Alan L Tyree

Electronic signatures

Alan L Tyree*

1  Introduction

In the early days of computer networking, it was thought that electronic commerce required elaborate standards for the interchange of electronic communication. These standards were called “Electronic Data Interchange” (EDI) standards.

EDI standards are important, but it turns out that electronic commerce thrives even in the absence of EDI standards. A substantial amount of business is done via the exchange of emails and the use of “click through” web sites.

Most business transactions do not require a signature. Contracts, even valuable contracts, can be formed without any writing at all. Substantial contracts are formed every day through the exchange of emails. For example, it is common for law offices to receive and act upon email instructions from clients to prepare advices.

Signatures, however, are not irrelevant, and the obvious question is: what is an “electronic signature”?

2  Signatures

We need to draw a distinction here between “electronic signatures” and “digital signatures”. A “digital signature” utilises encryption technology to transform a message to a seemingly unintelligible form and back again. A person who receives a digitally signed message can accurately determine that the message was “signed” by the use of the sender’s private “key”: see [2] for a description of the mathematics behind the notion of a digital signature.

In contrast, an electronic signature is any method which applies a “signature” to an electronic message. This may range from the typed name of the sender to an image of the handwritten signature of the sender. Digital signatures are a subset of electronic signatures.

The Electronic Commerce Expert Group identified five functions of a signature (see [1]):

  1. evidentiary - to ensure the availability of admissible and reliable evidence such as for example, the Statute of Frauds;
  2. cautionary - to encourage deliberation and reflection before action, flagging that the record and the act of attesting to it have significant legal consequences and forcing the party to consider whether they really wish to be legally bound, for example wills, consumer protection legislation;
  3. reliance - a signature requirement may be imposed to create a “warranty” of veracity of contents of a record or of their adoption by the signer for the purpose of protecting the recipient or reader of a record in relying on those contents or their adoption by the signer;
  4. channelling - to mark a clear line between intent to act in a legally significant way and intent to act otherwise; the effect is also to categorise documents into more or less legally significant; and
  5. record-keeping - for execution of government regulations, such as requirements under taxation, customs, and money-laundering laws.

The Group recommended against any detailed electronic signature legislation. The reasons given for this recommendation include the lack of international agreement on standards and the desire to keep any legislation “technology neutral”.

3  The ETA

The Electronic Transactions Act 1999 (Cth) is Australia’s implementation of the UNCITRAL Model Law for Electronic Commerce of 1996. The introduction of the Act followed a report by the Electronic Commerce Expert Group in July 1998. The Expert Group studied the existing law and found that there were circumstances where the existing law did not clearly resolve legal issues. The Group formed the view that these uncertainties would inhibit the growth of electronic commerce.

The declared intention of the Act is to ensure that a transaction is not invalid merely because it is carried out in one or more electronic communications. To his end, the Act addresses legal requirements of writing, production of documents, recording information, retaining documents and provision of signatures.

Section 14 provides detailed rules for determining the time and place of the dispatch and receipt of an electronic communication. This is an important clarification of the pre-Act law. The Act does not determine whether the postal acceptance rule applies when contracts are formed by electronic communications.

The Act is different from the Model law in several respects. The most important is the way in which messages may be attributed to a sender. Section 15 of the Act restates the common law position that a message may be attributed to a purported originator only if it was sent by that person or by a person with the authority of the purported originator.

4  ETA signatures

Each of the ETAs provides for signatures in electronic communications. Although the wording is slightly different in the various Acts, the essential features in each are the same:

  1. a method is used to identify the person and to indicate the person’s approval of the contents
  2. the method used is as reliable as is appropriate for the purposes of the communication
  3. the person who requires the signature has consented to the use of the method.

To determine if the method satisfies the second requirement of “reliability”, regard is to be given to all relevant circumstances at the time when the method is used as well as the nature and purpose of the information communicated.

Although the Expert Group advised against special legislation, UNCITRAL has adopted a Model Law on Electronic Signatures (MLES). MLES defines “Electronic signature” as:

data in electronic form in, affixed to or logically associated with, a data message, which may be used to identify the signatory in relation to the data message and to indicate the signatory’s approval of the information contained in the data message;

MLES addresses the question of “reliability” in Article 6(3):

An electronic signature is considered to be reliable for the purpose of satisfying the requirement referred to in paragraph 1 if:

(a) The signature creation data are, within the context in which they are used, linked to the signatory and to no other person;

(b) The signature creation data were, at the time of signing, under the control of the signatory and of no other person;

(c) Any alteration to the electronic signature, made after the time of signing, is detectable; and

(d) Where a purpose of the legal requirement for a signature is to provide assurance as to the integrity of the information to which it relates, any alteration made to that information after the time of signing is detectable.

Art 6(4), however, says that art 6(3) does not limit the ways in which “reliability” may be established.

The question arises: is it possible that an ordinary email may be “signed” merely by typing one’s name in an appropriate place?

5  Mehta v Pereira

Mehta v J Pereira Fernandes S.A [2006] EWHC 813 (Ch) (07 April 2006) was an appeal against a District Court judgment which awarded the plaintiff company JPF a sum of nearly £25,000. The amount was awarded on the grounds that the defendant Mehta had personally guaranteed the amount. Mehta appealed on the grounds that the alleged guarantee was not enforceable since it did not comply with the requirements of the Statute of Frauds.

The alleged guarantee arose from an email sent by Mehta to JPF’s solicitors. The email was in the following terms:

I would be grateful if you could kindly consider the following. If the hearing of the Petition can be adjourned for a period of 7 days subject to the following:

(a) A Personal Guarantee to be given in the amount of £25,000 in favour of your client - together with a list of my personal assets provided to you by my solicitor

The email was unsigned but the headers indicated that it was from Nelmehta@aol.com. This email address also appeared on other, signed, emails sent to JPF’s solicitors. Mehta acknowledged that the email had been sent, with his authority, by an employee.

JPF’s solicitors telephoned Mr Mehta and accepted the proposal. Although they also sent him a written agreement, this was never signed by Mr Mehta.

The only issue on appeal was whether the email was sufficient to comply with the requirements of s4 of the Statute of Frauds which requires “some memorandum of note thereof …in writing and signed by the party to be charged therewith or some other person thereunto by him lawfully authorised.”

The Court held that the email was a note or memorandum of the alleged agreement which was sufficient to satisfy the writing requirement of the Statute of Frauds. This finding relies on case law which shows that, contrary to a plain reading of the section, a written offer is a sufficient memorandum even though it necessarily precedes the existence of the agreement: see Parker v Clark [1960] 1 WLR 286.

The principal issue was whether the insertions of the applicant’s email address in the headings of the email constituted a “signature” for the purposes of the Statute of Frauds. The Court found that it did not. A signature must be so placed as to show that it is intended to relate and refer to every part of the document. A name that appears only incidentally or which refers to only a part of the document is not a signature which fulfils the requirements of the Statute.

Although not considered in Mehta, it seems likely that the same arguments would apply to the “signature line” that many people include in their email documents. The purpose of the signature line is to provide contact information. It, like the email headers, is inserted automatically. Unlike email headers, however, the signature line is optional. This makes it a stronger candidate as a “signature”, but in the view of the author the automatic inclusion means that it cannot, of itself, be signature.

The question may always be tested in a functional way: does it appear to a reasonable person that the “signature” indicates an intention to authenticate the document? It matters not whether the document is electronic or paper.

The outcome of Mehta would be the same under the ETAs. For the same reasons as given in Mehta, the automatic insertion of email headers could not be considered as a “method” which indicates the person’s approval of the contents of the message, although it might be argued that it identifies the sender.

6  Conclusion

The reasoning in Mehta shows that a typed name in an email could be an electronic signature. Consideration must be given to the position of the name and whether it may be construed as an indication that the “signatory” is adopting the contents of the email.

Although Mehta does not address the issue, the ETA also directs us to consider the nature of the message when considering if the “method”, typing one’s name, is “reliable” for the purpose. Mehta shows that this is not merely a matter of the size of the transaction. The purpose of the communication is also relevant. So, for example, if the purpose is to establish identity for the purposes of applying for a passport, it is extremely unlikely that a simple typed “signature” would suffice even in the absence of the sections of the Act that give Commonwealth agencies the right to determine signature methods.

Although the UNCITRAL Model Law on Electronic Signatures has not been adopted in Australia, the criteria used for “reliability” might be considered by an Australian court in determining the existence of an electronic signature. In doing so, it would be necessary to consider whether alterations to the “signature” or the document contents are “detectable”.

If the email is considered in isolation, then it is clear that alterations are not detectable, but if the email system as a whole is considered, then the alterations probably are detectable by comparing the email with other versions of the email which are retained in the sender’s system or in servers. This might be a case where Art 6(4) could be used to show “reliability”.

References

[1]
Electronic Commerce Expert Group. Electronic commerce: building the legal framework. Technical report, Australian government, 1998.
[2]
Alan L Tyree. Digital Cash. Butterworths, 1997.

*
Consultant; formerly Landerer Professor of Information Technology and Law, University of Sydney. The views expressed are my own and do not necessarily reflect the views of any other person or organisation.