Is the legal validity of digital signatures on the same level as the legal validity of a manual signature? The guest article of our IT partner d.velop clarifies.
Guest article by Rene-Pascal, Online Marketing Manager, d.velop AG. IT donation d.velop
Signing digitally basically sounds straightforward and simple. For those who know which of the current three forms of digital signature are used and when, it is. In principle, if no legal written form is provided, any form of digital signature may be used. The effectiveness of the legal transaction is not affected by this.
It is important to know that there are different forms of digital signature:
• Simple electronic signature
• Advanced electronic signature
• Qualified electronic signature
What the different levels of the digital signature differ will be explained in the further course. However, it is important to know that with regard to the evidential value, only the qualified electronic signature with a manual signature is on one level. It should therefore always be questioned how business-critical the respective processes are and whether evidence in court might be necessary.
What exactly is a "digital signature"?
A digital signature in the legal sense is a so-called electronic signature. The regulations that were formerly regulated nationally in the Signature Act can now be found in the Europe-wide eIDAS Ordinance on Electronic Identification and Trust Services (eIDAS-VO). The eIDAS Regulation has uniform requirements for electronic signatures in all EU/EEC member states and thus also for Germany.
Which forms of "digital signature" are there, how do they differ and what requirements are placed on the different forms?
The digital signature is available in three gradations:
1. Simple electronic signature (EES)
The simple electronic signature consists of electronic data attached to other electronic data or logically linked to them and used for signing (Art. 3 No. 10 eIDAS Regulation). It is therefore sufficient that recipients can recognize the person who signed. This assignment and identity function of electronic signatures is available in the following cases:
⫸ scanned signature inserted in the document⫸ signature
under an e-mail
⫸ automatically inserted e-mail signature
by program Attention: the eIDAS Regulation does not know the term "simple electronic signature" itself, but only uses the term "electronic signature (Art. 3 No. 10 eIDAS Regulation)". In order to differentiate between the different levels, however, the term "simple electronic signature" has become established in literature and everyday business.
2. Advanced Electronic Signature (FES)
The advanced electronic signature contains additional requirements to prevent the easy manipulation of the "simple" electronic signatures (Art. 3 No. 11 in conjunction .m Art. 26 eIDAS Regulation). An advanced electronic signature must cumulatively meet the following requirements:
⫸ it is clearly assigned to the signer;
⫸ it allows the identification of the signatory;
⫸ it is created using electronic signature creation data that the signer can
use with a high degree of trust under his sole control⫸ it is connected to the signed data in such a way that a subsequent modification of the data can be detected
3. Qualified Electronic Signature (QES)
A qualified electronic signature is an advanced electronic signature pursuant to Art. 26 eIDAS Regulation, which was created by a qualified electronic signature creation device and is based on a qualified certificate of a qualified trust service provider for electronic signatures (Art. 3 No. 12 eIDAS Regulation). It must cumulatively meet the following requirements:
⫸ it meets all the requirements of an advanced electronic signature
⫸ it must be created by a qualified electronic security unit⫸ it must be
based on a qualified certificate
Which form should be used in which situation?
The fundamental question is always whether the legal written form is required or whether its application has been contractually agreed. The legal written form means first of all that a law stipulates that a legal transaction must be concluded in writing or a declaration must be made in writing. If this is the case, the following applies: The legal written form according to §126 BGB, which according to the wording of §126 Abs. 1 BGB is usually only maintained by a signature "wet ink", can be replaced by an "electronic form" according to §126 Abs. 3 BGB.. §126 a Abs. 1 BGB clarifies that the "electronic form" to replace the written form is only given if a qualified electronic signature is used.
If this is not the case, the simple or advanced electronic signature can in principle be used, with which contracts and declarations can be validly concluded and submitted. However, it must always be questioned how business-critical the respective processes are, whether evidence in court might be necessary. This is because the evidence that is possible in court with a manually signed contract results for the electronic signature under German civil procedure law only for the qualified electronic signature (§371 a para. 1 sentence 2 of the Code of Civil Procedure (ZPO)).
What are the risks of using electronic signatures?
At the same time, the low requirements for the simple electronic signature result in the disadvantage of its easy (subsequent) manipulability. Neither the actual identity of the signing person can be determined with certainty nor whether a subsequent modification of the document has taken place. For the advanced electronic signature, the risk of manipulation is significantly reduced compared to the simple electronic signature. However, the legislator has not considered the advanced electronic signature to be equivalent to the legal written form (according to §126 BGB) and its probative value in court proceedings compared to the qualified electronic signature is limited. If the legal written form is required by law or by contractual agreement, only the use of the qualified electronic signature is legally effective. If instead the text form within the meaning of §126b BGB is required or there are no legal / contractual formal requirements, the use of a simple or an advanced electronic signature is basically possible under consideration of the liability risks.
In 4 steps to the introduction of the digital signature
d.velop notes that especially companies where home office is an established working model can see clear disadvantages through the use of analog processes. This can also be applied to non-profit organizations. These are simply more expensive and time-consuming than digital solutions. Thanks to the progress of digitization, the digital signature is becoming more and more important every day, as it causes a noticeable process acceleration for companies of all sizes with little investment.
Final tip from d.velop:
For all those who are concerned with the introduction of a digital signature, the following procedure is recommended.
1) Identify application scenarios
2) Are there written form requirements?
- Ja, Schriftform = qualifizierte eSignatur
- Nein, Schriftform = Evaluieren Sie die Haftungsrisiken
3) Welches Dokument soll mit welchem Signaturlevel signiert werden?
- Juristischen Rat einholen
4) Anbieter digitaler Unterschriften der eigenen Anforderungen entsprechend bewerten
d.velop sign erhalten Sie auch als IT-Spende und Sonderkondition.
Hinweis: Dieser Artikel enthält Informationen zu den rechtlichen Rahmenbedingungen für den Einsatz digitaler Signaturen in Ihrem Unternehmen, ist jedoch keine verbindliche Rechtsberatung. Zu dem kann sich die Gesetzgebung ändern. Der vorliegende Leitfaden ersetzt nicht die juristische Beratung.
Dieser Gastbeitrag ist zum ersten Mal im Juni 2021 als Artikel im Blog von d.velop erschienen: https://www.d-velop.de/blog/prozesse-gestalten/kann-die-digitale-untersc...
Abonnieren Sie die IT-News, unseren Newsletter rund um Stifter-helfen, und bleiben Sie auf dem Laufenden.