Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Electronic Signatures in Global and National Commerce Act Digital Signatures and E-SIGN: Implications for PKIs Michael S. Baum, J.D., M.B.A., CISSP.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "The Electronic Signatures in Global and National Commerce Act Digital Signatures and E-SIGN: Implications for PKIs Michael S. Baum, J.D., M.B.A., CISSP."— Presentation transcript:

1 The Electronic Signatures in Global and National Commerce Act Digital Signatures and E-SIGN: Implications for PKIs Michael S. Baum, J.D., M.B.A., CISSP michael@verisign.com

2 Agenda  E-SIGN – Some relevant principles  Electronic vs. digital signatures  Nondiscrimination  Validity vs. enforceability  Limitations  E-SIGN - Impact on PKIs  Technology neutrality  Federal preemption  Responsive policy initiatives  The Multi-State Digital Signature Summit  Performance standards and the PAG  Conclusions

3 E-SIGN in a Nutshell The Electronic Signatures in Global and National Commerce Act  Simply prevents discrimination against electronic acts and records  A psychological boost to E-commerce  In balance, creates demand for PKIs  Issues remain

4 E-SIGN Provisions Title I: Electronic records and signatures in commerce Title II: Transferable records Title III: Promotion of international e-commerce Title IV: Commission on Online Child Protection ------ This presentation targets E-SIGN’s critical implications for PKIs

5 E-SIGN Milestones  The reconciliation of HR. 1714 and S.761  Signed by President Clinton: June 30, 2000  Effective: October 1, 2000  Specified provisions are phased in thru June 2001

6 E-SIGN defines Electronic not Digital Signature Digital Signature Electronic Signature — means an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.

7 “means information that is inscribed on a tangible medium or that is stored in an electronic or other medium and is retrievable in perceivable form.” Record —

8 Records Retention Satisfied by retaining electronic records that are:  Accurate  Accessible to persons entitled to access it  Capable of accurate reproduction for later reference  Communicated by transmission, printing, or otherwise  Exception: Information whose sole purpose is to enable the contract or other record to be sent, communicated, or received

9 E-SIGN: Nondiscrimination “A signature, contract, or other record relating to such transaction may not be denied legal effect, validity, or enforceability solely because it is in electronic form…” E-SIGN § 101(a) General Rules of Validity (emphasis added)

10 Legal Effect and Validity  Undefined in E-SIGN  Provide only threshold legal assurances  Only gets you into the courthouse

11 Enforceability  The extent to which you can prove successfully the signature, record or contract and therefore prevail in a dispute  E-SIGN neither precludes nor materially advances enforceability  Enforceability demands evidence  PKI complements E-SIGN by providing strong evidence that can be essential to enforceability

12  Complex consumer disclosure and consent  Oral communications and recordings do not qualify as electronic records  Industry-specific benefits  Insurance agents and brokers: liability limited  Banks: electronic check retention permitted  Mortgage industry: e-promissory notes enabled Other Provisions

13 E-SIGN Does Not Control:  Wills and trusts  Family law matters  Much of the Uniform Commercial Code  Court orders / notices / official court documents  Other essential notices such as for utility services, health insurance and product recalls

14 Agenda  E-SIGN – Some relevant principles  Electronic vs. digital signatures  Nondiscrimination  Validity vs. enforceability  Limitations  E-SIGN - Impact on PKIs  Technology neutrality  Federal preemption  Responsive policy initiatives  The Multi-State Digital Signature Summit  Performance standards and the PAG  Conclusions

15 Technology Neutrality  Distinguish:  Nondiscrimination vs. equivalency  Product vs. technology neutrality  UNCITRAL example: “Information certifier”  Implications:  Uncertainty  Potential need for supplemental rules  Sanctioning of ineffective products  Anticompetitive impact on the marketplace  Threatening to consumers?

16 Effect of Technology Neutrality on Notorial Acts “If a … law requires a signature or record … to be notarized … that requirement is satisfied if the [notarization] is attached to or logically associated with the signature or record.” E-SIGN § 101(g)

17 E-SIGN and Federal Preemption  What is preemption?  What E-SIGN says it preempts: “A State [law] may modify, limit, or supersede … Section 101 … only if such [law does] not require, or accord greater legal status or effect to, the implementation or application of a specific technology…” E-SIGN § 102(a) (emphasis added)

18 Scope of Preemption  What E-SIGN preempts  Preempts only State laws that deny effect to electronics solely because they are electronic or where they mandate exclusively a particular technology  UETA (over-simplified rule): Where enacted without material changes, UETA is not preempted by E-SIGN

19 Uniform Electronic Transaction Act (UETA)  Neither discriminates against nor mandates use of e-signatures / e-records  Permits e-notarizations and e-acknowledgments  Enables electronic records retention  Extends beyond E-SIGN by addressing:  Attribution of e-signatures or records  Changes or errors in e-records during transmission  Nondiscrimination against admissibility into evidence  Time and place of sending and receipt of e-records

20 Limits on Preemption  What E-SIGN does not preempt  Does not address preemption of state law, other than in the specifically preemptive rules in Section 101  E-SIGN does not generally interfere with U.S. State digital signature laws and CA licensing regimes

21 Some States Licensing or Approving CAs North Carolina Oregon Texas Washington Utah Minnesota Nebraska California Nevada Arkansas

22 What Rules does E-SIGN Preempt?  Attribution - No  Favorable presumptions - No  Integrity - No  Certification authority trustworthiness - No  Licensing / accreditation - No  Recognizes only digital signatures as an alternative to handwritten signatures - Yes

23 Performance Standards Exception  Can be specified by a Federal or State regulatory agency  To assure accuracy, integrity, and accessibility of records

24 Agenda  E-SIGN – Some relevant principles  Electronic and digital signatures distinguished  Nondiscrimination  Validity and enforceability distinguished  Limitations  E-SIGN - Impact on PKIs  Technology neutrality  Federal preemption  Responsive policy initiatives  The Multi-State Digital Signature Summit  Performance standards and the PAG  Conclusions

25 Multi-State Digital Signature Summit  Held in August 2000 in San Francisco  Studied digital signature legislation, application, and the effects in the public and private sector  Attendees included Secretaries of States, state digital signature coordinators and policy makers, American Bar Association Information Security Committee members, and other industry leaders  Considerable focus on preemption  Conclusions

26 UNCITRAL Draft Model Law on E-Signatures Beyond E-SIGN – Default Rules?  Each signatory shall: exercise reasonable care to avoid unauthorized use of its signature creation data Art. 8 Conduct of the signatory  A relying party shall bear the legal consequences of its failure to take reasonable steps to verify the reliability of an electronic signature Art. 11 Conduct of the relying party UNCITRAL

27 PKI Assessment Guidelines (PAG): A Tool to Establish Performance Standards?  A multidisciplinary initiative to develop objective guidelines for assessing PKI interoperation & quality  Non-sectoral, cross-industry, international  The PAG can assist in developing performance standards PKI Assessment Guidelines

28 Conclusions  E-SIGN creates both peace of mind and uncertainty  Potential for litigation regarding preemption  Is the technology neutral pendulum swinging?  Future rules needed to support CA quality & interoperation  Harmonize with international initiatives  UNCITRAL Model Law on Electronic Signatures?  APEC-EU-US bilateral/multilateral agreements?  Monitor impact of mandated consumer e-records and e-consent studies under E-SIGN

29 References http://www.verisign.com/repository

30 Michael S. Baum, J.D., M.B.A., CISSP michael@verisign.com

Download ppt "The Electronic Signatures in Global and National Commerce Act Digital Signatures and E-SIGN: Implications for PKIs Michael S. Baum, J.D., M.B.A., CISSP."

Similar presentations

International forum on eNotarization and eApostilles The impact of e-technology on notarial acts: legal and technical possibilities and limits -relevance.

International forum on eNotarization and eApostilles The impact of e-technology on notarial acts: legal and technical possibilities and limits -relevance.
Part IV Statutes of Frauds. R2 § 110. Classes of Contracts Covered (1) The following classes of contracts [may not be enforced] unless there is a written.

Part IV Statutes of Frauds. R2 § 110. Classes of Contracts Covered (1) The following classes of contracts [may not be enforced] unless there is a written.
Jumping through Two Hoops HIPAA and State Law Compliance: the Problem of the Failure of Federal Preemption Bruce Merlin Fried, Esq. HIPAA Summit West II.

Jumping through Two Hoops HIPAA and State Law Compliance: the Problem of the Failure of Federal Preemption Bruce Merlin Fried, Esq. HIPAA Summit West II.
Documentation and Maintenance of Records What You Should Know and Why Program Training For Medicaid Providers of Home and Community Care Services Home.

Documentation and Maintenance of Records What You Should Know and Why Program Training For Medicaid Providers of Home and Community Care Services Home.
International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa.

International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa.
ELECTRONIC RECORDING – STATUTORY SOLUTIONS Patricia Brumfield Fry Professor of Law Emeritus University of Missouri- Columbia © Patricia Brumfield Fry,

ELECTRONIC RECORDING – STATUTORY SOLUTIONS Patricia Brumfield Fry Professor of Law Emeritus University of Missouri- Columbia © Patricia Brumfield Fry,
KSTCD Branch/HRD Section/TrainForTrade & STICT Branch/ ICT Analysis Section1 Module 2 Legal validity of data messages.

KSTCD Branch/HRD Section/TrainForTrade & STICT Branch/ ICT Analysis Section1 Module 2 Legal validity of data messages.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
1 Exploring Acceptance and Legal Nature of eRecords Within a Paper-Based Framework Electronic Signature & Records Association November 14, 2012 Rafael.

1 Exploring Acceptance and Legal Nature of eRecords Within a Paper-Based Framework Electronic Signature & Records Association November 14, 2012 Rafael.
Legality of Electronic Images under the Electronic Transactions Ordinance Presentation by Mr Alan Siu, Deputy Secretary for Information Technology and.

Legality of Electronic Images under the Electronic Transactions Ordinance Presentation by Mr Alan Siu, Deputy Secretary for Information Technology and.
Unlawful Internet Gambling Enforcement Act Final Rule Joseph Baressi June 3, 2009.

Unlawful Internet Gambling Enforcement Act Final Rule Joseph Baressi June 3, 2009.
International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa.

International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa.
Coping with Electronic Records Setting Standards for Private Sector E-records Retention.

Coping with Electronic Records Setting Standards for Private Sector E-records Retention.
Legal Issues on PKI & qualified electronic certificates. THIBAULT VERBIEST Attorney-at-law at the Brussels and Paris Bar Professor at the Universities.

Legal Issues on PKI & qualified electronic certificates. THIBAULT VERBIEST Attorney-at-law at the Brussels and Paris Bar Professor at the Universities.
Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.

Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.
6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.

6/1/2015MINISTRY OF ENERGY, COMMUNICATIONS AND MULTIMEDIA 1 PRESENTATION OF PERSONAL DATA PROTECTION BILL PRESENTATION OF PERSONAL DATA PROTECTION BILL.
In the CA I trust. A look at Certification Authorities James E. Shearer CSEP 590 March 8 th 2006.

In the CA I trust. A look at Certification Authorities James E. Shearer CSEP 590 March 8 th 2006.
NDSU Lunchbytes Are They Really Who They Say They Are? Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,

NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,
1 Streamlined Sales Tax Governing Board. The Marketplace Fairness Act of 2015(MFA) Grants state and local jurisdictions the right to require the collection.

1 Streamlined Sales Tax Governing Board. The Marketplace Fairness Act of 2015(MFA) Grants state and local jurisdictions the right to require the collection.
1 IT Security-related Legislation Judy Borreson Caruso CUMREC 2004 May 18, 2004 Copyright Judy Borreson Caruso, 2004. This work is the intellectual property.

1 IT Security-related Legislation Judy Borreson Caruso CUMREC 2004 May 18, 2004 Copyright Judy Borreson Caruso, This work is the intellectual property.

Similar presentations

Ads by Google