The Electronic Communications and Transactions Act 25 of 2002 (“the ECTA”) which came into force in 2002 will have a major effect on the growth of e-commerce and the facilitation and regulation of electronic communications, transactions and agreements. Although it was possible to enter into an electronically concluded agreement before August 2002 the ECTA is important because it formally recognises such transactions and agreements in South Africa.
Section 12 of the ECTA gives data messages the same functional equivalent and legal validity as written documents if they are:
- in the form of a data message; and
- accessible in a manner usable for subsequent reference.
Electronic contracts can therefore be concluded via data messages if they are generated, sent, received or stored by electronic means which includes:
- voice, where the voice is used in an automated transaction; and
- a stored record;
Turning to the signature aspect of a contract, the ECTA gives legal recognition to two types of electronic signatures. The first, a normal electronic signature, is defined in Section 1 as meaning “data attached to, incorporated in, or logically associated with other data and which is intended by the user to serve as a signature;” While the second, is known as an advanced electronic signature (AES) and is defined in section 1 as meaning “an electronic signature which results from a process which has been accredited by the Authority (Department of Communication) as provided for in section 37.” In such cases the "authentication products or services" must be designed to identify the holder of an electronic signature to other persons. The Post Office and LawTrust are currently the only two accredited providers complying with the SANS 21188 Public Key Infrastructure (PKI) standard.
Apart from the above the Act does not prescribe the type of electronic signature to be used which could affect the legal validity of the document if one considers that depending on their purpose, complexity required and technology implemented, the following are all types of electronic signatures:
- Biometric Signatures (fingerprint, retina scan, voice recognition, etc.)
- Digital Signatures (private key infrastructure, certificates, etc.)
- Physical Signature Capture Devices (tablets, signature pads, embedded scanned image, smart phones, etc.)
- Identity Verification Services (email validation, ID verification, etc.)
Technicalities aside, Section 13 of the ECTA recognises electronic signatures as being valid in the following situations:
13. (1) Where the signature of a person is required by law and such law does not specify the type of signature, that requirement in relation to a data message is met only if an advanced electronic signature is used.
(2) Subject to subsection (1) an electronic signature is not without legal force and effect merely on the grounds that it is in electronic form.
(3) Where an electronic signature is required by the parties to an electronic transaction and the parties have not agreed on the type of electronic signature to be used, that requirement is met in relation to a data message if-
(a) a method is used to identify the person and to indicate the person’s approval of the information communicated: and
(b) having regard to all the relevant circumstances at the time the method was used, the method was as reliable as was appropriate for the purposes for which the information was communicated.
(4) Where an advanced electronic signature has been used, such signature is regarded as being a valid electronic signature and to have been applied properly, unless the contrary is proved.
5)Where an electronic signature is not required by the parties to an electronic transaction, an expression of intent or other statement is not without legal force and effect merely on the grounds that –
a) it is in the form of a data message; or
b) it is not evidenced by an electronic signature but is evidenced by other means from which such person's intent or other statement can be inferred.
Regarding 13(1), an example here is when the Companies and Intellectual Property Commission recently clarified the following as acceptable authorised signatures for documents submitted by electronic communication:
- A fingerprint, or any other biometric measure; and
- one time password sent by the CIPC system to either his or her cellular telephone or e-mail address or a combination of his or her cellular telephone and e-mail address.
Otherwise a AES would have been necessary. An example of the use of an AES is by a Commissioner of Oaths creating a certified electronic copy of the original.
The effect of section 13(2), is to recognise the different types of electronic signatures, even if they are not technologically advanced - depending on the type of agreement and contractual situation.
Regarding 13(3), the absence of an electronic signature when one is required does not per se nullify an electronic transaction if the identity of the parties, their approval and method of approval was appropriate for the circumstances.
Section 13(5) reiterates the validity of data messages, even if not signed if they express intent.
Whether or not an AES is used, the ECTA (at section 4(3)) excludes the use of electronic signatures in the following circumstances:
- An agreement for alienation of immovable property as provided for in the Alienation of Land Act, 1981 (Act No. 68 of 1981).
- An agreement for the long-term lease of immovable property in excess of 20 years as provided for in the Alienation of Land Act, 1981 (Act No. 68 of 1981).
- The execution of a bill of exchange as defined in the Bills of Exchange Act, 1964 (Act No. 34 of 1964).
- The execution, retention and presentation of a will or codicil as defined in the Wills Act, 1953 (Act No. 7 of 1953).
In conclusion, the Electronic Communications and Transactions Act gives legal validity to data messages, and unless the use of a digital signature is excluded, or is specifically prescribed, individuals may use any number of types of electronic signature to conclude binding contracts.