Electronic Signatures: Legal & Practical Considerations for E-Signing on the Virtual Dotted Line
In assessing whether or how to employ e-signatures, particularly in higher risk transactions, organizations should be careful to manage the practical issues and potential legal complexities associated with e-signatures through careful assessment and a robust governance program.
June 12, 2019 at 02:22 PM
5 minute read
As technology pervades all aspects of business life, business leaders, customers, and employees increasingly expect to be able to execute signatures on agreements, documents and elsewhere with the same level of convenience and assurance as the rest of their IT-enabled business. In response, organizations are exploring solutions allowing individuals to sign these documents electronically, and without requiring signatories be physically present. These electronic signature (“e-signature”) solutions provide substantial benefits not only in terms of convenience, but also security and record keeping. However, in assessing whether or how to employ e-signatures, particularly in higher risk transactions, organizations should be careful to manage the practical issues and potential legal complexities associated with e-signatures through careful assessment and a robust governance program.
Implemented correctly with appropriate controls, e-signatures can provide marked improvements in convenience and overall security when compared with traditional physical or “wet” signatures. The ability to instantaneously execute a contract facilitates efficiency and convenience for all interested parties. E-signature solutions also complement current efforts by many businesses to centrally integrate and manage their contracts into digital repositories. Furthermore, forensic security controls coupled with e-signatures provide authoritative and quick verification, reducing the opportunity for fraud or challenges to authenticity.
However, different e-signatures present varying levels of practical risk associated with demonstrating their authenticity and enforceability. Many different types of e-signatures may be considered enforceable under U.S. and foreign law, including the use of an e-signature service, but also typing one's name or initials, an email address or signature line or a scanned manuscript signature, to name a few. In assessing which e-signatures are permitted and in what contexts, an effective e-signature program takes into account the following practical issues: authentication, adoption, non-repudiation, and admissibility.
Authentication involves validating the identity of the individual that signed the document, and organizations should have methodology in place to tie an e-signature to that individual. Authentication may be accomplished through one or more of the following: “something you know,” such as a password unique to the signatory; “something you have,” such as a one-time code sent by text message or email to the signatory's personal device; and “something you are,” such as a fingerprint scan. A solution incorporating two or more factors is preferable, especially for high risk transactions.
Adoption involves an individual's specific consent that an e-signature operates as an original signature for the purpose of the record and requires the signatory to accept the specific e-signature used in the contract. This can be accomplished through a click-through agreement or a provision in the contract itself.
Non-repudiation involves ensuring that, in executing an e-signature, the signatory intended to agree to the specific terms of the contract or other document. For example, a typical non-repudiation protection requires the signatory to manually apply the e-signature he or she adopted to signature lines in the contract by clicking on designated signature fields.
Finally, admissibility involves the maintenance of documentation or other electronic evidence of the above authentication, documentation, and non-repudiation processes so that it may be presented in court. Admissibility requires that organizations maintain compliance documentation on the accuracy and immutability of its record-keeping system.
In additional to these practical risks, legal requirements for e-signatures may vary substantially depending on the transaction and applicable governing law. An effective e-signatures program must establish clear guidelines clarifying the impact of choice of law and choice of jurisdiction provisions in governing contracts. Generally, across U.S. federal and state law, baseline e-signature laws and requirements are generally consistent, and provide for their general enforceability. However, while the Uniform Commercial Code generally provides for the use of e-signatures in connection with funds transfers, letters of credit, and secured transactions (among others), it requires additional specific technical controls for investment securities, and does not provide for non-negotiable instruments. Non-U.S. countries also vary significantly in their approach to e-signatures, with some imposing additional technical requirements. In particular, European Union General Data Protection Regulation requirements may apply to e-signature transactions involving European individuals or entities, potentially requiring the e-signature solution to accommodate controls such as data protection, data subject rights or restrictions on cross-border transfers.
These legal and practical issues frequently overlap and may entail technical discussions with e-signature solution vendor and/or developers and coordination between internal stakeholders. Accordingly, an organization's e-signature governance program should take full account of its particular business and operational needs. As an initial matter, the program should carefully define the scope of activities where e-signatures may be permitted, including business lines, types of transactions, and jurisdictions. The program should further outline legal requirements observed in the various countries an organization conducts business in, as well as the necessary steps to ensure compliance with those requirements. It should define the approved technology and methodology for e-signatures in particular transactions. Finally, the program must establish controls to operate and manage e-signatures themselves, including policies, procedures, audit protocols, retention methods, and storage.
In sum, e-signatures provide substantial benefits for organizations looking to streamline and modernize their signatures process. Implemented correctly in accordance with a coordinated program, e-signatures may provide more effective and efficient mechanisms for enforceability than tradition physical signatures. However, e-signatures nevertheless also come with specific legal and practical risks that organizations should understand and anticipate appropriately through program controls.
Anthony J. Diana is the co-chair of Reed Smith's IP, Tech & Data Group and focuses his practice on commercial litigation, internal and regulatory investigations, electronic discovery and information governance, and data privacy and security.
David G. Krone is an associate in Reed Smith's IP, Tech & Data Group and focuses his practice in cybersecurity, data privacy and information governance. He counsels clients on the legal, technical and managerial aspects of Records retention to reduce their enterprise information footprint.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllAI Disclosures Under the Spotlight: SEC Expectations for Year-End Filings
5 minute readA Blueprint for Targeted Enhancements to Corporate Compliance Programs
7 minute readThree Legal Technology Trends That Can Maximize Legal Team Efficiency and Productivity
Trending Stories
Who Got The Work
J. Brugh Lower of Gibbons has entered an appearance for industrial equipment supplier Devco Corporation in a pending trademark infringement lawsuit. The suit, accusing the defendant of selling knock-off Graco products, was filed Dec. 18 in New Jersey District Court by Rivkin Radler on behalf of Graco Inc. and Graco Minnesota. The case, assigned to U.S. District Judge Zahid N. Quraishi, is 3:24-cv-11294, Graco Inc. et al v. Devco Corporation.
Who Got The Work
Rebecca Maller-Stein and Kent A. Yalowitz of Arnold & Porter Kaye Scholer have entered their appearances for Hanaco Venture Capital and its executives, Lior Prosor and David Frankel, in a pending securities lawsuit. The action, filed on Dec. 24 in New York Southern District Court by Zell, Aron & Co. on behalf of Goldeneye Advisors, accuses the defendants of negligently and fraudulently managing the plaintiff's $1 million investment. The case, assigned to U.S. District Judge Vernon S. Broderick, is 1:24-cv-09918, Goldeneye Advisors, LLC v. Hanaco Venture Capital, Ltd. et al.
Who Got The Work
Attorneys from A&O Shearman has stepped in as defense counsel for Toronto-Dominion Bank and other defendants in a pending securities class action. The suit, filed Dec. 11 in New York Southern District Court by Bleichmar Fonti & Auld, accuses the defendants of concealing the bank's 'pervasive' deficiencies in regards to its compliance with the Bank Secrecy Act and the quality of its anti-money laundering controls. The case, assigned to U.S. District Judge Arun Subramanian, is 1:24-cv-09445, Gonzalez v. The Toronto-Dominion Bank et al.
Who Got The Work
Crown Castle International, a Pennsylvania company providing shared communications infrastructure, has turned to Luke D. Wolf of Gordon Rees Scully Mansukhani to fend off a pending breach-of-contract lawsuit. The court action, filed Nov. 25 in Michigan Eastern District Court by Hooper Hathaway PC on behalf of The Town Residences LLC, accuses Crown Castle of failing to transfer approximately $30,000 in utility payments from T-Mobile in breach of a roof-top lease and assignment agreement. The case, assigned to U.S. District Judge Susan K. Declercq, is 2:24-cv-13131, The Town Residences LLC v. T-Mobile US, Inc. et al.
Who Got The Work
Wilfred P. Coronato and Daniel M. Schwartz of McCarter & English have stepped in as defense counsel to Electrolux Home Products Inc. in a pending product liability lawsuit. The court action, filed Nov. 26 in New York Eastern District Court by Poulos Lopiccolo PC and Nagel Rice LLP on behalf of David Stern, alleges that the defendant's refrigerators’ drawers and shelving repeatedly break and fall apart within months after purchase. The case, assigned to U.S. District Judge Joan M. Azrack, is 2:24-cv-08204, Stern v. Electrolux Home Products, Inc.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250