Federal legislation will set uniform rules for e-signatures

The phrase “ink the deal” may soon become a thing of the past with the onset of e-commerce. As more businesses create Web sites and move on line, the making of contracts on line also follows. But business parties need to be certain that contracts made strictly on line and without paper are legally enforceable in court.

In paper transactions, we have taken for granted that a signature on a written document is genuine and identifies the person who signed it. In electronic transactions, there is no original signature to verify. Customers are no longer identified by a face or even a voice, but only an e-mail address. Contracting on the Internet, while enabling a business to reach millions of potential customers world-wide, has the problem of identifying the person on the other side of the contract. This key element of basic contract formation is difficult in electronic deal making. The solution to the problem is digital signatures.

A digital signature is an electronic signature that can be used to authenticate the signer of a document. It is an identifier created by computer instead of a pen and looks like a string of unintelligible alphanumeric characters. Digital signatures use encryption technology software that encodes files and data that can only be viewed by a person with keys to decode the message. Before a sender can digitally sign an electronic communication, the sender must first create a “public-private key pair.”

The private key is kept confidential by the sender. The public key can be disclosed generally by posting the key in on-line databases or anywhere else where the message can be accessed. To digitally sign an electronic communication, the sender runs a computer program that creates a unique message digest of the communication. The program then encrypts the resulting message digest using the sender’s private key. The encrypted message digest is the digital signature. The sender then attaches the digital signature to the communication and sends both to the intended recipient. No special technical expertise is needed to digitally sign a document; only software.

The use of a digital signature alone does not verify its authenticity, however. When a party obtains a public key of someone from whom he/she has received a digitally-signed document, how does that party know the public key belongs to the sender? It could be an imposter. To solve this problem, “certification authorities” (CA) are used.

The CA is a third-party that ascertains the identity of the person (through a driver’s license, passport or other means) and certifies that the public key of a public-private key pair used to create digital signatures belongs to that person. This is akin to the use of a notary public for paper-based transactions. Without the use of CAs, electronic commerce has no means of generating legitimate digital signatures for on-line contracting.

New federal legislation

The more significant issue in opening the door to e-contracts is under what circumstances an electronic signature will be considered as having the same legal force as a hand-written signature. Just this past month, the U.S. Congress took a large step in resolving this issue. On June 16, 2000, two days after it was passed by the House, the Senate unanimously approved the ‘e-signature bill’ which will make most electronic signatures over the Internet as legal and binding as written signatures on paper. The new bill provides that a “signature, contract or other record may not be denied legal effect, validity or enforceability solely because it is in electronic form.”

If signed by President Clinton as expected, the legislation entitled the “E-Signatures in Global and National Commerce Act” will take effect on October 1. Although several states already have digital signature laws, the federal statute establishes a uniform, national framework of rules to govern the use of electronic signatures and records. The new legislation is also more comprehensive than most state laws, covering a wide range of electronic transactions involving private businesses, consumers, and government organizations.

Many states, including Michigan, presently have legislation pending that addresses the use of digital signatures. Michigan Senate Bill 204 entitled “Michigan Digital Signature Act” provides that if a rule of law requires a signature on a document before it is valid or enforceable, the law is satisfied by a digital signature if that digital signature is verified by reference to the public key listed in a valid certificate issued by a CA. Similarly, Michigan House Bill 4406 would create a new statute that would legitimize the use of electronic records and electronic signatures when all parties to a private transaction agree to their use. The new federal law will bridge the gap until all 50 states can pass the Uniform Electronic Transactions Act, which is a uniform system for the use of electronic signatures that the National Conference of Commissioners on Uniform State Law developed.

Michael Conlon is a partner at the Traverse City law firm of Running, Wise, Ford & Phillips, PLC, where he practices in the areas of commercial transactions, litigation, e-commerce, bankruptcy and municipal law; mic@rwwfp.com. BIZNEWS