3-22-2016 | by Benjamin Fleshman
In 2000, the European Union passed Directive 1999/93/EC, a directive which was implemented into law in the UK via the Electronic Communications Act (2000) and the Electronic Signatures Regulations (2002). These laws and directives state that electronic signatures are legally binding throughout the EU. Each individual nation has, however, its own implementation laws regarding electronic signatures, including the United Kingdom.
These laws define the foundation of e-signatures and e-identification in the United Kingdom and the European Union as a whole. In July, however, these laws will be overhauled with a new regulation called eIDAS.
Defining an Electronic Signature
According to the government of the UK, electronic signatures are classified in one of three ways:
- Simple Electronic Signatures
- Advanced Electronic Signatures
- Qualified Electronic Signatures
An example of a simple electronic signature would be the tick box that you click to agree to the iTunes terms and conditions (often without reading said terms and conditions first. For shame).
Advanced electronic signatures are uniquely linked to the user. They are controlled solely by the user, and is attached to a document in such a way that the document is invalidated should the contents of the document be altered.
A qualified electronic signature is essentially an advanced electronic signature on electronic steroids. It is the most heavily encrypted of the three classes of electronic signature. Often, it is encrypted with a secure signature creation, such as a smart card or something similar.
Each of these three classifications is a valid form of signature in its own sphere. Because business agreements have varying level of intensity, however, they also require more stringent security measures for each different agreement level.
It is for this reason that the United Kingdom established guidelines for electronic signatures specific to its realm. Some electronic signatures are naturally given more weight in a legal setting than others, which only makes sense. Other guidelines have also been produced which help to clarify the role of electronic signatures in the UK.
Implementing Electronic Signatures
One of the main methods for implementing electronic signatures into UK law is through the role of certification service providers (CSPs). CSPs issue digital certifications which declare the validity of a given signature. They affirm that the signature in question is valid, that it belongs to the individual who claims the signature as their own, and essentially gives it an extra amount of sanction in a courtroom.
These certifications are generally granted to advanced electronic signatures and qualified electronic signatures (more so with the latter) rather than simple ones because there is no real need to verify the simple signatures.
Other requirements for electronic signatures are related to the security of the document which needs signing. They should be encrypted stored in secure locations, so as to remain unaltered. Documents must remain private and away from prying eyes. There must be a way to verify the identify of the individual signing the document. These are a few of the requirements given by the ESR and ECA, though they are an adequate summary of any other requirements you would expect to find in the original law.
Concord’s Security Practices Can Help
Knowing that data security is essential for your company, Concord Worldwide provides intense security to protect your documents. The level of your electronic signatures can be advanced or qualified, depending upon the situation you choose, and they will always be secure.
Our housing servers are located throughout Europe and the United States, and every server location is protected with around the clock security, data encryption, firewalls, and fire prevention technology. We know how to protect your signatures and your documents.
Click here to learn more about electronic signatures in Australia.