Electronic and Digital Signature in the Philippines: a Legal discussion

Copyright: https://images.app.goo.gl/fSL3662otFHPikHZA

Legal Overview

The Republic Act №8792, or the Electronic Commerce Act of 2000 and its Implementing Rules and Regulations is the country’s centerpiece legislation on electronic commerce. The E-Commerce Act was designed to make electronic contracting legally enforceable and was intended to settle legal doubts about whether electronic forms of contracting were lawful. It recognizes electronic documents as the legal equivalent of paper documents, and electronic signatures as the legal equivalent of handwritten signatures. (emphasis supplied)

Also important are the Supreme Court of the Philippines’ Rules on Electronic Evidence (REE), and the Department of Trade and Industry, and the Department of Science and Technology’s Joint Administrative Order №2 (JAO), which sets out a regulatory framework for digital signatures backed by certificates from recognized trusted service providers and the promotion of the Public Key Infrastructure (PKI). (emphasis supplied)

The E-Commerce Act defines an “electronic signature” as “any distinctive mark, characteristic and/or sound in electronic form, representing the identity of a person and attached to, or logically associated, with the electronic data message or electronic document or any methodology or procedures employed or adopted by a person and executed or adopted by such person with the intention of authenticating or approving an electronic data message or electronic document” (E-Commerce Act, Sec. 5(e)).

The REE defines a digital signature as “an electronic signature consisting of a transformation of an electronic document or an electronic data message using an asymmetric or public cryptosystem such that a person having the initial untransformed electronic document and the signer’s public key can accurately determine: whether the transformation was created using the private key that corresponds to the signer’s public key; and whether the initial electronic document had been altered after the transformation was made.” There is no official list of trusted third-party certification authorities. However, the Philippine government has an official PKI system, the Philippine National Public Key Infrastructure system.

Under the E-Commerce Act, only electronic signatures that satisfy the following conditions are valid:

1. The signature must comply with the definition of an electronic signature under the E-Commerce Act;
2. There must be a prescribed method of signing not alterable by the parties interested in the electronic document;
3. The method of signing must identify the party sought to be bound and indicating such party’s access to the electronic document necessary for his consent or approval through the electronic signature;
4. The method for signing is reliable and appropriate for the purpose for which the electronic document was generated in light of all circumstances including any relevant agreement;
5. It is necessary for the party sought to be bound, in order to proceed further with the transaction, to have executed or provided the electronic signature; and
6. The other party is authorized and enabled to verify the electronic signature and to make the decision to proceed with the transaction authenticated by the electronic signature.

In order to have the same presumption of enforceability and admissibility of a “wet” signature, electronic signatures must satisfy the above requirements. Accordingly, only an electronic document bearing a certificate-based digital signature verifiable through a trusted third party is recognized as the equivalent of a “wet” signature under Philippine law.

Failure to comply with the E-Commerce Act removes the presumption of enforceability and admissibility. However, electronic signatures that don’t comply with these requirements can still be used to prove the consent of an individual to the document which they signed electronically. An electronic or digital signature authenticated under the Supreme Court’s Rules on Electronic Evidence is admissible as the functional equivalent of the signature of a person on a written document.

Under the REE, an electronic or digital signature may be authenticated in any of the following ways:

1. By evidence that a method or process was utilized to establish an electronic signature or digital signature and verify the electronic signature or digital signature;
2. By any other means provided by law; or
3. By any other means satisfactory to the judge as establishing the genuineness of the electronic signature or digital signature.

When either an electronic or digital signature is authenticated under the REE, what are known as disputable presumptions arise. These are presumptions that are satisfactory for legal purposes until and unless they’re contradicted and overcome by other evidence. They are:

1. The electronic signature is that of the person to whom it correlates;
2. The electronic signature was affixed by that person with the intention of authenticating or approving the electronic document to which it is related or to indicate such person’s consent to the transaction embodied therein; and
3. The methods or processes utilized to affix or verify the electronic signature operated without error or fault.
4. The digital signature is that of the person to whom it correlates;
5. The digital signature was affixed by that person with the intention of authenticating or approving the electronic document to which it is related or to indicate such person’s consent to the transaction embodied therein;
6. The methods or processes utilized to affix or verify the digital signature operated without error or fault;
7. The information contained in a certificate is correct;
8. The digital signature was created during the operational period of a certificate;
9. No cause exists to render a certificate invalid or revocable;
10. The message associated with a digital signature has not been altered from the time it was signed; and,
11. A certificate had been issued by the certification authority indicated therein.

The courts are familiar with and take judicial notice of the laws governing electronic signatures.

Special considerations

Both electronic and digital signatures are considered personal information under the Philippine Data Privacy Act. If an entity holds and processes data associated with electronic or digital signatures of persons, then that entity may need to comply with the provisions of the Data Privacy Act and its Implementing Rules and Regulations.

Transacting with public sector entities

There are no special requirements or restrictions for using digital or electronic signatures with government entities in the Philippines. Government offices are bound to accept electronic signatures, or documents signed using electronic signatures.

Use cases that generally require a traditional signature

In the Philippines, there are several use cases that require a traditional “wet” signature. Although there are no laws expressly prohibiting the use of electronic signatures for any contract, if a notarized document is required by law or if the parties want a notarized document, that document may not be in electronic form.

The law requires that the following documents be notarized:

1. A contract of partnership where immovable property or real rights are contributed (Civil Code, Art. 1771);
2. Donation of an immovable property (Civil Code, Art. 749);
3. An agent’s authority (special power of attorney) to sell the land or any interest in the land (Civil Code, Art. 1874, in relation to Art. 1878);
4. Royalty agreements involving the assignment of patents or patent applications (Intellectual Property Code of the Philippines, Sec. 105);
5. Subordinated loan agreements, i.e., agreements evidencing or governing subordinated borrowing of cash by broker-dealers. The requirement applies to all subordinated loan agreements between a lender and a broker-dealer (Securities Regulation Code, Implementing Rules and Regulations (“SRC Rules”), Rule 49.1(2)(A)(ii)(b));
6. Secured demand notes, i.e., a secured demand note evidences the contribution of a secured demand note to a Broker-Dealer and the pledge of securities and/or cash with the broker-dealer as collateral to secure payment of such secured demand note (SRC Rules, Rule 49.1(2)(A)(ii)(e));
7. Application for registration of securities (Form 12–1) with the Securities and Exchange Commission (“SEC”), i.e., every prospectus must also be subscribed under oath by the issuer (SRC, Sec. 12.7);
8. Several corporate documents submitted to the SEC, such as articles of incorporation (Revised Corporation Code (“RCC”), Sec. 14), voting trust agreements (RCC, Sec. 58), applications filed by a foreign corporation for a license to transact business in the Philippines (RCC, Sec. 142), general information sheets, application for registration securities (Form 12–1) (SRC, Sec. 12.7) and reports and forms submitted by banks to the Bangko Sentral ng Pilipinas;
9. Proxies issued by brokers and dealers (SRC Rules, Rule 20(11)(b)(xviii));
10. Tax Returns;
11. The cession, repudiation, or renunciation of hereditary rights or of those of the conjugal partnership of gains (Civil Code, Art. 1358);
12. An agent’s authority over an object which would require public document (Ibid.);
13. A cession of actions or rights proceeding from an act appearing in a public document (Ibid.);
14. An assignment of credit, right, or action shall produce no effect as against third persons (although it remains valid between the parties), unless it appears in a public document, or, where the assignment involves real property, the instrument is recorded in the Registry of Property (Civil Code, Art. 1625).

Frequently Asked Questions on Electronic Signatures[1]

1.Question: In what instances are electronic signatures can be used?

Answer: Always. There is “legal recognition”[2] of e-signatures and are the “functional equivalent”[3] of wet ink/physical signatures. There should be no discrimination whether a signature was affixed physically or electronically.

2. Question: How do I make my e-signature?

Answer: An e-signature is “any distinctive mark … representing the identity of a person”[4] which is electronically affixed to an electronic document (Word Document, PDF, email, etc.). It must remain unaltered.[5]

· Any distinctive mark — You can choose any mark to represent your identity such as an image of your wet ink signature (jpeg, png, etc.), or any image/mark that you choose. For professionalism, you may finger-write an image of your signature on your phone and save this image. You can insert/paste this image of your signature to documents to serve as your distinctive mark.

· Electronically affixed — You can use your finger (for phones) or mouse (for computers) to sign Word Docs and PDFs. But the more efficient and consistent way is to simply have an image of your signature ready for pasting. The act of inserting/pasting your distinctive mark is your act electronically affixing your e-signature.

· Unaltered — To ensure that the electronic document bearing an electronic signature is unaltered, it is suggested that you save it as a PDF file.

3. Question: Can e-sigs be forged through image editing software?

Answer: Yes, e-sigs can be forged. But this is no different from wet ink signatures: give anyone 30 minutes to practice and that person can imitate a wet ink signature. The only difference with e-sigs is that not anyone can master image editing software in 30 minutes.

The issue of validity is separate from the issue of forgeability. Even if an e-sig is arguably forgeable, the law still recognizes the validity of any signature, even if done electronically.

4. Question: If I scan a paper-based document with my wet ink signature, is it considered to have my e-signature?

Answer: No. A scan is just like a photocopy: it is not an original. What makes a signature electronic is the fact that it was electronically affixed to an electronic document. Physically signing a paper-based document is not electronically affixing your distinctive mark to an electronic document.

5. Question: Is there a practical way to prevent others from copying my e-signature?

Answer: Save to PDF the Word Documents and emails with your e-sig. This way, others cannot copy and paste the image of your signature. If others take a screenshot of your e-sig (or a picture of your wet ink sig), there are ways to examine authenticity (e.g. pixel density count).

6. Question: Can we notarize electronically signed documents?

Answer: No, although the Supreme Court had plans to allow this,[6] rules have yet to be issued. However, if e-docs with e-sigs cannot be notarized, they are still valid because the Electronic Commerce Act of 2000 legally recognizes their validity.

7. Question: What’s the difference between an e-signature and a digital signature?

Answer: Digital signatures are a type/subset of e-signatures which are asymmetrically encrypted using a hash function through private and public keys. Digital signatures are more secure forms of e-sigs because they are encrypted and certified by an authority to be authentic. In the Philippines, the Philippine National Public Key Infrastructure (PNPKI) is the government authority that issues digital signatures and allows one to authenticate the digital signature of others.

8. Question: What are examples of an e-signature and a digital signature?

Answer: Examples of an electronic signature and a digital signature are as follows:

[1] Adopted from the UP DPO Advisory Reference No. EBM 20–01 on Affixing and Acceptance of Electronic Signatures

[2] Electronic Commerce Act of 2002, Section 8

[3] Rules on Electronic Evidence, Rule 6, Section 1

[4] Electronic Commerce Act of 2002, Section 5(e)

[5] Electronic Commerce Act of 2002, Section 7(a)

[6] Rules on Electronic Evidence, Rule 5 Section 3.