Go paperless in the UK:
Achieve e-signature compliance with Zoho Sign

Understanding the nuances of UK e-signature laws

Sign Up for free Request Demo

Electronic signatures: An overview

Sending electronic documents online has become a common practice, and these documents often require signatures. Electronic signatures, also called e-signatures, provide an efficient way to sign documents online, leading to reduced paperwork and more streamlined transactions. E-signatures also help protect documents with enhanced security and authentication techniques. As a result, e-signatures have gained popularity worldwide, helping businesses meet their objectives efficiently.

E-signatures for modern UK businesses

In a competitive digital marketplace, traditional paper-based signing processes are no longer practical or sustainable. E-signatures have become vitally important for modern businesses in the UK, as they streamline operations, enhance efficiency, and ensure legal compliance. The increasing prevalence of remote work and global collaboration has further bolstered the influence of e-signatures in the UK.

Zoho Sign offers heightened security and global accessibility while ensuring compliance with UK regulations. It can help businesses in the UK achieve optimal performance by ticking crucial boxes, such as:

  • Speedier signing processes
  • Improved productivity
  • Signer authentication
  • Security
  • Remote access
  • Improved user experience
  • Cost-effectiveness

E-signatures in play: Top areas of use

E-signatures and the law

The legal framework governing e-signatures in the UK is designed to ensure security, validity, and enforceability. Let's delve into the key aspects of UK e-signature laws and the requirements necessary for e-signature to be deemed legally binding.

Applicable laws and regulations about the use of electronic signatures in the UK

  • Electronic Communications Act of 2000 ("the Act")
  • The Electronic Identification and Trust Services for Electronic Transactions (Amendment, etc.) (EU Exit) Regulations 2019 ("UK eIDAS")
  • The Electronic Identification and Trust Services for Electronic Transactions Regulations 2016

Legal validity of e-signatures

According to the Act, an electronic signature is considered admissible evidence if the electronic data containing the electronic signature is certified by the signer.

"Certifying the electronic data" refers to the signer making a statement confirming that either of the following is a valid means of signing:

  • Signature
  • Method of producing, communicating, or verifying the signer
  • Procedure applied to the signing

Moreover, an e-signature must not be denied legal effect and admissibility as evidence purely because:

  • It is in its electronic form
  • It does not satisfy the requirements for a Qualified Electronic Signature, which has the same validity as a handwritten signature

Brexit's impact on e-signature regulations

Before Brexit, the UK was subject to the EU eIDAS Regulation (EU Regulation No 910/2014), which provided a unified legal framework for e-signatures and other trust services across EU member states. Brexit has led to the UK adopting its own version of the eIDAS regulation, retaining much of the eIDAS framework but with certain changes that impact the legal validity of e-signatures outside the EU. However, the requirements for each kind of electronic signature and other trust services recognised under the UK eIDAS regulation stand the same as provided under the EU eIDAS.

Types of e-signatures recognised in the UK

Electronic Signature or Simple Electronic Signature (SES)

SES is electronic data which is attached to or logically associated with other data in electronic form and used by the signatory as a means to provide their signature electronically.

Advanced Electronic Signature (AES)

To qualify as an AES, the following conditions must be satisfied:

  • Uniquely associated with the signatory
  • Capable of confirming the signatory's identity
  • Created using methods that are solely under the control of the signatory
  • Affixed to the electronic data in a manner that allows detection of any changes made to the electronic data after signing

Qualified Electronic Signature (QES)

A QES is an Advanced Electronic Signature that is both:

  • Created with the use of a Qualified Signature Creation Device (QSCD)
  • Based on a Qualified Electronic Certificate

Qualified Signature Creation Device (QSCD)

A QSCD is one which meets the requirements under Article 30 and in Annex II of the UK eIDAS. It must be certified by an appropriate body designated by the Secretary of State.

Qualified Electronic Certificate

A Qualified Electronic Certificate links the electronic signature validation data to the signatory, ensuring the authenticity of the signature. Qualified Electronic Certificates are issued by Qualified Trust Service Providers (QTSPs).

Please visit the European Union legality page for a detailed information on the types of e-signatures recognised in the EU.

The UK eIDAS regulation recognises EU eIDAS QTSPs and allows them to be used in the UK. This signifies that a QES based on a Qualified Electronic Certificate issued by QTSPs accredited in the EU are valid in the UK; however, the reverse is not yet valid. According to the ICO, there are not yet any UK trust service provider with qualified status.

Electronic Seal

An Electronic Seal, or e-seal, is data attached to or logically associated with other electronic data in electronic form in order to ensure that data's origin and authenticity. It is used to affix the legal person/entity's seal in the electronic document.

The UK eIDAS states that an e-seal should not be denied legal effect and admissibility as evidence in the court of law for the sole reasons that:

  • It is in its electronic form
  • It does not satisfy the conditions for a Qualified Electronic Seal

Similar to the EU eIDAS, the UK eIDAS recognises Advanced and Qualified Electronic Seals as two other kinds of electronic seals.

Advanced Electronic Seal

An Advanced Electronic Seal is required to meet the following conditions:

  • Uniquely linked to the legal person affixing the seal
  • Capable of identifying the legal person affixing the Seal
  • Created using means that are solely under the control of the legal person affixing the seal
  • Any changes in the electronic data subsequent to signing is detectable

Qualified Electronic Seal

A Qualified Electronic Seal is an Advanced E-Seal that is both:

  • Created by a Qualified Electronic Seal Creation Device that complies with Article 39 of the UK eIDAS
  • Based on a Qualified Certificate for electronic seal that complies with Article 38 of the UK eIDAS

Qualified electronic seals are provided by QTSPs. These seals are presumed to maintain the integrity of the data and accurately indicate the origin of the data to which they are attached.

Electronic Time Stamp

An Electronic Time Stamp is data that binds other electronic data to a specific time, indicating evidence that the latter data was in existence at the specified time.

An Electronic Time Stamp must not be denied legal validity or acceptability as evidence merely because:

  • It is in its electronic form
  • It does not satisfy the conditions of a Qualified Electronic Time Stamp

Qualified Electronic Time Stamp

A Qualified Electronic Time Stamp is required to fulfil the following criteria:

  • Binds the date and time to electronic data in a manner that prevents undetectable modifications to the data
  • Based on a time source that is synchronised with Coordinated Universal Time (CUT)
  • Signed using an AES or secured with an Advanced Electronic Seal provided by a QTSP

Qualified Electronic Time Stamps are provided by QTSPs. These stamps are presumed to accurately reflect the date and time they display, as well as the integrity of the data linked to that date and time.

E-signature legality in Scotland

Scotland maintains a distinct statutory regime for e-signature laws that is different from the broader United Kingdom framework. The applicable legislation that ensures the legality, admissibility, and reliability of electronic signatures within its jurisdiction are:

  • Requirements of Writing (Scotland) Act 1995 ("RWSA")
  • The Electronic Documents (Scotland) Regulations 2014 ("EDSR")

Legal recognition of electronic signatures

The law in Scotland recognises the use of electronic signatures, aligning with the electronic signatures listed under the UK eIDAS.

The RWSA acknowledges electronic signatures on electronic documents, granting them the same status, validity, and authenticity as traditional paper documents.

The EDSR provides that for any electronic document containing electronic signatures specified under section 1(2) of the RWSA to be valid, the electronic signature affixed to such document must be an Advanced Electronic Signature as defined under the UK eIDAS.

The documents listed under section 1(2) include all of the following:

1. The constitution of:

  • a contract or unilateral obligation for the creation, transfer, variation, or extinction of a real right in land
  • a gratuitous unilateral obligation except an obligation undertaken in the course of business
  • a trust whereby a person declares himself to be sole trustee of his own property or any property which he may acquire

2. The creation, transfer, variation, or extinction of a real right in land otherwise than by the operation of a court decree, enactment, or rule of law

3. The constitution of an agreement under section 66(1) of the Land Registration etc. (Scotland) Act 2012

An electronic document is presumed to be authentic as mentioned under RWSA if it bears a Qualified Electronic Signature as defined under the UK EIDAS.

Requirements of an electronic signature

An electronic signature, as defined in the RWSA, is an element in electronic form that meets both of the following:

  • Is either incorporated into, or logically associated with, an electronic document
  • Purports to verify the authenticity and/or integrity of the electronic document

An electronic document is considered to be authenticated by a specific individual if the electronic signature of such individual:

  • Is incorporated or logically linked to the electronic document,
  • Is created by the individual who is said to have made it, and complies with the standards set by the Scottish Ministers in their regulations

RWSA specifies that in relation to an electronic document, authenticity means that the document has been electronically signed by a particular person, and that the document is accurately timed or dated. Similarly, integrity means that the document has not been tampered with or modified.

Exclusions to e-signature use

In general, the transactions for which electronic signature can be used are defined by legislation or regulations enacted for that specific purpose. It is recommended to seek legal advice before using electronic signatures for a particular transaction.

According to the explanatory note to the EDSR, electronic signatures cannot be used for wills, testamentary trust dispositions, settlements, or codicils.

Why is Zoho Sign the right choice for you?

Simplified workflow and compliance with the e-signature regulations makes Zoho Sign an ideal solution for all business owners in the UK.

  • Qualified Electronic Signatures (QES):

    This is the highest level of e-signature recognised by UK eIDAS, which provides the highest legal backing by ensuring document integrity and non-repudiation.

  • Authentication methods:

    Zoho Sign offers various authentication methods such as email authentication, SMS authentication, dynamic knowledge-based authentication, and identity verification via third-party trust service providers.

  • Audit trails:

    Robust audit trails record all activities related to digital signing and keep track of all changes and work processes.

  • Encryption and security measures:

    Zoho Sign employs robust encryption protocols, such as the military grade AES-256 encryption at rest and the TLS/SSL protocol in transit, to ensure that the data transmission between the signing platform and the data being signed is secure. This prevents exposure of documents and data from data breaches.

  • Legal validity:

    Zoho Sign ensures the legal validity of electronic signatures under UK eIDAS and other relevant regulations in the UK by offering three levels of e-signature standards, tamper-evident seals, and digital signature certificates issued by Qualified Trust Service Providers (QTSPs).

  • Document timestamping:

    Zoho Sign effectively offers document timestamping or Qualified Electronic Seals through its partnership with Uanataca, a QTSP recognised in the EU. This helps validate the authenticity of a digital signature and aids in verifying that the signed document existed in the given form at the time of signing and remains unaltered.

Uanataca for businesses in the EU

Conclusion

The age of printing and scanning is over. Gear up for a new era of streamlined document handling, faster turnaround times, reduced costs, and improved security with e-signatures. Zoho Sign stands as an invaluable ally to UK businesses, offering a seamless solution for navigating the e-signature landscape and guaranteeing compliance with the UK e-signature laws. With this adoption, users can collaborate globally from the comfort of their homes at a minimal cost. Get onboard with Zoho Sign and see what we have to offer!

Resources

Disclaimer

The information provided in this document is for general informational purposes only and shall not be construed as legal, regulatory, or any other form of professional advice. Zoho Sign disclaims any liability for any error in the information provided herein. We recommend that you consult your legal counsel for any questions that you may have in this regard.