The Validity of Digital Signatures

Ingenia consultants
June 19, 2020

Q&As related to this article

The recent pandemic has arguably forced social distancing into the core of all business activities. These include activities where clients and customers are required to engage and interact with their customers digitally. This means that the customer is not able to engage in the physical presence of their relationship managers for matters such as execution of documents via wet signatures.

Instead of wet signatures, digital tools are offering options to execute documents remotely and conveniently with digital signatures. But are those digital signatures valid? Digital signatures are not to be confused with electronic signatures. Electronic signatures are governed by the Electronics Transaction Act (Cap 88, 1999 Rev Ed) (“ETA”) which places internet contractual dealings on a firmer footing. Section 11 of the ETA expressly provides that offers and acceptances may be made electronically.

Once an offer or acceptance is sent over the internet, the sender loses control over the route and delivery time of the message. In that sense, it is akin to ordinary posting. In accordance with section 15(1) of the ETA, an offer or acceptance is effective the moment the message enters a node of the network outside the control of the originator. At least in the case of Chwee Kin Keong and others v Pte Ltd [2004] 2 SLR(R) 594, the courts considered emails from parties to be digitally signed, even as far as they are automated.

However, a digital signature and an electronic signature must be distinguished. A digital signature is a digital representation of the customers signature, more commonly in some form of jpeg, png file image or in pdf format. As seen in Public Prosecutor v Ng Kheng Wah and others [2019] SGDC 249, digital signatures do not enjoy the same privileges of the ETA and are more susceptible to commercial fraud. A digital signature will only have the protection under section 18 of the ETA if it was made

  • unique to the person using it;
  • capable of identifying such person;
  • created in a manner or using a means under the sole control of the person using it; and
  • linked to the electronic record to which it relates in a manner such that if the record was changed the electronic signature would be invalidated.

As such, a digital image alone would not qualify and would require further attachment to an email belonging and identifiable to the customer. Alternatively, a tool such as DocuSign would qualify for the protection because it requires an internet connection and a protocol that verifies the signer’s identity and email.