E-signatures and e-transactions: What works, what more is needed, and what are the implications of proposed trade rules on this topic?

Event report

The session provided an overview of electronic signatures from technical, legal, and policy standpoints, explaining the main issues from a developing country’s perspective. It covered the main existing model laws related to e-signatures introduced by the United Nations Commission on International Trade Law (UNCITRAL) and commented on the potential impact of proposals on e-signatures under discussion in trade negotiations.

Mr Luca Castellani (Legal Officer, UNCITRAL) recalled that there are different understandings of what e-signatures mean. From a legal perspective, there are two notions of e-signatures: a) signature in electronic form that is considered the equivalent of a paper signature; b) electronic signature as a trust service, which means providing assurance about the origin of data. The two legal meanings coincide only to some extent, so it is important to clarify what legal meaning we employ when discussing e-signatures.

Castellani also identified three policy approaches to e-signatures: a) a minimalist approach, which understands an electronic signature as anything that identifies and shows the intent of the signatory, regardless of formal requirements. In this sense, the header of an e-mail or the phone number that sends a message can be considered a signature; b) a technology-specific approach, based on technologies such as PKI. Some countries give legal recognition only for PKI signatures, which requires resources to be deployed and maintained; c) an intermediary two-tiered approach: the two types of signatures will be recognised, but a PKI-based signature will have additional value, such as a presumption of integrity. Currently, the two-tiered approach is prevailing, but in countries with very little infrastructure, a minimalistic approach may be better.

The Model Law in Electronic Commerce was adopted in 1996 in more than 100 states. It is actually a model law on electronic transactions. The Model Law on Electronic Signatures was adopted in 2001. The Model Law on Electronic Commerce adopts the minimalist approach, and the Model Law on Electronic Signatures adopts the two-tiered approach. The UN Convention on the use of Electronic Communication in International Contracts adopts the minimalist approach and the Model Law on Electronic Transferable Records repeats the formulation of the UN Convention. Currently, there is work on a model law on identity management and trust services. An e-signature as a trust service means a service to provide assurance of data quality, and it is related to data flows.

Mr Richard Hill (President, Association for Proper Internet Governance) expressed surprise that the topic of e-signatures is part of negotiations under the Joint Statement Initiative (JSI) on e-commerce. He explained that signatures are not needed in the transaction between suppliers and customers in most countries. They are also not required for shipments and receipts. He affirmed that countries do not need new laws on e-signatures, but to implement the existing model law.

Customs authorities may require signatures at both ends, and national requirements on e-signatures may be different. But addressing this problem at the WTO will not sort the issue, because the problem is related to implementation. There are two possible solutions: a) international harmonised standards, which could be put in place by the World Customs Union; b) the creation of a clearinghouse: the supplier gets its document signed by a clearinghouse recognised by the customs authorities of another country. Hill explained different technologies used as signatures, such as PIN code, PKI, and biometrics. He affirmed that trade agreements should simply encourage countries to transpose the UNCITRAL model law into national law.

Ms Sanya Smith (Legal Advisor, TWN) argued that privacy, consumer protection, security, and interoperability can be undermined by some of the proposals currently under discussion in trade negotiations. She provided examples of cases in which government intervention was important to correct market failures related to the asymmetry of power between companies and consumers. Consumers cannot demand companies to introduce secure systems, or two-factor authentication, therefore governments have stepped in to ensure that electronic transactions are safe. E-commerce negotiations promote deregulation, requiring governments to leave this issue to be defined by the private sector.

The proposals tabled at the JSI e-commerce negotiations say that government regulations on the security of electronic transactions should not be introduced. The government cannot prohibit parties from determining their own electronic authentication methods. Similar provisions have been introduced in the Comprehensive and Progressive Agreement for Trans-Pacific Partnership ( CPTPP). In the free trade agreement with China and Indonesia, the EU proposed the same deregulatory provisions without any categories of exceptions, for banking services, health data, or cybersecurity.

Castellani emphasised the need to avoid legal provisions that create issues with interoperability, proprietary lock-in effects, or violations of technological neutrality. Little is discussed about the issues related to e-signatures from a developing country’s perspective. There are more technological requirements in developing countries than in advanced economies.

By Marilia Maciel