ELECTRONIC SIGNATURES The Convergence of Law and Technology - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

ELECTRONIC SIGNATURES The Convergence of Law and Technology

Description:

... by many different technologies: electrical, digital, magnetic, wireless, optical, ... Apply to non-exempt consumer communications required by law to be ... – PowerPoint PPT presentation

Number of Views:131
Avg rating:3.0/5.0
Slides: 19
Provided by: THT44
Category:

less

Transcript and Presenter's Notes

Title: ELECTRONIC SIGNATURES The Convergence of Law and Technology


1
ELECTRONIC SIGNATURESThe Convergence of Law and
Technology
  • Sara V. Greenberg
  • October 5, 2000

2
What is a legal signature?
  • In general, any mark made with the intention of
    authenticating the document in question

3
What does E-SIGN provide?
  • Enabling legislation, not prescriptive
  • General Rule Of Validity
  • E-signatures and electronic documents may not
    be denied legal effect, validity, or
    enforceability solely because . . . in electronic
    form
  • No requirement that parties must use e-signatures
    or e-records

4
What does E-SIGN provide?
  • Definitions
  • Electronic - electrical, digital, magnetic,
    wireless, optical, electromagnetic, or similar

Electronic signature - electronic sound,
symbol, or process, attached to or logically
associated with a contract or other record and
executed or adopted by a person with the intent
to sign the record
5
What does E-SIGN provide?
  • Applies to private sector contracts, not
    government
  • Exceptions and limitations addressed below

6
A brief digression What are electronic
signatures?
  • Electronic vs. digital
  • Electronic
  • Generic, technology-neutral term take many forms
    and can be created by many different
    technologies electrical, digital, magnetic,
    wireless, optical, electro-magnetic
  • Examples
  • A typed name in an e-mail message
  • A PIN or other secret code
  • A facsimile signature
  • bio-identification, e.g., retinal scan

7
A further digression What are digital
signatures?
  • Electronic vs. digital
  • Digital
  • A type of technology-specific electronic
    signature using public/private key cryptography
    to sign a message
  • PKI (public key infrastructure) crypto uses an
    algorithm to create two different, mathematically
    related keys - one for creating a digital
    signature by transforming it into seemingly
    unintelligible form (the private key) and another
    to verify it and return it to its original form
    (the public key)

8
Whats not addressed in E-SIGN?
  • How is intent proven?
  • I didnt mean to agree to what that document
    says!
  • How is authentication proven/how is fraud or
    forgery prevented?
  • Thats not my e-signature!
  • I never signed that!
  • How is authority proven?
  • Was Alice authorized to buy 1,000 widgets or only
    100?
  • How is security maintained and data manipulation
    thwarted?

9
Summary of data security issues (courtesy of Dan
Greenwood)
  • Authentication - ascertaining the identities of
    parties to a message or transaction
  • Access control - information and network
    resources are available only to authorized parties
  • Confidentiality - keeping the contents of a
    message or substance of a transaction secret to
    unauthorized parties
  • Message Integrity - ascertaining that a message
    or other transmission has not been tampered with
    in transit
  • Non-repudiation - evidence exists to tie the
    identity of a party to the message or transaction
    sufficient to prevent or rebut a denial

10
What have been some of the traditional
protections?
  • Witnesses
  • Will these methods transfer over and work in an
    electronic context?
  • What technology can industry provide that can
    address these issues?
  • Seals
  • Notaries
  • Initialed Pages
  • Couriers
  • Forensic/handwriting analysis

11
Where may technology be defeated or fail to give
adequate assurances?
  • Technology (e.g., a private key or smart card)
    can be stolen
  • A certifying authority can be corrupted a
    certificate can be issued to the wrong party
  • The signing party can be corrupted or forced to
    sign against his wishes
  • A signature can be denied

12
What are some ways companies can meet legal
aspects of these challenges?
  • Create legal obligations to minimize
    technological uncertainty
  • who bears what risks?
  • e.g., companies may want to establish that
    signing party bears responsibility to prevent
    compromise of private key
  • A certification authoritys practices and
    liabilities must be defined and clear - trust
    models
  • CAVEAT Technology providers should carefully
    review any claims made for software

13
What are some remaining problems and other
practical issues?
  • Is the law retroactive to contracts entered into
    pre-October 1?
  • Are electronic contracts now subject to federal,
    rather than state, law? If state law, which
    states laws will be pre-empted and which wont?
  • When will an e-contract be deemed to have been
    received? deemed effective?
  • What about electronic errors? Contracts may
    inadvertently be created through careless use of
    e-mail, voice mail, or other electronic media.
  • How will parties meet their evidentiary burden in
    court regarding new technological applications?

14
Exclusions from E-SIGN law
  • wills and other similar testamentary documents
  • adoption, divorce, or other matters of family
    law
  • UCC law, generally, except for Article 2 (goods)
    and Article 2A (leases)
  • court orders, notices and other official court
    documents
  • crucial notices (cancellations/terminations of
    health/life insurance, utility cut-offs,
    foreclosures/evictions re primary residence,
    product recalls), and
  • documentation re hazardous/toxic materials

15
Consumer protection verification procedures
  • Apply to non-exempt consumer communications
    required by law to be provided or made available
    in writing
  • Must provide notice and obtain prior consent
    through test-and-confirm procedures

16
Consumer protection verification procedures
  • Must be given clear and conspicuous notice of
  • right to receive non-electronic form how to do
    so, and any costs
  • right to withdraw consent extent of consent
    (global or specific)
  • procedures to withdraw consent or update contact
    info
  • Must be given a statement of hardware and
    software requirements (and updates/revisions)
  • Consumer must consent or confirm consent
    electronically to demonstrate access to info that
    is subject of consent

17
Other e-sign legislation
  • UETA - state uniform laws
  • EU Electronic Signature Directive, No. 1999/93/EC
  • full implementation required by mid 2001
  • OECD
  • UNCITRAL

18
THE END
  • Sara V. Greenberg
  • greenberg_at_tht.com
Write a Comment
User Comments (0)
About PowerShow.com