures there are laws such as a Civil Code that may also define the applicability of an electronic signature.

Germany
The German Civil Code ("Bürgerliches Gesetzbuch, BGB") defines a written form requirement ("Schriftformerfordernis") for a very few documents such as a

• consumer loan contract (see section 492)
• time share agreement (see section 484)
• life annuity commitment (see section 761)
• contract of suretyship (see section 766)
• promise to fulfil an obligation (see section 780)
• acknowledgement of a debt (see section 781)

Germany: Civil Code (in English)
Side Note: The German Civil Code served as a template for the regulations of several other civil law jurisdictions. Hence you will find similarities in the civil law of Portugal, mainland China, Japan, South Korea, Taiwan, Greece and the Ukraine.