December 27, 2000, 2:27 PM — The first part of the Electronic Signatures in Global and National Commerce Act went into effect on October 1, making e-signatures legal. Other parts allowing electronic documents with e-signatures to replace paper copies are scheduled to take effect in March and June of 2001.
An e-signature must meet specific technical requirements before it can be implemented. To qualify as an e-signature under the law, a signature record must be unique, must verify the identity of the sender, and must be unalterable. Copies must be readily identifiable, and it must be easy to tell if a copy is authorized or unauthorized. Transmitted documents must have a means of verifying that neither the documents nor the signatures have been altered while in route from sender to receiver.
There are many potential advantages of e-signatures. A significant amount of time could be saved in complex negotiations by exchanging documents electronically instead of passing physical documents back and forth. Storing documents electronically instead of in paper form could save tremendous amounts of space.
Implementation of e-signatures is expected to be a slow, deliberate process. It took nearly 2 years for Congress to pass the law, and it still doesn't specify exactly what technology is approved for creating and tracking e-signatures. Companies must evaluate the law and decide which technology to use. Today's technology presents many options, including credit-card-sized smart cards that can be scanned into a computer and various encryption methods.
For example, digital signatures that use encrypted algorithms, in combination with passwords, can be employed to identify an individual. Public-key infrastructure (PKI) is one such technology. With PKI, senders and receivers each have two "keys," one public and one private. Passwords and specialized software encrypt and "lock" the document and signature, and a second set of passwords act as the "key" to open the "lock." PKI technology ensures that a document came from a particular computer, but the e-signature is only as secure as the computer from which it is sent. You must guard against unauthorized access to individual PCs when you use this method.
Other methods are also making their way into the marketplace, including some that use biometric identifiers such as fingerprints or retina images. Still, e-signatures must overcome a few barriers before they become mainstream. The law applies only to interstate or global commerce, so each state will need to implement its own rules for intrastate transactions.
Getting people to trust the technology is another hurdle. For someone leery of an Internet credit card purchase, committing to a large electronic transaction could be a real challenge.