Is electronic signature legally recognised by law?
Digital Signature and Electronic signature (E-Sign) may be used interchangeably, to refer a signing tool for signer to sign on a softcopy. Signing is an action to infer that the signer has indeed, read, understand and agreed/approved to the content of a document. Traditionally, signing is done on a physical document or an object when the signer performs stokes on it, this includes fingerprint signing.
With the advancement of technology, signing today, can be performed digitally by affixing, name, mark and even drawing to the softcopy which we refer to Electronic Signature or Digital Signature. Although the purpose of both terms meant the same, however, they refer to very different mechanism in terms of framework, security and admissibility.
Electronic Signature
In Malaysia, Electronic Signature is governed by Electronic Commerce Act (ECA)[1] to refer any letter, character, number, sound or any other symbol or any combination thereof created in an electronic form adopted by a person as a signature. In another word, as long as an individual affixed his “name” on a PDF, that “name” would be regarded as an Electronic Signature. The main purpose of ECA is to recognize electronic messages in commercial transactions.
For an Electronic Signature to be admissible, the law requires that where a signature is required, and if the document is in the form of electronic message, an electronic signature must fulfill the following requirements:
- Electronic signature is attached to or is logically associated with the electronic message;
- Electronic signature adequately identifies the person and adequately indicates that the person’s approval of the information to which the signature relates; and
- Electronic signature is as reliable as is appropriate given the purpose for which, and the circumstances in which the signature is required.
Subsection 2 also provides that an electronic signature is as reliable as is appropriate if
- The means of creating the electronic signature is linked to and under the control of that person only;
- Any alternation made to the electronic signature after the time of signing is detectable; and
- Any alternation made to that document after the time of signing is detectable.
So long as the requirements laid down in Section 9 of the ECA is satisfied, then the requirements of the law on electronic signature is fulfilled. However, Section 10 of the ECA specifically provides that for documents which requires a seal to be affixed, such as Power of Attorney, Wills, Trust documents and Negotiable instrument (Bank Cheques), these documents were specifically mentioned under the Schedule of the Act, must not be admissible by Electronic Signature unless it is affixed by a digital signature as provided under the Digital Signature Act 1997.
Here, it clearly shows that our legislature distinguished electronic signature from digital signature.
Digital Signature
On a technical standpoint, Digital Signature, an enhanced version of Electronic Signature, provides a higher threshold of security measures compared to an electronic signature. Unlike an Electronic Signature, where the true identity of the signer can easily be faked, for instance person A signed the signature of person B through impersonation, Digital Signature provides a higher level of profiling towards the identity of a signer.
The Malaysian legislation has also provided the definition of Digital Signature in Digital Signature Act 1997[2], which stated as the transformation (created using the private key that corresponds to the signer’s public key) of a message using an asymmetric cryptosystem such that a person having the initial message and the signer’s public key can be accurately determine whether the message has been altered since the transformation was made. The legislation has provided a much more technical definition to Digital Signature compared to Electronic Signature. In a simpler term Digital Signature is a mathematical scheme for verifying the authenticity of digital messages or documents, which includes the signer and sender.
However, Section 62 of the DSA provides a set of requirements for a document to be legally binding:
- Digital Signature is verified by reference to the public key listed in a valid certificate issued by a licensed certification authority;
- Digital signature was affixed by the signer with the intention of signing the message; and
- Recipient has no knowledge or notice that the signer has
- Breached a duty as a subscriber; or
- Does not rightfully hold the private key used to affix the digital signature.
In Malaysia, there is only a few recognized Digital Signature options available which is certified and validatied by licensed certification authorities. They are:
- Pos Digicert
- MSC Trustgate
- Telekom Applied Business
- Rafcomm Tech
This would mean, documents signed by other foreign Digital Signing platform do not have the same legally binging effect since they do not have the appropriate license as the Certification Authority.
In summary, when Malaysian law mandates the use of a seal on a document, Section 10 of the ECA stipulates that a digital signature is the minimum requirement.
Before opting for either an electronic signature or a digital signature, parties should, especially when dealing with documents that traditionally require a seal, carefully consider the balance between:
(i) the convenience of electronically signing documents using e-signature tools, and
(ii) the legal risks associated with the potential challenges to the validity or compliance with statutory requirements of such e-signatures. If employing digital signatures in such cases proves to be overly complex or logistically challenging, opting for physical signatures on the document may still be a prudent choice.
[1] https://lom.agc.gov.my/ilims/upload/portal/akta/LOM/EN/Act%20658.pdf
[2] https://lom.agc.gov.my/ilims/upload/portal/akta/LOM/EN/Act%20562.pdf
Edwin is a corporate and technology lawyer. He is also the founder and deputy managing partner of Lee & Poh Partnership (LPP Law). Edwin has advised a range of companies from technology startups to multinational corporations on a range of matters. In 2020, Edwin was named as a Malaysian Rising Star by Asian Legal Business, a finalist for the Young Lawyer of the Year at the ALB Malaysia Law Awards as well as a lawyer in the annual ALB publication of Asia 40 under 40.
View his full profile here.