While data and privacy concerns slowed the initial widespread adoption of e-signatures, attitudes have drastically changed towards e-signing and electronic execution of documents during COVID-19. In this article, we discuss the use of cloud-based e-signing platforms to execute documents, and how to overcome the practical challenges that may arise when using these platforms.
This article looks at:
The Corporations Amendment (Meetings and Documents) Act 2021 (Cth) (Corporations Amendment Act) and the Electronic Transactions Act 1999 (Cth) (Commonwealth ETA) set out the rules regarding electronic signatures in Australia. Under both the Corporations Amendment Act and the Commonwealth ETA, e-signing is permissible where, in essence, the method of e-signing:
In this regard, using any of the major cloud-based signing platforms (such as DocuSign, Hello Sign or Adobe Sign) should enable these legal requirements to be met. These platforms rely on a process which uses the person’s nominated email address and digital signature, and has technological features to create a high degree of trust in authenticity, including certificate issuance, a time-stamping service, key management, hash signing and the revocation check needed for long term validation.
‘Certificate issuance’ refers to the digital certificate issued to bind a digital signature to an entity, while ‘key management’ refers to the management of encrypted and decrypted data through the use of encryption keys. A digital certificate provides the highest level of assurance of a signer’s identity. ‘Certificate revocation’ is a process that distinguishes invalid and untrusted certificates from valid trusted ones.
In effect, when you click “sign” on a document, a unique digital fingerprint (otherwise known as a ‘hash’) of the document is created. The hash is encrypted using the signer’s private key. The encrypted hash and the signer’s public key are then combined into a digital signature, which is appended to the document.
The signatory’s IP address and the date and time of signing is automatically downloaded into a PDF audit trail of information that is shared with other parties and may be adduced as evidence in Court proceedings should the authenticity of the document be challenged.
One challenge of using cloud-based platforms is the risk that another person may have access to a signatory’s email account at the relevant time and may apply the digital signature on their behalf. To address this, parties may wish to adopt the following methods in conjunction with the use of a cloud-based signing platform:
Another potential challenge that arises with respect to using cloud-based platforms is that it can be used for remote witnessing. Although we recommended witnessing in the same physical space where possible, witnessing can validly occur over an audio-video conference, and potentially hosted through cloud-based platforms.
Pursuant to Part 2B s 14G of the Electronic Transactions Act 2000 No 8 (Cth), the witness convenes an audio-visual conference with the signatory and attests to the faithful e-signing of the document. An audio-visual conference can be held over any preferred, secure online platform such as Zoom, Microsoft Teams or Skype.
When used properly, a cloud-based e-signing method satisfies the identification, intention and appropriateness requirements of relevant laws.
When choosing a cloud-based e-signature platform that is right for your business, consider:
We recommend that parties adopt a cloud-based e-signing method that is intermediated by a trusted law firm acting for one of the parties. If you require corporate legal advice with respect to e-signing and electronic execution requirements in Australia, please contact us below. We can quickly assess your situations and make immediate and cost-effective recommendations.
+ + +