Best Practices to Ensure Esign Forms Will Hold Up In Court

[Victor Congionti]

Hello,

As the experts in esign forms, I was wondering if your company had any best practices to ensure that all esign forms would hold up in the court of law. :) Our concern is that we are providing a link to a client who is starting the transaction and submitting the form. See Example here.  We are not sending the form directly to the client's email address for a signature. They are starting and completing the transaction entirely on their own. While I understand the users IP address is tracked, they can be using a proxy or be on a public network. It would seem that with this method, anyone can submit the form on the other person's behalf. Correct me if I'm wrong?

[Open eSignForms]

You can read more online in our e-signature FAQ: http://www.yozons.com/FAQ/#ESIGNID

The general answer is that signatures are not identification tools, and in practice never have been -- wet or electronic. It's only in the movies where handwriting experts are brought to testify about a non-scientific analysis of loops and swirls.  Your process is a weak, but it is no less weak than if you had a contract people could download, print, hand sign and then turn in manually, by fax or mail, or paper forms you hand out and get back later.  The squiggles on paper do not identify the person at all.  They provide authorization for whoever it is that signs, but if you don't know who that person is, then you are opening yourself up to be defrauded.  At least the e-signature version used will not allow the content of the agreement to be modified like when it's printed first, and you do have an IP address and timestamp (more than what you'll have on paper where you can easily back/forward date).  And if the fraudster has a copy of the handwritten signature, then the paper version will look fine thanks to scanners and printers.

Sending documents to be signed adds authentication (also in the FAQ: http://www.yozons.com/FAQ/#EBIA) in that you know the person at least has access to the email account.  This may not be useful for solving a crime since they would likely use a free hotmail/gmail/yahoo type account.

The signature is legal, but the party signing may be a criminal.  This is true for all cases (wet or electronic), and you must balance your business risk with the process chosen.  That's why some business processes on paper require notarized signatures, not for legality, but to reduce their risk.  We certainly recommend that if you accept unsolicited signed documents, that you have subsequent business process that vets the party as needed to ensure you are not defrauded, such as requesting payment or even doing a minimal $1 credit card charge.  Much depends on what you give in exchange for the signed agreement, but it is not wise to give real value just for a signature, be it electronic or with squiggles on paper.

The best bet is to think how you'd accept the contract if you didn't have e-signatures available.  Would you check ID?  Require a notary?  Allow anybody to submit them?  If so, going electronic adds no risk and provides some evidence to help that the paper version simply won't have (and no, you won't also be doing fingerprint analysis, etc. unless it is the crime of the century!).