FindLaw | Find a Lawyer. Find Answers.

When the federal "electronic signature" law was enacted nearly two years ago, proponents predicted a rapid shift toward electronic transactions. Critics feared a plague of fraud, privacy invasions, and identity theft. The current state of electronic contracting is somewhere between these extremes. As electronic signature standards continue to mature, businesses are choosing from a diverse range of techniques for executing contracts in cyberspace.

As discussed in our June 28, 2000 Internet Alert, the federal Electronic Signatures in Global and National Commerce, or "E-Sign," Act endorsed electronic contracting by granting electronic signatures, contracts, and records the same legal status as traditional written signatures, contracts, and records. An electronic signature is any electronic sound, symbol, or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record. A "digital signature" is a specific type of electronic signature that uses encryption technology to "sign" a message with a secure, verifiable code. Since the E-Sign law was "technology neutral" and did not provide any technical specifications or verification standards, the law is not limited to digital signatures. In fact, an e-mail message -- or even a mere mouse click -- may constitute an electronic signature.

By permitting a wide range of electronic techniques for obtaining consent to a contract, the federal E-Sign law adopted an important principle of the Uniform Electronic Transactions Act ("UETA"), which has been enacted in a majority of the states: the validity of an electronic signature or contract may be challenged on the same legal grounds as a traditional written signature or contract. Accordingly, electronic signatures are subject to challenges based on authenticity (is the "signature" message a forgery or otherwise unauthorized?) and integrity (was the message received in the same form as it was sent?).

Companies can decide for themselves how to implement electronic signatures and how to verify the authenticity and integrity of an electronic signature.

In e-commerce transactions, courts have consistently upheld the enforceability of electronic signatures obtained through so-called "click-through" agreements, in which a consumer assents to a contract with a simple mouse click after viewing the applicable terms and conditions. We have discussed emerging legal standards for click-through agreements in several previous Internet Alerts: March 22, 2000 and April 9, 2001 (terms must be "commercially reasonable" and consumers must have an opportunity to reject them); August 20, 2001 (an affirmative act of assent is required); and January 30, 2002 (click-through terms may prevail over written terms). These legal endorsements and low implementation costs have made click-through agreements popular for a broad range of transactions on the Internet. For a discussion of a similar trend in the European Union, see our October 5, 2000 Internet Alert.

To protect against fraud and coercion in electronic contracting, the E-Sign law requires businesses to obtain informed consent from consumers in order to conduct electronically any transaction that a law requires to be "in writing." The Federal Trade Commission ("FTC") and the U.S. Commerce Department concluded in a June 2001 report that these protections have been effective.

For high-value transactions and repetitive business-to-business transactions, it is more cost-effective to implement more robust safeguards to ensure the authenticity and integrity of electronic signatures. The strongest techniques use encrypted digital signatures administered by trusted third parties or "certificate authorities." In February 2002, the World Wide Web Consortium ("W3C"), an e-commerce industry standards organization, issued technical guidelines for creating and administering digital signatures. Such standardization may help to reduce the cost of using digital signatures and lead to more widespread use in consumer e-commerce. Other digital signature guidelines and standards have been developed by, for example, the federal National Institute of Standards and Technology, the American Bar Association, and a consortium of state governments. The United Nations Commission on International Trade Law ("UNCITRAL") Model Law on Electronic Signatures does not mandate a particular implementation of digital signatures, but establishes "criteria of technical reliability" under which electronic signatures shall be treated as equivalent to hand-written signatures. Electronic contracting is a legally-recognized reality for both consumer and business transactions. Evolving federal, state, international, and industry standards are removing barriers to electronic contracting, but market forces are determining which specific technologies are used to ensure that electronic signatures are easy to use, cost-effective, and provide acceptable evidence of an agreement.