The last few years, more specifically since 1995, have seen very important developments in the networking and technology of electronic commerce. The e-signature is one of these technologies working toward electronic commerce. A major issue highlighted and appropriately discussed in this article is regarding the parameters identifying an e-signature and authenticating the same. The current form of the Electronic Transaction Law (ETL) provides for two different ways for verifying e-signatures, which at times creates ambiguity. With regard to the major defect that the provisions and rules of the ETL create, in respect of the validity of an e-signature and an authentic signature in proof, the authors see that the ETL should clearly provide that an e-signature shall have a validity in proof the same as the traditional signature, while an authentic e-signature shall have a validity in proof the same as a written signature.
The electronic signature is described in Article (2) of the Electronic Transaction Law (ETL) 1 as:
“Electronic, numeric or photo data or others taking the shape of letters, numbers, symbols, or signs, or the like in a data message or added or related thereto, having a shape identifying the person who timed or distinguished it from others for reasons of the person’s signature and the approval of content”.
The law takes into account the purpose of the electronic signature and considers it to be the same as the conventional signatures used. For example, the conventional signature can be used as evidence, as a ceremonial function, as a designation of approval, and as a determination of authenticity. An electronic signature can fulfil all of these purposes without changing the existing paradigm of a person “signing” a document. So the electronic signature has all the functions to be equivalent to the conventional signature.
It can clearly be seen that the definition of the electronic signature is not well thought of and it does not explain the issuance of the signature and the process for the authentication of the signature. However, the legislation codified the validity of an e-signature and its functions in Article (10/b), as it states:
“b-The validity of the signature shall be proven and attributed to the person signing the electronic record when there is a method to identify that person and to indicate his approval of the information contained in the electronic record that carries his signature, if that method is reliable for this purpose in light of the circumstances relating to the transaction, including the parties’ agreement to using this method”.
Accordingly, the functions of the e-signature are:
¯ Identification of the person related to the electronic signature. The contracting parties can also use the other options which the internet makes available. These options include the Digital ID or the personal certificate. This can be done to verify the identities of the people participating in the contracting process.
¯ The electronic signatures also show the consent of the person concluding the contract. It shows that the person who has used the electronic signature agrees to the legal framework of the contract and to fulfil the obligations that are set out in the contract.
Besides these two major functions, the e-signatures also follow the conditions provided by the Jordanian legislature. These conditions are the objective conditions and the formal conditions.
The clauses of the ETL state that the Jordanian laws require the following conditions: the verification of the e-signature and the conditions of the e-signature. The conditions mentioned are described below:
The verification of the e-signatures is taken as the major condition which needs to be fulfilled as required by the Jordanian laws. It is stated by Article (30) of the ETL that the e-signatures are taken as evidence for the legality of the consent of the contracting party. The verification procedure is specified in Article (30/a). The details of the process can be found in the clauses of the ETL. These are stated as follows:
1) The verification process should be an approved process. The approval is done by issuing the necessary process from a governmental or non-governmental agency with the responsibility of verifying such processes. They include both e-signatures and e-records.
This is done so that the legality of the process is affirmed.
2) The commercial acceptance is also another vital condition. This is specified in Article (30/b). The contracting parties should consider the commercial aspects too.
3) The agreement which is reached between the contracting parties can contain the processes the parties think can be applied for a certain transaction. This process can be framed in a way that benefits all the parties involved in performing that transaction. This specified process is in addition to the existing laws which are included in the ETL.
The Jordanian laws have not specified that the verification is the sole condition that needs to be fulfilled in order to affirm that the e-signatures under consideration are of legal significance. There are other conditions too which have been connected to the verified e-signature which have to be taken into account and then employed as a way of proving the legality of the consent of the party. Article (31) of the ETL contains these conditions.
Article (31) of the ETL gives the following characteristics of a valid signature:
1) It is one of a kind and is related to the correct person and it can easily be differentiated from the e-signatures of other people.
2) The e-signature should be enough for the identification of the person who produced it. Certain measure can be taken to ensure this, but it should be remembered that the signatures themselves must be unique.
3) The e-signatures must be produced and regulated by the rightful owner only and it may only be used by the owner or by a person who is given the authority to use the signature on behalf of the owner. The owner of the e-signature should have exclusive rights for the usage of the e-signature and no other person should be able to produce the e-signature or use it for any person.
4) The e-signatures have to be linked to the e-records with the help of the connection reserved for the purpose. This connection must not be compromised and it should have a direct link to the e-records. If this is not the case, anyone would be able to access the e-signature and they could use it without the consent of the rightful owner. This would make the e-signatures lose validity as the owner would not be in a position to control the e-signature anymore. In this case it would be possible for unauthorized people to produce it and this would lead to the e-signature losing its legal status.
Jordanian regulations detailing multiple parameters of the authentication certificates, their validity, their relations vis-à-vis the related identification symbols are all detailed in the ETL as per the following:
All certificates issued have a stipulated validity period, beyond which it would have no consideration whatsoever if presented anywhere. Correspondingly and similarly, e- signatures too are required to be placed on the document within the designated authentication period to enable the certificate to carry legal weight age, and if the signature is placed and associated with the document beyond such period, there would be value for the same since it would not be fulfilling the objectivity parameters of the e-signature meeting “the authentication condition”.
This is related to the requirement for the authentication certificate to correspond with the authentication symbol, so that only the concerned and related can access the contents of the electronic file, and thus the privacy of the text is maintained. This is however, appropriately covered for in Article (34).
To summarize, in the modern day and age, e-signatures are probably extensively utilized across the internet to conclude and finalize agreements and contracts. The maintenance of such electronic records in corresponding databases, however, requires that the legal aspect related to this medium be addressed properly and the legalities involved therein are adhered to in all its entirety, so that agreements concluded incorporating such technological aspects would subsequently stand up for scrutiny in a court-of-law.
However, the writer of the document is under the perception that while modern day legislation like the ETL does address the legal aspects related to e-signatures to a great extent, and the wording of such laws does seem to be cognizant of the multiple aspects required to be covered, however, there are at times probably discrepancies in the way the laws are interpreted during their application in actual situations.
To this end, a number of instances of such discrepancies maybe found in Article (2) of the ETL, which has specified the situations where e-signatures are applicable but falls short on the verification requirements for the same. Further, it could also be observed that the same article has not expressly delineated the parameters of the signatory, although it does sufficiently identify the parameters of the authentication certificate. Stipulations on the required competency of the licensing authorities for the certifications are also an aspect which needs to be further worked upon.
The ETL aspect of Jordanian legislation lays down two parameters for the recognition and validity of e-signatures, which need to be met to enable the same to stand scrutiny in a court of law. These parameters are listed and defined in Articles (7, 10 and 30), and later in Articles (31) and more appropriately in (32/b). In all the above sections, it is emphasized that e-signatures should at all times be authenticated to subsequently withstand legal scrutiny although there are no further explanations and directives on how the authentication process needs to be actually coordinated.
In addition to the ETL in Jordanian legislation determining and governing the parameters for e-signatures, there are also other related legislatures which shed some further light on this aspect, including UNCITRAL 20012, the ECD 19993 and the E-SIGN4. All of these provide further assistance in determining the legality and related aspects of e-signatures under the laws of the land.
The use of e-signatures on the internet towards executing and entering into a legal binding will be evaluated in three stages. The first will look into the situational parameters of the e-signature, the second will debate upon the duties and responsibilities of both parties entering into an electronic contract, while in the concluding section the legal standing and implications of foreign signatures will be looked into since one of the two parties entering into contracts with foreigners would not be covered under the laws of the land.
The validity of an e-signature is primarily dependent on addressing two aspects, i.e. the functions to be performed by the signature, and secondly the conditions and parameters under which the signature is provided. However, researchers have determined that there may be discrepancies and shortcomings in the legislation covering the aforementioned aspects5. As a general rule, and in essence, e-signatures have been granted the same and equal weight age provided to traditional written signatures6 as long as both forms of signing off fulfil the standard parameters of signatures7 ( Nsairat, 2005: pp. 126-133 ; Dodeen, 2006: pp. 260-266; Reed, 2004: pp. 279-285) .
The legal standing of e-signatures is, hence, generally governed by two tiers of legalities8:
1) When standard functions of a written signature are performed by an e-signature, it is considered as a “general validity in proof”9 (Dumortire, 2002: pp. 55-57).
2) On a higher level, an e-signature would have the “the validity of a written signature” if the signature so made or presented is able to withstand scrutiny in a court of law without the support of a subsequent written signature10. There are perhaps specific technical parameters which need to be addressed before this level is practically realized11. (Dumortire, 2002: pp. 55-57)
Researchers do accept that the aforementioned are well in alignment to the definitions and parameters set forth and defined in the existing legislative laws enacted. While some of the laws set the broad parameters to equate e-signatures with the actual written version; others focus more on the specifics and details of e-signatures detailing on such parameters as the integrity, security, confidentiality etc. To consider the relationship between the signatory and the certificate provider, ECD 1999/93 is an illustration of this12.
Should the signatory desire that the e-signature provided be treated completely at par to that of the traditional written signatures, the following aspects need to be probably fulfilled and kept in consideration13:
1) The signature in question should be uniquely linked to the person providing it, i.e. the “signatory”14.
2) The characteristics of this e-signature should be such that it is uniquely possible to identify the signatory through the signature15.
3) The signature provided should be in a manner so that the form and design of the same is not subsequently altered, like that of the written signature16.
4) The signature provided against a certain text be so linked to the entire document so that all aspects of the particular page remain unaltered and could not be tampered so that the originality of the entire page and the signature provided is retained, and “any alteration is detectable”.
Considering all the above, it is to be concluded that if an e-signature is able to fulfil the stipulations and aspects described, it can definitely be considered to have the same standing in any legal framework just as the traditional written signature, and would be surely considered as an “advanced, enhanced or authentic e-signature”.
The researchers have also had occasion to specify and identify certain anomalies with respect to e-signatures in the perception and understanding of Jordanian legislators drafting and finalizing the related text of such laws, including the ETL. Perhaps, some of these aspects could be:
§ While Article (2) of the ETL does provide a general definition and overview of what are e-signatures, it unfortunately fails to provide specifics on the authentication process of the same.
§ Article (10) only goes to specify the general parameters of the e-signature validity aspect, describing the basic functions of the same.
§ Article (30) lists the authentication process while Article (31) specifies the conditions and situations under which such signatures would be considered to be valid.
§ Article (32/b) of the ETL lists “the confusing rule” whereby it is mandatory that the authentication process and parameters must be fulfilled for e-signatures to ensure that they subsequently remain valid over the long run.
As per all the above descriptions, the authors would conclude that the ETL covers for validating e-signatures only where the same is authenticated, and correspondingly viewing the same under the lens of Article (10) of the ETL would strip away any legal coverage for unauthenticated e-signatures. However, this stance projected is perhaps a bit misleading since other aspects do not reflect and support this. It must be kept in perspective that technological advances and progress in such related aspects as encryption technology and the like has already provided sufficient coverage to authenticate e-signatures under all the stated parameters, and is surely compliant with being able to provide authentication processes for signatures “as legal conditions”.
Considering the above, the authors are of the perspective that Jordanian legislation should do all the needful so that the current ambiguities in legislation enacted such as the ETL is not in conflict with other aspects of the law related to this sphere. Laws enacted should all be in perfect synchronization and harmony to each other, and should supplement and complement each other. As pointed out for Article (3) in the aforementioned text, it would be detrimental to have such ambiguity in the Jordanian legislation process.
The issue of the legality of e-signatures has also been dealt with through the judicial systems, as demonstrated in the processes of the US judicial systems, where this aspect was appropriately addressed since the remaining aspects of the functions and conditions of the same were already appropriately defined17 (Moringiello & Reynolds, 2005: p. 433) .
The authors are of the learned opinion that the ETL fails to address the issue of the obligations and any requirements whatsoever upon the contract parties entering into an agreement through an e-signature. Similar legislation enacted including UNCITRAL 2001 and ECD 99/93, however, does provide so, and lists certain obligations on both the parties, which includes the signatory, the relying party and even the certification provider, as depicted by the following:
This liability is stated by the UNCITRAL 2001 under Article (8/1). According to this rule, the signatory shall:
“… (a) Exercise reasonable care to avoid unauthorized use of its signature creation data; (b) Without undue delay, utilize means made available by the certification service provider pursuant to article 9 of this Law, or otherwise use reasonable efforts, to notify any person that may reasonably be expected by the signatory to rely on or to provide services in support of the electronic signature if: (i) The signatory knows that the signature creation data have been compromised; or (ii) The circumstances known to the signatory give rise to a substantial risk that the signature creation data may have been compromised; (c) Where a certificate is used to support the electronic signature, exercise reasonable care to ensure the accuracy and completeness of all material representations made by the signatory that are relevant to the certificate throughout its life cycle or that are to be included in the certificate”.
The UNCITRAL 2001 provided that these conducts shall be the responsibility of the signatory, as Article (8/2) states:
“A signatory shall bear the legal consequences of its failure to satisfy the requirements of paragraph 1”
As per Article (9)18 of UNCITRAL 2001, the certification service provider has certain duties and obligations to fulfil, and any shortcomings and failure in executing upon those assignments would make the service provider legally liable to make good on the discrepancies subsequently detected.
Under Article (6)19 of the ECD 99/93, there are unambiguous directives for the certification service provider to ensure that the level and standard of certification provided has to stand up to public scrutiny at any subsequent public evaluation and analysis of the certification so provided. In this regard, EU legislation has provided ample directives on the certification provider and the same would be detailed in ANNEX II of the
ECD 99/9320. (Dumortire , 2002: pp. 57-59).
These kinds of conducts21 are stipulated under the UNCITRAL 2001, in Article (11). The rule of this Article states:
1) “A relying party shall bear the legal consequences of its failure:
2) (a) To take reasonable steps to verify the reliability of an electronic signature; or
3) (b) Where an electronic signature is supported by a certificate, to take reasonable steps:
4) (i) To verify the validity, suspension or revocation of the certificate; and
5) (ii) To observe any limitation with respect to the certificate”.
The authors do notice that the legalities of this particular aspect has also been sufficiently and to a great extent covered under Article (33) of the ETL too. However, the coverage provided under existing Jordanian laws is deemed too generalized, and should be far more specific and detailed so that it would stand up to close legal scrutiny and review. Perhaps, a specific aspect requiring additional input would be contracts signed over the internet where international signatories would also be very well involved.
Considering all the above, it is quite clear that Jordanian legislation should take the necessary steps towards ensuring that the gaps and loopholes in existing laws, including the ETL are all resolved and done away with at the soonest, so that there are minimal issues with e-signatures in the future, and agreements entered into and concluded by individuals through e-signatures; all stand up to legal scrutiny and evaluation.
It is observed that the legalities and specifics of recognizing foreign e-signatures are dealt with under Article (12) of UNCITRAL22. Similarly and correspondingly, Article (34) of the ETL and Article (7/1)23 of ECD 99/93 have also stipulated the specifics in dealing with this aspect (Dumortire, 2002: pp. 57-59).
As per the observations made after the detailed analysis and evaluation undertaken in this study, the authors of this article would recommend that Jordanian legislation should perhaps bring about the necessary and required modifications in existing laws like the ETL to ensure that foreign input on e-signatures is fully governed, and the laws are in harmony with global standards already formulated in this aspect, “especially the simple signature”. Jordanian regulations should also elaborate on certain specific signatures, such as those listed in UNCITRAL 2001, so that contracting parties could keep them in perspective too while entering into national and international contracts through e-signatures. All this would go towards ensuring that individuals entering into contracts are facilitated to the extent possible, and there are minimal problems in understanding any ambiguity in the agreement which could possibly turn up at any time in the future.
The authors are of the opinion that numerous aspects of e-signatures are further elaboration, which is perhaps not provided so by the existing state of the ETL. These could include aspects of the definitions of e-signatures, their validity, the corresponding authentication certificate and recognition of foreign certificates etc.
The authors are of the opinion that while the ETL has defined e-signatures in Article (2), but there are certain shortcomings in this respect regarding how such signatures would be deemed to be authentic and genuine. Perhaps this aspect is addressed in other aspects of the current legislation enacted, but it should be unambiguous in this respect.
As per Article (2) of the ETL, while the authentication certificate has been probably partially defined, the signatory too needs to be legally defined and elaborated upon. The legislation should also elaborate upon the required certifications and identify the acceptable licensing and certifying authorities for this purpose.
A major issue highlighted and appropriately discussed in the subsequent text is regarding the parameters identifying an e-signature and authenticating the same. The current form of the ETL provides for two different ways for verifying e-signatures, which at times creates ambiguity. Thus, Articles (7, 10 and 30) and Articles 31, and specifically 32/b need to be synchronized and aligned with each other so that they supplement and complement each other instead of creating ambiguities. In its current form, the rules and their different interpretations could have the unfortunate effect of cancelling out and delegitimize e-signatures while concluding any agreement using this aspect.
Towards resolving the various loopholes and issues identified in this article, the authors are of the opinion that Jordanian legislatures need to go for a minor overhaul of the existing laws. This could be in the form of not just redefining e-signatures in general, but also making a proper definition of an authentic e-signature. The laws also need to elaborate and define on certificates and the competent licensing authorities for these certificates. Aspects of authentication certificates provided and issued also need to be addressed and worked upon. All the above changes and additions to the existing laws would certainly go a long way towards ensuring that legal loopholes and ambiguities are removed to the extent possible.
As a result, the recommended definitions, based on the rules provided under the UNCITRAL 2001 and the EC Directive 99/93, “borrowing”, of these subjects are:
§ An e-signature means: “Data in electronic form or similar means which is attached to, or logically associated with a data message or an e-record, which is used as a method which identifies the signatory in connection with that message or record, and to indicate the signatory’s approval of the information contained in the data message or e-record”.
§ An authentic signature means: “An e-signature that meets the requirements laid down in Article (31) of this law”.
§ A signatory means: “A person who holds a signature identification symbol and acts either on his behalf or on behalf of a natural or legal person or entity he represents”.
§ A certificate means: “A data message or e-record or other e-means that confirms the link between the signatory and signature identification symbol”.
§ An authentication certificate means: “A certificate provided by the competent licensing authority, and which contains the following requirement: (here the legislation can adopt the requirements provided by the ECD 99/93 in ANNIX 1)”.
§ A competent licensing authority means: “An entity or legal or natural person who issues certificates or provides other services related to an e-signature or e-record, which meets the requirements laid down in Articles (30 & 31) of this law”.
Perhaps, the major anomaly, loophole and shortcoming of the ETL in its current form lies in its definitions regarding the validity of e-signatures and the authentication of e-signatures when placed on a document, so that the agreement would subsequently stand up review in a court-of-law. Hence, it is very important that the laws be appropriately amended to enable for e-signatures to be at par to traditional signatures, while they should have the same standing in a legal document to that accorded to a written signature. Towards this end, the authors are of the opinion that the existing wording of Article (32/b) need to be changed and amended, so that they are made to read as “… it shall not be deemed qualified as a written document or signature in evidence thereat” instead of the current “… it shall not have any legal effect”.
Al-Nuemat, A., & AL-Thunibat, M. (2016). Use of E-Signa- ture in Proof of Contracts Concluded through the Internet in Jordan. Beijing Law Review, 7, 357-370. http://dx.doi.org/10.4236/blr.2016.74030