随着文档自动化和电子签名平台在法律界日益兴起,法律交易日趋无纸化,企业需要了解电子签名的影响和执行力,同时也需要谨慎行事。电子签名无疑能提高效率,但对于电子签名涉及的数据安全(电子 签名平台基于云服务)和欺诈风险、电子签名是否符合相关法规/审计要求,以及签名是否为真实意思表示等,仍然存在担忧。
电子签名的多种形式
“电子签名”可以有多种形式,包括:
• 在电子文档中随附 pdf 或 jpeg 格式的手写签名;
• 在包含合同/协议条款的电子邮件中输入姓名;
• 勾选载明“本人接受”协议条款(或其他类似措辞)的方框;
• 电子签名平台生成的签名,即在电子文档上通过勾选方框或输入姓名,生 成电子签名(该电子签名可能与签字人手写签名并不必然相似);以及
• 在“签字屏”上用输入笔签名或亲手签名,在屏幕显示的电子文档上生成 和签名人的手写签名近似的签名。
新加坡电子签名法ETA规定,如果一项法律规则要求签名,或规定某一文件未经签名会产生特定的法律后果,则采用电子签名的形式满足该法律规则。同时该法又规定,通过使用法定的安全程序,或当事人同意采用的合理安全的商业程序,如果能够证实一项签名在制作时符合下列条件,则该签名可以视为安全的数字签名:
1.使用者唯一的签名;
2.能证实使用者的身份;
3.通过某种使用者可以唯一控制的方式或方法创设;
4.和相关的电子记录以某种方式具有密切联系,一旦该记录被修改,则签名也随之失效。
以下文件不包含在ETA中,因此无法进行电子签名:
遗嘱
可转让票据,所有权凭证,汇票,期票,寄售票据,提货单,仓库收据或任何使持单人或受益人有权要求交付货物或支付款项的可转让文件或票据
契约的创建,信托的声明,委托书, 永久授权书
任何出售或其他处置不动产的合同,或该不动产的任何权益转让
Electronic signatures are commonly used for all types of transactions in Singapore, and their use is increasing as a result of expanded use by local companies. Singaporean law makes a distinction between electronic signatures and secure electronic signatures, with digital signatures backed by certificates from trusted service providers treated as a form of secure electronic signature.
In Singapore, the use of electronic and secure electronic signatures is governed by the Electronic Transactions Act, Cap 88 and the Electronic Transactions (Certification Authority) Regulations 2010. The Personal Data Protection Act 2012 (PDPA) is also relevant to personal information used in secure electronic signatures.
For an electronic signature to be valid, it must meet the following conditions:
There must be reliable assurance about the integrity of information in the electronic record, from the time it was first made in its final form;
Where the electronic record is to be provided to a person, it must be capable of being displayed to that person; and
It must comply with any additional requirements relating to electronic records specified by the public agency supervising the provision or retention of such records.
For a secure electronic signature to be valid, it must be possible to verify that, at the time it was made, it was:
unique to the person using it;
capable of identifying such person;
created in a manner or using a means under the sole control of the person using it; and
linked to the electronic record to which it relates in a manner such that if the record was changed the electronic signature would be invalidated.
The above conditions for a secure electronic signature can be met through the application of a specified security procedure (as prescribed under the Electronic Transactions (Certification Authority) Regulations 2010 as well as the Third Schedule to the ETA), or a commercially reasonable security procedure agreed to by the parties involved.
Under the Electronic Transactions Act, both electronic signatures and secure electronic signatures are enforceable and admissible. However, in proceedings involving a secure electronic signature, the signature will have the same presumption of enforceability as a “wet signature”. If the electronic signature is not secure, this presumption will not apply.
In addition to the requirements for a valid secure electronic signature, a digital signature must meet the following conditions:
It must have been created during the operational period of a valid certificate and could be verified by reference to the public key listed in that certificate; and
The certificate is considered trustworthy because:
it was issued by an accredited certification authority operating in compliance with the regulations; or
it was issued by a recognized certification authority; or
it was issued by a public agency approved by the Minister to act as a certification authority on such conditions as he may by regulations impose or specify; or
the parties have expressly agreed between themselves (sender and recipient) to use a digital signature as a security procedure, and the digital signature was properly verified by reference to the signatory’s public key.
The ETA includes a voluntary accreditation scheme of CAs, which is overseen by the Infocomm Development Authority of Singapore. However, non-accredited CAs still need to comply with basic duties and obligations, which include the duty to use trustworthy systems in their businesses and to issue, suspend, revoke, and publish its certificates under specific circumstances. Accredited CAs must comply with additional duties and obligations such as undergoing audits prior to each term of accreditation and more stringent requirements relating to the issuance, suspension, revocation, and publication of its certificates.
Digital signatures based on digital certificates issued by accredited CAs are automatically considered to be trustworthy and are recognised by the law.
Judges are familiar with the laws surrounding e-records and e-signatures. Electronic signatures are widely accepted as evidence, and judges frequently cite the ETA in cases pertaining to signatures and contracts.
Special considerations
In Singapore, PDPA states that organizations shall not transfer any personal data they hold to a country or territory outside of Singapore, except in accordance with the requirements prescribed under PDPA.
Use cases that generally require a traditional signature
In Singapore, there are several use cases that generally require a traditional signature. Additionally, there are several instances that require additional consideration for legal compliance of e-signatures such as when transacting with public sector entities. The following are excluded from the ETA and therefore cannot be electronically signed:
Wills
Negotiable instruments, documents of title, bills of exchange, promissory notes, consignment notes, bills of lading, warehouse receipts or any transferable document or instrument that entitles the bearer or beneficiary to claim the delivery of goods or the payment of a sum of money
The creation, performance or enforcement of an indenture, declaration of trust or power of attorney, with the exception of implied, constructive and resulting trust.
Any contract for the sale or other disposition of immovable property, or any interest in such property
The conveyance of immovable property or the transfer of any interest in immovable property
