Validity of Digital Signatures in India

Introduction

Signatures play a significant role in the field of law as well as in daily transactions. It is a symbolic representation of a person and signifies its intent to it. A signature verifies the legitimacy of a particular transaction. Digitization has transformed the business landscape. In online transactions, the handwriting signatures are prone to tampering and forgery hence insufficient for online contracts. Digital Signatures are a feasible option for producing legally enforceable electronic records, bridging the gap in becoming entirely paperless and eliminating the need to print papers for signatures. Digital signatures allow for the rapid, low-cost, and entirely digital substitution of sluggish and costly paper-based approval procedures. Different nations have different regulations regarding the validity of e-sign, that’s why it’s important to verify the validity of the e-sign before executing any document. In India, e-signs have been valid for more than 20 years now, the Information Technology Act, 2000 grants e-signs the same legal status as traditional signatures. However, even after 20 years of legalization of e-signs, many businesses don’t have a clear understanding of the validity of digital signatures in India. E-sign with Aadhaar has also got popularity for Digital Signature in India.

Validity of E-Sign in India

India’s digital era started after the enactment of the Information Technology Act, 2000. IT act recognizes the Digital Signature Certificate (DSC) as a legally valid Digital signature. Digital Signature Certificate is a statutory requirement for a valid digital signature and can be issued by Licenced Certifying Authorities (CA) under the Ministry of Information Technology. The Certifying Authority has the power to issue, suspend, and revoke the Digital Signature Certificate. Just as any traditional signature, the use of DSC is entirely valid and authentic. Indian Evidence Act, 1882 also recognizes the validity of e-signs as a proof presumption to an electronic agreement. Under Section 3A of IT Act, 2000 which is based upon Article 6 of United Nations Commission on International Trade Law (UNCITRAL) the requirement to authenticate the Electronic signature to be valid are;

  1. It has to be reliable;
  2. That may be specified in the second schedule.

Section 3A of IT act, 2000 also states that;

  1. The authentication data should be linked to the person who authenticated it and no other person;
  2. At the time of signatory, the signee should have full control over the data to generate the electronic signature;
  3. If there is any alteration in the signature data after attaching such signature, it should be detectable;
  4. Any alteration in the information after the electronic signature should be detectable.

Electronic Signatures and Digital Signatures

Two terms toss repeatedly and recognized under Information Technology Act, 2000, Digital Signature and Electronic Signature, the main difference between them is Electronic signature does not require any specific technology to process to be followed, it can be created by any of the available technologies like attaching the picture of the signature, writing name at the end of the E-mail, a code, even a fingerprint. These signatures are highly prone to tampering, less reliable, and cannot be authenticated. An E-sign by Aadhaar is also an example of an electronic signature. Digital signatures, on the other hand, require specific technology to be generated called asymmetric crypto System or hash system. This technology is more complex hence makes it nearly impossible to tamper. It uses a two-way cryptographic protection system to construct a signature which requires two keys; a private key for encryption and a public key for decryption of the signature. Due to this complexity, it makes it more authentic, secure and highly reliable than electronic signatures.

Features of Digital Signatures

  • Authentic– The source of the message could be detected from digital signatures. It has a key that is bound to the specific person makes it authentic.
  • Non-Repudiation– one of the main benefits of the Digital signature, it cannot be denied by the sender who has signed the document.
  • Integrity– Use of cryptographic message function ensures that the message received is not altered during transmission.
  • Validation by the Certificate Authority– CAs is the regulating bodies that issue Digital Signature Certificate. CAs are trusted third parties under the authority of the Controller of Certificate Authority.
  • Traceable– Digital signatures generate an audit trail, which simplifies internal record-keeping for businesses. For all digitally captured and saved, a manual sign or record maintainer has little chance of mistaking or misplacing something.

Validity of Online Tools Like Docusign

All agreements are contracts if they are made by the free consent of parties competent to contract, for a lawful consideration and with a lawful object, and are not hereby expressly declared to be void.”

For a valid enforceable contract under the Indian Contract Act, 1872, the parties entered into the contract should have free consent, should be majors, and have lawful consideration. The intention of the parties to enter into the contract is also relevant. This same principle applies to electronically executed contracts on platforms such as DocuSign.

Section 10A of the Information Technology Act, 2000 explicitly provide the validity of E- agreements, which states that
“Where in a contract formation, the communication of proposals, the acceptance of proposals, the revocation of proposals and acceptances, as the case may be, are expressed in electronic form or by means of an electronic record, such contract shall not be deemed to be unenforceable solely on the ground that such electronic form or means was used for that purpose”.
The agreements executed in electronic forms are considered as electronic records in IT Act, 2000.

Documents on Which Digital Signature is Invalid

Some documents required a notarial process with a physical signature and required to be registered with the Registrar in order to be legally enforceable. Section 1(4) of the Information Technology Act, 2000 states that the Act does not apply to;

  1. A negotiable instrument other than cheque;
  2. Power of Attorney;
  3. A trust;
  4. A Will including any other testamentary disposition;
  5. A contract for the sale of real estate or immovable property.

Conclusion

With the advent of technologies in the 21st century, the use of digital signatures in place of traditional signatures has expanded dramatically. The Information Technology Act of 2000 covers a broad range of topics, including the definition of digital signatures, the authority charged with awarding digital signature certificates, and the conditions that necessitate the affixation of a digital signature. The Act gives a statutory grant to the Digital Signature and provisions to revoke and suspend the Digital Signature Certificate. The electronic medium of encryption is a relatively modern and complex process that provides ease of convenience, efficiency, and protection from third-party interference, as well as the subtlety of the user’s identity.

Author: Himank Garg (intern) and Anubhav Gupta (Principal Associate- Taxation) at Khurana & Khurana, Advocates and IP Attorneys.  In case of any queries please contact/write back to us at anubhav@khuranaandkhurana.com and/or +91-9971433007.

Leave a Reply