Digital Signatures

Digital signatures provide a means to authenticate an electronic document. In other words, they identify the original creator of the document and that the document has not been altered since its creation.  In addition, a digital signature can serve as evidence during litigation, demonstrating that an electronic document came from the claimed signatory. A digital signature is a mechanism designed to provide a document with integrity, authenticity, and security. Any changes made to the document after the digital signature has been applied visibly void its authenticity.

The Uniform Electronic Transaction Act (UETA) defines an electronic signature as “an electronic sound, symbol, or process attached to or logically associated with an electronic record and executed or adopted by a person with the intent to sign the electronic record.” (Source: California Civil Code Secion 1633.2(h))

Many agencies provide services that require transmission of electronic documents. With paper records, a “wet signature” certifies that the content of a document is authentic. A valid digital signature can be thought of as the electronic equivalent of the analog “wet signature.”  

Purpose of Digital Signatures

The American Bar Association identifies the following as the general purposes for signatures:

Evidence: A signature authenticates a record by identifying the signer with the signed document. When the signer makes a mark in a distinctive manner, the writing becomes attributable to the signer

Ceremony: The act of signing a document calls to the signer’s attention the legal significance of the act and helps prevent inattention or inappropriate approval

Approval: In certain contexts, a signature expresses the signer’s approval or authorization of the record or the signer’s intention that it have legal effect

Efficiency: A signature on a written document often imparts a sense of clarity and finality to the transaction, and may lessen the subsequent need to inquire beyond the face of a document

(Source: American Bar Association. Digital Signature Guidelines Tutorial. Section of Science and Technology Information Security Committee)

Using Digital Signatures

The method an agency employs for a digital signature must be created by a technology that is acceptable for use by the State of California (Approved list of digital signature certification authorities). Agencies interested in developing a plan that involves digital signatures should consult with their agency’s IT and legal departments in order to identify the best solution.  A digital signature must adhere to the following criteria to ensure the technology is acceptable for use by public entities:

It is unique to the person using it

It is capable of verification

It is under the sole control of the person using it

It is linked to data in such a manner that if the data are changed, the digital signature is invalidated

It conforms to Title 2, Division 7, Chapter 10 22001 of the California Code of Regulations