E-signing in Thailand 101: 
How Zoho Sign ensures compliance

A rundown on how e-signatures work in Thailand

Sign Up for free Request Demo

Getting started with electronic signatures

In the wake of digital transformation, sending electronic documents online has become a common practice. Often, these documents require signatures as proof of the agreement. This is achieved with the help of electronic signatures. They provide an efficient way to sign documents online, reducing paperwork and enabling more streamlined transactions.

In addition to easing the process, e-signatures also help protect your documents with their enhanced security and authentication techniques. They outweigh handwritten signatures in various aspects, with security being the most significant. As a result, e-signatures are gaining popularity with businesses worldwide.

Electronic Signatures: The game changers of Thai businesses

The Thai government's pursuit of becoming a digital economy hub is materialising with the adoption of electronic signatures for various businesses. E-signatures streamline document signing, freeing businesses from administrative burdens and allowing them to focus on core activities. This also perfectly aligns with Thailand's goal of leading the ASEAN digital revolution. They give Thai businesses a competitive edge, paving the way for regional expansion. Zoho Sign offers a secure and reliable platform for e-signatures, helping Thai businesses flourish in the world of digital commerce.

As opposed to physical signatures, electronic signatures have much to offer in terms of:

  • Speed
  • Productivity
  • Authentication
  • Security
  • Remote access
  • Improved user experience
  • Economical

Top sectors using e-signatures

E-signatures have found significant adoption across various sectors, including:

  • Education
  • HR
  • Transport
  • Insurance
  • eCommerce
  • Healthcare and life sciences
  • Technology
  • Banking
  • Legal
  • Telecommunications

Legal framework of e-signatures in Thailand

The following laws regulate the use of electronic signatures:

  • Electronic Transactions Act (ETA) of 2001

    The primary law governing electronic signature usage in the country.

  • ETDA Recommendation on ICT Standard for Electronic Transactions

    The Electronic Transactions Development Agency (ETDA) issued Guidelines in 2020 detailing the requirements of various types of electronic signatures. Adhering to these guidelines ensures compliance with the ETA.

Types of e-signatures under the law

As per the Guidelines, electronic signatures are categorised into three types: general electronic signatures, reliable/trusted electronic signatures, and reliable/trusted electronic signatures that utilise a certificate provided by a certificate authority.

1. General Electronic Signatures

According to the ETA, an “Electronic Signature” is a "letter, character, number, sound or any other symbol created in electronic form and affixed to a data message in order to establish the association between a person and a data message for the purpose of identifying the signatory who involves in such data message and showing that the signatory approves the information contained in such data message."

This type of signature is suitable for low-impact transactions.

Examples of an Electronic Signature:

  • Typing your name at the conclusion of an email
  • Scanning and attaching an image of your handwritten signature
  • Using a stylus to write your signature on a screen
  • Clicking a button to indicate acceptance or agreement
  • Checking an acceptance box

Requirements of an Electronic Signature

According to Section 9 of the ETA, an Electronic Signature is considered valid for any data message if it fulfils the following criteria:

  • The method used can identify the signatory and demonstrate their approval of the information.
  • The method is reliable and appropriate for the data message considering the given circumstances or any existing agreement between the parties involved.

2. Reliable/Trusted Electronic Signatures

An Electronic Signature that meets the criteria outlined in Section 26 of the Electronic Transactions Act is recognised as a Reliable Electronic Signature.

The requirements are as follows:

  • The signature creation data must be uniquely linked to the signatory.
  • The signatory must solely possess the signature creation data during the signing process.
  • Any changes to the Electronic Signature after signing must be detectable. This is essential if the purpose of the signature is to maintain the integrity and completeness of the information.

The requirement that the signature creation data be uniquely linked to the signatory does not exclude the use of other methods to demonstrate the reliability of an Electronic Signature or to present evidence challenging its reliability.

Example:

A digital signature is a prime example of a Reliable Electronic Signature. It is an electronic signature based on a cryptographic process and provides security features that help verify the identity of the signer, ensure data integrity, and prevent the signer from denying their signature. Reliable Electronic Signatures are suitable for transactions requiring careful consideration of conditions or precautions.

3. Reliable/Trusted Electronic Signatures that utilise a certificate provided by a certificate authority

This type of signature adheres to the requirements outlined in Section 26 of the ETA. It is based on a certificate issued by a certification authority in accordance with Section 28 of the ETA. These signatures are ideal for high-impact transactions involving sensitive data, such as corporate confidential information.

An example of this is a digital signature that uses public key infrastructure (PKI) and certificates issued by certification authorities.

Legal status of e-signatures under the law

The ETA gives Electronic Signatures the same legal status as traditional paper signatures. It does not mandate the use of any specific technology for the creation of Electronic Signatures, thereby allowing them to be technology-neutral. The law accepts all recognised Electronic Signatures, provided they meet the necessary legal criteria.

When considering the evidential value of different kinds of electronic signatures, the burden of proof varies. In the case of a General Electronic Signature, the burden of proof lies with the claimant, whereas in the case of a Reliable Electronic Signature, the burden of proof lies with the disputant.

Where are Electronic Signatures applicable?

Electronic Signatures can be used for all civil and commercial transactions carried out via data messages, with exceptions only for transactions explicitly excluded by law through a Royal Decree on the Criteria and Methods for Government Electronic Transactions. The Royal Decree also stipulates that government sectors and agencies must determine the specific type and form of Electronic Signatures to be used in their electronic transactions.

Instances where Electronic Signatures cannot be used

The Royal Decree Prescribing Civil and Commercial Electronic Transactions Excluded from the Application of the Law on Electronic Transactions, B.E. 2549, 2006 states that an Electronic Signature cannot be used for transactions relating to family and succession matters.

Recognition of foreign certificates

An Electronic Signature or certificate is legally valid irrespective of:

  • The location where the certificate was issued or the electronic signature was created or used.
  • The geographical location of the issuer's or signatory's business premises.

Zoho Sign: A Thai business essential

Adopt Zoho Sign for a paperless and secure signing environment in Thailand. Find out how we ensure legal compliance with our robust security features.

  • Identification and reliability:

    Zoho Sign employs strong authentication techniques, such as OTP authentication and PKI-based signing, to ensure the e-signature is uniquely identifiable.

  • Approval of the signer:

    Zoho Sign provides a checkbox label to help users indicate their consent to signing a document electronically or their consent to the terms in the electronic document. Signers are required to accept this clause before proceeding to sign: "I confirm that I have read and understood the ‘Electronic Record and Signature Disclosure’ and consent to use electronic records and signatures.”

  • Audit trails:

    Zoho Sign maintains a detailed audit trail of the signing process, including timestamps and signer information. This provides a clear record of the signing order and participants, and serves as crucial evidence in case of any disputes.

  • Control over the data used for the signature:

    Only the signatory is allowed to review the document before signing and provide choices to make changes or reject the document if necessary.

  • Enhanced security:

    Zoho Sign employs robust encryption protocols, such as the military grade AES-256 encryption at rest and the TLS/SSL protocol in transit, to ensure data transmission between the signing platform and the data being signed is secure. This prevents exposure of documents and data from data breaches.

  • Detectable alterations:

    Zoho Sign ensures any alterations to the electronic signature or the document to which the signature is affixed are detectable through an elaborate audit trail of occurrence of all activities during the signing process. This audit trail comprises critical information such as the identity of the signatory, the timestamp of the signature, and changes made to the document.

  • Document timestamping:

    Zoho Sign offers timestamping services through its partnership with a certificate authority, GlobalSign. This helps validate the authenticity of a digital signature and aids in verifying that the signed document existed in the given form at the time of signing and remains unaltered.

    GlobalSign

Key takeaway

Zoho Sign's compliance with Thailand's e-signature regulations empowers Thai businesses to take the plunge into the world of digital signing, knowing their documents will be legally valid and enforceable. With its user-friendly interface, robust security features, and detailed audit trails, Zoho Sign provides the perfect platform for streamlining your workflows and operating within Thailand's legal framework. Get onboard with Zoho Sign and experience the ease of e-signatures from anywhere, anytime.

Resources

Disclaimer

The information provided in this document is for general informational purposes only and shall not be construed as legal, regulatory, or any other form of professional advice. Zoho Sign disclaims any liability for any error in the information provided herein. We recommend that you consult your legal counsel for any questions that you may have in this regard.