Boost Your Operations in United States with Online Signature Legitimateness

How to eSign a document: online signature legitimateness for Operations in United States

hello everyone good afternoon and welcome to today's webinar hosted by the Federation of credit and financial professionals and our technology partner credit to be today we have Michael zwieback and Paul regali who are partners at Aaron Fox LLC and they will be presenting on electronic signatures in the business world just a few brief topics to get out of the way before we begin if you do have any questions during the presentation you can feel free to enter them via the question function in your side panel I'll take all those questions and gather them together and pose them to our presenters at the end of the webinar we also do have a soft copy of the slides available in the side panel under the attachments section so you can feel free to download those and follow along with the presentation the last item I'd like to cover is that we have a brief survey that will come up as you exit the webinar it really only takes about 30 seconds to fill out but it gives us a lot of great insight into how we can continue to make our webinars better for you so with that I'm going to pass it over to Michael and Paul and let them begin the presentation thank you very much and good morning and good afternoon to the participants of today's webinar we looking at the specific topic area of electronic signatures and electronic records this is a an extremely broad area that is rapidly developing we we are seeing this in in every type of transaction from financial transactions as you see you in general pull transaction roaming the exchange of records sorry we had a little bit of a feedback issue in commercial transactions involving exchange of records and we also as part of our presentation want to talk to you a little bit about issues concerning security pertaining to electronic signatures and records and how sort of those issues fit within your over all information security and governance program we are going to talk a little bit about EMV today which is the europay MasterCard and Visa program that all merchants are going to be subject to starting october one this is a very hot topic right now and something that we are going to explore a little bit but it would take an entire webinar in and of itself to explore all aspects of it so with that I'm going to turn it over to Paul to discuss some of the very specific starting points and legislative issues and frameworks that deal with electronic signatures thank you Michael so the what I want to do to start out is really just give a summary of the two key laws that kind of govern electronic signatures and electronic records in commerce and this has really been a movement that's now about 15 years old in terms of legislating these electronic signatures and electronic records acts prior to that if there wasn't really a uniform statutory framework for how to deal with these but in two thousand the federal government got involved and passed the electronic signatures in global and national Commerce Act which is appropriately coined e-sign I was enacted in june of two thousand and it established the validity of electronic signatures for interstate and international commerce so this was an important kind of turning point and has really kind of a watershed moment in opening the door for electronic transactions to become much more prevalent what a sign does is it applies to federal and state law and it estab in it and it basically codifies that an agreement is not invalid merely because it was entered into in electronic form or it was signed with an electronic signature before I sign you'd see any number of challenges court challenges to the validity of agreements on the basis that they you know that there wasn't a wet ink second signature that it wasn't in traditional paper for a hard copy format and you know and those types of questions so II sign is was really a watershed moment in 2000 be in addition to e sign there's the what's called the uniform electronic transactions Act that's called the you ETA and a lot of respects it was written and adopted by a commission that is responsible for drafting and advocating the passage of uniform laws within all of the 50 states and as of today 47 states have enacted the you ETA all states except for Washington New York and Illinois and those states have each adopted their own similar statutes the you ETA applies to state law only and so those transactions that fall outside the sign act because they don't deal with interstate commerce or international commerce are governed by the you ETA to the extent that a state like Washington or New Yorker Illinois has adopted something other than the you ETA it generally cannot be any narrower than the e sign act so these are the two laws that really have opened the door for electronic signatures and electronic records over the last 15 years there's something that you if you study the e sign act or the you ETA or you're interested in that in in this movement you'll hear people refer to the three pillars of the e sign and you ETA it's basically that the three main concepts that these laws aim at addressing the first is that a record or signature may not be denied legal effect merely because it's in its electronic form the second is that if a record is required an electronic record is sufficient and third is that if a signature is required an electronic signature is sufficient so these three pillars really address the the main objectives of the e-sign act in the you ETA that we talked about with respect to the last slide there are of course some statutory exceptions to be sign-in you ETA most notably their wills and testamentary documents as well as some UCC transactions the law has not come around to allowing those records to an agreement to take an electronic format in the same manner that it has with respect to other commercial transactions one of the things that we want to emphasize throughout the presentation is that the concept of an electric signature as as it's been talked about is that it's really much more than our traditional thought process process with respect to signatures generally it's it can be a variety of different things it's not just simply the as you'll hear references and sort of the old case law to the marital signature where in essence the process was that someone was confident to sign a particular piece of document to attest to the fact that it was it was they were the person who were actually presently attesting to the fact that they were engaging in that particular type of transaction and typically there was a witness who might you know place their ex or whatever on a particular document and you still see documents like today that are sort of what I would call old-school methods of authenticating and authorizing specific transactions but with the advent of electronic signatures what we find is that you know sounds symbols or prophesies attached to or associated with a contract or other record and executed or adopted by a person with the intent to find the record that that's sufficient and so we have to sort of think about what what does that really mean in terms of the the whole gambit of possible electronic signatures well it means that we could use pin codes for example it means that we could use passwords to access a particular document as many of you have probably seen you have situations in which documents in standard commercial transactions require that people's you know sign their initials to a box well you don't get that in the electronic document that sent to you via computer you get mouse clicks and so you have to find ways in which these new types of signatures new ways of authorization can be maintained in a way as a record and under the you HEA in the e sign these records have to be available they have to be maintained in a method in which if if there is some question mark about the authorization or authenticity of a particular document that that that people have access to that and we'll talk a little bit about authenticity and authorization later in the program but it's we have to think about these things very broadly now and think about that you know electronic clicks really are the methods by which some things are in fact authorized and commercially valid so such that the other side cannot simply repeat you repudiate a record now with respect to the components of e sign Paul's going to talk about the issue of consent but there are a variety of legal hurdles which we're going to address in this and I'm going to turn it over to him as so as Mike was saying now the notion of a signature is much broader than it ever was before as we start dealing with these electronic transactions but II sign and the you ETA are very clear that notwithstanding the breadth of what can be considered a signature there are some fundamental components that the signature must include in order to be considered valid under the law the first and most important and probably the most obvious even to non-lawyers is consent consent is required to use an electric the to use electronic records and electronic signatures in lieu of traditional documents so parties to a commercial transaction have to be aware of the fact that they're engaging in a transaction that is going to be consummated in an electronic form or involve electronic components including electronic signature and consent to that format of transaction consent can however be implied which is important it means that merchants or retailers or any more engaging in a transaction that they intend to use electronic records or electronic signatures for you don't need an express statement or express written consent from the person you're dealing with it it just needs to be implied and this is extremely important as internet and web transactions have become more prevalent and less and you know the digital age is allowed for more and more transactions to take place digitally and instead of in a face-to-face format the next is that consumer transactions require an even more formal degree of disclosure and consent though then you're then a business-to-business commercial transaction so again your consumer transaction might be you know how that purchase of the household goods such as a washing machine or a dishwasher or computer piece of software consumer transactions require a formal consent instead of merely implied consent and their have disclosures to the consumer prior to then so the consumer has to be informed that he has a that he or she has a right to receive paper documents they have to be notified of the scope of the consent that they are giving and this is important as more and more people enter into you know software-as-a-service transactions or any type of other kind of consumer service type transaction where you might purchase a computer for example and expect software updates or you might purchase a phone and expect software updates over time the consent needs to make it clear to the consumer whether or not they are accepting and consenting to the use of electronic records and signatures for only a specific single transaction again for example the purchase of the phone or form any form any follow-up transactions like all of the software updates that might come follow the purchase of the equipment the consent needs to notify the consumer how he or she can withdraw consent if they no longer want to receive electronic records or use electronic signatures and it must notify the consumer if there are any conditions regarding the access to paper documents and what those conditions are one of the things that we want you to keep in mind as we're going through that this particular presentation is you know the advent of electronic records is really a fantastic thing for commerce because it is designed for ease of use in terms of multiple approvals it's designed to expedite transactions in a way that before required very traditional sort of you know documents being generated then sent to a particular user and in international transactions you have to wait for the mail to get something back and sometimes you wouldn't even know if in fact the person who is purported to be the signer is in fact the person who who was the contracting party so that was something that was a gap and there's a whole slew of cases about methods of authentication and authorization that formed around those types of transactions and electronic signatures and record-keeping are really truly designed to sort of eliminate a lot of the issues with respect to that the e sign act and the you ETA do have components which talk about record-keeping and when we talked about early on the fact that this is part of your information governance you know pues that everyone has to deal with today it truly is because the act whether it's the e sign or you a TA roquat you know says in fact that electronic records are sufficient to comply with record-keeping requirements but that what what is most important about that is that the records must be accessible to those who are entitled to it and what they mean by that is not only do they have to have acted the parties to the transaction have to have access to it but it has to be in a means and format that allows there to be an understanding of what exactly was transactions acted how do we verify that in fact certain aspects of the record were in fact assented to and so those are things that you have to consider when you deal with your various different technologies in terms of how are we going to demonstrate that in fact not only is this record the record of the transaction but also that it's that it's a record that is readable and understandable to the parties so that the transaction can be consummated and or implemented the the uat a as we said allows for transactions to be formed without human interaction but merely by electronic transactions when we need to think about what that means again if anyone has has done a house refinance lately typically you'll be sent to your email a document with e-sign it may be through verisign software or some other type of software and it's simply a bunch of clicks on the keyboard including a typed signature that that you would type in to express your consent to the transaction and the fact that you're authorizing that so you have to then start thinking about well let's say that you know a part of the transaction doesn't go forward and we need to validate portions of that that document so how are we going to do that and there are sort of recognized technological issues that and and other things that that are now being implemented so that it will help in determining that issue of authentication so as any of us as trial where's you know Paul and I are trial lawyers generally we also do advise we also do advise businesses from sort of the 10,000 foot level and we deal with information security governance you know we all know that electronic signatures and electronic records are not so authentic ating what does that mean it means that the signatures or the mark whatever is indicating a consent to a particular provision of the record in and of itself that check doesn't demonstrate that for example if i send something to Paul and Paul was the check mark on it I never see it I never seen that Paul is checking the box I don't really know if he's behind the keyboard and when he sent it back to me and if our relationship goes bad and I need this to paul i need to figure out a way to demonstrate that that contract is valid so there are ways to do that a party seeking to enforce an electronic record or a document signed by electronic signature must prove that the other party actually executed the agreement that's part of authentication how do we authenticate well in traditional forms where there were actual signatures we did it a variety of ways we had witnesses that would say I recognized all signature and I know that Paul signs with a particular type of pee when he signs his first name and I can bring in five different people from his family who will all say yes that's Paul signature or someone who said I witnessed Paul sign that particular document now technology sort of if you will complicate it in terms of the explanation that's going to be given but in some sense it also stream lines because it makes it more specific to demonstrate that that particular document or provision of a transaction and we can be talking about a financial transaction as well that that in fact was something that was authorized by by the individual by Paul in this case as the person who who in fact find the document so this is where digital signatures come into play and many people think that a digital signatures just synonymous with an electronic signature but there really is a distinction and if you think of the e sign act and the you ETA that mike and i both spoke about at the beginning of the presentation as as being the really big tent under which kind of all of the advent of all this technology and this field of law has kind of evolved then as you start getting down to the digital signatures we're moving down into narrow or subsets of it the digital signature is really a subset of electronic signatures and there's there's not a universal definition of a digital signature but it's been defined by many different entities and trade associations it's been defined in different pieces of legislation in different ways but the general common denominator among all the definitions of digital signature is that there is some method built into particular electronic signature that allows for someone to authenticate the transaction and authenticate the signature so if you take a look at the slide that we have on the webinar here we've pulled up two examples of definitions of digital signatures that we found in statutes me and those give you some indication as to what a digital signature is you'll see that in the guide to medical privacy and and HIPAA concerns that addresses what a digital signature is for health care transactions you'll see that the definition expressly describes it as including a cryptographic method of originator authentication and again this is this is very much like when the transaction that very similar to the transaction the Mike was using as an example with the refinance and you get the email with verisign or some other service those services those pieces of software are basically have developed proprietary digital signatures they have a methodology for including a cryptic a cryptographic method of authenticating that signature you can see that the California government code uses a little bit more of a simple definition of it but it also again expressly provides that there is an electronic identifier in the signature the characteristics of an Ignis digital signature are essentially that exactly what you know exactly that if there's an electronic identifier that there's some cryptographic means of doing the authentication that we were just talking about generally the digital signatures represented in a computer is a string of bits of some sort some sort of unique identifier that's a bunch of that you know maybe binary codes it's just a bunch of ones and zeros or or for those that are more tech-savvy some other kind of program code that's in the background that's stored and is unique for that particular signature and that particular transaction a digital signature can be generated I am stored in trends on stored and transmitted data so it doesn't need to be something that exists only on a hard drive it can be something that it exists on transmitted data so as Paul said part of the signature definition that has been used in the HIPAA area is you know incorporates the term cryptography and and I don't want to go too much into what the science is and you know use too much in the way of cyber speed but you're going to get a little dose of that at this point because it's sort of important to understand what the the providers of sort of the and the vehicle through which the digital signatures have to occur in order to sort of consummate the transaction cryptography generally is a method of obscuring information and you'll hear a lot about if you read about dignity digital signatures that cryptography is utilized in some way in order to obscure information from point A to point B and so what does that means we're than the modern lingo because cryptography it goes all the way back to actually you know Egyptian times and in some respects because it is just a general definition but but what you hear now more frequently is well how do we encrypt the data what do we do in order to transmit the signature or the payment information which is something that will be talked about later in EMB how do we create sort of that virtual tunnel through which I know that my when I transmit the information that I want Paul the sign that there's a tunnel and that only Paul is going to be the one who's going to be able to in fact consent to the transaction verify that he wants to be a participant to the transaction and in fact fixes his electronic signature well the what they have used in this particular area is something called the private key public key type of encryption of data essentially think of public key as you know it's a ticket to get into I suppose the movie theater and we all sort of know that you got to buy this ticket my computer knows that I have the ticket it also happens to know that Paul's computer has the ticket but it's only the printing on the ticket and in some form whether it's through hash value AG algorithms which really starts to get into cyber speak or Shaw algorithms but it's it's those keys that yet at a more granular level that says okay we have the tunnel and I'm going to transmit data to Paul and Paul is going to have a very very specific key and he's going to login and he may have to follow a link and he's going to get that private key and once he gets the private key then he can unlock the information and it's going to show up in the form of the document the document is then available to him this key is unique to his computer and his computer can then go through and therefore verifying that it's him who is actually engaged in the transaction through a variety of passwords and he can go through the document and then in fact validate what it is that I need him to validate or transmit the payment information as I need him to transmit that information is then sent back to me and the way that I get access to his information is that because he's initiated the process I also know the private key and I can now use that to unlock the information and have a verified consummated authentic authenticated transaction now how has that show up it shows up in the form of things called hash values hash values essentially without boring you with the computer science is a way if it's in essence an algorithmic fingerprint it's a way to establish that a particular transaction is identified by a unique set of numbers and that's the method through which digital digital keys and now digital signatures are verified and therefore authenticated the digital signature standard has been approved by the Department of Commerce it's it has been changing there have been suggestions that perhaps biometrics should also be included as a further means of authentication biometrics essentially are you know fingerprint data retinal scans things like that that's sort of the next generation but i'm going to digress for one moment here to just say that it is interesting that in the paper this morning that OPM is trying to figure out why it is that chinese when they into the OPM database that they took 11 million federal employees fingerprint cards and a lot of experts are opining that the use of that biometric data can be utilized in some form of a sort of validating transactions in in in fraudulent types of schemes and so it just demonstrates that all this information must be under extreme lock and key when in fact we go the route of utilizing it EMV which I'm sure for a lot of you is something that is is near and dear to your hearts because you have to deal with you had to deal with changing out your your payment card processing systems to to move over to this EMB is not really a very fancy acronym it just really stands for you Europe a MasterCard and Visa it is an international standard that defines the operability the interoperability of secure transactions and payments we know it to be essentially the point of sale terminal transaction where credit card information and/or ATM type banking information is transmitted from the vendor to the bank and ultimately the vendors account to get payment the change really was that the old method which is the one that was used in the United States for a long long time was the old strip in the back of the card and that was sort of a static method of authentication the document the card itself always registered the same code there was no variation and that code was red and there was very by the machine and then it was transmitted for payment it was an easy target for fraud the Europeans actually embraced EMV very early in order to create this more sort of random sequencing of information that is sort of sort of unique to each transaction and and it creates a digital signature just like we talked about before but it's one that is more much more difficult to replicate there is encryption to protect the pin and not the pran's action data and of course there's an overlay with PCI and your payment card industry standards that there is supposed to be end-to-end encryption from terminal to terminal and ultimately to the bank in terms of processing the digital signature if you will all the way through the transaction and again its purpose is to reduce fraud so PCI is that Mike just mentioned is another digital signature standard and it's it's unique to the payment card industry it's currently in its third version its version 3.1 which is published in April 2015 and it is developing and evolving extremely rapidly believe the first pci digital signature standard was published in 2010 and it seems to be evolving on an annual basis if not more rapidly than that what the data security standard does and with respect to the payment card transactions as it's meant to complement EMV because as Mike mentioned although you have with EMB a much more dynamic and much more secure digital signature and transaction the they're still data that's being collected and that data needs to be protected so again this really is just an emphasis on the fact that as digital transactions and electronic transactions become more and more prevalent it it's providing a lot in terms of convenience and and commercial opportunity but it's also leaving behind all of these these pieces of data that need to be secured so the PSI DSS has been adopted to protect data that's collected in EMB transactions as well as non EMV transactions so think for example when you go to the store and you're at the payment terminal and you have to put in your pin to use your card whether it's an EMV card or it's not an EMV car that's data that has then been transmitted by you to the terminal and has potentially been stored so that needs to be protected and the PCI DSS outlines the technical and operational requirements that are that need to be implemented in order to protect that data in the payment ecosystem and again it complements am the EMV is really meant to create a more secure transaction and the PCI DSS is intended to secure the information that is used in connection with that more secure transaction or even more so the transactions that are less secure than EMB as Mike mentioned the USA is late to adopt EMV this is the EMV has been used much more prevalently in in Europe ing to one study there as of 2012 which these numbers are obviously a little dated but they illustrate how slow the United States has been to adopt DMV as of 2012 be there were only 1.5 million EMV cards issued in the United States as compared to more than 800 million in Europe during that same period of time the payment networks have initiated a liability shift that will begin affecting merchants and retailers beginning october one of this year this is likely why that Mike mentioned that this is near and dear to your heart the liability shift is basically meant to put some pressure by the card issuers on the merchants and retailers to begin accepting more responsibility for the security of transactions and the and the authenticity of transactions and so retailers that have not installed and began to implement the use of EMV terminals as of October one will then begin bearing the risk of liability for fraudulent transactions that transition that traditionally was born only by the card issuer EMV is really an opportunity to address you know the future of e-commerce it's you know while it's while it has been adopted for a long time and used very prevalently in Europe as we talked about it is new to the United States and its really a sign that we're beginning to look to more sophisticated technologies in order to address our security concerns in payment transactions and commercial transactions more broadly in these dynamic chips don't do specifically address security concerns related to say for example online transactions so you know as as lawyers and as retailers or you know other commercial entities we really need to begin to focus on what might come next what other technologies might be adopted in order to enhance the security of of commercial transactions and electronic transactions including online transactions Mike mentioned biometrics you know there there's a possibility there would be more dynamic pass codes and other forms of chip authentication and there's all sorts of other technology that may be coming down the pipe here so it's important that we you know as those of us that are interested in the field that we stay abreast not only on the evolving technologies but also how that might impact the legality of any particular commercial transaction we engage in or our obligations to protect the data that we encounter and avoid you know enhanced liability at the expense of enhanced convenience as we talked about the biometrics issue I just want to say I think what you know what we're going to continue to see is we're going to continue to see the electronic signature or electronic assent to transactions continue to dominate and you're going to see less and less actual paper signings I think what you're also going to see is you're going to see the elect the use of the electronica sent as a method of while it's a method of implementing a transaction and its terms you're going to see the security areas around it also become more robust as as these transactions take on more of a sort of a daily and central focus in your businesses from day to day biometrics is certainly one area where there's been a lot of discussion you don't have to look far past your iPhone to see that you know even even iPhones have adopted biometrics in in rudimentary form to to validate that you are in fact the user of the phone through your fingerprint retinal scans are starting to become increasingly used in certain types of transactions and interactions where verification of an individual and the individual participation in some form of exchange would say the government or something like that becomes increasingly important so security it hopefully you'll come away with the fact that this is something that is extremely important from the standpoint of while the signature itself allows for greater ease of use and that it certainly facilitates transactions and global commerce there is sort of another component to that which is inextricably intertwined and that is the security component because we're always trying to figure out how to keep this information secure in some form or fashion and that is sometimes a 24-7 job I will tell you that you know a little bit about some of the risk issues you know retailers it's not going to be a surprise to you that you have to be PCI and DSS compliant if you accept transmit or store credit card information data that's something that's mandated both by some of the PCI standards some of the terms of service by the various different credit card holders it's even mandated by various different federal and state laws which which affect some of these particular areas sort of a bad scenario you know nightmare if you will from a business perspective is if you don't maintain those types of standards and aren't vigorous about this that you know the class action lawyers view this is their next growth area and they're looking for opportunities for class wide liability for data breaches involving you know retailers failure to implement EMV could be a basis to to in fact provide a cause of action for them because EMB is considered for better or worse the new standard with respect to transactions so we need to be thinking about all these things it's not just one singular area it's really part of an overall theme of information governance and I think at this point we've come to the end of our our webinar and we're happy to take questions I also at the very beginning of our presentation we have our email addresses so if there's anyone who wants to reach out to us and has a specific question will try to address it all right great we do have a couple of questions that have already come in online if anyone does have any questions additionally you can feel free to pose them via the questions function now so the first question that we have is our electronic signature is valid anywhere internationally as well under the e sign act yes so in turn to the extent that you would be enforcing that international transaction in the United States yes if you were to go to court in some other country to try to enforce the agreement then you might be sub depending on the terms of the agreement and which law is supposed to apply there may be some question as to whether or not that host country or forum state has adopted something similar in to the extent that you or any any of the Euro nations or you know any of the major you know economic partners of the United States there wouldn't be a question too much concern about the validity of electronic signatures electronic agreements and they're pretty pretty much universally recognized and acknowledged as you start to get you know to more emerging states and states that have less robust statutory schemes then there might be more of a question but this is you know it's an important it's an important it's a very good question and it's an important point for reminder for parties to think about where they're going to litigate disputes arising from their agreements before they consummate that agreement so that it's very clear in the terms and that it's clear what terms apply so you extent that you're engaging in that you're entering into commercial transactions and contracts with companies abroad then you know it's important to think about whether or not you those want them you want the those to be handled in you know US courts and whether or not there's jurisdiction over the party you're dealing with or whether or not you wanted to be handled in arbitration here in a particular state or in front of an international arbitration tribunal those are all concerns that everyone should be thinking of when they enter into their commercial transactions whether electronically or otherwise all right great the next question we have here is our banking institutions accepting electronic signatures when references are being requested increasingly yes they are and you will see that many many of the large financial institutions are in fact utilizing various methods of EE sign in order to you know validate or accomplish these types of transactions all right great we have a couple questions here on commercial credit applications too so the first one is our eSignatures valid on them on commercial credit applications as a as a general matter yes again in a credit situation like Mike was mentioning the credit the creditor the banking institution has a great deal of leeway to kind of define the parameters with win within which they want to deal with their consumers or their applicants but under a sign and you ETA those are generally that's that's generally a a a category of transactions for which an electronic agreement would be or an electronic signature would be permitted oh and a lot of it goes back to what Paul said earlier which is a lot of it also depends upon what the parties are contracting and so the terms of the contract will ultimately govern whether or not it's acceptable but as a matter of law yes I mean it was really these are really the types of transactions right now that are the most heavily reliant upon these signatures all right great the next question we have here is ken electronic signatures be notarized as that that's a really interesting question from a pragmatic standpoint I'm I'm gonna go out on a limb here and say no just because I have not seen any technology that's offered that service so you know software providers and entrepreneurial people out there maybe maybe there's the next the next frontier but you know generally the objectives of having a notary on on having an agreement notarized and the requirements of the notary are going to require there to have actually been a an in person in person witness to be an execution in the agreement and a physical signature by the notary about that you know that that actually took place and I'm going to follow up and say you know I suppose there could be a scenario where if you wanted to be doubly sure where you could be sign a document and then subsequently like for example in an escrow situation then take it before a notary and require both the signature and and the notarization you know the eSignature because of the md5 hash that's supposed to sort of recognize and and and uniquely identify the transaction that's supposed to be in some ways a substitute for the more significant issues attached to a notary but I can see a scenario where you know a party would say we want to we want to have both an eSignature and then subsequently have a document that's that's notarized separate and distinct from the signed document I don't there's nothing that precludes that from happening right that yeah Mike's righted I just think that the you know the important takeaway is at this point there's no way to elect chronically notarized a document might still need an actual witness who's a licensed notary and is given and has the authority to administer oaths and and do all of those things all right the next question we have is wouldn't electronic signature hold up for a personal guarantee depending on the content on the subject matter of the contract yes okay it is as good as any signature so yes all right um next question we have here is can you share some of the pros and cons of the different methods of electronic signature specifically using a simple acceptance of terms versus a more image based publishing publishing of a signature like Adobe are you is the question referring to a specific format of a digital signature or just electronic signature more generally I believe it's talking about a digital signature well the use of the use of a digital signature period is preferable to just an electronic signature because it provides the basis for authentication as Mike spoke about in the presentation to the extent that youth to the extent that there's less interaction between the parties to the commercial transaction that becomes increasingly important because the basis for authentication becomes or the need for authentification is is likely to become a bigger issue if you're dealing with a business to business transaction negotiated between in-house counsel at a company or you know the COO and of one company in the COO of another company and there's an extensive record of emails between them and face-to-face meetings then in a simple electronic signature you know is more likely to be sufficient there's there's just going to be you know plenty of records that that will mitigate against any risk that someone is going to disavow that they signed the agreement and in theory there there really should be the way that the that the transaction is supposed to be sort of uniquely identified is is essentially the same whether you use Adobe or whether you use some other method because ultimately it's going to be done the authentication will be done by an md5 hash which is probably too much computer speak algorithm and that algorithm is going to identify the transaction through unique signature algorithm which is essentially as good as a digital fingerprint you know when when people talk about trying to verify something electronically as being unaltered versus the original document well the way that that's done is by taking a sort of the what's called the hash value of the original and compare it to the hash value of the altered and that will tell you whether or not it's an identical document in and of itself and so or not and so essentially the the technology whether it changes a little bit and you use the adobe version or not ultimately is going to depend upon certain mathematical algorithms to verify the transaction okay the next question is should if there is a commercial credit application should they address that they would accept eSignatures as valid yeah they can certainly do that in the terms of in you mean in the terms of the agreement yes yes yeah I didn't take a general matter any opportunity to borrow a new term to define your term should be seized upon yes ok the next question that we have is what is the current case law in situation where someone claims fraud and can prove the signature was not their own and how prevalent are these cases be coming with assigns becoming more accepted there is very little case law in this area we looked for case law in this area and found what nothing and then we will find a single published opinion right in this particular context it's interesting because we expect the prevalence of fraud with respect to these types of transactions to have increased but at least right now in the aftermath of the sign act we have not seen a lot of litigation over the these particular issues it really it really does though highlight again just to go back to another issue Mike was talking about during the presentation is kind of the important interplay here between data security and then these transactions you know we I wouldn't be surprised if as more and more data is exchanged and stored that people get mortared that you know fraudsters get get more sophisticated in their ability to apply that data to digital signatures and to electronic transactions and we see more of that stuff all right great then it looks like the last question that we have here is sort of a hypothetical situation and the question is if it's a signed document is sent to a client via email and they claim that someone else find it instead and how can they maintain the legality of the death of the signed document and his consent if there is a way well this this again goes to whether the first question you have to address is whether or not you're using a digital signature and then as Mike was talking about what is the what's the architecture of that digital signature program if you go to the real common example that might relied on during the presentation of the refinancing situation you might get your an email from your mortgage broker with the documents that need the disclosures that need to be signed but there is that's not a simple electronic signature that the digital signature it generally involves a DSS compliant you know proprietary on digital signature program and some sort of authenticating information in order to activate it so that's why you know you'll often have to put in you know mothers may name the final four digits of a social security number or something like that the so to go back to the hypothetical I would say that you know if you think that there's a risk of that happening then it will make your investment in some sort of digital signature program or methodology all the more worthwhile and and to the extent that it has happened then you're going to need to probably talk to your signature vendor to ensure that those those sort of backup systems in terms of the md5 hash values and those sorts of things which verify that the transaction was in fact consummated that those are available to you and can be used if in fact this is someone who is now repeated repudiating that that he engaged in the transaction and worst-case scenario to the extent that it's ever litigated then it will just become an evidentiary issue for the Trier of fact and you know as trial lawyers Mike and I deal with cases all the time where there's disputed issues of fact and we go in and we look look you know we would look at the metadata of you know the computers are the parties that were the parties the lawsuit you could subpoena a date you could subpoena information from the email providers you take depositions and you just suss out whatever evidence you need to prove your point none of which anyone wants to have to go through but you know sometimes it does come to that so all right great um looks like that's all the questions that I have on my end so we're going to wrap up the webinar at this time I'd like to thank Mike and fall for taking the time to present to our audience today and I'd also like to remind everyone that if you can fill out the brief survey we have on your way out of the presentation it gives us a lot of great insight into how we can continue to make our webinars better for you so with that I'd like to thank Mike fall and Aaron Fox's hope everyone has a great rest of their day thank you thank you