The following summary is from a presentation given by ITD's General Counsel, Linda Hamel on December 2, 2004 (presentation still contains valid, relevent information) regarding MUETA.
- Ink signatures contained on a document
- Provided some comfort regarding document integrity
Imperfections of traditional signatures:
- Electronic copying can disassociate signature from document
- Signature pages can be replaced
- Wordprocessed pages can be replaced and altered without detection
The law pertaining to traditional signatures before e-sign:
Many Massachusetts state statutes and regulations:
- Require signature for a particular transaction
- Suggest what that signature must consist of
- Statutes of frauds: Some contracts not valid unless reduced to writing
- Various sections of the MGL and regulations
- Defined signatures loosely to include many different kinds of signatures or
- Defined signatures tightly to exclude many different kinds of signatures or
- Explicitly prohibited use of electronic signatures
Mass Common Law was liberal in regards to traditional signatures. Where validity of electronic records not at issue, courts treated them in the same way as paper records. In the absence of state statute specifying a "wet" signature, however, lower level courts permitted a number of different kinds of signatures. Negotiations conducted through email, fax and phone call satisfied Long Arm Statute
Lenient with respect to non-traditional signatures and records (e.g. facsimile signature). In addition, telegram is a writing under statute of frauds and State Trooper report signed via email was determined valid.
What is an electronic signature?
- E-SIGN and UETA both define the term electronic signature as:
An electronic sign, symbol or process [MUETA] Information or data in electronic form
- attached to or logically associated with a contract or other record
- executed or adopted by a person
- with the intent to sign the record
An electronic "sign, symbol or process", or electronic "information or data", that constitutes the signature.
- In the US, business and legal community concerned about validity of electronic signatures, contracts and other records under state law
- Some states pass electronic signature laws
- No uniformity; not technology neutral
- Global issue. 1996 United Nations Commission on International Trade Law ("UNCITRAL") Model Law on Electronic Commerce. Addresses electronic signatures
- Effective 10/1/00
- Goal: bring uniformity and technology neutrality to electronic signatures, contracts and records law in the US
- Mechanism: pass Federal law to pressure states to adopt uniform version of UETA
- Validates electronic signatures, contracts and other records for most transactions
- Preempts state law to the contrary
Reverse preemption provision
Exemptions provided for:
- Family law
- Hazardous waste transportation
- Some transactions covered by the UCC; but E-SIGN does apply to sections 1-107(waiver or renunciation of claim after breach) and 1-206 (statute of frauds for contracts pertaining to personalty other than contracts for sale of goods covered by article 2-201, securities and security agreements); and Articles 2 (sale of goods) and 2A (leases).
- Documents related to transactions in interstate and foreign commerce
- Only state government transactions covered are those related to procurement
- Limits state and Federal government ability to regulate in favor of hard copy records used in private transactions
Because E-SIGN did not cover most agency transactions, Agency Counsel needed to review Massachusetts statutes and regulations in order to determine whether their agency could use electronic signatures.
MUETA was enacted in Massachusetts in 2003.
- Effective February 18, 2004
- Codified at Mass. Gen. L. ch. 100G, Chapter 133, Acts of 2003
- Applies to any electronic record or electronic signature created, generated, sent, communicated, received, or stored on or after MUETA's effective date.
MUETA v. E-Sign
- MUETA applies to all government transactions, E-SIGN only to government procurement transactions
- Aside from their explicitly excepted provisions, E-SIGN covers only interstate and foreign commerce transactions, MUETA covers all transactions covered by the law of the state in which MUETA is enacted
E-Sign & UETA are the same:
- Electronic signature, cannot be denied legal effect or enforceability solely because it is electronic
- Signatures subject to E-SIGN/MUETA are also subject to other substantive law
Ex: state law regarding age at which person has capacity to create legally binding signature is not affected by E-SIGN
E-Sign nor MUETA state:
- To use a particular electronic signature technology; both are "technology neutral"
Agency Counsel Need to Know
- Does MUETA Apply? If so, what part?
- Is the transaction subject to consumer or other disclosure or notice laws?
- Does the ES comply with the standards issued by SPR, RCB and ITD?
- Is the use of the ES voluntary?
- Does the electronic system address the elements required by MUETA?
MUETA Applies to:
- Both "transactions" and government's non transactional activity
- Different sections of MUETA apply to transactional and non transactional activity
- Transaction is defined as "an action or set of actions occurring between two or more persons relating to the conduct of business, commercial or governmental affairs"
Example: issuing a license to a doctor to practice in Massachusetts
- Transactions do not include unilateral actions.
Example: Using an electronic system to approve timesheets.
If they apply, electronic signatures and records not necessarily invalid but can't rely on MUETA to validate. Exclusions include:
- Creation and execution of wills, codicils or testamentary trusts
- Massachusetts UCC, other than sections 1-107and 1-206, section 2 and section 2A of chapter 106
- Adoption, divorce or other matters of family law
- Court orders or notices, official court documents including briefs, pleadings, and other writings, required to be executed in connection with court proceedings
- Any notice of the cancellation or termination of utility services (water, heat, power); of default acceleration, repo, foreclosure, eviction, or right to cure, under a credit agreement secured by, or a rental agreement for, a primary residence of an individual;
- Cancellation or termination of health insurance or benefits or life insurance benefits, excluding annuities;
- Recall of a product
- Documents required by law to accompany transportation or handling of hazmat, pesticides, or other toxic or dangerous materials.
General provisions of MUETA say that SPR, RCB and ITD "shall determine whether, the extent to which and the manner by which such entities shall create, maintain and preserve electronic records, signatures and contracts and the method of converting paper government records to electronic format"
- SPR Bulletins
- 1-99 (email)
- 1-92 (fax transmissions)
- 1-93 (optical media)
- 4-96 (access and copying of electronic public record)
- Statewide Records Retention Schedule 04/04
- Guideline for documentation of recordkeeping systems
- Evolving standards for information technology in general, nothing specific re: electronic signatures yet.
Office of the State Comptroller and e-signatures on contracts:
- MUETA makes ITD the agency with authority to say when Executive Department agencies can use electronic records and signatures
- ITD is currently following OSC's lead in determining when OSC is comfortable having agencies use electronic signatures for state contracts, since OSC is the subject matter expert in that area.
- OSC has not yet authorized use of electronic records or signatures for state contracts
MUETA doesn't require any government agency to use electronic signatures
Nor does it require any citizen or business to use an ES when doing business with us; to the contrary, MUETA only validates electronic signatures when used voluntarily in transactions. Practical implication for agencies: always keep a paper option for those with whom your agency engages in transactions. Agency relying on MUETA for validation cannot force citizens or businesses to use electronic signatures for transactions.
Creating legally valid e-signatures:
By a person:
- Proper authentication of the signor.
Authenticate means to determine the signor's identity
Authentication can be complex or simple. Different levels of authentication can be chosen depending on the purpose of transaction. For some transactions, no authentication may be required.
Typically, look to factors such as whether signature is likely to be denied by putative signor, and legal significance of signature.
Example: U.S.Patent and Trademark Office trademark registration. Mickey Mouse can do it!
Mass DOR: Filing taxes
Mass. DEP: Filing for environmental permit
Compare: online application for welfare benefits
- Typical means of authentication: something you have, something you know
Ex: At ATM machine, you insert your card (something you have) and provide your PIN (something you know)
Ex: Criminal History Systems Board provides gun dealers with biometric scanners (fingerprint devices) attached to their PCS so they can authenticate holders of gun licenses
Executed or adopted:
- Not enough for user to be identified
- Has to take some step that indicates that he executed or adopted
- Click on a button that says "sign", "I Agree", etc.
- Present screens and choices to the signor that make clear what he is signing and that he is signing; capture his intent.
Attach the signature to the document, or logically associate signature with document
Protect the integrity of the signed electronic document. Document retrieved from the system must be identical to the document signed.
- Audit trail with good security
- Data authentication software
- Are placed on specific data like an email or web page
- Verify integrity of document signed
- Can be used to verify that the data comes from where it claims to come from
- Use cryptography
Holder of private key encrypts (can't forge unless you have access to this)
- Holder of public key can de-encrypt
- Meets all four E-SIGN/UETA requirements
- Challenging to administer
- Can't use with "strangers" because no widely used digital identities
- Certification authorities
- HHS HIPAA Security Regs
Myth of Nonrepudiation
Statutory and Common Law reasons for repudiating a traditional signature:
Forgery or Not forgery, but signature obtained under (1) unconscionable conduct by party to transaction; (2) fraud instigated by third party; (3) undue influence exerted by third party.
Forgery in Common Law Jurisdictions:
If a person denies that a signature is his, the relying party has to prove that it is truly that of person denying it. Onus of proof is on person seeking to rely on signature.
Traditional trust mechanism: witnessing the signature. He who would rely on a signature that is denied produces a witness who saw the signature being made.
Legal Nonrepudiation: Legal Movement to Reverse
- UNCITRAL Model Law on Electronic Commerce Article 13
- Alleged signatory would have burden of proof to show that he or she did NOT digitally sign a given document (i.e. that it is a forgery)
- MUETA does NOT support legal nonrepudiation
- Know your CIO and IT staff and ask them lots of questions
- Get involved in agency IT development projects from day one
- Review all ES components as system is being developed
- Apply the analysis set forth in this presentation
- NCCUSL notes on UETA are excellent and judges likely to find them persuasive
- Little case law on transactions covered by E-SIGN and UETA, but there will be more.
Information Technology Division
Commonwealth of MA