Understanding electronic signatures
Sending electronic documents online has become a common practice, and these documents often require signatures. Electronic signatures, also called e-signatures, provide an efficient way to sign documents online, reducing paperwork and enabling more streamlined transactions. E-signatures also help protect documents with enhanced security and authentication techniques. As a result, e-signatures have gained popularity worldwide, helping businesses meet their objectives efficiently.
The effect of e-signatures on Canadian businesses
In a digital ecosystem, trust is an asset that is hard to gain yet easy to lose. E-signatures have emerged as the cornerstone of this trust, transforming how Canadian businesses operate by ensuring secure, efficient, and legally binding transactions. Zoho Sign, an advanced e-signature solution, is a notable contributor, providing robust authentication methods, seamless integration with various business applications, and compliance with Canadian e-signature laws and regulations. This helps foster a trustworthy digital environment, driving growth and customer satisfaction.
The adoption of Zoho Sign can propel Canadian businesses to success by ticking pivotal boxes, such as:
- Speedier signing processes
- Improved productivity
- Signer authentication
- Security
- Remote access
- Improved user experience
- Economical
Industries embracing the digital shift
- Education
- HR
- Banking and Finance
- Healthcare and life sciences
- Legal
- Transport
- Insurance
- Technology
E-signatures in Canada
Canada's movement into the digital signing space has enabled the streamlining of business, government, and legal affairs. Under the provisions of Part 2 of the Personal Information Protection and Electronic Documents Act (PIPEDA), and the Secure Electronic Signature Regulations (SOR/2005-30), electronic signatures are recognized as valid electronic alternatives to handwritten signatures at the federal level.
Types of e-signatures recognized
Canadian law recognizes Electronic Signatures and Secure Electronic Signatures.
Electronic Signatures
The PIPEDA defines an "Electronic Signature" as "a signature that consists of one or more letters, characters, numbers or other symbols in digital form incorporated in, attached to or associated with an electronic document."
Creating an e-signature
The Government of Canada's guidance stipulates that an e-signature can be any form of electronic representation associated with a document or transaction, including:
- Utilizing a stylus on a tablet for writing and capturing a signature
- Typing a name or signature line in an email
- Logging into a website and clicking an acknowledgment button
- Scanning a handwritten signature onto an electronic document
Secure Electronic Signatures
According to SOR/2005-30, a "Secure Electronic Signature" is a digital signature that ensures the authenticity and integrity of an electronic document. It is based on asymmetric cryptography involving hash function and Public Key Infrastructure (PKI), along with a digital signature certificate.
Legal status of Electronic Signatures
According to the GC Guidance, the legal recognition of Electronic Signatures in Canada is not governed by a single regulation or federal law. Instead, various departments and agencies enact their own laws and regulations, which dictate the requirements for electronic signatures, including their permissibility and the types that can be used.
When government agencies enact their own regulations on electronic signatures, the need for an e-signature may either be implied or established for non-legislative reasons, and the specific type of e-signature may be unspecified or unclear.
Further, the GC Guidance examines "assurance level," a term that refers to the degree of confidence that can be placed on the validity of an e-signature and the identity of the signer. It determines the type of electronic signature required for a specific transaction by assessing the required levels of user authentication, identity assurance, and credential assurance.
Please visit Government of Government of Canada Guidance on Using Electronic Signatures for a detailed breakdown of the recommendations for e-signature at each assurance level.
Use cases of Secure E-Signatures
Specific scenarios where Part 2 of PIPEDA mandates the use of a Secure Electronic signature include:
- Documents used as evidence or proof
- Seals
- Original documents
- Statements made under oath
- Statements declaring truth
- Witnessed signatures
Certification authority (CA)
A certification authority is a person or entity responsible for issuing digital signature certificates and is recognized as such on the Treasury Board Secretariat's website.
Digital signature certificate (DSC)
SOR/2005-30 states that a digital signature certificate is an electronic document that:
- Identifies the CA that issued it and is digitally signed by that CA
- Identifies, or provides means to identify, the person it pertains to
- Includes the person's public key
A digital signature certificate is considered valid if the following conditions are met at the time of signing the electronic document:
- It is legible or perceivable by any person or entity who holds the right to access the digital signature certificate
- It has not expired or been revoked
Recognition of foreign digital certificates
To be recognized as a certifying authority in Canada, a foreign certification authority must comply with Section 2 of the Public Key Infrastructure Configuration Requirements. If any foreign certification authorities are recognized, it will be listed on the website.
Electronic signatures under Ontario provincial laws
The Electronic Commerce Act, 2000 (ECA) outlines the legal structure for the implementation of electronic signatures in Ontario. According to the ECA, an "Electronic Signature" is defined as "electronic information that a person creates or adopts in order to sign a document and that is in, attached to or associated with the document." It also specifies that electronic documents and electronic signatures shall have the same legal effect as paper contracts and signatures, respectively, and does not require a digital signature certificate from a certification authority for an Electronic Signature to be valid.
Recognition of E-Signatures in the law
According to Section 11 of the ECA, the requirement for a signature on a document can be satisfied through the use of an Electronic Signature. This requirement is deemed satisfied if the Electronic Signature:
- Is reliable for identifying the person
- Reliably associates the signature with the document
- Fulfills the stipulated requirements, if any, as to method
- Adheres to the prescribed information technology standards, if any
Additional conditions applicable for an Electronic Signature used by a public body
An Electronic Signature that is to be provided to a public body must satisfy the following conditions:
- The Electronic Signature must conform to the information technology standards set by the public body.
- The Electronic Signature must meet any methodical and reliability requirements for signatures that the public body has in place.
Instances where e-signatures cannot be used
- Wills and codicils
- Trusts created by wills or codicils
- Powers of attorney, to the extent that they are in respect of an individual’s financial affairs or personal care
- Negotiable instruments
- Documents that are prescribed or classified as such
Electronic Signatures under Quebec provincial laws
The Act to establish a legal framework for information technology (the "Quebec Act") governs the electronic transactions and commerce in Quebec, which permits the use of electronic signatures if the following requirements are satisfied:
- The method used ensures the document's integrity
- The link between the signature and the document is created and preserved from the time of signing
Notably, the Quebec Act does not define "electronic signature." It also does not outline any specific methods or criteria to satisfy the aforementioned conditions, nor does it specify particular scenarios for using electronic signatures. Therefore, it is recommended to seek advice from your legal counsel before using an electronic signature for a legal transaction.
Revenu Quebec details the types of electronic signatures acceptable for specific transactions. These include:
- A digital signature accompanied by a digital certificate, produced using a specialized tool
- A signature created using input devices such as a stylus, touchscreen, or mouse
- A scanned image of a hand-drawn signature
Cases where electronic signatures cannot be used
The Civil Code of Quebec (CCQ) and the Consumer Protection Act (CPA) provides that the following must be made by notarial act:
- Marriage agreements
- Wills
- Declarations of co-ownership
- Protection mandates and powers of attorney
- A loan instrument or acquittance in the context of subrogation
- A hypothec in favor of a hypothecary representative, except in the case of a movable hypothec with delivery
Ensure legally valid signatures with Zoho Sign
Zoho Sign meets Canada's e-signature regulations by incorporating features that enhance security and privacy. It helps businesses gain a competitive edge by offering a faster and more secure signing experience to their customers.
Reliable signer identification:
Zoho Sign employs strong authentication techniques, such as OTP authentication and PKI-based digital signatures using digital certificates, to ensure that the e-signature is uniquely identifiable.
Secure linkage of the signature with the document:
Zoho Sign provides digital signature certificates issued by GlobalSign to ensure the legitimacy and credibility of e-signatures. This helps verify the signer's identity and binds the signature to them.
In addition, Zoho Sign maintains a detailed audit trail of the signing process, including timestamps and signer information. This provides a clear record of the signing order and participants and serves as crucial evidence in case of any disputes.
Enhanced security:
Zoho Sign employs robust encryption protocols, such as the military grade AES-256 encryption at rest and the TLS/SSL protocol in transit, to ensure that the data transmission between the signing platform and the data being signed is secure. This prevents exposure of documents and data from data breaches.
Legal recognition:
E-signatures created using Zoho Sign are legally recognized and enforceable in the courts of Canada, making it the go-to solution for businesses looking to incorporate e-signatures into their workflows.
Document timestamping
A digital timestamp is a digitally signed notation that is appended to the electronic data, digital signature, or certificate that indicates that certain digital data exists at a certain point in time. This process securely binds the date and time to the document, ensuring its authenticity and integrity.
Zoho Sign partners with recognized timestamping authorities, GlobalSign and Seiko, to provide trusted digital timestamps for electronic transactions. These timestamps validate the authenticity of e-signatures and verify that the signed document existed in the given form at the time of signing and remains unaltered, adding a robust layer of security to the signing process. By making signatures tamper-proof, digital timestamps enhance the reliability of signed documents for both legal and commercial purposes.
Key takeaway
E-signatures are paving the way for secure and automated business processes. Zoho Sign can be the perfect solution to help you escape the paperwork maze and step into a future of streamlined agreements. With Canada's Digital Ambition leading to widespread acceptance of electronic records and e-signatures, Zoho Sign can be a valuable tool for businesses aiming to simplify their legal processes and thrive in the digital age.
Resources
- Personal Information Protection and Electronic Documents Act (PIPEDA)
- Secure Electronic Signature Regulations (SOR/2005-30)
- Government of Canada Guidance on Using Electronic Signatures (GC Guidance)
- Electronic Commerce Act, 2000
- Act to establish a legal framework for information technology (the "Quebec Act")
Disclaimer
The information provided in this document is for general informational purposes only and shall not be construed as legal, regulatory, or any other form of professional advice. Zoho Sign disclaims any liability for any error in the information provided herein. We recommend that you consult your legal counsel for any questions that you may have in this regard.