Since the ESIGN law of 2000 passed, electronic signature in the United States has been formally defined as “an electronic sound, symbol or process that is attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record.” Now more than 15 years later, I still find a significant percentage of people who don’t know what this really means.
When I’m asked to speak on electronic signature, I often begin by asking for a headcount of those in the room who have actually signed or agreed to anything using electronic signature I do so as much out of curiosity as to help me guide my discussion based on each group’s level of understanding. On average, no more than 30-50 percent raise their hands. I then follow that question by asking how many have loaded software onto a computer at home or work. As you might imagine, nearly all hands are raised in response.
Imagine the surprise in the room when I tell everyone that the action of checking the “I agree” box and accepting the software end user license agreement is a legally binding form of electronic signature. Who knew? Certainly few in the rooms I speak to.
Is it commonplace to execute electronic signatures for documents or agreements by simply checking a box? The check box itself does meet the “symbol” requirement of ESIGN, but the answer is more complicated. Of the three items that define an electronic signature, electronic sound, symbol or process, the most important interpretation is the process.
Think of process like this: if I were an expert witness that had to explain to a jury how a check box was clicked and recorded, how would I do it? As of the writing of this article, there exists a case in front of Judge Paul W. Grimm in the U.S. District Court for the District of Maryland in which the outcome will rely on attribution and process. In the case pending, the plaintiff claims, under oath, to not have signed specific documents and that she wasn’t even presented with the documents that the defendants’ allege.
So how does the defendant prove it? The answer resides in the process. By showing the process that was used to identify who the plaintiff was (attribution) and what steps were required to execute the document, the defendant will establish the process. Of course, the defendant will also have to prove process (specifically what occurred at the time when the plaintiff allegedly signed the documents, not how it is today). This is critically important because the ability for software to change quickly and substantially will put the process under scrutiny. Software and process control along with adequate, if not an over-abundance of, documentation will no doubt be required in order for the judge to make his decision. As in this example of the check box, there are also issues surrounding the validity of data, which can easily be manipulated to show acceptance of the terms presented, should the proper access controls not exist. But that’s another article for another day.
After 15 years since adoption, electronic signature is finally reaching the precipice of adoption by businesses and acceptance by consumers. But with such open language at the core of the official, legal definition, Judge Grimm’s court case will certainly not be the last. Although “sound, symbol or process” is all that’s technically required to meet ESIGN requirements, process is the most critical in order to prove what actually happened.