Your World of Legal Intelligence
 United Kingdom | +44 (0) 20 7284 8080

The Legal Recognition of Electronic Signatures in South Africa: A Critical Overview

Document Cited authorities 2 Cited in Related
Vincent
Date01 October 2013
DOI10.3366/ajicl.2013.0071
AuthorAashish Srivastava,Michel Koekemoer
Published date01 October 2013
Pages427-446
INTRODUCTION

The last two decades have seen an electronic commerce revolution impacting on a range of business and government activities. This revolution is also apparent in South Africa. It has been reported that over R2 billion was spent online in 2010, a 30 per cent increase from 2009.1

‘E-Commerce in 2011’, infographic, September 2011, available at http://www.ecommercesa.co.za/wp-content/uploads/2011/09/infographic_web.jpg (accessed 2 February 2013).

Electronic commerce (e-commerce) can be defined as

the use of electronic networks to exchange information, products, services and payments for commercial and communication purposes between individuals (consumers) and businesses, between businesses themselves, between individuals themselves, within government or between the public and government and, lastly, between business and government.2

Department of Communications, Republic of South Africa, A Green Paper on Electronic Commerce for South Africa, November 2000, available at http://www.info.gov.za/view/DownloadFileAction?id=68917 (accessed 6 February 2013).

 E-commerce increases convenience and choice, fosters competition and, more importantly, generates new business opportunities and market efficiency. At the same time, however, e-commerce presents unique challenges to the way we do business. These challenges lies in ensuring the authentication (that is, providing certainty that a document is actually from the sender and not from an impostor) and integrity (that is, the communication has not been altered in the course of its transmission) of electronic communications

Keeping the above challenges in mind, the technology of electronic signatures has been established with the objective to identify the creator of the data message3

‘Data message’ is defined as ‘means information generated, sent, received or stored by electronic, optical or similar means including, but not limited to, electronic data interchange (EDI), electronic mail, telegram, telex or telecopy’. See UNCITRAL, UNCITRAL Model Law on Electronic Signatures with Guide to Enactment 2001, United Nations (2002) article 2(c), available at http://www.uncitral.org/pdf/english/texts/electcom/ml-elecsige.pdf (accessed 30 January 2013). See also the definition in Electronic Communications and Transactions Act 25 of 2002 (ECTA), section 1: ‘ “data message” means data generated, sent, received or stored by electronic means and includes—(a) voice, where the voice is used in an automated transaction; and (b) a stored record’, available at http://www.internet.org.za/ect_act.html (accessed 14 December 2011).

and facilitate secure commercial transactions in the electronic environment. An electronic signature can be defined as

data in electronic form in, affixed to or logically associated with, a data message, which may be used to identify the signatory in relation to the data message and to indicate the signatory's approval of the information contained in the data message.4

UNCITRAL, ibid., article 2(a); ECTA, ibid., section 1.

 Various types of electronic signature exist, such as a digitised image of a handwritten signature, personal identification number (PIN), biometrics (for example, retina scan, iris scan or fingerprint), typed name at the end of an email and short message service (sms).5

See Jafta v Ezemvelo KZN Wildlife 2008 10 BLLR (LC).

 The most sophisticated type of electronic signature, however, is a digital signature which is ‘created and verified by using cryptography, the branch of applied mathematics that concerns itself with transforming messages into seemingly unintelligible form and back into the original form’.6

UNCITRAL, Model Law, supra note 3.

In order to give legal recognition to electronic signatures so that they will emulate the same assurance and trust that traditional paper-based signatures offer, electronic transactions laws (ETLs) have been implemented at both regional and global level.7

For the sake of convenience, the term Electronic Transactions Law (ETL) is used broadly in this article to refer to laws on electronic transactions, including electronic signatures.

The European Union (EU) enacted the Electronic Signatures Directive in 1999 (hereinafter referred to as the ‘ES Directive’) to ensure consistency and legal validity of electronic signatures amongst its member states.8

See Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community Framework for Electronic Signatures [2000] OJ L13/13, available at http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31999L0093:EN:HTML (accessed 12 December 2012).

 At a global level, the United Nations Commission on International Trade Law (hereinafter referred to as ‘UNCITRAL’) has enacted model laws that provide a legislative guide to countries when framing their national ETLs.9

See UNCITRAL, UNCITRAL Model Law on Electronic Commerce with Guide to Enactment 1996, United Nations (1999), available at http://www.uncitral.org/pdf/english/texts/electcom/05–89450_Ebook.pdf (accessed 30 December 2012); UNCITRAL, Model Law, supra note 3.

 Such legislation has taken one of three types of approaches:10

See M. Wang, ‘Do the Regulations on Electronic Signatures Facilitate Electronic Commerce? A Critical Review’, 23 Computer Law & Security Report (2007): 32; P. R. Schapper, M. Rivolta and J. V. Malta, ‘Risk and Law in Authentication’, 3(1) Digital Evidence Journal (2006): 10; B. Aalberts and S. vander Hof, ‘Digital Signature Blindness’, 7 The EDI Law Review (2000): 1.

 a minimalist or technology-neutral approach, where any technology can be used as an electronic signature provided it satisfies the legal function of a signature;11

Many common law countries have adopted a minimalist approach legislation. These include the US, the UK, Canada and New Zealand.

 a digital signature or technology-specific approach12

For example, see the Digital Signature Act 1997 (Malaysia). Note that the technology-specific approach has also been referred to as a prescriptive approach in the literature.

 that recognises the use of only digital signatures;13

These digital signatures are usually based on public key infrastructure (PKI). Note some countries initially adopted a technology-specific approach but later amended their legislation to either a two-pronged or minimalist approach. For example, in Italy and Germany, a technology-specific legislation was initially enacted but was later amended to two-pronged approach legislation. India amended its technology-specific legislation, the Information Technology Act 2000, to a technology-neutral legislation in 2008.

 and lastly, a two-pronged approach that provides an evidentiary presumption in favour of the validity of an electronic signature if the parties use specific technologies, in particular digital signatures issued by a government-licensed or -sanctioned certification-service-provider.14

A certification-service-provider can be defined as an accredited agency which, after verifying the identity and other relevant information of the applicant, issues a digital signature certificate to them. Also note that the EU's Electronic Signatures Directive (ES Directive) is a good example of a two-pronged approach legislation. Most countries in the EU have adopted the ES Directive. The legislation in China and Singapore is also considered to be a two-pronged approach legislation. See Electronic Transactions Act 2004 (China) and Electronic Transactions Act 2010 (Singapore).

South Africa aligned its regulation on e-commerce, and specifically the use of electronic signatures, to international standards by adopting the Electronic Communications and Transactions Act 25 of 2002 (hereinafter referred to as the ‘ECTA’), which came into force on 30 August 2002. The ECTA seemingly adopted a two-pronged approach, giving greater recognition to digital signatures issued by recognised certification-service-providers.15

ECTA, supra note 3. Note that certification-service-providers are referred to as authentication service providers in South Africa.

This article aims to explore some aspects of this legal recognition of electronic signatures in South Africa. In doing so it critically examines the provisions of the ECTA and the current position and policies with regard to the usage of electronic signatures. SIGNATURE PROVISIONS IN THE ECTA

The overall objective that the ECTA aims to achieve is to facilitate the use of electronic signatures to provide equal treatment to users of paper-based documentation and users of computer-based information.16

J. Coetzee, ‘The Electronic Communications and Transactions Act’, Stellenbosch Law Review (2009): 502.

With this in mind the ECTA rightly points out that an electronic signature cannot be denied legal validity merely on the ground that it is in electronic form.17

ECTA, supra note 3, section 13(2).

 Section 13 of the ECTA provides the following detailed legal requirements associated with the use of electronic signatures and advanced electronic signatures:

Signature 13.

Where the signature of a person is required by law and such law does not specify the type of signature, that requirement in relation to a data message is met only if an advanced electronic signature is used.

Subject to subsection (1) an electronic signature is not without legal force and effect merely on the grounds that it is in electronic form.

Where an electronic signature is required by the parties to an electronic transaction and the parties have not agreed on the type of electronic signature to be used, that requirement is met in relation to a data message if–

a method is used to identify the person and to indicate the person's approval of the information communicated: and

having regard to all the relevant circumstances at the time the method was used, the method was as reliable as was appropriate for the purposes for which the information was communicated.

Where an advanced electronic signature has been...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT