Using Electronic Signatures in the Age of COVID-19

On a global basis, companies are implementing measures designed to contain the spread of COVID-19 in the workplace and community while attempting to minimize disruption to their day-to-day operations. With much of their workforce working from home and as “social distancing” becomes the norm for their customers and business partners, companies are exploring technology options that will eliminate “wet” handwritten signatures and paper documents from the execution process in a variety of commercial transactions. While the electronic signature framework in the United States is generally permissive in nature, one size does not fit all transactions when it comes to selecting an appropriate electronic signature process or solution. Importantly, factors such as the nature of a transaction, the substantive legal requirements underlying such transaction, the applicable eCommerce law and who is entitled to the transaction record may influence the requirements applicable to the use of electronic signatures and records in a particular transaction and, hence, the design of the electronic system.

This client alert discusses: the key requirements and considerations for using electronic signatures and records within the US legal framework, specifically in the context of business-to-business (B2B) and business-to-consumer (B2C) transactions, along with specific-use cases, including eNotes and remote notarization, that require a specialized process in order to satisfy the applicable electronic signature and records requirements.

Key Principles of the US Framework:

• An electronic signature captured in an electronic record will have the same legal effect that a wet signature has on a paper record in most types of commercial transactions.
• An electronic record may be used to satisfy a legal requirement that a record or information be “in writing” in most commercial transactions and for record retention purposes, provided that such record is accurately recorded and retained, and can be reproduced by all relevant parties for later reference.
• Additional requirements may apply to certain B2C transactions and disclosures, if a law, regulation or other rule requires information to be made available to a consumer “in writing.”
• There are exclusions to the scope of the safe harbor provisions provided under the eCommerce Laws. This means that the use of electronic signatures and records in connection with excluded transactions is either not permitted at all, or may be enabled by the substantive laws or regulations governing the underlying transaction (e.g., transactions governed by all articles of the UCC, other than 2 (Sales) and 2A (Leases)).
• All requirements contained in substantive laws, regulations, rules and guidance governing the underlying transaction continue to apply in an electronic context. Therefore, companies must understand how to translate any existing requirements, such as notarization, possession and third-party filing requirements, in an electronic context.
• The parties to the transaction must consent to use and accept electronic signatures and records, which consent may be express or implied by conduct. Companies must also consider how the use of an electronic record impacts any downstream transactions, and confirm that relevant downstream third parties will accept an electronic record of the primary transaction.
• The eCommerce Laws are technology neutral and do not favor or require specific forms of technology to create valid electronic contracts. However, companies should use a risk-based approach to select a solution that will make the resulting electronic record less vulnerable to attack if the contract or the authenticity of the electronic record is challenged by the other party.

This client alert addresses the use of electronic signatures within the US legal framework only. While most foreign countries have implemented legislation recognizing electronic transactions in some capacity, the standards for enforceability of electronic signatures may not be consistent from one jurisdiction to the next. Local counsel should be consulted prior to using electronic signatures in cross-border transactions.

Can Electronic Signatures and Records be Used in Commercial Transactions?

Yes. Generally, in the context of commercial transactions, a signature, contract or other record will not be denied legal effect or enforceability in the United States on the basis of its electronic form. This basic principle is codified in the federal Electronic Signatures in Global and National Commerce Act (eSign) and, at the state level, the Uniform Electronic Transactions Act (UETA), a model law drafted by the National Conference of Commissioners on Uniform State Laws that has been adopted by 48 states, and any applicable state or local equivalent or similar laws and regulations, including each of their implementing regulations and guidelines (collectively, the eCommerce Laws). Provided that the parties to the transaction agree to the use of electronic signatures and records (which consent may be express or, in most cases, implied through conduct), the eCommerce Laws provide a safe harbor by giving legal validity and effect to properly implemented electronic signatures and electronic records used in transactions within their scope.

Is the Use of a Commercial Electronic Signature Product Required?

No. The eCommerce Laws are technology neutral and give the transaction participants broad discretion to choose a medium and process that is appropriate for the circumstances, which may include a home-grown process. An “electronic signature” can be any electronic sound, symbol or process that is attached to or logically associated with a contract or other record, and is executed or adopted by the signer with the intent to sign the record. An “electronic record” is any record created, generated, sent, communicated, received or stored by electronic means. An electronic record will satisfy statutory record retention requirements as long as the record is accurate and remains accessible to all parties entitled to such record. This technology neutrality means, for example, that a digitized image of a signature pasted into a PDF document by a party will have the same legal effect as a record generated using a commercial electronic signature product such as DocuSign or Adobe Sign.

That said, a weak electronic contracting process (e.g., one that does not incorporate technology to authenticate the identities of the individuals electronically signing the record, lacks security controls that prevent tampering with the electronic record or fails to create a reliable audit trail demonstrating the chain of custody of the record) will be more vulnerable to attack in the event of repudiation by the other party. Therefore, companies should take a risk-based approach in implementing an electronic signature process and selecting appropriate technology for each type of transaction. Whether using a home-grown system or a third-party turnkey solution, companies will want to implement an electronic signature process that creates admissible evidence of the transaction, especially when dealing with consumers or in high-risk transactions.

Which eCommerce Law Applies?

eSign governs the use of electronic signatures and records in interstate commerce. In practical terms, transactions and disclosures required, regulated or governed by federal substantive laws will be subject to the requirements of eSign, while transactions within the states’ jurisdiction will be governed by the relevant state’s eCommerce Law.

Under eSign’s framework, the states are granted limited authority to enact an electronic signature framework for state law matters without being preempted by the federal eSign, if the state: (1) enacts UETA in its model form; or (ii) prescribes alternate requirements enabling the use of electronic signatures and records which are consistent with the provisions of eSign. To date, 48 states have adopted UETA in some form, while New York and Illinois have enacted alternate electronic signatures statutes. To the extent a state’s eCommerce Law contains provisions that are inconsistent with the safe harbor or technology neutrality principles of eSign, then those provisions will be preempted by eSign, unless the inconsistency was contained in the model form of UETA.

Why Does the Choice of Law Matter?

Selecting an appropriate electronic signature process or tool for a particular transaction necessarily involves applying the correct requirements from the applicable eCommerce Law. There are several substantive differences among the eCommerce Laws that may impact the applicable requirements for using electronic signatures and records. For example, eSign imposes additional disclosure requirements on certain transactions with consumers, which do not appear in the model form of UETA. In addition, each of the eCommerce Laws excludes certain types of transactions and documents from the scope of their respective safe harbor provisions. As further detailed in the supplemental materials, the exclusions to the scope of eSign are not identical to the exclusions in the model UETA, with further variances occurring at the state level.

Given that the federal and state rules and requirements relating to the use of electronic signatures and records may differ in some areas, companies will need to check the relevant eCommerce statute, in conjunction with any implementing regulations, rules and guidance issued at the industry level, to ensure that the electronic signature process complies with all applicable requirements for each transaction type.

Transactions Subject to Additional Requirements: Select Use Cases

The eCommerce Laws provide special rules and additional requirements for certain types of transactions. We have chosen to highlight three key uses cases below.

A. Consumer Transactions

eSign requires that a company take additional steps prior to using electronic records to provide any information required by law, regulation or other rule of law to be made available to a consumer “in writing” (the eSign Consumer Requirements). These requirements do not appear in the model form of UETA, although, to date, 17 states have adopted some or all of the eSign Consumer Requirements in their respective enactments of UETA. The eSign Consumer Requirements provide that, prior to delivering the required information electronically: (1) the company must provide certain disclosures to the consumer (as further detailed in the supplemental materials attached); and (ii) the consumer must electronically consent to the use of electronic records, or confirm consent, in a manner that reasonably demonstrates the consumer’s ability to access electronic records in the relevant format.

The eSign Consumer Requirements generally come into play in the context of standalone notices and disclosures relating to a transaction (e.g., FCRA notices, Regulation E notices, etc.), but these steps may also need to be incorporated into an electronic contract execution process, if the contract itself contains or will be accompanied by any legally required disclosures (e.g., Truth in Lending disclosures). By default, many turnkey solutions require all end users to expressly consent to the use of electronic signatures and accept disclosures consistent with the eSign Consumer Requirements.

B. eNotes

Legal Validity

Electronically executed promissory notes (generally referred to as eNotes) are valid and enforceable on a nationwide basis, provided that the eNotes are created, stored and maintained in compliance with the eCommerce Laws. An eNote is the digital analog of a negotiable promissory note. To accomplish this, the eCommerce Laws replaced the UCC requirements of “possession” and “indorsement” of a physical promissory note with requirements for “control” and “transfer of control” of the authoritative copy of a transferable record. Control is what gives a party the right to enforce the eNote against the borrower and transfer the eNote to a third party.

Considering the uncertainty around in-person signing of promissory notes for the foreseeable future coupled with the emergence of incredibly low interest rates, as well as potentially lower real estate prices, many lenders and others in the mortgage space may take a hard look at setting up processes for eNotes. An eNote may be treated as the equivalent of a negotiable promissory note if the electronic record contains only terms and conditions permitted in a promissory note governed by Article 3 of the UCC, the electronic record is signed, the issuer of the record has agreed it should be treated as a transferable record under the UETA and the method used to evidence a transfer of interest in the record reliably establishes the party entitled to control the electronic record.

“Location” refers to where the “authoritative copy” of an eNote is stored. Where the eNote is stored and maintained by the lender or the lender’s designated custodian is what is typically referred to as an “electronic vault” or “eVault.” In order to be able to prove up the enforceability of an eNote in court, lenders must be capable of demonstrating that the eNote has not been impermissibly altered since it was signed by the borrower. The eVault is a critical component to the enforceability of eNotes. In addition, lenders may need cooperation of third-party vendors (such as mobile or online loan application and origination platforms) in proving up the processes, procedures and disclosures involved in eNote from application through closing.

eNotes’ Other Considerations

Some risks arising in the context of eNotes involve an originator’s failure to obtain express written consent by parties to conduct the transaction by electronic means or failure to properly capture all electronic signature authorizations and a lender’s failure to deliver all required disclosures electronically. The prevalence of fraud in digital financial services raises additional concerns around eNotes. In general, taking certain precautions in the creation (application through execution) and storage of eNotes will ensure perfection and defeat fraud or other challenges to the eNote. Carefully meeting all legal requirements for transferring the right to enforce an eNote from the original lender to subsequent purchasers is critical to avoid intervening claims to an interest in any particular eNote.

C. Remote Notarization

Remote Online Notarization versus eNotarization

Remote notarization (referred to as “remote online notarization” in many state laws) is the process by which documents are notarized in an electronic form where the signer uses an electronic signature and appears before the notary using online audio-video technology. (We note that this is often referred to as “eNotarization” but there is actually a key difference: eNotarization allows documents to be signed and notarized digitally but requires the signer to be present in the same room as the notary; remote online notarization takes that one step further and allows documents to be signed and notarized digitally and without the requirement of being in the same room, building or even the same state.) For certain mortgage documents, the ability (or lack thereof) to notarize signatures via electronic remote notarization is almost as important as eSignatures themselves. Without such ability to remotely notarize, mortgage documents required to be notarized will still have to be signed physically in front of a notary, often defeating the benefits of eSignatures and preventing fully end-to-end digital closings for mortgage transactions.

Legal Status of Remote Online Notarization

In recent years there has been a movement to enact laws authorizing remote online notarization. Remote notarization is now permissible in more than 20 states, including Florida, Ohio, Texas and Virginia (but notably not California or New York). Generally speaking, these remote notarization laws allow commissioned notary publics to perform online notarizations by using two-way video and audio conference technology, such as a webcam. As part of the process, usually built into the remote notarization technology, the identity and government-issued identification of the individual signing the document must be affirmed. For the person’s identity, this is usually achieved with challenge questions that only that individual should be able to answer (commonly referred to as “knowledge based authentication” or “KBA”). For the government-issued identification, the individual will likely have to upload images of his or her ID for analysis, as well as undergo facial recognition. In most cases, the individual will also have to show their ID to the notary via the webcam so that the notary can also check that the signer’s appearance and other details match the information on the ID; this is usually referred to as “remote presentment.” Once the identity of the signer is verified, the remote notarization process is straightforward. The document for remote online notarization is uploaded to the notarization platform, usually as a PDF. The platform provides the audiovisual technology allowing the notary and signer to see, hear and communicate with each other; it also records the process, as is often required by state law. Once the notary is confident the signer is willing and mentally competent, the signer and notary both sign the document electronically, and the notary affixes an electronic seal.

Reciprocity

Because of the patchwork of state laws on remote notarization, a key question is whether a state that has not adopted a remote notarization law (e.g., New York) will accept a document that was remotely notarized in a state that has enacted a remote online notarization law (e.g., Texas). While many people and digital notarization companies are of the opinion that if the remote notarization was done where the notary is validly commissioned in a state that allows for remote notarization, then under the full faith and credit clause of the US Constitution, that notarization should be recognized as valid in all other states, regardless of whether those states also have remote notarization laws. On that basis, they take the position that remote notarization is valid everywhere. However, businesses and individuals must consider their own position and risk appetite; appearing in person before a notary may well be worth the effort to avoid years of litigation. A possible solution for commercial parties would be either contractual language or a letter agreement whereby the parties agree that remote notarization conducted in a state where such remote notarization is allowed is valid and enforceable regardless of the remote notarization law in any other state.

COVID-19-Specific Issues

With regard to COVID-19 challenges to normal in-person notarization requirements, some states, localities and courts are implementing emergency procedures for remote online notarization.

On March 20, 2020, the Executive Order No. 202.7, “Continuing Temporary Suspension and Modification of Laws Relating to the Disaster Emergency,” issued by New York Governor Andrew Cuomo contained provisions stating any “notarial act that is required under New York state law is authorized to be performed utilizing audio-video technology provided that the following conditions are met:

• The person seeking the Notary’s services, if not personally known to the Notary, must present valid photo ID to the Notary during the video conference, not merely transmit it prior to or after;
• The video conference must allow for direct interaction between the person and the Notary (e.g. no pre-recorded videos of the person signing);
• The person must affirmatively represent that he or she is physically situated in the state of New York;
• The person must transmit by fax or electronic means a legible copy of the signed document directly to the Notary on the same date it was signed;
• The Notary may notarize the transmitted copy of the document and transmit the same back to the person; and
• The Notary may repeat the notarization of the original signed document as of the date of execution provided the Notary receives such original signed document together with the electronically notarized copy within thirty days after the date of execution.”

On March 18, 2020, the Wisconsin Department of Financial Institutions enacted “Emergency Guidance on Remote Notarization” stating that “[m]any states around the country already permit notarizations to be performed remotely by trained online notaries who utilize regulated remote notary technology providers. During this unprecedented crisis, Wisconsin will permit them as well…[t]herefore, until further notice to be given once this crisis abates, for documents requiring notarization, the Department will construe the statutory terms ‘appear[] before,’ ‘presence,’ and ‘conscious presence’ to include appearances by remote live audio and video connection.” The guidance contains additional requirements that must be followed as well.

Steps like these by states, state agencies and the courts, and even potentially the federal government, may help to address how to keep transactions or activities moving where in-person notarization is normally required.

Implementing an electronic signature process in these unprecedented circumstances may be a challenge, to put it lightly. However, there are various turnkey solutions that can help ease implementation challenges by addressing the legal issues raised above and allowing for a relatively seamless integration. While it is important to move quickly at this time, it is critical that companies take the time to understand the specific requirements applicable to each transaction before adopting an electronic signature policy. It is also important to carefully review the terms of any service agreement with vendors of such solutions to fully understand the rights and responsibilities of each party, and if appropriate, negotiate those terms with the vendors.

Supplemental Materials

Electronic Signatures and Electronic Records Checklist

□  eSign versus UETA. Determine whether the transaction or record is governed by the federal eSign, or a state’s electronic signatures statute.

□  Excluded Transactions. Confirm that the transaction or record is not excluded from the scope of eSign or UETA, as applicable. [Note: States’ enactments of UETA may contain additional exclusions from the model form of UETA. Always check the relevant state’s statute for deviations.]

□  eSign Exclusions: The following transactions and records are outside the scope of eSign: wills, codicils or testamentary trusts; contracts or records in connection with adoption, divorce or other matters of family law; contracts and records governed by the Uniform Commercial Code, except Sections 1–107 and 1–206 and Articles 2 and 2A; court orders or notices, or official court documents required to be executed in connection with court proceedings; notices of the cancellation or termination of utility services (including water, heat and power); notices of default, acceleration, repossession, foreclosure or eviction, or the right to cure, under a credit agreement secured by, or a rental agreement for, a primary residence of an individual; notices of the cancellation or termination of health insurance or benefits or life insurance benefits (excluding annuities); notices of the recall of a product, or material failure of a product, that risks endangering health or safety; and any document required to accompany any transportation or handling of hazardous materials, pesticides or other toxic or dangerous materials.

□  UETA Exclusions: The following transactions and records are outside the scope of the model form of UETA: wills, codicils or testamentary trusts; transactions governed by the Uniform Commercial Code other than Sections 1-107 and 1-206 and Articles 2 (Sale of Goods) and 2A (Leases); transactions governed by the Uniform Computer Information Transactions Act; and any other transactions governed by other laws (as identified by the relevant state).

□  Electronic Signatures. Confirm that the sound, symbol or process to be used as an electronic signature is: (1) attached to or logically associated with the relevant contract or other record, and (2) executed or adopted by a person with the intent to sign the record.

□  Electronic Records. Confirm that the system used to create, generate, send, communicate, receive or store the electronic record is capable of and will: (1) accurately record the transaction and retain the electronic record; and (2) reproduce the electronic record for later reference.

□  eSign Consumer Disclosure Requirements. Confirm whether any law or regulation requires that information about transaction be provided in writing to a consumer (i.e., an individual who obtains through a transaction, products or services which are used primarily for personal, family or household purposes). If so, the following measures must be taken before sending such information to the consumer in the form of an electronic record:

• The consumer affirmatively consents to the use of electronic records and consents in a manner that reasonably demonstrates his or her ability to access such electronic records in the relevant format.

• The consumer is provided a clear and conspicuous statement containing the following information:
• the consumer’s right to receive the record in paper form;
• the consumer’s right to withdraw consent to the use of electronic records;
• the scope of such consent (i.e., specific transaction versus all future transactions/disclosures); and
• the hardware and software requirements for accessing and retaining the electronic record(s). [Note: The consumer must be informed of any material changes to the hardware/software requirements.]