Efficient, Secure, and . . . Smiley? Legal E-Signatures go Mobile

by Ryan Anderson

on 07 April, 2016

A signature is a little bit of abra-cadabra. Take legislation, for example: some words on a paper transform from Bill to Law because the hand of a head honcho makes some inky swoops. But no ink was involved when President Bill Clinton signed in the Electronic Signatures in Global and National Commerce Act of 2000 (E-SIGN). The law, which established electronic signing as legally identical to the ink-on-paper kind, was made official through the President’s electronic signature ID.

E-SIGN states that a contract or signatures “may not be denied legal effect, validity, or enforceability solely because it is in electronic form.” And with that, voila: electromagnetic traces flowing and jumbling through the air and recombining into pixels on a screen now hold the same authority of a fleshy hand clenched around a pen.

But though E-SIGN — and its state-level equivalent, the Uniform Electronic Transactions Act (UETA) — seem to be a product of the digital age, they have deeper legal roots. In 1869 the New Hampshire Supreme Court found that a signature was a signature, whether it was written

“with a steel pen an inch long attached to an ordinary penholder, or whether his pen be a copper wire a thousand miles long. In either case the thought is communicated to the paper by the use of the finger resting upon the pen; nor does it make any difference that in one case common record ink is used, while in the other case a more subtle fluid, known as electricity, performs the same office.” (Howley v. Whipple, 48 N.H. 487, 488 (1869))

The dot-dot-dash of Morse code gave way to the gurgle-whine of fax machines in the 80s, and since then the abra-cadabra of signatures just keeps growing more abstract. And yet it works. People buy and sell, make promises and (more-or-less) keep them — and they’re doing it in ever-faster and more efficient ways.

It’s true that electronic signatures can be vulnerable to forgery and fraud, but let’s not romanticize the papery past. The typical digital version contains more evidence that a particular person signed a document at a particular time than it’s traditional pen-and-ink forebearers can. Within the legal community, e-signatures have long been trusted: in addition to being consistently upheld in court as valid, federal courts themselves have gone paperless, meaning their judges all sign their orders digitally. The legitimacy of the act is woven deep into the legal world.

Signed, Sealed, Delivered — But Is It Yours? E Signature Authenticity Questioned in Court.

But as legal scholars Moringiello and Reynolds note, “laws like E-SIGN and UETA answer the question ‘is it a signature,’ but not the question ‘is it YOUR signature.’” The legislation deliberately leaves open the question of what exactly qualifies as an e-signature (you can’t get much more vague than the E-SIGN definition of “an electronic sound, symbol, or process”). This means that when someone disputes the authenticity of a digital john-hancock, the question goes to the courts, where each jurisdiction has their own series of rules and tests to determine authenticity. There are rarely clear tests or rules for determining authenticity, with courts broadly “consider[ing] the context and surrounding circumstances, including the parties’ conduct.”

“laws like E-SIGN and UETA answer the question ‘is it a signature,’ but not the question ‘is it YOUR signature.’”

The times when courts have rejected the authenticity of e-signatures are instructive to those who want to use this new technology in their practice. Take Kerr v. Dillard Store Services, Inc., for example (No. CIV A 07-2604-KHV, 2009 WL 385863, (D. Kan. Feb. 17, 2009)). Dillards argued Kerr couldn’t sue them for discrimination because she signed an arbitration agreement electronically when she was an employee. But Kerr claimed she did no such thing — that rather the agreement was signed (by clicking a button online) by a supervisor instead. The court found:

“The problem with Dillard’s position is that it did not have adequate procedures to maintain the security of intranet passwords, to restrict authorized access [. . .], to determine whether electronic signatures were genuine or to determine who opened individual emails [. . .] Dillard’s has not demonstrated the efficacy of its security procedures with regard to electronic signatures. Therefore, its version of events is no more likely true than the plaintiff’s. For these reasons, this case basically turns on the burden of proof. Dillard’s has the burden of proof and its evidence that plaintiff executed the arbitration agreement is not persuasive. On this record, the Court cannot find that it is more likely than not true that the plaintiff executed the electronic agreement to arbitrate.”

A similar finding arises in Ruiz v. Moss Bros. Auto Grp. (232 Cal. App. 4th 836, 844, 181 Cal. Rptr. 3d 781, 788 (2014)), again regarding an arbitration clause. When Ruiz claimed he couldn’t remember ever electronically signing the agreement, the defendants couldn’t offer up any convincing proof that he did.

“In the face of Ruiz’s failure to recall electronically signing the 2011 agreement, the fact the 2011 agreement had an electronic signature on it in the name of Ruiz, and a date and time stamp for the signature, was insufficient to support a finding that the electronic signature was, in fact, “the act of” Ruiz. [. . .] For the same reason, the evidence was insufficient to support a finding that the electronic signature was what Moss Bros. claimed it was: the electronic signature of Ruiz.”

Another software mess giving electronic signatures a bad name can be seen in the unpublished case Adams v. Quiksilver, Inc (2010 Cal App. Unpub. LEXIS 1236 (Feb. 22, 2010)). The employee in this case claims that when she went to look at the release form for a background check, she didn’t have to provide any login or authentication, and her name already appeared in the form under the sentence “by typing my name I fully understand the above Notice and Authorization.” The court found that this signature also wasn’t valid.

Sophisticated parties are less likely to escape responsibility for proxy e-signing in these situations (see Via Viente Taiwan, L.P. v. United Parcel Service, Inc. No. 4:08-CV-301, 2009 U.S. Dist. LEXIS 12408 (E.D. Tex. Feb. 17, 2009), where the court found the plaintiff, as a business, should have expected a click-through set-up process that included a License Agreement with their new software, even if an employee of another company set it up). But as Moringiello and Reynolds, discussing the Kerr case, assert: “The lesson is clear: anyone who relies on electronic signatures must take care to ensure that the signature is valid.”

“The lesson is clear: anyone who relies on an electronic signatures must take care to ensure that the signature is valid.”

With unclear parameters and high stakes, attorneys and other professionals are increasingly resting their e-signing burdens on secure software and other online tools. Though there have been occasional leaks, breaches, and malware-spamming fiascos with some of the bigger names, online e-signature platforms have given attorneys a measure of relief in ensuring the validity of their client’s signatures.

Security and Selfies: e-Sigs go Mobile and Improve Security.

The big revolution with e-signature platforms has freed up attorneys and their clients to go paperless with the help of their PCs. But with the entry of new players there’s the promise of even greater mobility — and security — in the air.

And none too soon. Some are saying we’re currently witnessing “the biggest shift since the internet began.” We’ve hit the ‘mobile tipping point,’ where the internet is accessed more through smartphones than through a PC. 87% of Millennials have a smartphone constantly by their side, and consistently express a desire to shift more of their tasks onto the small-screen. But it’s not just the younguns catching on: there are now officially more mobile devices than there are people in the world, and they’re out-pacing us five-to-one. With some smartphones running as cheap as $30-50, people who have never been able to afford a computer now have a computing device that fits in their pocket. As these devices get more powerful, tech forecasters at are even predicting the obsolescence of the desktop, as many of us become phone-only in the future.

Filevine’s patent-pending Vinesign feature is taking the “big shift” seriously. Due to attorneys’ frustrations when important documents disappear in the chaos of an email inbox, Vinesign can text documents directly to the client’s or vendor’s smartphone, so the forms needing signatures are literally in their hands. The text message carries a greater sense of urgency: while 40% of all emails are ignored and left unopened, 98% of text messages are opened. Once their phones buzz with the news that they’ve got their forms, clients are able to sign and return them in seconds, creating a ridiculously fast turn-around (the fax machine wouldn’t have even started its first screechy gurgle by then).

And Vinesign’s intuitive, patent-pending verification process uses cell phones for the thing they’re best at: Selfies. Tech analysts are figuring out the selfie is not just a fad: as password-fatigue leads to increasing “poor digital hygiene practices” like reusing passwords (not to mention the bother of typing them into those small screens), the selfie will increasingly shift from playful-facebook-update to serious biometric security.

A few weeks ago, Amazon revealed they were looking into a pay-by-selfie process, and MasterCard is starting a pilot program of selfie-verification. MasterCard states the use of selfies will help guard against fraud and forgery, but it also is predicted to greatly reduce rejections of legitimate transactions, which are estimated to cost MasterCard around $118 billion each year, dwarfing the amount they pay from actual fraud.

For Vinesign users, new technology means that rather than concocting a new password, you’ll be able to receive the document, sign in the necessary spots, and take a photo of yourself to prove you’re the one doing the signing. It’s simpler for your clients — and also would have been useful proof in the e-signature disputes listed above.

Federal statutes, case law, and mobile technology have all cleanly paved the way for this moment when your signature-abracadabra can come from a snapshot of your own smiling face. The only twinge of regret you might have about this revolution in e-signatures? It requires no new federal legislation, which the next president could sign into law with a selfie.