FOR EDUCATIONAL USE ONLY
Cardozo Arts and Entertainment Law Journal
1999
Article
*345 CLEAR SIGNATURES,
OBSCURE SIGNS [FNa1]
Adam White Scoville [FNaa1]
Copyright © 1998-1999 Adam White Scoville
*346 I. Introduction
There are two kinds of digital
signatures: signatures good enough for a six dollar trade among friends, and
signatures good *347 enough for a six figure trade between
strangers. [FN1] This Article considers both, from the
digital equivalent of an initialed placemat to secure verification techniques
more like notarizations. Nationally and internationally, diverse groups and
bodies have been propelling the development of digital signature and
certificate authority regulation and legislation. This Article examines the
need for such legislation, questioning the assumption that current law
presents, at best, uncertainties or, at worst, outright barriers to the use of
electronic records and signatures. This analysis attempts to determine the extent
of such uncertainty or conflict, by examining case law, as well as the most
crucial technological and policy issues that face the drafters of digital
signature legislation. Finally, the major statutes, drafts, and model laws are
evaluated with regard to their efficacy in addressing the concerns so
identified. [FN2]
The fundamental question legislation drafters face is the same question courts
face: under what circumstances are electronic records and signatures as
trustworthy as traditional writings and signatures? Beyond this question,
however, many groups have also considered whether there is a need to legislate
proactively in order to encourage the use of the more secure varieties of
electronic signatures and to stimulate electronic commerce. To analyze fully
the existing common-law environment for the treatment of digital records and
signatures, one would ideally examine cases involving both low security records
(e.g., a faxed signature, a name in text at the end of an e-mail) and records
protected by elaborate security measures (particularly those that have been
cryptographically signed). Unfortunately, while the law has long dealt with the
application of new technologies by which non pen-and-ink signatures are used,
as of yet there are no cases ruling on the per se validity of writings or
signatures where a message was cryptographically signed. [FN3]
Thirteen states have digital signature statutes that apply generally to public
and private settings; at least six have already passed
"comprehensive" legislation also including the regulation of
certificate authorities. [FN4] Pioneered by the Utah Digital Signature
Act, [FN5] *348 the
"comprehensive" laws set precise rules governing the validity of
signatures, the issuance and revocation of certificates, and the regulation of
certificate authorities. In addition, a growing number of states have enacted
limited statutes specifying only a vague outline for digital signature validity
and delegating broad rulemaking authority to executive agencies. [FN6] Various guidelines and model laws have
also contributed greatly to the evolution of state laws in this area, including
efforts by the American Bar Association, the National Conference of
Commissioners on Uniform State Laws ("NCCUSL"), which is preparing a
Uniform Electronic Transactions Act, and the United Nations Commission on
International Trade Law ("UNCITRAL").
Several subordinate concerns must also be considered in the preparation of
digital signature laws and drafts. As should be evident from the discussion
herein, different types of electronic "signing" yield different
levels of reliability. Drafters must acknowledge that it may be necessary to
abandon bright line, "yes or no" rules in order to treat different
kinds of signatures appropriately in all cases. This may mean leaving digital
signatures equivalent to normal, signed documents in some cases and attaching
evidentiary *349 presumptions to others, even within the same
statutory scheme. Some of these protections may be appropriate for generically
defined signatures, and other measures may be appropriate only when specific,
proven technologies, such as public key encryption, are used. In addition,
digital signature laws must avoid interfering with the validity of electronic
authentication procedures agreed to by contract, and with the validity of
already-valid traditional signatures.
Drafters concerned solely with removing impediments in pre-existing laws may
view the question of enhanced protection for secure signatures very differently
from those who think the legal environment should proactively encourage the use
of secure authentication methods. Either viewpoint may be appropriate, but
drafters must be aware of their objectives. Moreover, digital signature
statutes would be most effective if they were uniform and compatible with the
laws of other states and nations. Yet, this goal must be balanced against
preserving decentralization of regulation in order to allow experimentation and
evolution in this nascent industry, and to avoid the negative privacy
implications of an overly centralized infrastructure.
In short, the legal landscape is treacherous. It is therefore critical that any
legislation be made with deliberate caution, adherent to two basic, guiding
principles. First, given the uncertain environment, legislation must be
narrowly tailored to address specific legal needs and obstacles. Second, the
level of legal protection and recognition granted signatures must be no greater
than is commensurate with the security and reliability provided by the weakest
form of signature to qualify for such protection.
On one extreme, ad hoc methods of
electronic authentication that are expedient, but not secure, are being used
with increasing frequency. On the other extreme, however, secure methods of
electronic signing based on public key cryptography are emerging. It is
helpful, therefore, to examine the technology behind cryptographic
authentication and the basis for claims regarding its reliability.
Cryptography is a process by which data (which could be anything from a text
e-mail message, to a digital picture, to a binary software program, to
streaming data of a real-time digital phone conversation) is kept secret by
scrambling it so as to render it *350 unintelligible gibberish to
eavesdroppers. [FN7] Encryption, specifically, is the process
whereby an algorithm (a series of mathematical processes) is applied to this
data, or plaintext, producing the scrambled ciphertext. [FN8] Through an inverse mathematical process, namely
decryption, the ciphertext may be retransformed into the original plaintext. [FN9]
Imagine that Alice and Bob wish to communicate by encrypted messages. [FN10] In order to keep an eavesdropper, Eve,
from performing the decryption process herself, either the algorithm itself
must be kept secret (which is almost never done today because the algorithm's
use would be limited to one group of communicants), or the algorithm's results
must depend on the insertion of another string of data, namely the key, which
is kept secret. [FN11]
There are two kinds of encryption: symmetric (also known as single key)
encryption and public key (or asymmetric) encryption. [FN12] Symmetric cryptography is what most
readers will think of as classic, simple encoding; the same key is used to
encrypt the plaintext as to decrypt the ciphertext. [FN13] A protocol for using symmetric
cryptography would be that: (1) Alice and Bob agree on an algorithm; (2) they
then agree on a key (or one of them dictates both); (3) *351
Alice encrypts the message using the agreed upon key; (4) Alice then sends the
ciphertext to Bob; (5) Bob then decrypts it with the key. [FN14] The message is secure if step four only
(or perhaps steps one and four) is done in public, where Eve can listen.
However, if step two, the selection of the key, is also done in public and not
by a secure channel, then Eve overhears which key is being used and can decrypt
the ciphertext just as well as Bob can. [FN15] Symmetric key cryptography is analogous
to a combination safe, where both the person putting items into the safe and
the person taking them out of the safe must be able to open the combination
lock. [FN16]
In a public key system, however, Bob generates two different but corresponding keys.
[FN17] One key can encrypt (the public key) and
one (the private key) can decrypt the first key's resulting ciphertext. [FN18] Bob can now publish the public key for
Alice's use in encrypting her message to him, secure in the knowledge that Eve
(who lacks the private key) cannot decrypt the message. [FN19] Public key encryption is analogous to a
post office box, where anyone can deposit mail once the recipient's specific
box number (the public key) is known, although only the box holder with the
(private) key can open the box. [FN20] However, there are two disadvantages to
public key cryptography. First, messages must be encrypted for specific
recipients' private keys, complicating procedures in the case of communication
among groups. [FN21] Again, to analogize, where one message
could be put in a safe for everyone with the combination to read, Alice must
put separate copies of the message in Bob's, *352 Carol's, and
Dave's post office boxes (i.e., encrypt the message separately with each of
their public keys), so that they all can read it. Second, processing encryption
or decryption with a public key algorithm is roughly a thousand times as slow
as with a symmetric algorithm. [FN22]
Therefore, in practice, programs that claim to use public key encryption are
really hybrid systems. [FN23] In these systems, Alice and Bob have
their respective public keys, but they are used only to encrypt and transmit
securely a symmetric encryption key called, in this context, a session key. A
session key will be used to encrypt and decrypt the content of the
communication, but will not be reused after the specific communication is
completed. [FN24] This system avoids the paradox of
symmetric systems needing a secure channel to communicate keys, and avoids the
slowness of using public key cryptography alone. [FN25]
A. The Use of Encryption for Authentication
When public key cryptography is used in reverse, with the decryption key
now made public and the encryption key held secret, the result is a message
that anyone can verify only to have come from, or been signed by, its bona fide
sender. [FN26] The message is linked to whomever holds
the private key corresponding to the public key that the recipient has
obtained. [FN27] Therefore, if the recipient personally
knows that the sender is associated with the private key, this is enough to
link the sender with the message. [FN28] Where Alice and Bob do not know each
other, they call beforehand on Trent, whom everyone trusts implicitly. Trent
signs each of their public keys, certifying that he knows that the real Alice
controls the private key labeled "Alice's Key," the real Bob controls
"Bob's Key," and so on. [FN29] In large scale networks of encrypted
communications, "Trent" is a certificate authority ("CA"),
a private or governmental entity that has itself verified Alice's identity. [FN30] A *353 widespread system of
certificate authorities and the procedures for verifying a certification is
known as a public key infrastructure ("PKI") or key management
infrastructure ("KMI"). [FN31]
Once again, the slowness of public key cryptography makes it impractical to
perform this process on large amounts of data. In practice, the sender actually
signs only a mathematical output of the message, called a hash, which is
dependent on the content of the message. [FN32] A hash function produces a finite result
from an input plaintext of any size, but that output will change if the message
is changed, even slightly. [FN33] One example of a rudimentary (and
insecure) hash function would be to add up the ASCII values (in a standard
ASCII text file, each letter, number, or symbol is represented by a number
between 0 and 128) of the message text, and then keep only the last three
digits (a number from 000-999) as the hash value. Only one in a thousand
messages would share the same hash value, so one has some basic assurance that
the message received is exactly the same as the one sent. [FN34] Of course, cryptographic hash functions
are much more complex and secure. [FN35] A side advantage of signing a hash value
as opposed to the *354 entire message is that, unless the sender
separately chooses to encrypt the message, the actual text of the message still
appears as plain, unaltered text.
B. Examples of Encryption and Cryptographic Digital Signing
Exhibit One is an example of a cryptographic public key generated using
Pretty Good Privacy. [FN36] Exhibit Two looks like a normal e-mail
message except that a hash value has been produced and encrypted in order for
the sender to sign the message digitally; a small tag indicates the beginning
boundary of the data to which the hash was applied. In receiving this message,
I used the sender's public key (quite similar in its gibberish appearance to my
own) and was greeted with an alert signal saying that the signature had been
successfully verified, and listing the time of the signing. In Exhibit Three,
the same message from Exhibit Two was sent again, except that not only was it
signed using the sender's private key, but the result (including the signature)
was encrypted using my public key as found in Exhibit One. [FN37] The message in Exhibit Four is identical
to the message sent in Exhibit Two (and Exhibit Three) except for one
character; the price of the software license is $4500, not $14,500. Note that
in the signature, twenty-six of the first thirty-two characters are the same as
in the signature in Exhibit Two, but after that, none of the data is the same.
If I were to try to act more like Mallory than like Bob, and had received
Exhibit Two but altered it and claimed to owe $10,000 less than in actual fact,
my fraud would easily be discovered when the signature is found not to match
what was expected in Exhibit Four.
C. Other Technologies for Creating Secure Signatures
Some have argued that other technologies might be able to create digital
signatures of approximately equal security to cryptographic signatures,
although none of these techniques has received *355 the degree of
theoretical scrutiny that cryptography has received. One state has gone so far
as to declare that "Signature Dynamics" is an acceptable technology
for digital signing. [FN38] Signature dynamics systems make a digital
record of a manual signing (including not just the shape, but the speed from
stroke to stroke, pressure, angle of pen, and other identifying characteristics
of the way a person signs his or her name) which can be transmitted to
authenticate a digital document. [FN39] In addition, other forms of biometric authentication
may be incorporated into digital authentication protocols. For example, a
biometric fingerprint or eye scan authentication system might be used in a
hybrid system instead of a passphrase to protect the private key in a
cryptographic system. [FN40] Many of these methods have different
levels of reliability and utility for digital authentication. [FN41] Likewise, companies involved in biometric
identification admit that while units are sophisticated in detecting fraudulent
identifiers, such as recordings of voices or copies of fingerprints, they are
vulnerable to the tapping of the output data of the biometric reader as it is
transmitted for verification. [FN42] As such, these other methods serve more appropriately
as a warning that states should anticipate the development of other secure
technologies, than as an indication that such other technologies are ready for
prime time at present.
III. Clarifying Obscurity in Law - Policy Objectives
Examined in Light of
Current Legal Conditions
A. Literal Constructions and Legitimate Concerns in "Writing" and
"Signature" Requirements
The validity of electronic signatures comes into question because state and
federal law are littered with provisions that are contingent on the presence of
a document in writing, or the *356 endorsement of a writing with
a signature. [FN43] A writing requirement has traditionally
sought to insure that the terms of a document can be fixed, and any ambiguities
limited to the meaning of the text, rather than to parties' contradictory
assertions about what the operative text is. [FN44] Traditionally, signature requirements
have sought, on the other hand, to demonstrate the signer's intent to commit
himself to the specific text. With the advent of the first photocopy machine,
and then of electronic document storage and transmission, legal documents are
made in media where it is possible to make alterations or forgeries that are
facially irrefutable. Thus, the enforcement of writing requirements and the
enforcement of signature requirements have become intertwined. Likewise, the
policy concerns behind them have merged. In addition, statutes increasingly
state signing and writing requirements as a single unit, or make them dependent
on one another. [FN45] In other words, the question is seldom
whether a given document exists tangibly, or whether a specific text (or other
content) can be pointed to (as is the issue with oral statements); that concern
is satisfied regardless of whether the document is on paper, or is a fax, an e-
mail, or a videotape. Rather, the question raised by the writing requirement is
whether the given document is actually the real document, *357
the document of significance. [FN46] After all, the significance of one
document over another is that it has been sanctioned by a particular person,
usually by signing it. Likewise, the general trend in common law and statutes
is to recognize that a signature may be, for example, "any symbol executed
or adopted by a party with present intention to authenticate a writing." [FN47] Therefore, the challenge to the signature
is relative to the accompanying writing and whether that text is the one the
signer intended to authenticate.
Under all of these concerns, a manual (ink) signature on paper is ideal,
because of the difficulty either in mechanically reproducing the signature
without the reproduction being obvious, or in changing the pre- printed text on
the same physical piece of paper. Nonetheless, it is often commercially
reasonable to rely on other media where one lacks either the paper (e.g.,
e-mail, or digitized signature for a UPS package) or the manual signature
(e.g., fax or rubber-stamped signatures). Writing and signature requirements
have, therefore, commonly been used for attacking an electronic (or
electronically transmitted) record where the attack would not easily fall under
hearsay or the best evidence rule, [FN48] and where authentication requirements,
for example those in rules 901 to 903 of the Federal Rules of Evidence,
provide too low a threshold to address these concerns. [FN49] In short, signature and writing
requirements exist to acknowledge: (1) that some records are unreliable because
they are easy to forge; (2) that other threshold tests have been eviscerated;
and (3) that the opponent is unlikely to be able to offer a smoking gun to
prove forgery. [FN50]
*358 Challenges to documents or records, made under legal writing
or signature requirements, can be divided into two types. The first type of
challenge occurs when the litigant does not contest that the specific document
or record is authentic, or that she intended to bind herself in signing it.
Rather, she challenges the writing or signature simply on the basis that the
statute explicitly prohibits such documents from being enforced (and perhaps
that she relied on this unenforceability). This is a purely formalistic
argument, because invalidation of the document would exceed the underlying
purpose of the statute, which exists because (1) some manifestation of the
actor's intent is necessary to bind her to the specific terms of the writing,
and (2) a signed writing is a good indication of such intent. In this type of case,
that intent is not contested, so there is no need for strict enforcement of the
writing or signature requirement. [FN51] This type of challenge seems more
prevalent in appellate case law (leading some to the conclusion that the
Statute of Frauds is somewhat of a hollow shell). [FN52] However, it is not the type of challenge
with which we are primarily concerned.
The second type of challenge asserted regarding writing and signature
requirements goes more to the purpose of the requirements themselves. These
challenges involve cases where the purported "signer" of the document
protests that, despite the document's presence, the document is not a concrete
manifestation of the terms of the agreement. [FN53] The document allegedly does not represent
the agreement because either the content or the signature is easy to forge (and
was forged), or because the marks claimed to constitute a signature are bona
fide, but do not sufficiently demonstrate the signer's intent to be bound. This
is really a substantive attack under the statute, which functions like a
presumption of the document's invalidity. This presumption relieves the
purported signer of the burden of affirmatively proving the forgery once the
concreteness of the writing or the intent to be bound have been sufficiently
placed at issue. [FN54]
*359 B. Treatment of Informal "Signings": The Digital
Placemat
Electronically signed documents are usually either much less reliable than
written signatures in the security they offer against forgery, or much more
reliable, but rarely in between. An electronic signature could be a certified
cryptographic signature of the kind detailed in the first section, but it could
also be the signer's name in ASCII at the end of an e-mail, or the scanned
image of a signer's signature found in a fax or a graphics file. [FN55] When one signs a check at a grocery
store, the store has certain indications of the signature's validity or
enforceability. The pre-printed check may at least indicate that the signer has
a bank account, and indicates how to contact the bank to verify this fact. The
pre-printed check may also give an address, useful for tracking down the
signer. In addition, the cashier can demand photo identification which would
itself: (1) confirm the name and address information; (2) provide visual
verification that the signer at the counter is the person named on the checks;
and (3) provide a signature exemplar for informal signature comparison. [FN56] None of these verification methods
necessarily exist with the informal electronic signatures mentioned above. [FN57] Yet in the paper world, fortunes have
been validly signed away on the back of airport diner placemats (particularly
where the signer admits the signing, as where a third party is the one
challenging the transfer, or the *360 signer challenges the
instrument on other grounds). [FN58] Where time is of the essence, parties
sign documents and fax them back (sometimes, but not always, promising to send
an original by mail); both the signer and the recipient consider themselves
bound when the fax is transmitted, not when the hard copy is received by mail.
The question of the signer's intent to be bound, which is critical with ad hoc,
informal documents, is whether the purported signer "actually did put his
name there." This is not always an easy determination to make. For
instance, Exhibit Five is a letter signed by "William J. Clinton"
that, among other things, memorializes an employment contract for more than a
year in length. In all facial respects it satisfies writing and signature
requirements in the Statute of Frauds; it clearly is a writing, and William J.
Clinton could not deny that this is his signature, for it is. If Mr. Clinton
admitted to the writing, as in an action by Alice claiming the job should have
been hers, the party challenging the document would lose in short order. A
digital signature law clarifying that "a record may not be denied legal
effect, validity, or enforceability solely because it is in the form of an
electronic record" and that "a signature may not be denied legal
effect, validity, or enforceability solely because it is in the form of an
electronic signature" [FN59] only reiterates the result we would have
courts reach, by reasoning that the record is valid where the party intended to
be bound under existing law.
By this point, however, we are beginning to suspect this Mallory character, and
we would be "shocked, shocked to learn" [FN60] that Mallory fabricated the document from
one of thousands of the President's signatures found at the end of Executive
Orders and available in impeccably reproducible form through the Government
Printing Office's web site. [FN61] If Mr. Clinton were to challenge the
document as a fabrication under writing or signature requirements, the right
result should likewise be reached under existing law: either it fails to
satisfy the concerns of a writing requirement because the writing was not fixed
enough and Mallory altered it around the signature, or the signature was
invalid for lack of intent to sign this document. In the face of Clinton's
denial that the document is legitimate or that he intended to bind himself to
this document, the burden of proof should fall upon Mallory. Mallory *361
could not prove that Clinton or an authorized party placed the signature on the
document and her claim would fail even though Clinton could not prove that
Mallory forged the document. An electronic signature law would only buttress
that result.
This situation highlights a key consideration in the drafting of digital
signature laws: that any formalities laid out therein not disturb rules on the
validity of other signatures (including situations such as the one above, of
electronic signatures adequately cognizable by existing law). The statute
mentioned above should have been unnecessary in this case, only changing the
result where existing doctrine does not adequately address the problem. The
statute also provides much desired certainty, a kind of insurance against
courts that improperly extend existing rules. It may be most desirable to bring
informal electronic signatures on par with informal written signatures in that
they may be valid, but once the document's integrity or the signer's intent to
be bound are placed in issue, they are presumed not to be.
C. Treatment of Secure Signatures: Evidentiary Presumptions and Proactive
Incentives
While the initial goal of digital signature legislation is to place
electronic instruments on par with written ones, certified digital
(cryptographic) signatures offer a level of security above that of the average
written signature standing alone. It has been suggested by some [FN62] that a cryptographic signature [FN63] is most directly analogous to a notarized
signature. Admittedly, in both cases an entity licensed for its integrity by
the state government has verified the signer's identity. However, in a
notarization, the notary's seal indicates that the government-licensed agent
verified the signer's identity at the time of the signing and witnessed the act
itself. With a cryptographic signature, all we know is that the signer's
identity was verified at some time prior to the signing. Even if the
certificate authority keeps a database of revoked, expired, or compromised
certificates and keys, it is only a comfort if the key's true owner knows the
key has been compromised, has reported this to the authority's database, and
that database is searchable in real *362 time. [FN64] In actuality, the signature is analogous
to the previous example of a check attested to by a grocery store clerk after
successfully checking the signer's identification. Like the digital signature,
a governmental agency (in this case the DMV) has verified the information at
the time of the driver's license issuance, but the printed address and possibly
even vital statistics and appearance could have changed since then. Thus, a
statute giving the effect of a notarization to a digital signature would
violate the principle that the legal protection accorded electronic signatures
should be no greater than the reliability actually offered by the signature
technology.
Some proposals simply state that "nothing in this law precludes any symbol
from being a valid signature under applicable law." [FN65] Additionally, these proposals might state
that where the law requires a signature, a digital signature will suffice if it
follows specified formal requirements. [FN66] Thus, no additional validity is conveyed
except where all formal requirements are met. Such a proposal therefore ignores
the issue of less formal electronic signatures that, to be placed equal with
written instruments, should be presumed valid until the specific instrument's
value is contested. [FN67] In order to avoid this problem, a second
approach has been to state the requirements for a signature vaguely, so that
either formal or informal signatures may qualify if the prerequisites are met. [FN68] This approach, however, offers no
additional protection to more carefully verified methods of digital signing. [FN69] A third set of laws takes a two-tiered
approach. [FN70] Informal signatures cannot be invalidated
*363 solely because they are in digital format; rather, they are
still subject to proof of the intent to sign, as discussed above. [FN71] In these models, signatures meeting
additional formal requirements are entitled ab initio to an upper tier of
protection, such as the rebuttable presumption that: (1) the purported
signatory or an authorized agent was the one to sign the document; (2) that the
signer intended to be bound; (3) that the message has not been altered, and so
forth. [FN72] This last approach, while more complex,
is the best alternative for linking the legal value of signatures to the actual
integrity of the method used.
Since offering such top tier protections goes beyond giving electronic
signatures the same force as paper ones, the true motivation must be to provide
incentives so that secure practices will become the norm early in the age of e-
commerce. The current situation involving electronic transactions suggests that
more secure practices are needed, but that the market may not provide them on
its own. The use of encryption in transmitting payment information, combined
with the fifty dollar liability limit for fraudulent use, has eased consumers'
fears about interception of their credit card data by malicious third parties. [FN73] Merchants are still in a difficult spot,
however, because they bear the full losses from fraud when the signature on a
card cannot be verified. [FN74] Moreover, the rate of card fraud on the
Internet is substantially higher than in the real world, particularly for
software and other products that can be delivered instantaneously and
electronically. [FN75] While the rate of fraud has decreased,
many of the primary methods of combating it, such as black-listing suspected
crooks and using data profiling to identify those purchasers likely to be
thieves, raise serious questions about discrimination and the privacy of
personal data. [FN76] Even so, consumers' satisfaction with
on-line security and *364 reluctance to use more complicated
procedures may stifle merchants' willingness to replace ordinary,
unauthenticated credit card orders with more secure protocols, such as the
VISA/MasterCard Secure Electronic Transactions ("SET") system. [FN77] While the market should eventually
dictate the adoption of such systems if fraud is high enough, [FN78] legislation promoting more secure methods
could stimulate greater market efficiency while reducing the need for profiling
and black lists. The correction of such deficiencies through the encouragement
of more secure authentication methods is perhaps the most compelling argument
for action by legislation, as legislation is arguably the most appropriate
avenue for enacting such proactive policy incentives.
The force of protection provided to digital signatures is often established
through statutory evidentiary presumptions. These presumptions are not
insurmountable, but merely clarify that the validity of the signature is
presumed unless the party seeking to show that it is not valid can meet a
burden of proof [FN79] to rebut the presumption. Unlike informal
signatures, the challenger would have to prove the forgery affirmatively.
Some digital signature statutes and regulations provide no evidentiary
presumptions at all. In a jurisdiction providing no presumptions, a digital
signature is ideally on the same footing as a paper signature. One argument in
favor of presumptions is that, in practice, paper documents and ink signatures
enjoy the functional equivalent of a presumption because threshold requirements
for admissibility are so low. Furthermore, the theoretical ease of forgery in
the electronic realm makes it much easier to charge that forgery has occurred.
Perhaps evidentiary presumptions are then justified to eliminate this disparity
where, as with cryptographic digital signatures, such forgery is actually
unlikely.
*365 D. Hypothetical Transactions
The following hypothetical situations are offered in order to place in
context the operation of the common law and various digital signature laws. In
some cases, there is a "right" answer as to what result should occur
when the document is challenged under statutory writing or signature requirements.
In other cases, the expected outcome depends on policy decisions which may be
in some debate. The function of these examples is not only to point out where
statutes have clear deficiencies or where they plainly overreach, but also to
identify controversial decisions of policy. Some of these situations have
already been introduced.
Mallory v. William J. Clinton - Mallory goes to court with the document in
Exhibit Five seeking damages for being denied the job purportedly offered in
the document. She says she received the document electronically and has the
e-mail message in which the document was included (but has no personal
knowledge and offers no witnesses to prove that Clinton actually signed this
document). The header information appears to say that the message came from an
e-mail address, which Clinton admits is his. The parties stipulate that this is
Clinton's signature, generated from an electronic file he sometimes uses to
sign electronic messages, including some personal letters. There are some messages
with this electronic signature stored in public sites on the Internet. Clinton
insists that Mallory composed the message herself, pasted on Clinton's
electronic signature, and falsified the addressing information on the e-mail
message.
As discussed above, the document is facially valid but should be excluded from
evidence because once Clinton has placed his intent to sign the document in
issue, Mallory should be required to prove that Clinton intended to sign the
document. If Clinton admits to signing the document (i.e., he meant to offer
Mallory the job), another party (e.g., a competitor entitled to the job if the
letter had never existed), should not be able to challenge the signature solely
on the basis that it is electronic.
Scoville v. Safdar – Scoville seeks to enforce the agreement in the message in
Exhibit Four, which bears Safdar's cryptographic signature. Assume that
Safdar's key was certified by Trent's Certification, a licensed authority.
Scoville is ready to pay the license fee, but Safdar refuses to send the
registration codes. The software package with which the signature was created
confirms that the signature was technically valid and made using Safdar's
private key. Also, Scoville relied on the message, and turned down a limited-time
offer on comparable software (meaning he *366 would have to pay
$5000 more for that software than during the special offer period). First, what
if Safdar says he did not realize what this cryptography stuff is all about,
and says he may have activated the program to sign the message, but had no idea
he was binding himself to the message? Second, what if Safdar says he didn't
send the message? Instead, he claims to have discovered a week later that his
estranged lover, Mallory, knew the passphrase to his private key (which was a
quote from The Road Ahead, [FN80] underlined and labeled "crypto
key" in Safdar's dog-eared copy, which Mallory once borrowed without
asking). Safdar claims that Mallory sent Scoville the message (from the e-mail
address she used to share with Safdar) accepting the offer to license
MindWidget for $10,000 less than the usual price, in order to ruin Safdar's
business out of spite.
In the first instance, Safdar should clearly be liable, because if this were a
paper signature, Safdar would be negligent in signing his name without knowing
the consequences, and the same should hold true here. In the second example,
assuming that the digital signature is valid, it should be difficult for Safdar
to deny the signature; we would want a presumption that he signed it. Safdar
would be required to prove that he did not sign it by offering evidence of
Mallory's knowledge of the key. Additionally, Safdar's underlining of the
passphrase would be questioned as to whether it was consistent with his burden
of care in maintaining the secrecy of his key, because if he was negligent in
guarding his key, he could be held liable. There is also the question of who
should have the burden of proving reasonable care or lack thereof. Since Safdar
is in a much better position to know, and he had the burden of disproving the
signature's presumed validity in the first place, he should bear the burden.
In re Estate of Alice - Alice recently died. Bob produces an electronic
document from Alice's hard drive. It is a will leaving $100,000 of stock in
various Internet companies to Bob. It was signed two months before Alice's
death with Alice's private key, which was certified by Trent's Certification.
The records of Trent's Certification say that Alice came last winter to their
branch office in the front of the local natural foods market, showed her photo
license and her passport, and was issued a brand new private key corresponding
to a public key that Trent signed and certified. Carol, however, produces a
paper will dated three years ago, and acknowledged by Alice before the
requisite witnesses, which leaves her entire estate to Carol. *367
Carol challenges the electronic will. Would the situation change, from a policy
standpoint, if two witnesses watched Alice sign the electronic will with her
private key, verified the signature cryptographically themselves, and then each
signed the document (including Alice's signature) themselves with their own
certified keys? What if one witness is prepared to testify in court that he did
in fact sign his own signature and the person who signed the other signature
was the person named in that signature?
Several drafting committees (e.g., NCCUSL and the Illinois legislature) have
suggested that wills should be exempted from statutes validating digital
signatures. [FN81] However, this example highlights that the
digital signing of the will is not what presents a problem (or, likewise, in
attempting to make a digital notarization). The certification on a signature
verifies that, at one time, Alice was the only person who controlled the key.
It probably also gives her a duty to report if the key is ever compromised.
However, her exclusive control of the key is not affirmatively ascertained at
the time of the will's signing. Therefore, the uncertainty stems from the
witness requirement for will signing, not the writing or signature
requirements. If that is the case, should not a will digitally signed with
witnesses present be sufficient? Admittedly, this leaves open the charge that
the witnesses were using other people's compromised keys, complicit in a fraud
by Bob to manufacture the document. Even this concern should be satisfied if
the purported witness legally authenticates his signature during an in-court
testimony.
A. The Need for Precedential Analysis
Efforts to draft digital signature, electronic record, or certificate
authority legislation have consistently been predicated on the need to prevent
formalistic judges from incorrectly invalidating digital signings. This would
yield incorrect results in the examples of Mallory v. Clinton and Scoville v.
Safdar (where Clinton and Safdar admit intentionally signing the document).
Such judges might prefer the simple calculus that, "a writing is a
writing" and a signature means paper and ink, perhaps out of ignorance.
Such judges might also be uncomfortable with the fact that properly executed *368
digital signatures can satisfy all the underlying concerns for document
integrity, authenticity, and the signer's intent to bind herself. Such concerns
on the part of the drafters of digital signature legislation often result in
conclusions that electronic commerce "is currently being conducted amid
legal uncertainty regarding the validity and efficacy of the electronic records
and documents being used to evidence the commercial transactions and
relationships being created." [FN82] This uncertainty is contradictory to the
conclusion of commentators who, looking literally at writing and signature
requirements, have suggested that "[i]t is now necessary to repeal,
change, or at least reinterpret many writing and signing requirements, as they
retard legitimate implementation of electronic commerce." [FN83] Moreover, commentators seem equally
willing to acknowledge that courts have generally been sensitive to changing
technology, insofar as they have been willing in the past to apply the spirit
of the writing requirement, rather than formally adhering to its literal
dictates. [FN84]
Amidst such conclusory assertions that the status of the law is uncertain and,
therefore, digital signature legislation is necessary, the following is an
attempt to analyze standing precedent and, where necessary, analogize decisions
involving other technologies to the question of electronic writings and
signatures. Such an analytical underpinning is crucial to the credibility of
assertions that legislation is necessary.
*369 B. Confusion? What Confusion? The Lack of Precedent Involving
Secure Authentication
With each new item of commentary addressing the treatment of electronic
records and signatures, authors continue to agree that no case has yet dealt
with a challenge to the validity of cryptographically signed documents. [FN85] This holds true through the present. [FN86] Courts are not unanimous, but are
generally supportive of writings and signatures in other media involving
electronic reproduction (facsimile, [FN87] telegraph, [FN88] or telex [FN89]) or, as it relates to the signature
requirement, mechanical reproduction by typewriter. [FN90] It would be easy to conclude that, since
these media are much less secure and involve less effort on the part of the
author, cryptographically signed electronic documents are bound to be accepted
uniformly as writings with signatures. The cases, however, generally hinge on
the question of the signer's intent. [FN91] Where challenges to a document have been
successful, the signer has admitted to making the marks or symbols in question
on the specific document, but has asserted that they were made for another
purpose, one that falls short of intention to be bound. [FN92] On the other hand, *370 in
some cases even attacks of the kind labeled above as "purely
formalistic" (where both the fact of signing and the intent to sign are
admitted by the purported signer) have been successful when dealing with purely
electronic media. [FN93] These cases are worth examining, as they
indicate the confusion of the courts and their inability to analogize to
electronic media in a manner consistent with trends in other media.
C. Successful Formalistic Attacks Involving Purely Electronic Media
In 1997, the Tenth Circuit refused to hold that a computer form constituted
a writing under the bankruptcy code. [FN94] The debtors had phoned the bank and each
individually provided their financial information, which the bank employee
entered into a computer. The employee then read the information back and asked
them to verify the record, which they admitted to doing, although at no time
did they sign or see the record. The debtors successfully argued that the
statement was not a writing. [FN95]
In Walgreen Co. v. Wisconsin Pharmacy Examining Board, [FN96] the drugstore chain Walgreens was accused
of violating the state law requiring 'a written or oral order by a [physician]
for a drug' prior to the dispensation of prescription medicine. [FN97] Written orders required the doctor's
signature. [FN98] Walgreens had set up an experimental
program whereby physicians would e-mail prescriptions to *371 the
pharmacy. The court avoided the question of whether the e-mail contained a
signature by saying it was "more reasonable" to liken the e-mail to
an oral telephone authorization (a category that had been previously held to
include fax transmissions) which, by statute, did not require a signature. [FN99] Here, despite the textual nature of the
message, and despite the fact that the court ultimately validated the
authorization, the court decided that the e-mail did not constitute a
"writing" (and therefore the textual affirmation thereon was not a
"signature"). [FN100]
These cases suggest that the status of electronic communications as writings
has yet to be settled. The Walgreen court focused on the transmission of the
data over phone lines (like a fax or an oral call), [FN101] the Kaspar court seems to have been
distracted by the intervening phone call, as opposed to whether or not the
computer data was fixed, [FN102] and the court in Perry, it has been
suggested, was overly focused on the physicality of the floppy disks
transferred. [FN103] While these cases hint of confusion to
come regarding electronic records, a more straightforward case of electronic
communications in contractual transactions is necessary before any truly
pertinent observation can be made.
As was discussed above, whether the document is cryptographically signed or not
may become significant in rarer cases where not only the signer's intent to be
bound is at issue, but also more fundamental questions--like whether the
document has been forged or altered--are at issue. In the hypothetical of
Mallory's employment offer from President Clinton, the courts in Parma Tile or
Hillstrom might have rightly disallowed the document by focusing on the
signer's intent and by shifting the burden to Mallory to prove the document's
authenticity. [FN104] However, the Kaspar court, *372
given its disregard for the fact that the debtors intentionally acknowledged
the information that was read back to them, might have gone the opposite way. [FN105] One can only hope that these courts
would see a cryptographic signature as strong evidence of a signer's intent,
but again, given the Kaspar and Walgreen courts' disregard of the affirmant's
intent to authenticate or adopt the communications, one can hardly be sure. [FN106] Given this uncertainty, cases holding
earlier electronic media to be writings, or holding that marks made in
manifestation of intent are signatures may be insufficient to extrapolate a
rule that might be applied to cryptographically signed documents.
V. Subsidiary Concerns in Certificate Authority Legislation
A. Licensure, Certification, or Registration of Certificate Authorities
The first digital signature statute
passed, the Utah Digital Signature Act [FN107] (and likewise several successors modeled
on it), enacted a comprehensive regulatory scheme for the use of digital
signatures and certificate authorities. Whether or not to enact such a
comprehensive statute is an important policy question, and even states with
such comprehensive statutes have recognized that appropriate action may also be
possible through regulation rather than legislation. [FN108] Indeed, leaving the details to
regulatory specification may be more appropriate for legislatures that are
unenthusiastic about the degree of legislative involvement that may be
necessary as digital signature law and electronic commerce evolve. [FN109] When legislatures allocate the
responsibility between themselves and their administrative agencies for keeping
their law up to date, they must pragmatically consider their own level of
commitment, and recognize that digital signature law will need to be revised as
the industry matures.
States must decide the extent to which they intend to regulate the functioning
of certificate authorities. There are three important and crucially distinct
considerations: first, whether legislation is necessary to ensure or promote
the validity and admissibility of electronic signatures; second, whether a
public key infrastructure is necessary for digital signatures to function
reliably; and third, if so, whether the regulation of certificate authorities
is necessary? The *373 enactment of more limited statutes without
regulation of certificate authorities is not merely an interim or halfway
measure; public key infrastructures ("PKIs") may simply not be
necessary. Contrarily, market-driven demand for certificate authority services
and cryptographic signatures may generate an independent need for the
regulation of authorities in the interest of consumer protection. Drafting
groups have come to a variety of decisions on the regulation of certificate
authorities. These choices have ranged from comprehensive licensing schemes for
certificate authorities, to intermediary measures (such as voluntary licensure
or registration programs, or deferring to federal or industry accreditation
groups - many as yet unnamed and uncreated), to leaving authorities practically
unregulated. [FN110]
On a substantive level, decisions on the licensure or accreditation of
authorities include requirements that authorities hire reliable and scrupulous
personnel, [FN111] maintain proper records, and use
"certification practice statements" to define the value and degree of
verification undertaken in issuing certificates. In addition, states might
require agents for service of process in the case of lawsuits, or contingency
arrangements for the proper handling of certificates should an authority cease
operations. The most critical requirement is, however, the financial reserve
carried by certificate authorities. The potential liability of an authority for
accidentally or negligently certifying an untrue statement could be enormous,
depending on the size of the transaction in which a party relied on the
certified facts. Without regulation, there is a danger that small start-up
authorities might not carry enough insurance or have the financial resources to
meet their liabilities.
B. Technology-neutrality
At present, the most reliable form of electronic signature technology, and
the only form of signature approaching any degree of wide adoption, uses
asymmetric cryptographic keys and certificates. Many drafting groups are afraid
of inadvertently giving legal protection *374 in instances where
the technology does not provide a commensurate level of security. Therefore,
several states have chosen to make their digital signature laws apply
specifically to cryptographic signatures, defining a "digital
signature" as the transformation of a message using asymmetric
cryptography. [FN112] Technology-specific laws, however,
cannot anticipate the development of other methods, which might offer equal
levels of security. Deliberately writing inflexible laws in this case may erect
inappropriate barriers to the development of new and effective digital
authentication techniques. Drafters of technology-specific laws wager that what
they sacrifice in flexibility will be made up with reassurance that they are
not inadvertently providing legal advantages to technologies that do not
warrant them.
Increasingly, states have opted for technology-neutral laws which do not
mention or prefer specific methods and state their requirements generically
instead. Some of these laws achieve technology-neutrality by decreasing the
level of detail of the law in general. A most basic law might simply provide
that a digital signature is valid only where "it is unique to the person
using it[,] it is capable of verification[,] it is under the sole control of
the person using it[, and] it is linked to data in such a manner that if the
data are changed, the digital signature is invalidated." [FN113] There is a fine line to walk, however,
to avoid granting excessive protection to less secure signatures, particularly
where the statute provides for evidentiary presumptions. The most prudent
compromise is that proposals shy away from technology-specific terms, but
enumerate the security requirements necessary for the granting of legal
protection with as much specificity as possible.
C. The Validity of Signatures Based on Preexisting Contracts
Generally, digital signature laws are aimed at parties whose relationship
does not arise in the context of an already existing contract, because in such
a case the contract may already provide for the validity of electronic
signatures. However, many important payment systems for electronic commerce
will provide a contractual basis for the transaction, just as credit card
agreements provide a contractual framework for transactions between otherwise unassociated
parties. In the Secure Electronic Transaction ("SET") system, both
parties have contractual privity with the certificate issuer, *375
just as both the merchant and the buyer in a credit card purchase have
contractual arrangements with their banks, which in turn have contractual
arrangements with Visa or MasterCard. [FN114] Thus, the parties in the SET system
already know, by virtue of the buyer's presentation of a SET account, and the
seller's ability to accept that credit, that the SET system has vouched for the
fact that the buyer will pay up (and the seller will deliver the goods). [FN115] Therefore, the full security of a
certificate from a certificate authority regulated by state or federal
governments may not be necessary.
If a state law, however, says that a digital signature is valid (only) if A, B,
and C terms are met, the law might invalidate already evolving contractual
mechanisms using bases for security other than A, B, and C. This has been a
chief concern of entities, such as Visa, which are developing contractual
payment models like SET. [FN116] Although a law's deference to
preexisting contracts has the biggest impact on large payment systems, the
question is really one of contractual freedom and honoring the mutual intent of
the parties to be bound by signatures in the form they choose. Therefore, a
provision allowing some of a law's requirements to be varied by agreement would
be advisable.
D. Limits on Liability
When digitally certified information is false, most disputes over liability
will occur between the authority and the third party relying on the
certificate's accuracy, not between the authority and its customer. Therefore,
many drafters have considered limiting the tort liability of certificate
authorities. Once the validity of certificates and signatures is established,
it can and should be left to the market and to courts and juries to determine
the liability of authorities. This will result in a valuation and assessment of
responsibility more closely compatible with existing principles of liability in
contract and common law.
*376 The arguments for statutory specification of liability are
twofold. First, some have argued that with the picture of authorities'
liability so unclear, potential authorities will be reluctant to enter the
market. [FN117] However, while legal impediments to the
acceptance of digital signatures are undoubtedly holding the market back, [FN118] it is not clear that fear of liability
exposure is. On the other hand, the specification of liability may be necessary
for the opposite reason: to keep authorities from avoiding liability. [FN119]
If liability for an authority's negligence or willful misconduct is limited or
removed, the authority will have little incentive to carry out competently its
core business responsibility, the verification of the facts it certifies. [FN120] In cases where the authority fulfilled
its requirements*377 without negligence or willful misconduct,
liability should be connected to the reasonableness of relying on the
particular certificate, in light of the security of the verification process.
Since the authority is arguably in the best position to assess the diligence of
the verification, it may be acceptable to allow the authority to specify the
recommended limits of reliance on a given security procedure and limit their
liability thereto. [FN121] As to limits on the types of damage that
could be claimed, any reasonable authority knows that others will rely on its
certificates. Therefore, from a policy standpoint some level of consequential
damages should perhaps be allowed. It may be appropriate here as well, however,
to limit such damages to reliance limits set by the authority.
VI. Survey of Current Proposals and Statutes and Their Interrelation
A. State Statutes
1. Utah
The Utah Digital Signature Act
("Utah Act"), [FN122] the nation's first thorough digital signature
law, takes a very detailed regulatory approach toward electronic signatures. [FN123] The law specifically avoids invalidating
any other signature, mark or affirmation that would otherwise be considered
valid. [FN124] However, the law is technology-specific
because in validating "digital signatures," the law includes only
public key cryptographic signatures. [FN125] Therefore, the legal status of less
formal electronic signatures is left just as uncertain as it would be in the
law's absence. The Utah Act would offer no clarification either way, for
example, in the case of Mallory's electronically signed employment contract
from Bill Clinton, regardless of whether Clinton's intention is to deny or
affirm its validity.
The Utah Act primarily sets out an elaborate system for the licensure of
Certificate Authorities. [FN126] The Act includes requirements of surety
bonds for conducting business, [FN127] formal requirements *378
that must be met for a certificate to be valid, [FN128] and procedures for the revocation of
certificates and the dissolution or revocation of licenses of certificate
authorities themselves. [FN129] In addition, the law sets forth specific
and extensive presumptions. [FN130] These presumptions include that: the
information in a valid certificate is accurate; the signature is that of the
subscriber listed in the certificate; and the signature was affixed with the
intent of signing the message. [FN131]
The least copied provisions of the Utah Act are its tight restrictions on
certificate authority liability. [FN132] For example, where the authority
complies with its requirements, it has no liability for reliance on a false
certificate. [FN133] Even in cases of negligence or willful
misconduct by an authority, liability for reliance on any false information in
a certificate is limited to the "reliance limit" of the certificate,
set by the certificate authority. [FN134] Furthermore, damages against an
authority are strictly limited to direct, compensatory damages; punitive, lost
profits, and pain and suffering damages are all specifically excluded. [FN135] In short, Utah's law does little to make
sure that its certificate authorities are truly the trustworthy institutions
which participants in electronic commerce should expect.
While it is a substantial beginning to legal discussion of digital signature
legislation, Utah's Act is not an adequate legal solution for two reasons.
While predicated on legal uncertainty over electronic signatures, it only
relieves that uncertainty for a narrow class of digital signatures. Further,
while its regulatory framework could be used to ensure adequate consumer
protections and oversight of this nascent service industry, it does not do so.
Instead, the Utah Act works like a farmer opening the gate and escorting the
fox into the barn yard. The generous releases from liability sanction
carelessness in verifying certificates and leave consumers unprotected against
companies already prone to abuse the responsibilities that are at the core of
their existences. [FN136]
*379 2. California
Section 16.5 of the California
Government Code ("California Act") [FN137] contains none of the specificity of the
Utah Act. It simply provides that a signature has the same force as a manual
signature if, and only if:
It is unique to the person using it.
It is capable of verification.
It is under the sole control of the person using it.
It conforms to regulations adopted by the Secretary of State. [FN138]
In the summer of 1998, the California Secretary of State issued final
regulations in furtherance of section 16.5. Even when
these regulations are considered, however, they do not rise to the level of
detail of the Utah statute. [FN139] For example, for a digital signature technology
to be declared 'acceptable' for the purposes of the statute's protection, it
must only be able to create signatures conforming with the statute. [FN140]
Currently, public key cryptography is such an "acceptable
technology," as is signature dynamics. [FN141] The regulations set out requirements for
Certificate Authorities only so far as requiring that they pass performance
audits every two years or be approved by an international accreditation body. [FN142] However, the performance audits are only
aimed at seeing that the issued certificates meet regulations which slightly
expand on the vague statutory requirements. [FN143] Most regulations merely describe
properties inherent to most basic public key systems. [FN144] For example, a digital signature is
"capable of verification" if (1) the acceptor of the signed document
can verify the signature by using the signer's public key to decrypt the
message; and (2) the form(s) of identification which were required for the
issuance of the certificate are specified. [FN145]
Most importantly, the California scheme does not involve the *380
licensure and approval of certificate authorities, except insofar as the state maintains
an "Approved List of Certification Authorities," which are those that
have passed the audit requirements. [FN146] The regulations make no requirements for
authorities' financial security or the posting of surety bonds. The regulations
also create no evidentiary presumptions, although they do state that the
subscriber "assumes a duty to exercise reasonable care to retain
control" of her private key. [FN147] Finally, and perhaps most significantly,
the regulations do not set liability limits or mention recommended reliance
limits for certificates and certificate authorities. The requirements for
signature dynamics signatures are similarly elementary. [FN148]
3. Illinois
While the Utah and California laws
provide reference points within which to frame a discussion, subsequent efforts
have offered further beneficial refinements. For example, the Illinois
Electronic Commerce Security Act ("IECSA" or "Illinois
Act"), [FN149] passed in August, 1998, legitimizes
electronic signatures in general, where the signer intends to be bound. Thus,
it is open to and enabling of technology and would not interfere with any contractual
arrangements for electronic transactions. Additional provisions, however, set
up operational requirements for certificate authorities in public key
infrastructures. [FN150]
If a document is signed and can be verified using a security procedure (set out
in requirements for public key cryptographic certificates or agreed to by the
parties), the signature is considered a "secure electronic signature."
[FN151] These "secure electronic
signatures" are then entitled to a higher tier of validity, including
evidentiary presumptions, such as the signer's intent to be bound in signing
(thus, presumptively satisfying the requirement of intent in the general
legitimizing language). [FN152] The IECSA also contains innovative
language that exempts from its coverage instances when applications would be
"repugnant" to the context of the statute in question, or clearly
inconsistent with the manifest intent of the lawmaking *381 body.
[FN153]
Further, the IECSA sets defaults for the warranties implied to those who rely
on the certificate and the level of confirmation the authority has done in
issuing the certificate. [FN154] Both of these defaults may be overridden
by policies specifically laid out in the authority's certification practice
statement ("CPS"). [FN155] The law also specifies the subscriber's
duty to retain control and security over the private key. [FN156] It allows flexibility in the level of
regulatory involvement, specifying that the regulatory agency may impose
additional requirements on "secure electronic signatures." [FN157] The IECSA allows the state to establish
a voluntary licensing system, to require that authorities be accredited by
independent industry accrediting entities, or to specify criteria for a list of
approved authorities. [FN158] Even beyond its focus on a signer's
intent, the IECSA also contains an explicit "variation by agreement"
clause to protect the validity of security procedures agreed to by contract. [FN159] It is noteworthy, finally, that the
IECSA was an important source for the draft Uniform Electronic Transactions
Act. [FN160]
The IECSA represents a well-balanced approach to digital signature regulation
because its two-tiered system provides for informal electronic signature, while
still offering appropriate enhanced protections to encrypted signatures without
fear that those protections would later be applied to different, possibly less
secure signatures. It avoids many of the pitfalls in earlier proposals,
including: (1) unnecessarily affecting contractual systems like SET; (2)
affecting wills, land transfers, and other such areas where digital signing may
still be inappropriate; and (3) specifying of excessive liability limits. In
the upper tier of protection (the so-called "secure electronic
signatures") the IECSA is not technology-neutral. This is probably an
appropriate choice, particularly at this experimental phase in the development
of digital signature laws. The IECSA offers robust legal protections to secure
electronic signatures. Given that the true security of other electronic
signature methods is somewhat hypothetical, reserving these protections to
cryptographic*382 signatures exclusively is consistent with
correlating the legal protection offered with the security of the applicable
technology.
4. Massachusetts
Massachusetts has also been
preparing legislation that aims to remove legal obstacles to the acceptance of
electronic signatures with as little excess complexity as possible. The
Massachusetts Electronic Records and Signatures Act ("MERSA") [FN161] avoids creating a regulatory burden for
the state by never mentioning certificate authorities. It does not grant
inappropriate protection, for it contains no upper "tier" (or any
enhanced protection) for more secure signatures. At its core, the draft adopts
and refines the essential core provisions from the UNCITRAL Model Law on
Electronic Commerce:
Section 67. Electronic Records.
A record may not be denied legal effect, validity, or enforceability solely
because it is in the form of an electronic record. If a rule of law requires a
record to be in writing, or provides consequences if it is not, an electronic
record satisfies that rule of law.
Section 68. Electronic Signatures.
A signature may not be denied legal effect, validity or enforceability solely
because it is in the form of an electronic signature. If a rule of law requires
a signature, or provides consequences in the absence of a signature, an
electronic signature satisfies that rule of law.
Section 69. Admissibility into Evidence.
In any legal proceeding, nothing in the application of the rules of evidence
shall apply so as to deny the admissibility of an electronic record or
electronic signature into evidence on the sole ground that it is an electronic
record or electronic signature or on the grounds that it is not in its original
form or is not an original. [FN162]
Similarly, "[a] contract between business entities shall not be
unenforceable, nor inadmissible in evidence, on the sole ground that the
contract is evidenced by an electronic record or that it has *383
been signed with an electronic signature." [FN163]
These provisions would not apply if they are "clearly inconsistent with
the purpose of that rule of law," although it is specified that the mere
requirement that the record be "signed" or "in writing"
does not demonstrate such a purpose. [FN164] This "repugnancy" clause, as
it is known, [FN165] was adopted by the Illinois Act and
considered but rejected by the NCCUSL as a way of effectively limiting the
scope of digital signature laws. Theoretically, the language would prevent the
laws from reaching wills, trusts, and title documents for interests in real estate,
for example, without having exhaustively to list either exclusions or
inclusions. [FN166]
The minimalist nature of the Massachusetts draft makes it more akin to the
California approach than to the expansive Illinois and Utah statutes. Among
such "thin" digital signature laws, the MERSA is preferable. Unlike
the California Act, which declares that digital signatures are valid (and
might, by the pregnant negative, imply that something else is less valid), the
Massachusetts draft merely removes obstacles to the recognition of signatures. [FN167] In addition, the repugnancy clause,
while perhaps ambiguous, provides an appropriate limitation where the
California language, if adopted in a context beyond its scope of communications
with state government, may be broader than desired in scope.
B. Uniform Law Models and Drafts
1. American Bar Association Digital Signature Guidelines
The American Bar Association
Digital Signature Guidelines ("ABA Guidelines") provided an
elementary foundation for the development of digital signature legislation. [FN168] In some respects, however, its status as
a formative document is clear. Its consideration of many issues (such as
technology- neutrality, legal presumptions, the validity of signatures not
meeting its requirements based *384 on intent or the parties'
prior agreement, and liability limits) is primitive. The ABA Guidelines were
developed in conjunction with the Utah Act by groups with several common
members. [FN169]
The ABA Guidelines define a digital signature very narrowly:
A transformation of a message using an asymmetric cryptosystem and a hash
function such that a person having the initial message and the signer's public
key can accurately determine (1) whether the transformation was created using
the private key that corresponds to the signer's public key, and (2) whether
the initial message has been altered since the transformation was made. [FN170]
Thus, like the Utah law, the ABA Guidelines grant validity only to public key cryptographic
systems. Notice that this definition corresponds to that of the higher tier in
the Illinois Act. [FN171] Therefore the ABA Guidelines, like the
Utah Act, would not clarify the enforceability of less formal electronic
signatures executed with the intention of authenticating the document. The ABA
Guidelines might, therefore, pose problems in alternate contractual situations
like SET. [FN172]
The ABA Guidelines' failure to consider the signer's intent in informal
signings is mirrored by its failure to consider the signer's intent where the
Guidelines have been followed. The ABA Guidelines include legal presumptions
consistent with those in the Utah or Illinois Acts, with one significant
exception. [FN173] Given a valid digital signature, the ABA
Guidelines do not provide the presumption that the signer intended to bind
himself as he would with a manual signature. [FN174] Without presuming the intention to sign
(which is *385 the defining test for a real-world
"signature" in many states), a person who relied on that signature
might be defeated by the signer's defense that he simply never intended to be
bound.
Like the Utah Act, the ABA Guidelines set liability limits on Certification
Authorities. [FN175] Assuming for the sake of argument that
liability limits are needed in order to promote the certificate authority
industry, the ABA Guidelines take a more reasonable approach than does the Utah
Act. The Utah Act eliminates liability for authorities complying with their
obligations, but also limits liability at specified "reliance limits"
(a concept not mentioned in the ABA Guidelines) for certificate authorities not
in compliance. [FN176] The ABA Guidelines, however, only
provide that, "[a] certification authority that complies with these
Guidelines and any applicable law or contract is not liable for any loss,"
either of a subscriber or someone who relies on a certificate. [FN177] Certificate authorities are still fully
liable for intentional or negligent failure to comply with their requirements.
While the ABA Guidelines has been superseded in many respects, [FN178] its commentary offers thorough
consideration of many policy issues not adequately discussed in other contexts,
with the possible exception of the commentary to the UETA. [FN179] For this reason, the Guidelines still
represent a necessary starting place in understanding digital signature law and
certificate authority regulation.
2. United Nations Commission on International Trade Law
Model Law on Electronic
Commerce
The United Nations Commission on
International Trade Law's Model Law on Electronic Commerce
("UNCITRAL"), [FN180] which has been approved by the General
Assembly, is roughly similar in extent to the Massachusetts draft. The UNCITRAL
Model makes no mention of cryptography or certificate authorities, and includes
no evidentiary presumptions or liability limits, involving *386
the use of electronic signatures. It primarily states that information should
not be denied legal effect because it is in electronic form, and that
requirements of a written form are met by electronic documents if they are
accessible for subsequent reference. [FN181] Similarly, a data message is adequately
signed if
(a) A method is used to identify that person and to indicate that person's
approval of the information contained in the data message; and (b) That method
is as reliable as was appropriate for the purpose for which the data message
was generated or communicated, in the light of all the circumstances, including
any relevant agreement. [FN182]
The UNCITRAL Model also addresses the status of electronic messages and files,
generally. It specifies when an electronic copy is considered valid as an
original, as well as requirements for the retention of data, the formation and
validity of electronic contracts, the attribution of messages, and the
acknowledgment and legal dating of messages. [FN183] Several of these sections are reproduced
in the UETA. The section on attribution provides that an addressee is entitled
to rely on the fact that a message is from and authorized by the purported
sender if, in verifying the sender's identity, "the addressee properly
applied a procedure previously agreed to by the originator for that
purpose." [FN184] Such reliance is also allowed if the
message contains (or the sender necessarily had access to) "a method used
by the originator to identify data messages as its own." [FN185] While this might open the door to less
secure procedures in some cases, it would certainly justify the reliance of a
recipient on a message containing the sender's digital signature.
The UNCITRAL Model probably could not be translated literally into a state
digital signature law. Nonetheless, it has made two contributions that have
been incorporated in domestic proposals. First, stating that data "should
not be denied legal effect because it is in electronic form" forms the
heart of the Massachusetts draft. [FN186] Second, the requirement that security
procedures be as "reliable as was appropriate for the purpose" is
worth further discussion (even if in the end it might be unworkably subjective)
as an alternative to *387 rigid tiers of protection. [FN187]
3. National Conference of Commissioners on Uniform State
Laws - Uniform
Electronic Transactions Act
The National Conference of
Commissioners on Uniform State Laws ("NCCUSL") draft Uniform
Electronic Transactions Act ("UETA") represents a major attempt to
provide a consistent national framework for the validity of electronic
signatures. [FN188] While detailed about legal requirements
for signatures and authentication, [FN189] the UETA draft is completely
technology-neutral, referring to encryption, only rarely, as one valid option
among many. [FN190] The UETA draft attempts wherever
possible to be consistent with analogous provisions in the current Uniform
Commercial Code. [FN191] The drafting committee has also worked
with the drafters of the proposed Uniform Computer Information Transactions
Act, formerly the draft U.C.C. Article 2B, to coordinate the two proposals. [FN192] *388 The UETA's operative
provisions relating to digital signatures draw heavily [FN193] on the Illinois Act, the Massachusetts
draft, a draft prepared by the Oklahoma Bankers Association, [FN194] and the UNCITRAL Model Law on Electronic
Commerce. Thus, the UETA can be seen as a rejection of the Utah and California
approaches (although some language drawn from the Illinois Act can be traced
back, with revision, to those two sources).
The most controversial issue cited by the reporter to the NCCUSL drafting
committee is the scope of the UETA. [FN195] Some proposed that it should, like other
uniform laws, apply only to contractual documents. [FN196] On the other extreme, others proposed
that it follow the Massachusetts and Illinois models and encompass "all
writings and signatures." [FN197] The November 1997 draft proposed a
compromise based on the UNCITRAL Model Law, covering not only commercial
transactions, but also "electronic records and electronic signatures
generated, stored, processed, communicated, or used for any purpose in any
commercial . . . transaction." [FN198] In other words, it would have covered
signatures and documents that are important for commercial reasons, but that do
not themselves form commercial contracts.
In 1998, however, the drafting committee changed course again on the scope of
the act, removing language that restricted the act to commercial or
governmental transactions and related records. [FN199] Instead, the act applies to
"electronic records and electronic signatures that relate to any
transaction," although it also carves out a list of specific exceptions to
which the act does not apply. [FN200] Substantively, the UETA would not apply
to the creation or execution of wills or testamentary trusts. [FN201] Also excluded is *389 most
of the U.C.C., either because the articles themselves allow for the use of
electronic signatures, or because state law has little impact in the specific
area. [FN202] Lastly, the UETA allows state
legislatures to identify other statutes for exclusion on a state by state
basis. [FN203] Early drafts also contained
"repugnancy" language similar to that in the Massachusetts draft and
the Illinois Act (although among the UETA's then-limited scope of commercial or
governmental transactions), providing that the UETA would not apply where
repugnant to the manifest intent of the lawmaking body. [FN204] This language was deleted in early 1998,
when the drafters decided a specific list of exemptions was needed. [FN205]
In its initial draft, the UETA, like the Illinois Act, had a two-tiered
approach to the validity of electronic signatures. [FN206] Under this approach, a document would be
"signed" if it "include[d] any methodology executed or adopted
by a person with a present intention to authenticate a record." [FN207] The document would gain the benefit of
some evidentiary presumptions (although like the Illinois Act, these were not
as extensive as in the Utah law) if it were a "secure electronic
signature" signed in accordance with a "security procedure." [FN208] The current draft, however, rejects the
Illinois approach and streamlines this distinction. [FN209] Instead, a party must still prove the
attribution of an electronic signature or record to a person (likely by showing
the effectiveness of any security procedure*390 that was used). [FN210] Notably absent, however, is the
requirement of intent to sign the document. [FN211] Once attributed to a signer, the legal
effect of the signature is determined from the circumstances of the signing or
any effect given the signature by applicable law. [FN212]
The UETA drafters also recently added a section that would allow some
electronic signatures to be equated with notarizations:
SECTION 110. NOTARIZATION AND ACKNOWLEDGMENT.
If a law requires that a signature be notarized or acknowledged, or provides
consequences in the absence of a notarization or acknowledgment, the law is
satisfied with respect to an electronic signature if a security procedure was
applied which establishes the identity of the person signing the electronic
record [and that the electronic record has not been altered since it was
electronically signed]. [FN213]
As discussed above, [FN214] while digital signatures are hard to
forge, their guarantees are limited by their reliance on verification
procedures undertaken long before the signing. Some of the security procedures
referred to in section 110 could provide attribution and non-repudiation on par
with a notarization.