Electronic communications and the Internet are transforming the way that business is being transacted, whether across the street or across the world. Two major questions hindering the growth of electronic commerce have been

Are electronic documents legally binding? In the past, the answer was often “No”, because many laws and agreements required a “signed writing”. Historically, a signature on a document served to record a transaction, and indicate the signer’s approval of the transaction, as well as the signer’s willingness to be legally bound by it. No physical signature, no “signed writing”, no legal effect. The Federal “E-SIGN” (Electronic Signatures in Global and National Commerce) Act, the Illinois Electronic Commerce Security Act (5 ILCS 175) and the Uniform Electronic Transactions Act (adopted by Indiana as Indiana Code 26-2-8, also adopted by 21 other States in various forms) have changed the law, to allow many electronic documents to be legally binding. How do they work?

1) E-SIGN merely states that a signature, contract, or record may not be denied legal effect solely because it is in electronic form, or because an electronic signature or electronic record was used.

2) The Indiana Act says the same thing as E-SIGN, but only applies if the parties to the transaction agree to transact their business electronically, as determined from the circumstances surrounding the transaction. The Indiana Act also allows an electronic signature to meet the requirements for a legal “signature”, whether the electronic signature is a sound, a symbol, or a process such as a mathematical code. The legal effect of the electronic signature will depend on the circumstances.

3) The Illinois Act gives special legal status to “secure electronic records” and “secure electronic signatures”. “Secure electronic records” show that an electronic record has not been altered, while “secure electronic signatures” show that an electronic signature belongs to a specific person. (More on this later). Both are presumed to be genuine, with the burden on the party, opposing the secure electronic record or signature, to prove it false.

Both the Illinois and Indiana Acts allow the parties considerable freedom, to define how and when electronic records and electronic signatures will be accepted as genuine. Without clear contract terms regarding electronic records and electronic signatures, problems can result in contracts between parties from different States, because each State’s law may be different, and the E-SIGN Act does not specify how the differences in State laws are to be resolved. If the parties to a contract do not address these issues, a court may have to address the issues for them in the event of a dispute.

How do I know an electronic document has not been forged or altered? When you receive an important electronic message, you want to be sure of the message, and the party sending the message. This concern has been mostly addressed by the rise of secure Internet connections and public key encryption. An SSL (Secure Socket Layer) connection (with the prefix “https://” instead of “http://”) allows for secure communication between a server, and a computer’s browser (such as “Internet Explorer” or “Netscape”). The server provides the secure connection.

But what if a person wants to send a secure email to another person, and neither has a secure connection? The answer under current technology has been public key encryption. This form of encryption uses a complex mathematical function to generate a “digital signature” to an electronic document. The sender prepares the document and adds a “private key”, a mathematical formula that encodes the document with a unique “signature” for the sender. In addition, a “hash function” can generate a unique “hash result”, or “fingerprint”, for the document. The private key and the “fingerprint” combine to form a “digital signature”.

Upon receipt, the document can be verified with a “public key”, a mathematical formula designed to “unlock” a message, that has been “locked” with a matching private key. A third party “certification authority” can certify that a specific public key is linked to a specific person and their private key (a “certificate”). This proves that a specific person sent an electronic document. An owner of a private key is responsible for protecting their “key”, much like a credit card or PIN (personal identification number).

Meanwhile, a second matching “hash function” can verify the content of the document, and assure that the document’s “fingerprint” was not altered in transit. This is possible because a digital signature is unique to a particular sender and a particular message. It is also possible to “time stamp” a particular document to establish when it was sent.

Using a public key/private key pair, a “secure electronic signature” can be established under Illinois law, if the parties agree to use this method, or if the third party certification authority is approved by the Illinois Secretary of State, and the third party certificate is found to be trustworthy.

A secure electronic signature, in turn, can be used to show that a secure electronic record was created. Both the record and the signature, then, could be presumed to be genuine.

The laws of other states may or may not address these issues. Other States may address issues that Illinois law does not address. E-SIGN does not cover means of authenticating electronic documents. If in doubt, seek the advice of an attorney familiar with these issues.

For information on obtaining public/private key pairs, please visit the LLRX (Law Library Resource Xchange) at http://www.llrx.com/email/bibliography.htm Recent versions of “Microsoft Outlook” may also offer links to purchase these key pairs.

2). Uniform Electronic Transactions Act (UETA), on the Penn Law Library Website, http://www.law.upenn.edu/bll/ulc/ulc_final.htm#ueta . Go to NCCUSL (National Conference of Commissioners on Uniform State Laws) on the Website.

3). Illinois Electronic Commerce Security Act, 5 ILCS 175, available from http://www.legis.state.il.us . Go to Illinois Compiled Statutes on the Website, then go to Chapter 5, then to 5 ILCS 175/. There is no direct link available.