Recognition and Enforceability of Documents signed with Electronic Signatures
26 March 2025Private Clients, Citizenship and Immigration
Introduction to eIDAS and Electronic Signatures
The eIDAS Regulation (EU) No 910/2014, effective since July 1, 2016, establishes a framework for electronic identification and trust services, including electronic signatures, to facilitate secure digital transactions within the EU. This regulation ensures that electronic signatures are recognized and can be used in cross-border transactions, enhancing trust in digital documents.
Types of Electronic Signatures
eIDAS defines three types of electronic signatures, each with increasing levels of security and legal backing:
- Simple Electronic Signature (SES): Any electronic data attached to or associated with other data, used by the signatory to sign. Examples include typing “Agreed” in an email or clicking an “I accept” button.
- Advanced Electronic Signature (AdES): Meets specific requirements, such as being uniquely linked to the signatory and capable of detecting changes. An example is a digital signature from platforms like DocuSign with identity verification.
- Qualified Electronic Signature (QES): An AdES created using a qualified device and certificate, offering the highest security. Examples include signatures from qualified trust service providers (QTSPs).
Legal Effects and Recognition
- QES: Article 25(2) states QES has the equivalent legal effect as a handwritten signature, and Article 25(3) ensures recognition across all EU Member States.
- AdES and SES: Article 25(1) ensures they are not denied legal effect solely for being electronic or not qualified, but their specific legal effects are determined by national laws.
Enforceability
- QES is enforceable in EU courts like handwritten signatures due to its uniform recognition.
- For AdES and SES, enforceability depends on national laws, with courts assessing validity based on context and jurisdiction.
Overview of eIDAS Regulation
The eIDAS Regulation (EU) No 910/2014, published on August 28, 2014, in the Official Journal of the European Union L 257/73, aims to create a secure and seamless environment for electronic transactions across the EU. It replaced the earlier eSignature Directive (1999/93/EC) and became fully effective on July 1, 2016. This regulation is crucial for standardizing electronic signatures, ensuring their legal recognition, and facilitating cross-border digital interactions.
Definitions and Types of Electronic Signatures
The regulation provides detailed definitions for electronic signatures, categorized into three types based on security and verification levels. These definitions are found in Article 3 of the regulation:
| Term | Definition |
| Signatory | A natural person who creates an electronic signature. |
| Electronic Signature | Data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign. |
| Advanced Electronic Signature | An electronic signature which meets the requirements set out in Article 26. |
| Qualified Electronic Signature | An advanced electronic signature that is created by a qualified electronic signature creation device, and which is based on a qualified certificate for electronic signatures. |
| Electronic Signature Creation Data | Unique data which is used by the signatory to create an electronic signature. |
| Certificate for Electronic Signature | An electronic attestation which links electronic signature validation data to a natural person and confirms at least the name or the pseudonym of that person. |
| Qualified Certificate for Electronic Signature | A certificate for electronic signatures, that is issued by a qualified trust service provider and meets the requirements laid down in Annex I. |
Article 26 specifies the requirements for an advanced electronic signature, including:
- Being uniquely linked to the signatory.
- Capable of identifying the signatory.
- Created using data under the signatory’s sole control, with high confidence.
- Linked to the data signed to detect subsequent changes.
Examples of these signatures, as noted in various resources, include:
- Simple Electronic Signature (SES): Typing “Agreed” in an email, a scanned signature image, or clicking an “I accept” button on a website
- Advanced Electronic Signature (AdES): Digital signatures from platforms like DocuSign, where identity is verified, and the signature is tamper-evident
- Qualified Electronic Signature (QES): Signatures created using devices and certificates from qualified trust service providers (QTSPs), such as those listed on the EU Trusted List, ensuring the highest security
Legal Effects and Recognition
The legal effects of electronic signatures under eIDAS vary by type, as outlined in Article 25:
- Article 25(1): An electronic signature shall not be denied legal effect and admissibility as evidence in legal proceedings solely on the grounds that it is in electronic form or does not meet the requirements for qualified electronic signatures. This applies to SES and AdES, ensuring they have some legal standing, though their specific effects are determined by national law.
- Article 25(2): A qualified electronic signature shall have the equivalent legal effect of a handwritten signature, providing the highest level of legal backing.
- Article 25(3): A QES based on a qualified certificate issued in one Member State shall be recognized as a QES in all other Member States, ensuring cross-border enforceability.
Article 49 further clarifies that while eIDAS establishes principles for electronic signatures, it is for national law to define the legal effect of SES and AdES, except for QES, which is uniformly treated as equivalent to handwritten signatures.
Enforceability and Validation
- QES: Given its equivalence to handwritten signatures, QES is enforceable across the EU. Article 32 outlines validation requirements, ensuring its authenticity through processes like confirming the certificate’s qualified status, issuer validity, and data integrity. Courts must recognize QES as valid, enhancing its enforceability in cross-border transactions.
- AdES and SES: Their enforceability depends on national laws. Article 25(1) ensures they are not denied legal effect solely for being electronic, but their probative value in court varies by jurisdiction. For instance, an AdES might be accepted in some Member States as valid for contracts, while SES might require additional evidence for enforceability.
Validation processes for QES are detailed in Article 32, requiring confirmation of:
- The certificate’s compliance with Annex I at signing.
- Issuance by a qualified trust service provider and validity at signing.
- Correspondence of signature validation data to relying party data.
- Integrity and security of the signed data.
Annex I and II provide additional requirements for qualified certificates and devices, ensuring high security standards.
Practical Implications and Examples
Understanding these distinctions is vital for businesses and individuals engaging in digital transactions:
- A contract signed with SES, like an email with “Agreed,” might be legally binding in some contexts but could face challenges in court without additional proof, depending on national law.
- An AdES, such as a DocuSign signature with identity verification, is likely more enforceable due to its security features, suitable for business contracts or employment offers.
- A QES, used for high-value transactions like real estate deals, ensures the same legal standing as a handwritten signature, recognized across the EU, making it ideal for cross-border legal documents.
Conclusion
The eIDAS Regulation provides a structured approach to electronic signatures, with QES offering the highest level of legal effect and enforceability, equivalent to handwritten signatures across the EU. SES and AdES, while recognized, have legal effects determined by national laws, highlighting the importance of choosing the appropriate signature type based on the transaction’s legal and security needs. This framework supports the growing reliance on digital transactions, ensuring trust and legal validity.