Legislator Cythnia Wu hosted a forum at the Legislative Yuan on 7/11, convening stakeholders from various industries to discuss the revisions to the Electronic Signature Act. The event featured insightful contributions of Charles Wu, the founder of ThinkCloud technology and a legislation consultant on MODA's revisional draft, as he shares his perspective on the future direction of e-signature regulations.
The Electronic Signatures Act of 2002 was enacted two decades ago to “encourage the use of electronic transactions, ensure the security of electronic transactions and facilitate the development of electronic government and electronic commerce,” as stated in the first article of the act.
Back then, the industries and landscape of e-commerce were still in their infancy, which is why its definition now seems so outdated and limited. In fact, the term electronic signature was not even mentioned in the first article.
Fast forward twenty years, the rapid advancements in information and communication technology have led to a significant expansion in the application of digital signatures beyond mere transactions. Electronic signatures now find widespread use in diverse sectors such as healthcare, finance, government, education, and real estate, among others.
Consequently, it has become imperative to modernize the antiquated law to address the new challenges and opportunities in the digital age. Recent research conducted by Acumen Research and Consulting reveals that the Global Digital Signature Market collected USD 3.2 Billion in 2021 and is projected to reach USD 48.4 Billion by 2030, with a remarkable CAGR (Compound Annual Growth Rate) of 35.4% from 2022 to 2030.
Taking the initiative to update the legislation, Taiwan’s newly established Ministry of Digital Affairs (MODA) is spearheading the amendment to the two-decade-old Electronic Signature Act. MODA issued a ruling in March, specifying the required algorithms and technical standards for digital signatures to ensure their legal effect under the Electronic Signatures Act.
Subsequently, on June 27th, MODA made its draft amendments to the Electronic Signatures Act public, welcoming feedback and suggestions from stakeholders in various sectors through the Public Policy Participation Platform until August 25th.
As public hearings and ongoing discussions on the legislative changes have commenced, officials and representatives from different industries have expressed their support for this overdue modernization. However, they have also voiced some concerns about potential oversights in MODA’s revisions to the law.
Nonetheless, this proposed overhaul marks Taiwan’s commitment to embracing cutting-edge technologies and building trust in electronic transactions, propelling the nation’s digital development into the future.
The proposed amendments to the Electronic Signature Act entail six key changes aimed at modernizing and updating regulations around electronic signatures.
1. Specifying the principle of equal functionality between electronic and paper formats
The revised legislation makes it explicit that electronic documents and signatures carry the same legal validity as their physical counterparts, emphasizing the principle of functional equivalence. This recognition ensures that electronic signatures and documents are legally binding and accepted at the same level as traditional paper-based ones.
In practicality, this revision empowers individuals and organizations to confidently use electronic signatures and documents for a variety of tasks like contract signing, transaction authorizations, and official form submissions. Streamlining these processes will eliminate the need for physical paperwork and face-to-face interactions, resulting in higher efficiency, reduced costs, and increased convenience for conducting business and administrative tasks. Therefore, this move toward embracing electronic signatures is set to revolutionize how transactions are conducted and will lead to a more seamless and digitally-enabled future.
2. Clarifying the relationship between electronic signatures and digital signatures
The updated law clearly defines digital signatures as a specific type of electronic signature. According to the revisions, digital signatures must meet certain requirements, including being issued by a trusted certificate authority and utilizing public key verification technology.
An electronic signature is a mark attached to an electronic document that helps identify as well as confirm the identity, qualifications, and authenticity of the person signing the document. It provides a reliable way to sign electronic documents, ensuring their integrity and authenticity.
In contrast, a digital signature is a particular type of electronic signature that involves converting an electronic document into a unique set of digital data using mathematical algorithms or other methods. This data is then encrypted using the signatory’s private key (PKI), forming a digital signature that can be verified using the corresponding public key. Moreover, a digital signature must be accompanied by a certificate from a trusted certificate authority (CA), either public or private.
Notable public CAs include institutions like the Ministry of the Interior, the Ministry of Economic Affairs, the Legislative Yuan, the National Development Council, and the Ministry of Health and Welfare, while private CAs include entities like Chunghwa Telecom Co Ltd and Taiwan Certificate Authority (TWCA).
The law change is based on the principle of technological neutrality, allowing any technology capable of ensuring data integrity and authentication during transmission or storage to be used for creating electronic signatures. Instead of limiting itself to “digital signatures” based on asymmetric encryption technology, it fosters the adoption of emerging technologies.
This approach aligns with international recommendations from organizations such as the United Nations and the European Union. It establishes the foundation of “electronic signatures” while accommodating future innovations in electronic authentication technologies, including Dynamic Biometric Signatures built with biotechnology.
3. Distinguishing the legal effect of electronic signatures and digital signatures
Digital signatures are granted a “presumption” of being personally signed by the individual, treated as if personally signed, to strengthen their legal credibility. (The wording “presumption” rather than automatic recognition of a digital signature as a personally signed one acknowledges the risk of unauthorized access and misuse of digital signatures.)
In disputes over the authenticity of digital signatures, the burden of proof lies with the party challenging its genuineness. However, though electronic signatures carry the same legal weight as physical ones, disputes over their authenticity still require evidence from the party claiming its genuineness.
This legal endowment of “personally signed presumption” thus enhances the reliability of digital signatures, simplifying verification and expediting digital transactions. Placing the burden of proof on challengers further enhances trust and acceptance of electronic signatures as standard practice for improved convenience, security, and legal validity.
SelfieSign is a new e-signature solution for better security in the mobile generation.
4. Adjusting the requirements for the use of electronic documents and signatures
with the consent of the parties involved
The revision expands the use of electronic documents and signatures beyond legal transactions with counterparties. It clarifies that obtaining consent from counterparties is not mandatory for electronic documents. However, while consent from counterparties is not necessary, the revision acknowledges potential digital gaps and grants them the choice to refuse or seek alternative options when using electronic documents or signatures.
This flexible approach ensures comfort and accommodates parties who prefer traditional paper-based methods or other alternatives, promoting inclusivity in electronic transactions.
5. Reducing the possibility of administrative institutions excluding the Electronic Signature Act through public announcements
The revised law prevents administrative agencies from exempting the application of the Electronic Signature Act through commands or announcements. Yet, it allows them to create separate regulations for the technical and procedural aspects of electronic documents and signatures.
Administrative agencies are given three years to transition smoothly. After this period, previous exemptions become invalid. If agencies still wish to exclude this law, they must do so through proper legislative procedures or amendments.
This measure guarantees a consistent legal framework for electronic signatures across government entities, promoting trust in digital processes. Additionally, agencies can adapt guidelines to match evolving technologies, ensuring continued relevance and security in electronic transactions.
6. To consider the opportunities for international interoperability of electronic signatures
The regulations now permit foreign companies to act as digital signature certification authorities in the country. The approval process considers factors like international reciprocity, equivalent security standards, and potential for technical collaboration.
Earlier this year, the National Institute for Cyber Security under the Ministry of Digital Affairs partnered with Lithuania, successfully using the “miXed organization Certification Authority” (XCA) issued by the MODA for online signing, which has been officially recognized and holds legal validity in Lithuania.
This mutual recognition and acceptance of each other’s digital signature technologies will pave the way for smoother and more secure electronic transactions between the two countries, setting a precedent and foundation for this legislation amendment. Moreover, allowing foreign entities to provide digital signature services endorses a more interconnected and global approach to digital transactions and security.
In conclusion, the proposed amendments to the Electronic Signature Act aim to establish a comprehensive legal framework that ensures electronic signatures have the same functionality as physical signatures. But more importantly, these changes bring much-needed clarity on the distinction between electronic and digital signatures, besides promoting international interoperability.
If approved, this legislation is anticipated to significantly improve the legal validity and trustworthiness of electronic signatures and documents, streamline administrative processes, and encourage the widespread adoption of digital transactions across sectors.
Stakeholders have a 60-day window, from June 27th to August 25th, to provide feedback on the draft through the Public Policy Participation Platform. The Ministry of Digital Affairs will then carefully review and consider the opinions from various sectors, fostering a collaborative and ongoing effort to advance the legislative amendment.
To read up on the whole legislation draft, visit this link
This abridged version of this article was published on DIGITIMES Asia. Click on this link to read more.