Two categories of e-signatures are described, each legally valid for distinct transactions and subject to distinct assessments criteria for their legal validity (RSA, 2002, s13). An advanced e-signature that is associated with a higher standard of trust, security and legal assurance and a second general category, for all e-signatures (RSA, 2002). This distinction may be summarised as follows:
Table 5.1: Distinction between E-signatures in South Africa Transactions for which the signature is legally valid
Criteria for Validity
E-signature
means “data attached to, incorporated in or logically associated with other data and which is intended by the user to serve as a signature”
Transactions where the parties require a signature but have not specified the type of signature
The e-signature must be:
An adequate method to identify the person,
Indicate the person’s approval of the information and;
with regard to the context and circumstances, at the time, the method was appropriately reliable for the purpose.
Advanced E-signature (AeS) means “an e-signature which results from a process which
Transactions where a signature is required but the law does not specify the type of signature
The accredited AeS benefits from a
presumption of validity subject to it being duly accreditation as set out in the ECT Act, unless
has been accredited by the Authority as provided for in section 37 of the Act” (RSA, 2002, s1)
Transactions associated with legal verification of information integrity or the identity of a person such as electronic notarising, acknowledging, verification, seals or making statements under oath
To secure the integrity of electronic information as evidence
the contrary is proven.
Note. Table 9 consolidates the ECT Act’s distinction between e-signatures and advanced e-signatures in terms of definition, legal transactions for which they are valid signatures and the conditions placed on their validity
The distinction in Table 5.1 is be characterised as a two-tier approach (Brazell, 2008) where both tiers of signatures, the AeS and the general e-signature, constitute legally acceptable signing for distinct transactions with distinct criteria for reliance. For
certain transactions e.g. where a signature is required in law or the signing a statement under oath, only the AeS is to be used and any other form of e-signature will not suffice (RSA, 2002, s13). For other transactions e.g. where parties require a signature to conclude the transaction or for legal communications, any form of e-signature may be used. Additionally, the use of each signature is subject to certain criteria for reliance. The general e-signature, for instance, must adequately identify the person and indicate their approval etc. The AeS must be duly accredited. The accreditation, discussed below, pertains to verification of the technologies and procedures of the service provider to ensure its trustworthiness. In effect whilst 5.2.1 reveals that e-signatures can be used in the place of handwritten signatures, the legal validity is subject to a test of (i) whether the appropriate signature for the transaction has been used; and (ii) whether the e-signature in question meets the criteria for reliance.
Thus the legal provisions are not absolute and the legal validity of a particular transaction calls for conjecture from the user in the circumstances.
The interviewees confirmed that applying this distinction takes away from the ease of substitution and presents uncertainty regarding which signature is the appropriate approval mechanism for the electronic transaction. Several interviewees agreed that the value of the respective e-signatures were not widely understood.
The DOC senior official believed that the public, the legal industry and the courts were not aware of the distinction. Interviewees were also asked which transactions benefit from the use of the AeS to assess the need in practical terms for the distinction. The common theme in the responses was the need for a set of criteria for the use of the AeS but with little consensus on what these criteria should be.
Possible criteria forwarded included:
transaction values, with a view that larger value transactions would benefit from the advanced signatures; contracting entities, legal transactions with government and business should require an AeS (as opposed to
consumer to consumer dealings);
mitigating abuse of public sector electronic systems for unauthorised transactions; intelligence and defence processes; and
documents that may be aggressively disputed in view of its capability to verify the integrity of an electronic document.
Interviewees did however agree that distinguishing the general e-signature from the AeS was a positive measure. According to the interviewees, the additional legal force and trust placed in the AeS relied on for example:
compliance with technical standards;
certification of its information security features; and
verification of the person’s identity face to face which mitigates non-repudiation of the transaction by the person.
The senior official of the DOC equally supported the distinction for the securing of higher standards and higher levels of assurance in the AeS.
From the above, the distinctions and definitions supported by the literature as strengthening the legal validity of e-
signatures are provided for in the legislation. The effectiveness of the provisions to explain the qualities, and functions of e- signatures appears, however, to be lacking. The support for distinction amongst interviewees is noteworthy, particularly the effect of producing higher standards for the AeS in view of the trust and legal assurance associated with it. The general confusion as to which transactions are suited for such higher standard of e-signature may, however, negate the intended effects of the distinction. This contrast may be characterised as positive legislative intent met with poor outcomes, particularly in view of the limited adoption of electronic and advanced e-signatures revealed by the interviewees in Chapter
Four. The question of whether amending the legislation to provide additional clarity emerges. Public awareness activities amongst a cross section of stakeholders need to be considered by the Authority or the AeS particularly will not reach the desired adoption levels.
The concerning implication of this ineffectiveness is that the electronic commerce benefits of trust, legal assurance and improved security from the regulation are not maximised.