PandaDoc

What is an electronic signature: 2021 legal aspects

What is an electronic signature: 2021 legal aspects

Without a doubt, electronic signatures are the best way to sign documents.

In fact, electronic signature tools help thousands of businesses create a better signing experience, automate their business processes, and eliminate weeks of work.

But, despite all of that, it can be difficult to understand how e-signatures work.

In this guide, you’ll learn everything you need to know about electronic signatures, digital signing, and the online signing process.

Table of contents

  1. What is an electronic signature?
  2. Types of electronic signatures
  3. Why should you use electronic signatures?
  4. The state of eSignatures in 2021
  5. How electronic signatures work?
  6. How to create an electronic signature?
  7. What makes signatures legal?
  8. Further Reading

01. What is an electronic signature?

Electronic signatures (also called e-signatures or eSignatures) represent a large selection of methods by which digital documents can be signed and authenticated.

Electronic signing has become so commonplace that it’s even enshrined by law.

Electronic signature definitions

In the United States, the Federal ESIGN Act of 2000 classifies electronic signatures as:

“an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record”

In Europe, the eIDAS Regulation states that e-signatures are:

“data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign”

In other words: Electronic signatures are used by signers to mark a digital document and must be logically associated with both the document and the signer.

When used correctly, eSignatures are widely viewed as a legal substitute for handwritten signatures.

Current uses for electronic signatures

Today, electronic signatures are used by everyone from Fortune 500 companies and government bodies all the way down to freelancers, and consultants.

And the number of businesses using electronic signatures is always growing. Currently, electronic signatures can be used in any of the following documentation:

  • Sales proposals
  • Purchasing contracts
  • Hiring & onboardings
  • Non-disclosure agreements (NDAs)
  • Non-compete agreements (NCCs)
  • Timesheets
  • Leases & rental agreements
  • Tax documents
  • Bank forms
  • Insurance paperwork
  • School forms
  • Permission slips
  • Model and product releases

Most electronic signature solutions are flexible enough that nearly any company, regardless of size or industry, can benefit from adopting a digital signing methodology.

Exceptions & exclusions

In the US, the UETA and ESIGN Act covers the legal groundwork regarding electronic documents and the e-signing process. However, there are some notable exceptions.

Neither law accepts the validity of electronic signatures in the following circumstances:

  • The creating and execution of wills
  • Areas of family law, including adoption and divorce
  • Uniform Commercial Code
  • Court documents

In these circumstances, documentation must be physically signed.

02. Types of electronic signatures

The legal interpretation of electronic signatures is very open-ended.

This has resulted in a variety of ways to sign digital documents. Some signing methods are faster, others are more secure, and the language around these solutions can get a little confusing.

Here are some of the most common ways to get documents signed:

Standard electronic signatures (SES)

Sometimes called e-signatures or virtual signatures, these are among the most common types of e-signature for online signing.

This type of signature doesn’t use any kind of cryptographic encryption and relies on the user’s intent to sign as proof that the document is valid.

While this type of signature is very easy to use, it’s also the easiest to refute because there are limited security protocols in place to verify the authenticity of the signer.

A standard electronic signature might hold up in court (assuming the sender can prove that the signer was the one who actually signed the contract or agreement), but the legal framework here is loose because the signer’s identity is easier to falsify when compared to other types of e-signatures.

Examples:

  • A scanned image of your handwritten signature
  • Checking a tickbox on a website

Digital signatures & advanced electronic signatures (AES)

A step above standard electronic signatures, this type of signature is far more secure because the authenticity of the signer must be verified before signing takes place. These signatures often use public key infrastructure (PKI) to ensure that signatures are authentic.

The security surrounding digital signatures makes it much easier to verify the authenticity of the signer, which is why this method is ideal when signing important documents like business contracts and proposals.

To qualify as an advanced electronic signature, the eIDAS states that the signature must be:

(a) uniquely linked to the signatory;

(b) capable of identifying the signatory;

(c) created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and

(d) linked to the data signed therewith in such a way that any subsequent change in the data is detectable.

With AES, the escalation of requirements helps to reduce the potential for fraud and creating a system where only the intended signer can access and/or sign a legal contract, the legal standing of the contract increases.

Examples:

  • Signing using an online platform like PandaDoc or DocuSign
  • Entering a personal PIN to log into your account
  • Using a one-time password or link to verify your identity before signing.

Note: In the US, digital signatures carry the same legal weight as handwritten signatures. However, this type of electronic signature does not have the equivalent legal status of a handwritten signature in the EU.

types of electronic signatures

Qualified electronic signature (QES)

This type of electronic signature is exclusive to the EU and has no equivalent in the US.

A qualified electronic signature includes requirements for digital signatures and advanced electronic signatures (listed above), but also adds additional requirements for the device upon which the signature is provided.

This means that devices must be acquired from an EU-authorized certificate authority and used during the signing process.

While this is covered extensively from Article 29 through Article 34 of eIDAS, the United Kingdom’s Guide on Electronic Signatures and Trust Services defines QES as

“an advanced electronic signature that is created by a qualified electronic signature creation device, and which is based on a qualified certificate for electronic signatures.”

With QES, both the digital security protocols and the devices on which a signature is created add to the authenticity and integrity of the electronic signature and the signed documents. 

The addition of the digital certificate further reduces the potential for fraud or tampering and creates stronger non-repudiation around the digital contract.

Wet signatures (non-electronic)

A wet signature is a signature created when signing a piece of physical paper using a pen. While not technically an electronic signature, we wanted to highlight this signature type for two reasons:

1. In several legal scenarios, such as filing for bankruptcy, wet signatures are required and electronic signatures are not considered valid.

2. Scanning your wet signature into a digital format can be counted as standard e-signature (SES) because the image of your signature is created in an electronic format. However, e-signatures created in this way are not given the same legal standing as a digital signature.

3. In EU countries, physical signatures still supersede electronic signatures. Scanning your wet signature will actually reduce the legal credibility of the signature.

In some specific scenarios, you will still need to physically sign and submit your documents. So don’t throw away your favorite pen just yet! You may still need it one day.

What type of electronic signature should you use?

The type of e-signature you should use depends on your workflow and your unique needs, but most users want to strike a balance between ease of use and legal enforceability.

With that in mind, we recommend that you require digital signatures when you send documents for a signature.

As discussed at the top of the section, digital signatures are a subsection of electronic signatures that use public-key infrastructure (PKI) to make sure that signatures are valid and authentic.

Most of these security standards take place behind the scenes, and the signing workflow is designed to be user-friendly and approachable, even to signers who might be unfamiliar with e-signing technology.

When using electronic signature services like PandaDoc, your contracts can also be signed from almost anywhere via mobile devices (iOS or Android), desktops, or laptops.

03. Why should you use electronic signatures?

In the previous decade, electronic signature technology has come a long way.

More businesses have adopted cloud-based technologies into their digital workflow. Because of this, e-signatures are used to streamline everything from the customer experience to the hiring and onboarding process for new employees.

And that’s not likely to change anytime soon.

04. The state of eSignatures in 2021

Between the COVID-19 pandemic and widespread adoption of electronic signature software tools, digital signing solutions are more common now than ever before

Key industry developments

The e-signature market today is full of incredible signing platforms.  Right now, some of the biggest players are:

Right now, the e-signature market is also changing. In 2020, the global digital signature market size reached 2.8 billion and is expected to grow to $14.1 billion by 2026.

Many key players are also expanding their offering beyond digital signatures. HelloSign, now a Dropbox subsidiary, integrates with the storage platform for easy signing. PandaDoc offers document creation tools that work well for proposals and contracts. Adobe Sign combines e-signing with PDF editing tools.

As you might expect, the pricing for each of these services varies with their service offering, so be sure to take a close look at everything before you commit to a plan.

Electronic signatures and COVID 19

As with many online business platforms, electronic signature companies saw a surge in subscriptions and usage during the COVID-19 pandemic. 

Check out the Google Trends data and the spike in interest as the pandemic was just beginning.

google trends

According to data from the PEW Research Center, nearly 71% of people report doing their job from home all or most of the time and more than half say they want to continue working from home in a post-pandemic world.

This dispersion of the workforce led to a surge in cloud-based tools and online platforms, with companies from Amazon to Google seeing aggressive growth throughout the pandemic. 

Other companies, like electronic signature platforms and online collaboration tools, also saw growth as companies searched for new tools to accommodate their remote employees.

The benefits of e-signature adoption

Between the drive for remote work and anywhere, anytime solutions, businesses have adopted e-signatures and document digitization for a variety of reasons:

  • Speed. Signing contracts electronically using electronic signatures for PDF contracts is much faster than requiring a handwritten signature, which often requires that a physical contract be sent by mail
  • Storage. Digital files reduce paper waste, are simple to store, and can be more easily tracked throughout the entire content management lifecycle
  • Security. When signed correctly, digital signatures are more secure than handwritten signatures, providing additional legal protection in the event of a breached contract or NDA
  • Streamlining. Using digital tools, e-signatures can be integrated automatically into templates and document formats for an even faster signing experience

The ease of use for most electronic signatures, combined with their existing legal status, makes electronic document signing a safe bet when signing contracts electronically.

Especially for businesses who are generating and processing paperwork with a limited staff, the ability to send and receive electronically signed documents can reduce errors and ease workloads.

If you’re looking for ways to drastically speed up your business processes, providing customers with a way to sign contracts electronically and in real-time can help you expedite deals with no risk to your organization.

05. How electronic signatures work

When a business wants to implement an e-signature solution, they must first digitize their existing documents and convert them into a recognizable document format (.docx, PDF, PNG, etc.). After this process is complete, the business can add an e-signature solution to their digital document.

From there, the organization sends the documents to the signer and requests an electronic signature. The signer will follow the process required to create an electronic signature, but this process varies depending on the software used and the level of security required by the company.

In this section, we’ll cover how electronic signatures work and how digital encryption methods improve security while safeguarding against signer repudiation — that is, the ability for the signer to deny that they ever signed the document.

Simple e-signatures provide simple security

Simple electronic signatures offer the fewest safeguards when it comes to security because they don’t provide many options to validate the authenticity of the user.

In the last section, we provided the following examples of a simple electronic signature:

  • A scanned image of your handwritten signature
  • Checking a tickbox on a website

It’s very easy to see how both of these signing methods could be falsified.

If someone has a copy of a document you signed, they could simply scan and upload your signature to sign any number of additional documents. In a court of law, how would someone be able to prove that you were the one who checked the tickbox on a website?

While it might still be possible to prove consent, the legal position here is far less certain than with more secure signing methods.

Even worse, these methods often use unlocked documents that can easily be altered or edited by either party after the signing process is complete. A single bad actor could cause major problems for companies and individual signers alike!

In the world of high-dollar and high-stakes contracts, that level of uncertainty is a nonstarter. Companies need to ensure that the authenticity of the digital signatures they collect is beyond reproach — and that’s where more advanced signing methods come into play.

Digital signatures and secure encryption

Aside from the simple electronic signatures defined by eIDAS (above), most e-signing processes are protected by some level of document security and signature encryption.

These protections are what make advanced electronic signatures / digital signatures so attractive to companies.

Document signing platforms like PandaDoc, DocuSign, or Adobe Sign lock a document to prevent additional modification when the e-signing process begins. This means that, if a correction needs to be made to the contract while signing, all signatures are invalidated and the signing process must start from scratch.

Each of these security measures serves to reinforce the idea of non-repudiation: the need for the organization issuing the contract to ensure that the authenticity of that contract is impossible to deny.

Once the integrity of a contract and its attached electronic signature are no longer in doubt, the enforceability of the contract as a record of a transaction is much harder to deny.

Below, we’ll take a closer look at some of the encryption methods used to authenticate and secure digital signatures.

Asymmetric encryption

When signing and sending electronic documents, both parties involved need some assurance that the content of the contract is not altered after the signing process is complete. Modern software uses public-key encryption to perform this task. 

Asymmetric key cryptography allows parties to independently verify the authenticity of a contract by using the encrypted keys to validate a digitally signed contract across multiple versions (or digests) of the document.

In most software solutions, the document only opens correctly (and with no warnings or alerts), if all versions of the contract match. If there are errors in the signing process, or if something has changed from the time that the document was signed, the process fails and all involved parties must sign the document again.

These extra checks and safeguards create electronic identification and audit trails that make documents more authentic. And, because this is a widely accepted practice, many modern business solutions (such as Microsoft Word) come equipped with pre-built digital signing solutions. 

Evidence-based authentication

This type of authentication is focused on ensuring that the electronic signature on a contract is authentic. This is often done by sending the document to a device or account that the intended signatory is known to control while requiring a secondary passcode in order to access the document itself.

Here are two common examples of evidence-based authentication:

  • A company sends a document to the signer’s email, but they send a text to a number controlled by the signer which she must use in order to access the document.
  • A signer is notified of a contract requiring his signature via an online document service. However, in order to access it, he must create an account and verify that account through proof of identity before he can sign.

With evidence-based authentication, companies are trying to ensure the identity of the signer. When combined with public-key encryption, it’s possible to ensure the authenticity and enforceability of a paperless signature.

Beyond the signing process

After the signing process is completed, the document is finalized and executed.

From the perspective of the project management lifecycle, this document is now complete and needs to be managed or stored, depending on the contents of the document.

If you’re using a document service like PandaDoc, you may also receive a signature certificate, which provides a collection of additional security information that can be used to verify the signer.

This can be useful in the event of a legal dispute as it provides additional detail about the date, time, and location where the signature took place.

06. How to create an electronic signature

So far, we’ve talked about why e-signatures are important and discussed some of their common use cases in the business world.

But how do you actually create one?

While the technology behind e-signing solutions is complex, digital signing has become so commonplace in the business world, that it’s easy to get your signature in a digitized form without much of a hassle.

Common e-signing solutions

A wide variety of signing solutions exist, including the ability to simply draw and scan your signature or use online signing tools for quick and easy signing.

Here are the most popular options when signing digital documents:

  • Microsoft Word.  Companies using Word to create documents may find that e-signing solutions within the app are easy to incorporate into their normal workflow.  To create digital signatures in Word, you’ll need to use the signature tools to set up a signing process and send out the document to recipients. Learn more here.
  • PDFs. If you need to add e-signatures to a PDF, you’re most likely to end up using Adobe Sign or Adobe Reader to accomplish this task.  You’ll use the “Fill & Sign” or “Add Signature” tools in these applications to quickly create an electronic signature. Learn more here.
  • Microsoft Excel.  Signing with Excel can be useful if you’re working with content that makes more sense in a spreadsheet format, like a pricing table or an accounting report that relies on Excel’s formulas and ability to generate complex calculations.  To do this, you’ll need to suggest signers and create a Digital ID to complete the process. While a bit tedious, it’s not overly complicated.  Learn more here.
  • Google Docs.  Natively, Google Workspace doesn’t support e-signing.  To digitally sign your Google Doc, you’ll want to add an extension to your Google Workspace. Select your preferred e-signature solution from the add-ons menu and install it.  After the add-on is installed, you’ll need to log into your signing solution of choice in order to complete the e-signing process. Learn more here.

In the next section, we’ll cover what makes electronic signatures legal, and how international laws help ensure that secure electronic signatures are both globally recognized and legally binding.

07. What makes signatures legal?

As we’ve discussed in previous sections, in many (but not all) cases, electronic signatures are considered the equivalent of a handwritten signature. This is especially true when audit trails can trace the signing process back to the intended recipient.

These audit trails and security checkpoints, as well as the ability to lock a document after a signature solution is applied, creates non-repudiation — the assurance that the validity of the document can’t be denied — around the contract. 

Some methods used to create non-repudiation include:

  • Digital certificates
  • Asymmetric or public-key encryption
  • IP Address capture
  • Account creation and login requirements
  • Two-step verification for signers and signatories

Combined, these methods increase the level of security surrounding the document signing process and boost the enforceability of digital contracts in courts.

Below, we’ll discuss the laws behind electronic signatures and how they are applied within their specific regions.

Electronic Signatures in the United States

In the US, electronic signatures are governed by the Uniform Electronic Transactions Act (UETA) and the Electronic Signatures in Global and National Commerce Act (ESIGN Act). 

Combined, these two pieces of the legislation maintain the groundwork for electronic signatures in the US. They’ve been adopted by nearly all states and are implemented at both a local and federal level.

The UETA

Created in 1999 by the National Conference of Commissioners on Uniform State Laws, the UETA seeks to define the terms and basic legal framework for electronic signatures.

The UETA defines an electronic signature as:

“an electronic sound, symbol, or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record.”

While the law also provides a list of rules and regulations for each state, it must be adopted on a state-by-state basis. This is different from the E-Sign Act (below), which has been implemented at a federal level.

The UETA provides guidelines that are similar to the E-Sign Act but adds a few provisions that make it unique. These include how records should be attributed, how to handle mistakes in contract documents, and how information processing systems are defined when sending and receiving information.

Perhaps most importantly, the UETA states in Section 13 that “evidence of a record or signature may not be excluded solely because it is in electronic form.” 

This provides legal standing to electronic signatures, which may be disproven but can’t be dismissed simply because of their digital format.

Non-Participating States

To date, 47 states have adopted the UETA as a legal framework for how electronic signatures are handled. The outlying states are Illinois, New York, and Washington. 

47 states have adopted the UETA

You can find their UETA-alternative legal documentation below.

Illinois: Electronic Commerce Security Act

New York: Electronic Signatures and Records Act

Washington: Washington Electronic Authentication Act

The ESIGN Act

Implemented in 2000 as a federal solution to electronic signatures and digital signing solutions, the ESIGN Act is active in all 50 states. 

This law provides federal guidelines on various topics, including the intent to sign and the attribution and association of a signature with a graphic or textual record. Like the UETA, the E-Sign Act defines the legal definitions used to determine validity and regulation throughout the signing process.

In addition to safeguarding consumer consent surrounding electronic signature capture, the ESIGN Act provides leeway for consumers who prefer paper signatures to electronic signatures or digital alternatives. It also mandates that businesses actively retain contracts and records associated with electronic transactions.

These measures ensure that consumers have the right to sign via pen and paper or in an “alternative, non-electronic form” and how consumers may withdraw consent from utilizing electronic formats.

Electronic Signatures in the European Union

In the EU, the validity and legality of electronic signatures are governed by eIDAS and the GDPR. 

Companies seeking to do business with individuals and businesses across the EU should seek compliance with these bodies of law in order to gain legal standing through any electronic signature requirements.

The eIDAS

The eIDAS(electronic IDentification, Authentication, and trust Services), which became an established EU regulation in July 2014, extensively covers laws around electronic identification, digital certificates, electronic seals, timestamps, and the legality of electronic signatures.

The idea behind eIDAS was to create a uniform law that applies to every member state within the EU so that electronic identification information could be accepted from every EU member state.

Regarding electronic signatures, eIDAS segments digital signatures into three separate categories, each more secure than the last. These are listed below, and you can find additional information about them in Section 4 of the eIDAS Regulation.

The GDPR

The EU’s General Data Protection Regulation (GDPR) aims to harmonize data privacy laws across Europe. 

While the regulation doesn’t take aim at electronic signatures specifically, it adds additional rules and requirements that companies who implement electronic signature solutions should consider. This includes:

  • Data security
  • Encryption
  • Consent
  • Processing

 Organizations seeking to utilize an electronic signature solution should understand the EU’s stance on these topics since they will be responsible for capturing and maintaining private information over an extended period in the form of contracts and digital agreements.

How PandaDoc eSignature software handles legality and compliance

PandaDoc provides an eSignature solution that complies with federal regulations around the world.

We do this by providing secure and traceable digital signatures for every document that you create. Our platform offers:

With PandaDoc, you’ll never have to worry about running into legalities surrounding eSignature laws.

While you’ll still need to generate language that complies with legal regulations, PandaDoc provides the tools you need to ensure that your documents are encrypted, secure, and legally compliant where electronic signature functionality is concerned.

08. Further reading

Here, you’ll find a list of sources for legal documentation for electronic signatures in both the United States and the European Union.

You can also check out our e-signature legalities page for additional information on electronic signatures in other countries.

United States

European Union

07. Wrapping up

Do you have additional questions about electronic signatures or the electronic signing process?

Have an idea for how we can make this ultimate guide even better?

Contact us and let us know!

Frequently asked questions

  • In the United States, the Federal ESIGN Act of 2000 classifies electronic signatures as:

    an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.

    In Europe, the eIDAS Regulation states that e-signatures are:

    data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign

    In other words: Electronic signatures are used by signers to mark a digital document and must be logically associated with both the document and the signer.

  • Digital signatures are an advanced form of electronic signatures. These signatures use public key infrastructure to ensure that signatures are authentic.

    The benefit to using digital signatures is that the authenticity of the signer is much easier to verify. The additional security makes this method ideal when signing important documents like business contracts and proposals.

    Most online signing platforms, including PandaDoc, offer digital signature solutions by default both for added security to users and to ensure compliance with all governmental regulations.

  • The e-signature market today is full of incredible signing platforms. Right now, some of the biggest players are:

    • DocuSign
    • Adobe Sign
    • SignNow
    • PandaDoc
    • HelloSign

    Right now, the e-signature market is also changing. Many key players are expanding their offering beyond digital signatures.

    HelloSign, now a Dropbox subsidiary, integrates with the storage platform for easy signing. PandaDoc offers document creation tools that work well for proposals and contracts. Adobe Sign combines e-signing with PDF editing tools.

    As you might expect, the pricing for each of these services varies with their service offering, so be sure to take a close look at everything before you commit to a plan.

  • A standard electronic signature is easy to create. You can take a picture of your handwritten signature or use an online signature capture tool to save an image of your signature.

    Keep in mind that any mark, symbols, or sound that can be logically associated with a document can be considered an electronic signature. In these cases, even doing something as simple as typing “I agree” when replying to an emailed contract could be considered an electronic signature in the eyes of the legal system.

Yauhen is the Director of Demand Generation at PandaDoc. He’s been a marketer for 10+ years, and for the last five years, he’s been entirely focused on the electronic signature, proposal, and document management markets. Yauhen has experience speaking at niche conferences where he enjoys sharing his expertise with other curious marketers. And in his spare time, he is an avid fisherman and takes nearly 20 fishing trips every year.

Related articles