Understanding digital signatures and the law

Digital signatures promise to make doing business faster and easier. Don't let a lack of legal clarity hamper your adoption efforts.

It's no secret that Australians have a healthy appetite for all things digital. Compared to other countries, we've been quick to embrace innovations including electronic forms, tap-and-go-payments and digital wallets.

True to form, Australia is also one of the world's fastest growing markets for digital signature adoption. Government agencies and enterprises use digital signatures for everything from streamlining patent applications to fast tracking bank loans.

Many small to medium businesses would like to do the same. But with limited time to navigate the murky world of digital signatures and the law, ink and paper signatures often seem the safer option.

It doesn't need to be this way. Here's a quick overview of what every business owner should know about digital signatures.

Fact: Digital signatures are valid in Australia

As far as Australian legislation is concerned, digital signatures have been an acceptable method for signing documents since 1999.

They stand up in court too. Australian court cases questioning the validity of digital signatures, including Getup Ltd v Electoral Commissioner, have been largely unsuccessful.

A digital signature can be just as valid as an ink and paper signature, provided that:

• You can identify the person signing the document and their intention
• The method for signing is reliable and can't be forged or digitally manipulated
• The person receiving the document consents to using digital signatures

With some exceptions, like certain types of property transactions, almost any document signed with a digital signature can be considered valid. If unsure, seek legal advice before going ahead.

Digital signature adoption done right

While the law says businesses can use digital signatures, signature scrawls created in Microsoft Paint won't cut the legal mustard. In the unlikely event that you need to prove a digital signature's validity in court, following best practices will increase the likelihood of success.

1. Identify the documents that your customers, suppliers and team will sign digitally

The most appropriate type of digital signature will vary depending on the nature of the document. A business contract, for example, may require more protection against forgery and manipulation than an employee leave request.

2. Choose a reliable method

The law says that the method of signing must be as reliable as appropriate for the purposes that the document was created.

To minimise the risk of forgery or manipulation, select a reliable and secure digital signature method. Look for technologies that associate the signature with hidden data, such as private key and public key cryptology. Your business may require one, or several, of the following signature methods:

• Certified signature: When added to a PDF, a certified signature verifies that the document's author has finalised its contents and wants to secure it against tampering.
• Approval signature: Used to hasten approval procedures by capturing electronic approvals and embedding them in a PDF. Signatures can be customised as user signatures to include an image (i.e. a physical signature or official seal) and various signature details (i.e. signing location, date, reason for signing).
• Visible signature: This signature method is the digital equivalent of signing a physical document with ink. This method is used when multiple users must sign documents like contracts and other agreements. – Invisible signature: Used to provide document authenticity, integrity and origin assurances, without a visible signature line.
• Device signatures: Identify the device from which the message is sent. The recipient can verify the device that signed the file, and whether the file has been changed after it was signed.

3. Get consent

Before requesting a signature on a contract or document, check that the signatory has agreed to use a digital signing method. If in doubt about whether consent has been given, ask.

***

When implemented in the right way, digital signatures are secure, user-friendly and legally compliant. While the laws can be mystifying, following a best practice approach that harnesses the latest digital signature technologies will help to ensure positive outcomes.