Electronic Signatures in South Africa
This much vexed and discussed topic cannot be considered in isolation – as a matter of background, attention must be given to the common law, what a signature is and its purpose.
OK so what is a signature?
The common law determines that a valid signature must meet the following requirements:
- It must be the name or mark of a person
- It must appear on the document in question
- The author of the name or mark must have applied his/her mind
- Likewise, such a party must have had the intention to sign the document – as you will see shortly this element is arguably paramount.
The next and obvious question is: ‘What is the purpose of a signature ‘’?
It is evidence of:
- The identity of the signatory
- and the signatory intended the signature (as above, name or mark) to be his/her signature
- The writing or text associated with the signature has been adopted or approved by the signatory
It is also important to note that the lack of a written signature does NOT invalidate a contract or agreement – the essence of a binding agreement is consensus, and this can be reached not only by a written signature confirming it, but also by a verbal exchange or an adequately worded electronic exchange, provided in all cases the participants to the consensus were competent. Similarly, an agreement does not have to be in writing to be enforceable, although the issue of proof becomes an issue.
A further commonly asked question is, what is the purpose of a witness signature?
It is important to differentiate between documents that by law require a witness and signature of the witness to validate the document, such as a will and other written agreements. The latter may have a clause requiring the contracting parties’ signatures to be witnessed, but in lieu of such a clause, the only reason for parties to witness the contracting parties signing, and then affixing their signatures as witnesses, is really an evidentiary one: if a dispute arises later as to whether the agreement was signed or, if was in fact signed, as to the identity of the signatory(ies), a witness signature can be extremely useful!
The Electronic Communications and Transactions Act, Act 25 of 2002 (‘ECTA’) introduced the concept of signing a document electronically. It defines an ‘electronic signature ‘as “data attached to, incorporated in, or logically associated with other data and which is intended by the user to serve as a signature “. The ECTA further provides (Section 13(2)) that “an electronic signature is not without legal force and effect merely on the grounds that it is in electronic form”. This clearly indicates that electronic signatures are legally recognized in South African law.
So, let’s analyse exactly what all this means. It is important to note that the signature per se is described as data and this must be borne in mind for the purposes of this discussion. This signature must unequivocally fulfill three functions: verify the sender’s identity, intention to sign and authenticate the document. There are potentially 4 types of electronic signature: two are prescribed by the ECTA, namely Standard Electronic Signature (‘SES’) and Advanced Electronic Signature (‘AES’). The two other types are when the parties formally agree on a format, and lastly, if such implied agreement can be deduced from the facts (as discussed in the case of Spring Forest Trading CC v Wilberry (Pty) Ltd t/a Ecowash and another in 2015 – referred to below as ‘the Spring Forest case’.
Let’s deal with exclusions. I mentioned wills in the previous insert. The ECTA excludes the following documents from being signed electronically (SES or AES), namely agreements pertaining to the sale of immovable property, long term (20 years or more) property leases and bills of exchange.
The SES can be brought about by scanning the signatory’s handwritten signature or drawing it by using a digital tool (This method is now common place and used especially by courier companies) . It is the default electronic signature if the type of electronic signature has not been specified by the parties but it will still only be valid if the following requirements have been met:
- It identifies the signatory or sender
- It indicates his/her approval of the information communicated
- Given the circumstances, this method is reliable and appropriate
- It is time stamped
This type of electronic signature is the most commonly used, such as the ‘click and accept’ box format pertaining to various internet transactions commonly used by most people reading this article and, if you want to go one step further, the daily response to an email you may have received. The key issue at the end of the day will be proof i.e. who actually ticked the box (e.g. accepting the business’ T&C) or replied to the email (see discussion below).
However reservations have been expressed about all of the above applications/variations of SES not being reliable due to the relatively high risk of counterfeit. Accordingly, when using any form of electronic signature it is imperative to take cognisance of and apply the security measures prescribed by Protection of Personal Information Act, Act number 4 of 2013 (‘POPI’) namely ‘appropriate, reasonable technical and organisational measures’ complying with ‘generally accepted information security practices measures’.
The ECTA prescribes the use of the AES where, other than the exclusions listed above, the law requires a document to be in writing and signed. Examples are suretyship agreements and signing as a Commissioner of Oaths. It is defined as an electronic signature that has been accredited by the South African Accreditation, and Authority (‘SAAA’) as provided by section 37 of the ECTA. The criteria, standards and processes have been provided by the SAAA. Once an SES becomes an AES, a certificate is issued by a product or service provider approved and appointed by the SAAA. This goes hand in hand with ‘face to face check of an ID document a trained agent of a government accredited certificate authority ‘.
So let’s move onto the 3rd and 4th category of electronic signature , i.e. those not specifically dealt with in the ECTA. Firstly, where the parties formally agree to a format so the parties can agree in writing (which can include an electronic exchange such as email, SMS or Whatsapp), how they will acknowledge and respond to each other’s correspondence? This is subjective and there may be many variations.
More prevalent in everyday communications is the 4th permutation, the deeming or implied scenario. This was discussed in the Spring Forest case. First let’s look at the facts of the case. The lessee had sent an email to the landlord cancelling the lease agreements and the landlord responded by email, confirming the cancellation. The landlord later denied this cancellation and argued that there was a non-variation clause in the agreement that could only be cancelled in writing with both parties’ signatures. This case therefore focused on the non-variation clause in a lease agreement which stated that no variation of the agreement or cancellation of the agreement would be of force unless such variation or cancellation was reduced to writing and signed by both parties.
The issue the court had to decide upon was whether or not a person’s email signature met the requirements of an electronic signature, as required by the ECTA. The court found this because the names of both parties at the bottom of their emails:
- Were intended to serve as signatures
- Constituted data
- Were logically, ‘‘clearly and unambiguously’ associated with the data in their emails.
- Identified the parties.
Let’s take this judgment a step further. In my view what the court essentially also established is that there was an implied, tacit acceptance that the exchange (which the Spring Forest case confirmed constitutes data) constituted an acceptable and binding form of communication. Over and above the rationale of the court pertaining to the electronic signature, if you enter into an agreement where consent is sufficient, then electronic consent alone is sufficient – you don’t have to add a signature. The ECTA itself (Section 24) indicates that ‘other means from which intent can be inferred’ is acceptable. So the ‘tick box’ ‘click and accept’ methodology reflects a ‘positive action indicating assent’
It should also be borne in mind that when the Consumer Protection Act, Act 68 of 2008 (‘the CPA’) is applied to a dispute, the adjudicating body is directed to bear in mind and consider the course of conduct between the parties (Section 52 (2) (h)). So when a party who regularly enters into transactions with the same supplier using e.g. the ‘click and accept’ system (and all of the T&C that are usually included and specifically referred to), such a consumer will be hard-pressed to refute the transaction relying on his ‘non-binding’ signature!
May 11 2020
DISCLAIMER – Each case depends on its own facts & merits – the
above does not constitute advice – independent advice should be
obtained in all instances