Legal Considerations of
Digital Document Storage
and E-Signature
Authority for Paving the Last
Mile of the Road to a “Paper on
Demand” Court
Jeffrey N. Barlow, JD, MBA, PMP, Justice Systems Consultant
Bonus: Cost Savings
• E-Signatures reduce the cost of capturing a
signature
– Judges can sign more rapidly
– Signature can be collected from many locations
• Paper reductions and associated costs
• E-Signature is often the last mile to a fully
paper-on-demand court. POD will provide:
– Dramatic staff cost reductions
– Process automation (workflow)
– Public access to and sale of records
Related Topics
•
•
•
•
•
•
•
•
•
•
“Official” document
Retention requirements
Confidentiality
Privacy
Delivery
Security
Access
Migration planning
Conversion of legacy documents
E-Filing
Session Agenda
Moving Beyond Wet Signatures and Raised
Seals in Court Operations
• Is it Legal?
• Is it Safe?
• Is it Proven?
Is It Legal?
Legal Foundation for
Electronic Signatures
• “…[I]t is arguable that an electronic
signature qualifies as a signature
without any legislative assistance.”
John Gregory article
• Almost all jurisdictions have enacted
legislation anyway
– To create certainty of acceptance
– Symbolic importance of signatures
What Is A Signature?
•“Too Few Definitions” (Professor Chris Reed)
•Anything that the signatory intends to have act as
binding him or herself to the contents.
•At Common Law, no particular form required
Primary Purpose
• Establish the Identity of the Signatory
• Establish the Signatory’s Intention to
make a signature
• Establish that the Signatory Adopts
the Contents
Secondary Purpose
• Validate official action
• Protect consumers
Tertiary Purpose
• Provide Solemnity through the
Ceremony of signing
What Is An Electronic Signature?
“Electronic signature" means an
electronic sound, symbol, or process
attached to or logically associated with
a document and executed or adopted
by a person with the intent to sign the
document.
From the Model Laws and their derivatives
Jurisdictional Overview
•
•
•
•
International
European Union
Canada
United States
– Federal/National
– States
International
• UNCITRAL
– Model Law on Electronic Commerce (MLEC)
– Model Law on Electronic Signatures (MLES)
• European Union Directive: Advanced
Electronic Signatures
• Canada
– Uniform Electronic Commerce Act
– Personal Information Protection and Electronic
Documents Act (2000, c. 5)
– Secure Electronic Signature Regulations (SOR/200530) (Enabling Statute: Canada Evidence Act (R.S.,
1985, c. C-5))
US Federal/National
• Legislation
– Uniform Electronic Transactions Act (UETA)
– Electronic Signatures in Global and National
Commerce (E-SIGN) Act
• Standards
– Department of Defense 5015.2 Standard
– FIPS Publication 1863, Specifications for the
Digital Signature Standards
• American Bar Association Digital
Signature Guidelines
Michigan
• MCL 450.831-450.849 (UETA)
• MCL 55.287 (Notaries Public)
• MCL 565.232 (Official Seals)
• Records Reproduction Act
• S Ct Administrative Orders
– 2007-24: Adopts many
federal rules regarding
retention of electrically
stored information
– Series of orders
permitting pilot programs
• Michigan Court Rules
Chapter 8: Michigan Courts
Records and Information
Management Manual
Oregon
•
•
•
•
•
•
•
•
•
ORS Chapter 84 (UETA)
ORS 184.473-477 – Information
Technology Mgmt
ORS 1.002 – Chief Justice
Authority to Make Rules
Regarding Electronic Documents
ORS Chapter 192 – Records
OAR 125-600 – Identity
Authentication/Electronic
Signatures
Chief Justice Orders
UTCR 21 – Filing and Service By
Electronic Means
Oregon Judicial Dept. Record
Retention Rules
Oregon Community of Practice –
Guidelines for Managing
Electronic Records
Levels of Authority
•
•
•
•
•
•
•
•
Statutes
Case Law
Regulations/Administrative Rules
Agency/Court Rules
General Orders
Agency/Court Policies
Agency/Court Procedures
Audit Processes
How to Establish the Legal
Foundation
• Start at the top (Constitution, Statutes) and
work down
• Look for disconnects between levels
• For the level at which the disconnect occurs
– Determine what the disconnect is
– Determine who should decide what changes to
the level should be
– Determine what effect making the required
change would have on the lower levels
Legal Authorities - Summary
• E-Signatures are legal and enforceable, even In the
absence of statutory authority
• Legislation, rules, and practices surrounding use of esignatures are uniformly intended to facilitate and
insure the efficacy of e-signatures
• The Model Laws have been so widely adopted, and in
use for so long, that the issue of acceptability is rarely
(maybe never)raised
• Statutory clarifications, rules, court orders, etc. are
often promulgated, even where their main purpose is
to provide additional comfort level rather to overcome
any explicit restrictions
Is It Safe?
Records Management –
Basic Principles
To Be Considered Trustworthy, a Government
Record Must
– Be Authentic
– Be Reliable
– Have Integrity
– Be Usable
MCL 24.402 (Michigan Records Reproduction Act)
Characteristics of Record Authenticity
An Authentic Record Can Be Proven
• To be what it professes to be;
• To have been created or sent by the
person claiming to have sent it; and
• To have been created or sent at that
time
Best Practices for Reproducing Public Records, State
of Michigan Records Management Services
Characteristics of
Record Reliability
A Reliable Record Is One
• Whose contents can be trusted to be
a full and accurate representation of
the transactions, activities, or facts to
which it attests; and
• Which can be depended upon in
the course of subsequent
transactions or activities.
Best Practices for Reproducing Public Records, State of
Michigan Records Management Services
Characteristics of Record Integrity
A Record Has Integrity If It Is
• Complete; and
• Unaltered
Best Practices for Reproducing Public Records,
State of Michigan Records Management
Services
Characteristics of Record
Usability
A Record Is Usable If It Can Be
•
•
•
•
Located;
Retrieved;
Presented; and
Interpreted
Best Practices for Reproducing Public Records,
State of Michigan Records Management Services
Advanced or Digital Electronic
Signature
• Uniquely linked to the signatory
• Capable of identifying the signatory
• Created using means that the
signatory can maintain under his or
her sole control
• Linked to the content in such a
manner that any subsequent change
of the data is detectable
(EU Directive; E-SIGN)
Security
• Environment
• Technology
• Policies and Procedures
• Operational Responsibility
• Audit
Signature Security
Something you know (Password)
Something you have (Token)
Something about you (Biometric)
Something about where you are
(Computer)
• Someone you know (Trusted
Guardian)
• Combination
•
•
•
•
Technologies
Main Types
• Password – Something you know
• Keypad – A signing captured electronically
• Digitally Captured – Handwritten signatures
digitized through the writing process
• Public Key Infrastructure – Dealing with a trusted
third party
• Hash Functions – Using information that, because of
the way it is generated, cannot be duplicated or
falsified
• Tokens – A physical object
• Cryptographic - Application of an algorithm
• Biometric – A personal physical characteristic
• Combinations – Use of two or more methods
How Someone Can
Falsify Your Signature
• Someone has access to your PC; AND
• Knows your password; AND
• If you are using a signature pad, can forge
your signature; and
• If you have a physical token, has your token;
AND
• Knows how to operate the system; AND
• Can control the Workflow so that no one
else becomes suspicious; AND
• Can make sure you do not find out about it
Is It Proven?
Sampling of Courts Using
Judicial Electronic Signatures
• Oregon Circuit Courts
• Maricopa County, Arizona (Phoenix)
• King County Superior Court,
Washington (Seattle)
• Michigan: Washtenaw, Genesee,
Ottawa, Grand Traverse, Tuscola, and
St Clair Counties
• Ohio
Conclusion
Moving Beyond Wet Signatures on Paper
• It Is Legal!
• It Is Safe!
• It Is Proven!
About Jeffrey Barlow
Jeffrey Barlow has spent over 35 years working with courts, both
as an attorney and as an information systems professional. After
practicing law for ten years in the private and public sectors, he
earned a second bachelor’s degree in computer science and
joined the State of Oregon court system’s newly formed
Information Systems Division in 1986. Over the next 20 years, Jeff
participated in and led major court technology development
and implementation projects as a Systems Analyst, Business
Analyst, Project Manager, Project Office Manager, and Deputy
CIO. He also holds an MBA and is certified by the Project
Management Institute as a Project Management Professional
(PMP). He now works as a Justice Systems Consultant with
ImageSoft, Inc.
About ImageSoft, Inc.
ImageSoft, Inc., was founded in 1996 and provides technology
solutions to automate, streamline and improve workplace
processes, increase productivity, reduce operating costs, and
save time and money. Based in Southfield, Mich., with offices in
Raleigh, N.C., and Portland, Ore., the company serves customers
throughout the U.S., Canada and Mexico. Its markets include
insurance companies, government, the courts, healthcare and
educational institutions, and manufacturers. An award-winning
company, since 2008 ImageSoft has consistently been named
one of the nation’s Fastest-Growing Privately Held Companies by
Inc. Magazine, and is repeatedly selected as one of Michigan’s
Economic Bright Spots and as one of Metropolitan Detroit’s 101
Best and Brightest Companies to Work For. Additionally, in 2008
the Edward Lowe Foundation cited ImageSoft as a Michigan 50
Companies to Watch. For more information visit
www.imagesoftinc.com
Thank You!
Presentation Materials May Be Accessed At
http://www.imagesoftinc.com/resources.html