Using e-signatures in the wake of Covid-19
April 29, 2020
By Mustafa Khalid
As businesses adapt to social distancing measures to curb the spread of Covid-19, it is important that they explore the possibility of legally executing documents using an e-signature.
Although e-signatures are not widely used in the UAE, the legal authority for their use is nevertheless provided in Federal Law No. 1 of 2006 of the UAE, also known as the Federal E-Commerce Law (‘the law’). The E-Commerce Law gives e-signatures legal recognition as a legitimate means of executing documents in the UAE. However, it is crucial to bear in mind that the law sets out certain requirements that an e-signature must meet for it to have legal force, along with prescribing limitations and exceptions to its use.
Under the E-Commerce Law, an e-signature is defined as “any letters, numbers, symbols, voice or processing system in electronic form applied to, incorporated in, or logically associated with a data message with the intention of authenticating and approving the same”. Typically, some examples of e-signatures include a scanned image of a handwritten signature, a name typed at the end of an e mail and a click on “I accept” to terms and conditions.
In a commercial context, e-signatures can offer flexibility and efficiency to contracting parties. As per the E-Commerce Law, a person may use any form of electronic authentication unless prohibited by law. In this regard, the law sets out a list of legal documents that may not be executed using e-signatures. These include:
- Transactions and issues relating to personal status law (such as marriage and divorce certificates or wills)
- Deeds or transactions relating to immoveable property
- Negotiable instruments
- Any documents legally required to be attested before a notary public; and
- Any other documents or transactions exempted by special provision of law.
As per the E-Commerce Law, a person is entitled to rely on an e-signature to the extent that such reliance is reasonable. A number of factors will be considered in determining whether reliance on an e-signature can be deemed to have been reasonable, some of which can be summarised as follows:
- Nature and value (if known by the party relying on the e-signature) of the underlying transaction;
- Whether the party relying on the e-signature took appropriate steps to determine the reliability of the e-signature;
- Whether the party relying on the e-signature knew or ought to have known that the e-signature had been compromised or revoked;
- Any agreement or course of dealing between the parties with respect to e-signatures or any trade usage or practice which may be applicable.
The question of whether reliance on an e-signature can be deemed to be ‘reasonable’ will most likely arise in situations where limited security measures were used to authenticate an e-signature. In such a scenario, the burden of proof will fall upon the party relying on the e-signature to demonstrate that its reliance can be deemed reasonable.
Notwithstanding the above, the E-Commerce Law prescribes a high level of protection upon ‘secure e-signatures’. For instance, in the absence of proof to the contrary, an e-signature which can be classified as a ‘secure e-signature’ shall be presumed to:
- Be reliable;
- Represent the signature of the person it purports to identify; and
- Be affixed by that person with the intention of signing.
As per the law, an e-signature shall be treated as a ‘secure e-signature’ if the following can be verified at the time it was made:
- It is unique to the person using it;
- It can identify said person;
- It was, at the time of signing, under the sole control of the signatory in terms of the creation data and the means used; and
- It is linked to the electronic record to which it relates in a manner which provides reliable assurance as to the integrity of the signature such that if the record was changed the e-signature would be invalidated.
While the E-Commerce Law does not specify any technical criteria in this regard, it can be presumed that the ‘secure e-signature’ status can be achieved using advanced e-signature platforms such as DocuSign or Adobe Sign. Essentially, it is advised that the platform should be able to identify the signatory with a high degree of certainty, limit the risk of someone other than the signatory gaining access to the document and have sufficient safeguards in place to prevent subsequent amendment or revocation.
Finally, any party considering signing electronically must ensure that they have the necessary capacity and authority to do so. In this regard, it would be useful for corporate entities to revisit their execution protocols to ensure that their respective signatories are vested with the requisite capacity and delegated authority to sign a document by electronic means. Similarly, it should be confirmed that a signatory signing for and on behalf of a counterparty has the requisite authority to use an electronic signature in order to limit the possibility of any challenges at a later stage.
With social distancing measures still in place throughout the UAE we have seen a marked increase in the use of e-signatures. As businesses adapt and find new ways of working, the increased use of e-signatures may well continue post COVID-19 as a way of a more efficient working model.