A Comparative Perspective
Christopher Kuner*, Morrison & Foerster
LLP, Brussels
Anja Miedbrodt**, University of Frankfurt-am-Main,
Germany
SUMMARY
Differences in the definition of "written signature"
are influencing the course of national and international policies on electronic
authentication, as the examples of the US and Germany demonstrate. US law
has gradually been reducing the scope of handwritten signature requirements,
and places the greatest emphasis on respecting the intent of the parties.
German law also respects party autonomy, but requires that certain transactions
be concluded by a handwritten signature (meaning pen on paper), with no
possibility for derogation by the parties.
These differences in the definition of "signature"
in national law have found expression in electronic authentication policy.
US digital signature laws are generally directed toward removing barriers
to the acceptance of electronic authentication and toward reduction of
evidentiary uncertainties. By contrast, the German Digital Signature Law
does not deal with the legal status of electronic signatures, but instead
sets forth a high-security technical standard, motivated by similarly stringent
requirements for pen-on-paper signatures. It is therefore not surprising
that policymakers frequently have quite different concepts in mind when
they discuss electronic signatures.
The international nature of the Internet makes it imperative that national definitions of "signature" be harmonized as they relate to electronic authentication. This can best be done by understanding the changing role of written signatures, educating policymakers and governments, and developing an internationally-oriented definition of "signature". A basis for such a definition could be a scalable set of signature requirements based on the security needs of the particular application, such as whether electronic authentication was used to establish identity, to demonstrate a particular attribute of the signatory, or for some other purpose. |
I. Introduction
The growth of the Internet and its global nature
are forcing governments to find common solutions to regulatory questions,
which requires understanding of how different legal systems treat common
problems. A good example is the drafting of electronic authentication 1)
or electronic signature legislation. As a technology designed to enable
seamless, secure communication on the Internet, electronic authentication
requires a flexible, internationally-oriented regulatory structure.
While there has been considerable regulatory activity
concerning electronic authentication in recent years 2), misunderstandings
about the differing roles of written signatures in different legal systems
have contributed to difficulties in implementing global rules. Taking US
and German law as examples, this article examines differences in the legal
definition of "signature" and their implications for the national and international
regulation of electronic authentication.
II. The Function of Written Signatures
In considering the function of written signatures,
it is important to distinguish between the concepts of a "writing" and
of a "handwritten signature". In both the US and Germany, almost any perceivable
evidence may be considered to be "written", including electronic evidence.
However, "signature" is a legal term of art which involves application
of the rules described below.
Broadly speaking, a handwritten signature is intended
to fulfill a variety of formal functions, such as the following that are
often cited in the German legal literature:3)
However, these functions are limited by a further
important principle, namely that of party autonomy. That is, in most cases
a signatory should be able to rely on an expression of his will (such as
a signature) being respected and not invalidated by the legal system for
failure to meet a handwriting requirement, as long as it is clear from
the circumstances that he intended to be bound by it. The decisive question
then becomes how a legal system balances the interests listed above, which
can be competing. For instance, respecting the will of parties who have
agreed, e.g., that an "X" scratched onto tree bark is sufficient to convey
a plot of land is clearly in a state of tension with the need to provide
clear evidence of ownership of real estate and to warn parties against
entering into such important transactions too lightly. It is therefore
not surprising that many legal systems make enhanced evidentiary privileges
or even legal validity for certain transactions dependent on the fulfillment
of handwritten signature requirements.
Achieving an appropriate balancing of these interests
is more difficult when dealing with electronic authentication than in the
case of traditional paper signatures. First of all, paper signatures have
existed for thousands of years, while electronic authentication has only
recently begun to be widely used. Thus, the experience that legal systems
have built up regarding paper signatures is largely lacking with regard
to electronic ones. Secondly, there is great uncertainty about how to balance
the relative security risks of paper signatures versus those of electronic
signatures. While it is clear that digital technology makes it possible
to forge or manipulate electronic signatures on a scale impossible in the
case of paper signatures, it is also clear that paper signatures have never
been particularly secure, and that the same digital technology makes possible
a degree of security unheard of in the case of paper signatures (e.g.,
through the use of encryption technologies). This has understandably led
to uncertainty among users about whether electronic signatures are secure
or not, which has held back their broad acceptance.
III. Written Signatures in the Common Law (United
States)
While the United States is actually composed of 51
legal systems (50 states and the federal government), it is possible to
generalize to some extent about written signature requirements. Generally
speaking, contracts and obligations do not have to be in writing unless
the law requires otherwise.4) Other formal requirements in US law include
the "contract under seal" and notarization 5), which, however, either have
little practical importance nowadays (as in the case of the contract under
seal), or are so easily satisfied that the justification for their continued
existence is questionable (as in the case of notarization, which in US
legal practice generally means nothing more than having a secretary certify
a signature upon request). As a signature can be any mark on a message
made "with the present intention to authenticate" it 6), in
US law the emphasis is on whether the signer intended to be bound.7)
In the US, questions concerning the validity of handwritten
signatures tend to arise most frequently in the context of the so-called
"Statute of Frauds", which is a remnant of the English common law that
was incorporated into the Uniform Commercial Code that almost all US states
have adopted. The Statute of Frauds provides that in order to be enforceable,
certain types of contracts (such as those of a value more than $500) must
be "in writing and signed by the party against whom the enforcement is
sought" 8). Within this context, courts have held such indications of intent
as a telegraphed name 9), a fax 10), and a telex 11) to be a "writing"
or "signature". The key factors in the US decisions seem to be that, if
the signature reflects the intent of the party, and it was recorded in
a "tangible medium" 12), then it will be found to be a legally-valid signature
13). Signature and writing requirements are also found in other specific
areas where there is a particular need for evidentiary certainty, such
as regarding the filing of papers in court 14).
The functions of a signature referred to above in
the context of German law are by no means unknown to US law 15). However,
it is also clear that the trend has largely been away from written signature
requirements 16). US law emphasizes the intent of the parties, rather
than the security of the manner by which the signature is affixed, as long
as certain minimum requirements (such as the use of a "tangible medium",
which includes electronic media) are observed. Moreover, it is widely felt
that the Statute of Frauds is no longer timely and should be repealed 17).
Despite the generally liberal approach to the admissibility
in court of electronic signatures, concerns about the acceptance of such
evidence in practice have led almost all US jurisdictions to pass or at
least seriously contemplate legislation intended to facilitate their admissibility
18). While such legislation typically deals with much more than the evidentiary
status of electronic signatures, the uncertainty caused by evidentiary
disputes has been one of the major motivations in enacting US digital signature
laws 19).
IV. Written Signatures in the Civil Law (Germany)
The German law of written signatures is complex and
cannot be discussed here in all its permutations. However, it is possible
to distill some general principles. Under German law there are no formal
requirements for a contract to be valid, unless explicitly provided for
by law, and it is possible for the parties to agree that a signature will
have a particular evidentiary value. The vast majority of commercial transactions
in German law do not require a particular form of handwritten signature,
but such requirements do play a role in certain areas relevant to electronic
commerce (e.g., in consumer credit transactions and in data protection
law) 20).
German law contains five types of signature requirements:
Where a written signature is required by statute,
the document has to be signed by hand by the issuer with his name or a
handwritten mark which is authenticated by a notary. 27) Signatures by
stamp, 28) typewriter, 29) or by telegram 30) or fax 31) are not considered
to be "handwritten" in this context. The rationale for such statutory signature
requirements is related to the functions of written form described above.
For example, § 566 BGB requires that a lease of real estate longer
than one year has to be signed by hand to provide evidence for the content
of the contract, 32) while § 766 BGB provides that a surety bond requires
a handwritten signature in order to warn the surety. 33)
When no statutory signature requirements are applicable
but the parties have agreed to apply them anyway, the statutory provisions
concerning signature requirements are applied unless the parties have agreed
otherwise. 34) Thus, in this case the parties may derogate from the requirement
of a handwritten signature, so that, for example, a transmission via telegraph
between the parties would be sufficient 35). In this case, the consequences
of a failure to satisfy the agreed-upon formal requirements are determined
by the agreement between the parties, so that whether or not the agreement
is rendered void depends on the circumstances in each case. 36) By contrast,
the failure to satisfy a signature requirement provided for by statute
renders a transaction void in principle 37) (not just unenforceable),
nor may the parties derogate from the legal rules concerning statutory
form. 38) In some cases the failure to meet signature requirements
may be cured, e.g., in the case of a conveyance of real estate by performance
of the transfer and entry into the Land Registry (Grundbuch), 39)
or by performance of a gratuitous promise, 40) or by a surety performing
the obligation in question. 41) But there is no general principle
that the failure to satisfy signature requirements can be cured by performance.
42)
If notarial authentication (Beglaubigung)
is required by statute (e.g., of a company registration), 43) the declaration
in question must be in writing and the signature or the manual sign has
to be attested by a notary, 44) who authenticates only that the signature
is actually that of the signatory. 45) If notarial certification (Beurkundung)
is required by statute (e.g., for a gift 46) or a conveyance of real estate
47), the signatory will issue a written declaration to the notary, which
will be read and approved; following this ceremony, the notary will sign
the minutes. 48) Certification serves as proof that the declaration was
issued in front of a notary, and replaces the legal requirement of a handwritten
signature and notarial authentication. 49)
A written signature satisfying the formal rules described
above enjoys enhanced evidentiary status under the Code of Civil Procedure
(Zivilprozeßordnung
or ZPO), so that it is presumed that the
signed declaration was issued by the signatory. 50) The practical result
is that parties often attempt to memorialize their understandings in a
written document satisfying the formal requirements (called an Urkunde),
in order to gain the benefit of these evidentiary presumptions. Because
of the requirement of a handwritten signature and because of the lack of
embodiment in a tangible medium, it is generally held that an electronic
document cannot be an Urkunde, 51) meaning that it cannot enjoy
the evidentiary presumptions described above. However, such evidence can
still be admitted as "visual evidence" (Augenscheinsbeweis) or "expert
evidence" (Sachverständigenbeweis), the weight of which is
assessed by the court in its discretion. 52)
The capability of digital signatures to provide highly-secure
evidence of integrity and authenticity has made them the center of attention
in Germany to provide an electronic equivalent to written signature requirements.
For instance, since 1990 it has been possible to submit an application
for a default summons (Mahnbescheid) without a handwritten signature,
if it is otherwise ensured that the application could not have been submitted
without the intent of the applicant. 53) And in 1993 a law to
expedite administrative procedures (Registerverfahrenbeschleunigungsgesetz)
was amended to allow local authorities to maintain the Land, Company, and
other registries in electronic form. 54)
On August 1, 1997, the German Digital Signature Law
55) (Signaturgesetz or SigG) came into force. The Law is designed
to establish general conditions under which digital signatures are to be
deemed secure, and sets forth a voluntary technical standard which is intended
to be secure for all applications. 56) Neither the Law nor the accompanying
Digital Signature Ordinance (Signaturverordnung or SigV) 57) deal
with the subject of hand-written signatures, as it was considered preferable
to gather experience under the Law before providing legal equivalence them
and between electronic signatures. 58) The main legal innovation of the
Digital Signature Law is that it provides that use of the technical standard
defined by law will cause a digital signature to be "deemed secure", 59)
although the exact effect of this presumption in German law is unclear.
60) There is no impediment to a court granting the same evidentiary value
to other digital signature standards as to the statutory standard (for
example, based on agreement by the parties); rather, the advantage at present
to using the standard set forth under the Digital Signature Law is that
users thereby enjoy a legal presumption without having to agree upon it
in advance, which can also save costs by not requiring the court in each
case to hear evidence about the security of the standard used. Additional
legal advantages to using the statutory standard may arise in the future,
as the government is presently examining the possibility of allowing fulfillment
by electronic means of statutory signature requirements based upon use
of the statutory digital signature standard.
V. Policy Implications for Electronic Authentication
The differences in written signature requirements discussed above have already found expression in national and international policies on electronic authentication. For example, the German Digital Signature Law is based on a high security standard, which is at least partially owing to the high level of security required to satisfy statutory signature requirements in German law and the intention to tie later relaxation of such requirements to the statutory digital signature standard. The connection between stringent written signature requirements and electronic signature regulation is also set forth in a German government paper on the "International Legal Recognition of Digital Signatures, which states in part: "In particular, a legal framework is necessary for the construction and erection of a (compatible) security infrastructure with a uniform organizational and technical security standard. The trustworthiness which is thereby attained offers the possibility of ... legally allowing a ‘digital form’ with digital signature as the equivalent to ‘written form’ with a hand-written signature." 61)
Another example is provided by Article 9 of the "Proposal
for a European Parliament and Council Directive on Certain Legal Aspects
of Electronic Commerce in the Internal Market" (the "E-Commerce Directive"),
62) which obligates the EU Member States to ensure the validity of
electronic contracts in their respective legal systems, but leaves the
issue of meeting formal requirements (such as those requiring signatures)
by electronic means to the proposed EU Directive on Electronic Signatures.
63) However, this latter Directive does not by itself provide harmonization,
since it does not apply to "non-contractual formalities requiring signatures".
64) The fact that both directives in effect leave the harmonization of
written signature requirements to the Member States indicates the sensitivity
and difficulty of amending long-established written signature requirements
in national law.
The US position, by contrast, has been based on principles
that reflect the role of signatures in US law. For example, in early 1998
the US government proposed a "Draft International Convention on Electronic
Transactions" to the Working Group on Electronic Commerce of the United
Nations Commission on International Trade Law (UNCITRAL). 65) The terms
of the proposed convention emphasize respecting the parties' agreement
concerning the type of signature used, even to the extent of overriding
applicable legislation. 66) US state and federal legislation on electronic
signatures also generally reflects the view under US law that electronic
signatures should be considered equivalent to paper-based signatures, 67)
and that such equivalence should not be based on the security of electronic
signatures. 68)
These examples suggest that differences in the definition
of "signature" are already influencing the course of national and international
policies on electronic authentication. In particular, common law lawyers
often see written signatures requirements as a formality that has been
largely eliminated and remains only in a few isolated cases, while civil
law lawyers often think of them in terms of security requirements that
have a strong public policy aspect. Differing concepts of "signature" in
the context of electronic authentication also seem influenced by the differing
uses to which it is assumed this technology will be put, with US policymakers
focusing on "low value" applications less concerned with identity (such
as SSL certificates), while the German Digital Signature Law, by contrast,
is based on a model that digital signatures will primarily be used to prove
personal identity. It is therefore not surprising that policymakers from
different countries often seem to have completely different concepts in
mind when discussing the definition of a "signature".
There are clear dangers in dealing with a subject
of such international importance in a purely national way. The international
legal acceptance of authentication technologies will be impeded if each
legal system clings to its own parochial conceptions of what constitutes
a signature, which will also lead to increasing trade disputes and international
tension. Moreover, useful regulatory activity in the area of electronic
signatures (such as ensuring the removal of barriers to their legal validity)
may become caught up in disagreements on the role of written signature
requirements.
With all this in mind, it seems that the following
considerations are of particular importance for policymakers as they grapple
with regulating a technology that implicates widely-differing concepts
of written signatures:
Achieving increased appreciation of these factors
is likely to be a long, drawn-out process, with the result that there will
be tension between increasingly-sophisticated electronic signature technology
and legal rules based on centuries-old concepts of handwritten signatures.
At the same time, there are signs that the potential exists for national
written signature requirements to grow together over time. A number of
jurisdictions seem to be following the path of granting basic legal validity
to all types of electronic signatures, but at the same time of granting
enhanced evidentiary privileges to signatures that meet certain minimum
security requirements; this is the route taken, for example, in the German
Digital Signature Law, 69) the Utah Digital Signature Act, 70) the Illinois
Electronic Commerce Security Act, 71) and the UNCITRAL Draft Uniform Rules
on Electronic Signatures. 72) However, closer examination shows the difficulty
of harmonization even among such similar approaches. For example, even
though the Illinois Act and the German Law both do not deny legal validity
to electronic signatures that do not meet their respective statutory criteria,
the Illinois Act allows the parties to determine the security techniques
meeting the statutory criteria wholly by agreement, whereas the German
Law sets them forth in great detail (though the parties can still derogate
from them, at least to the extent that a statutory signature requirement
is not involved).
What is becoming clear is that, whereas written signature requirements were earlier regarded purely as matters of national law, the growing use of the Internet and electronic signatures is putting increasing pressure on nationally-based conceptions of written signatures, and will force regulators and courts to confront the need to develop more internationally-oriented notions of the functions of a signature in a globally-networked world.
© 1999 Christopher Kuner and Anja
Miedbrodt.
* ckuner@mofo.com.
** Rechtsanwältin
and Research Assistant, Law Faculty of the University of Frankfurt, miedbrodt@yahoo.com.
1) In this article, "electronic authentication"
and "electronic signature" are used synonymously, with "digital signature"
(using asymmetric cryptography) as a subset of "electronic signatures".
"Electronic authentication" may be understood as any sort of electronic
verification of information, with "electronic signature" as a form of "electronic
authentication" that indicates the intention to associate oneself in
a legal sense with the contents of an electronic document.
2) See, e.g., http://www.ilpf.org/digsig/survey.htm.
3)See Herda, Elektronische
Dokumente - Einführung in die rechtliche Problematik, in: Bundesnotarkammer
(ed.), Elektronischer Rechtsverkehr 37, 42-43 (Verlag Otto Schmidt 1995);
Palandt, Bürgerliches Gesetzbuch § 125 Rdn. 1 (C.H. Beck Verlag
, 57nd ed. 1998).
4) See Smedinghoff (ed.), Online
Law 83 (Prentice-Hall 1996).
5) See Perritt, Law and the
Information Superhighway 386 (John Wiley & Sons 1996).
6) UCC § 1-201(39).
7) See Online Law, supra
note , at 84.
8) UCC § 2-201(1).
9) Hillstrom v. Gosnay, 614 P.2d 466
(Mont. 1980).
10) Bazak International Corp. V. Mast
Industries Inc., 73 N.Y.2d 113, 7 U.C.C. Rep. Serv. 2d 1380 (1989).
11) Joseph Denunzio Fruit Co. V. Crane,
79 F. Supp. 117 (S.D. Cal. 1948).
12) In this context, the use of an
electronic medium (such as a computer display) which the user can use and
read is considered "tangible".
13) Online Law, supra note
, at 84.
14) See, e.g., New York CPLR
2101(a), requiring with regard to court papers that "the writing shall
be legible and in black ink".
15) See ABA Digital Signature Guidelines
3-4 (American Bar Association 1996), which refer (non-exclusively) to the
following "general purposes" of a signature: evidence, ceremony, approval,
and efficiency and logistics; Fuller, Consideration in Form, 41 Columbia
Law Review 799, 800 (1941).
16) ABA Digital Signature Guidelines,
supra note , at 5, note 10.
17) See Baum & Ford, Secure
Electronic Commerce 44 (Prentice-Hall 1997).
18) See the list at http://www.perkinscoie.com/resource/ecomm/digsig/index.htm.
19) Baum & Ford, supra
note , at 50 note 79.
20) There are over 3,000 written form
requirements in German law.
21) § 126 Civil Code (Bürgerliches
Gesetzbuch or BGB).
22) § 127 BGB.
23) In civil law systems, notaries
are highly-trained legal professionals, and are not comparable to US notaries
public.
24) § 128 BGB.
25) § 129 BGB.
26) § 127a BGB.
27) § 126 BGB. There is controversy
as to whether the signer can be represented by an agent.
28) BGH NJW 1970, 1078, 1080.
29) Münchner Kommentar, Bürgerliches
Gesetzbuch, Allgemeiner Teil § 126 Rdn. 22 (C.H. Beck Verlag 1993).
30) BGHZ 24, 297, 302.
31) Palandt, supra note , §
126 Rdn. 7.
32) Palandt, supra note , §
566 Rdn. 1.
33) BGHZ 24, 297, 301. These two particular
requirements do not apply to communications between "merchants" within
the meaning of the Commercial Code (Handelsgesetzbuch or HGB); see
§ 350 HGB.
34) § 127 sentence 1 BGB.
35) § 127 sentence 2 BGB.
36) § 125 sentence 2 BGB.
37) § 125 sentence 1 BGB.
38) BGH NJW 1969, 1167, 1170, NJW
1973, 1455, 1456, NJW 1980, 451, 451.
39) § 313 sentence 2 BGB.
40) § 518 para. 2 BGB.
41) § 766 sentence 2 BGB.
42) Brox, Allgemeiner Teil des
Bürgerlichen Gesetzbuches 144, Rdn. 264 (20th ed. Carl
Heymanns 1996).
43) § 12 HGB.
44) § 129 para. 1 BGB.
45) § 40 para. 1 of the Law on
Certification (Beurkundungsgesetz or BeurkG)).
46) § 518 BGB.
47) § 313 BGB.
48) § 8 BeurkG.
49) § 126 para. 3, 129
para. 2 BGB.
50) §§ 440 para. 2, 416
ZPO.
51) Fritzsche & Maler, Ausgewählte
zivilrechtliche Probleme elektronisch signierter Willenserklärungen,
1995 Deutsche Notar-Zeitschrift [DNotZ] 2, 19; Mellius, Zum Regelungsbedarf
bei der elektronischen Willenserklärung, 1994 MDR 109, 112.
52) Roßnagel, Die Sicherheitsvermutung
des Signaturgesetzes, 1998 NJW 3312, 3314; Bizer & Hammer, Elektronisch
signierte Dokumente als Beweismittel, 1993 DuD 619, 622.
53) § 690 para. 3 ZPO.
54) Gesetz zur Vereinfachung und Beschleunigung
registerrechtlicher und anderer Verfahren (Registerverfahrensbeschleunigungsgesetz),
BGBl I, 1993, 2181-2235.
55) BGBl. I 1997, 1870, http://www.iid.de/iukdg/.
56) § 1, para. 1 SigG.
57) October 8, 1997, http://www.iid.de/iukdg/.
58) The German Federal Justice Ministry
is presently examining electronic signatures and is considering amendments
to existing laws to improve their legal status.
59) § 1(1) SigG.
60) See on this point Mertes,
Gesetz und Verordnung zur digitalen Signatur – Bewegung auf der Datenautobahn,
1996 CR 7; Roßnagel, Die Sicherheitsvermutung des Signaturgesetzes,
1998 NJW 3312.
61) Draft of August 28, 1998, available
in translation at http://www.kuner.com.
62) 18.11.1998, COM(1998) 586 final.
63) COM (1998) 586, Annex commentary
to Article 9. The text of the Directive was still being negotiated at the
time this article was completed in April 1999; the original proposal of
May 13, 1998 is available at http://www.ispo.cec.be/eif/policy/com98297.html.
64) Article 1.
65) Available at http://www.un.or.at/uncitral/.
66) For instance, the section entitled
"Party Autonomy" states that "The terms of any agreement (including closed
systems) between parties governing their transaction should be enforced
without regard to any statutory framework governing electronic authentication."
67) See, e.g., Illinois Electronic
Commerce Security Act, § 5-120, http://www.mbc.com/legis/ill-esca.html,
which provides "Where a rule of law requires a signature, or provides for
certain consequences if a document is not signed, an electronic signature
satisfies that rule of law".
68) See id., Comment 3: "It
is important to note that while this section provides that any signature
on an electronic record can meet statutory and regulatory signing requirements,
it does not address the sufficiency, reliability, or authenticity of any
such signature."
69) § 1(1) SigG.
70) § 406 Utah Digital Signature
Act.
71) § 10-120 Illinois Electronic
Commerce and Security Act.
72) Article 3, Version of 23 November
1998, A/CN.9/WG.IV/WP.79, http://www.un.or.at/uncitral/en-index.htm