Skip to main content

Procedural aspects

Electronic Signatures

For many, the introduction of electronic signatures in legal practice, whether in judicial or administrative proceedings, has been a period of uncertainty.

The lack of clear, evident, and authoritative sources on "What are these signatures?" This issue still causes many magistrates, lawyers, and civil servants to misinterpret and misuse them.

A Short History of Electronic Signatures

Electronic signatures have existed since the dawn of the Internet and technology, providing, in one form or another, security in accessing websites as well as safety for members conducting transactions through computer means.

Ever since the development of the HTTPS protocol in 1994 by Netscape Communications, electronic signatures and encryption have become essential to our digital activities.

However, although these technologies have existed in technical practice for over 20 years, it took some time for the technology to mature and be transposed into regulatory acts that would enforce these standards.

Directive 1999/93/EC This was the first such directive, which also formed the basis Legii 455/2001, and it was the first law to introduce IT concepts into Romanian legislation.

Astfel, au apărut primii furnizori locali, care au rămas, de altfel, și liderii pieței în furnizarea de semnături către consumatorii locali:

    • S.C. Trans Sped S.R.L. = Expired on 02.07.2017
    • S.C. Digisign S.A. = Expired on 21.08.2020
    • S.C. Certsign S.A. = Expires on 31.08.2023
    • S.C. Alfatrust Certification S.A. = Expires on 28.10.2023
    • S.C. Centrul de Calcul S.A. = Expired on 12.03.2018
    • UM 0296 București (Unitate Militară 0296 București) = Expired on 19.12.2022
    • Special Telecommunications Service = Expires on 07.29.2023

What is interesting to note from the list is that many suppliers have expired authorizations. This is because they have moved, rationally, to European accreditation, which we will discuss infra.

Over time, the inefficiency of a non-unitary system was observed, in the context of the EU's goal of ensuring a single market and eliminating the inefficient bureaucracy of an open market.

Thus, a new regulation was introduced through Regulation "eIDAS" (910/2014), which standardized signature types and provided a framework for the norms under this regulation to subsequently standardize the types of standards accepted at the European level.

Tipuri de semnături electronice

Semnaturile electronice din legea 455/2001 urmareau 3 tipuri, respectiv:

  • Simple signatures (that is, including the mere mention of the signer in the document)
  • Semnături avansate (care identifică direct și fără echivoc semnatarul)
  • Advanced qualified signatures (i.e., those that directly and unequivocally identify the signer and benefit from the presumption of correctness, being issued by trusted institutions)

Thus, trusted accredited providers have been granted the quality of a sort of "digital notary", whose trust allows them to offer signatures with the same legal value as qualified signatures.

In contrast to advanced signatures, which can be issued by anyone, qualified electronic signatures are issued only by trusted persons who assume civil, contraventional, and criminal liability for the correctness of the signatures and the identity of the signatory.

Intermediar, au aparut si semnaturile avansate create cu certificat calificat, adica, semnaturi avansate care au fost emise de un furnizor de incredere, care insa nu certifica identitatea semnatarului, ci doar ii atribuie un nivel de incredere, verificarile preliminarii fiind facute temeinic si corect.

With the introduction of the eIDAS regulation, these signatures, as defined above, have been standardized at a European level, without, however, repealing local regulations, which are still applicable but opposable exclusively to local institutions:

  • Semnaturi SES (Simple Signatures)
  • Semnături AdES (Advanced signatures) that uniquely identify the signer, providing cryptographic proof of their identity.
  • Semnaturi AdES/QC (Advanced signatures created with a qualified certificate)
  • Qualified Electronic Signatures (Semnaturi avansate create cu un dispozitiv de creare a semnaturilor calificate), la randul lor semnaturi avansate, si echivalente cu semnaturile olografe

In addition to these signatures, however, the existence of other means of providing trust is notable, but their legal quality is poorly defined in doctrine and jurisprudence.

Sigiliile electronice

💡
While electronic signatures uniquely identify individuals, electronic seals are issued to legal entities, organizations, and associations, serving to identify the entity rather than its members.

The value of these, regarding their interpretation according to the Civil Code in Romania, is somewhat unclear, as they are not signatures, but an equivalent of a stamp, which we know has no effect in the absence of a signature, towards third parties.

And while the law has eliminated the formality of the stamp from many procedures, signatures have enjoyed increasing trust and power, which has made economic seals less and less used in Romania.

Thus, these seals, which work on exactly the same principle as electronic signatures, identify the entity that signed the document but not the signatory, which is uncertain.

In our opinion, seals are the electronic equivalent of stamps, transposed into the digital space in a verifiable manner. However, in Romania, these stamps are [No direct translation provided for "oricum ne-necesare"]So, the use of these seals is purely at the user's discretion and does not carry any significant legal effect, except in certain cases where the law assigns legal quality to stamped documents.

    • Authorized translations, signed with an electronic seal, can be verified as originals and are identifiable without the need for signature legalization. This process is equivalent and secured by the use of electronic signatures and seals.
    • Building permits, etc., where a stamp is required, providing information about permits, etc.
    • The seals of public notaries, thus replaced by an electronic means of verification.

Thus, what is certain is that these means of identification are far less relevant than signatures, but they raise questions about the importance of digitizing the economy.

Timp Marcaje

💭
Timestamps are the digital equivalent of "certain date," serving to place an action on a timeline with a presumption of correctness.

Desi legea nu le face in mod vadit si direct echivalente cu data certa, opinam urmatoarele:

  • Timestamp providers are assimilated public officials who exercise an attribute related to the power of the state (being given the quality of trusted providers). Therefore, point 1 of the definition of the certain date could be argued.
  • And point 3, regarding the display in a public register (the trusted provider's ledger), could be argued as these are public and allow anyone to identify this document over time.
  • Point 6 is certainly applicable; the article of law in the eIDAS regulation gives these markings a presumption of correctness, thus granting them the equivalent of the certain date offered by a public notary, where the form of challenge is through a declaration of falsity, similar to authentic acts.

Data Certa (Art. 278 Noul cod de procedură civilă)

Art. 278

Fixed date of the private document under signature

(1) The date of private documents under signature is opposable to persons other than those who have drawn them up only from the day on which it became certain, through one of the means provided by law, namely:

1. from the day on which they were submitted to be given a certain date by the public notary, the bailiff or another competent official in this regard;

2. from the day on which they were presented to a public authority or institution, with a mention of this being made on the documents;

3. from the day they were entered in a register or other public document;

4. from the day of the death or from the day when the physical incapacity to write of the person who drew it up or of one of those who subscribed it, as the case may be, occurred.

5. from the day on which their content is reproduced, even in brief, in authentic instruments drawn up under the conditions of Article 269, such as conclusions, minutes for the application of seals or for taking inventory;

6. din ziua în care s-a petrecut un alt fapt de aceeaşi natură care dovedeşte în chip neîndoielnic anterioritatea înscrisului.

(2) Unless contrary legal provisions exist, the court, taking into account the circumstances, may waive the application, in whole or in part, of the provisions of paragraph (1) regarding acquittals.

Thus, assuming that these timestamps provide a certain date for the documents, a multitude of uses can be applied to them.

Unlike qualified electronic signatures, which require prior verification of the party's identity, certain data (through qualified time markings) does not require such formality, is easy to perform, and has a low cost.

So, here's how a new form of delivering anteriority brings equivalence to an old but highly relevant concept in the legal world, which we hope to see more and more in practice.

Other "unusual" forms of electronic signatures

The eIDAS Regulation does not in itself provide formal conditions or standards for electronic signatures, but those enforceable against public institutions are clarified by additional regulations.

There are advanced signatures, in accordance with European regulations.

    • Website HTTPS Certificates
    • The DKIM signatures of emails sent with this type of additional validation of the sender.
    • Means of communication that use encryption, such as WhatsApp or Signal, are interesting from a legal perspective. There is a discussion about using messages from these platforms as the beginning of evidence in a criminal trial, with the argument based on electronic signatures, as the messages are "signed" in a way that uniquely associates the conversation participants.

Aspecte practice si de interpretare

Types of Electronic Signatures Enforceable Against Public Institutions

While the European regulation provides a legislative framework to protect court evidence signed with such documents in public institutions, it is noteworthy that certain standards, defined by this regulation, are accepted. The decision to enforce this regulation. (2015/1506)

Thus, the following types of electronic signature standards are opposable to public institutions:

  • With XAdES format = That is, with an XML file that includes signature information, and which is clarified by the standard ETSI TS 103171 v.2.1.1.
  • Cu format PAdES = In other words, introduced in a PDF file, allowing signing of a part or the entirety of the PDF document, as defined by the standard ETSI TS 103173 v.2.2.1
  • With CAdES format = That is, signatures in CMS format (Cryptographic Messaging System), once used for document signing and often found, for example, on SEAP (documents with .P7s, .P7m extensions), and defined by ETSI TS 103174 v.2.2.1

In addition to these types of signature standards, which sign a particular file, we also have types of signatures that sign multiple files, thus offering the possibility to combine several documents into a single signed "file."

  • With ASIC format = That is, ZIP files that include an XAdES or CAdES file, which can be used for signing and merging multiple documents.

    This format is extremely relevant for transmitting evidence without altering it. The practice of copying evidence by changing the format and attaching it to a PDF may alter the document.

    And although it is a common procedure at the OUP level, all issues could have been resolved by adopting ASiC-formatted signatures, which allow signing of absolutely any type of file, from PDFs to videos, photographs (without altering bits that can remove or, on the contrary, create "false" evidence)

    This format, unfortunately rarely encountered in practice in Romania, is regulated by ETSI TS 103174 v.2.2.1

Standards for Electronic Signature Compliance:

Desi semnaturile electronice se bucura de un prim set de formalitati care trebuie respectate, care sunt aplicate in toate standardele, inclusiv aceste standarde permit mai multe tipuri de semnatura, fiecare cu un grad diferit de autenticitate si putere probanta.

Thus, we have the following types of "grades" of signatures:

  • Semnături conforme cu nivelul B (De bază): This represents the first and weakest level of electronic signatures, even qualified ones. It guarantees that the user has signed, but not the correct temporal placement of documents, even if they have a picture in the background indicating a time. In short, these signatures declare, but do not certify the time of signing.
  • T-level compliant signatures (with temporal certification) Unlike B-level compliant signatures, these signatures additionally provide a means to approximately verify the signing date of the documents, guaranteeing a certain period from which the signature has existed unequivocally and enjoys a presumption of correctness. Technically, this is ensured by a token that can be validated in a database and certifies the existence of the signature at a specific time.
    Here again, the certified date could be brought up.

    Formalities borrowed from B. signatures.
  • LT-Level Conforming Signatures (Long-Term Storage): These signatures are recommended for procedures that require archiving because they include all the necessary material for signature validation.

    Borrow the formalities from signatures B and T.
  • Signatures in compliance with LTA-Level (Long-Term Storage and Archiving) regulations: Ideal for situations where documents need to retain their probative value over a very long period, ensuring the integrity and date of the document. They include a qualified seal and are used by us in our day-to-day activity (that of Incorpo.ro)
  • Compliance signatures with other levels: Although European regulations do not confer normative power upon other types of signatures through legislative acts, they are mentioned and hold customary value in the practice of qualified signing. They are updated variants of the standards expressly mentioned by the European regulations, and they will Most likely to be approved in the future.

    These compliance levels represent the set of information included in the signature header, which can be verified by the signature program or manually, knowing the protocol.

Semnătură electronică - Acord de voință?

Un alt aspect interesant este relația semnăturilor electronice cu dovada voinței și diferența dintre aceste semnături și cele olografe.

While holographic signatures are placed on a part of the page that clearly demonstrates a meeting of the minds, they do not protect the document from subsequent alterations, electronic signatures do the opposite.

Electronic signatures sign all document content, but do not explicitly guarantee any agreement of will.

Perhaps the signer wanted to certify that it conformed to the original. Or maybe they simply signed to agree with the signature made by someone else, or to acknowledge receipt of the document. All are reasonable assumptions, but they have different implications when it comes to the expression of will provided.

Therefore, signature standards also include the possibility of signing the purpose of the signature, which can be used to clarify the purpose and limit the scope of the will agreement when signing documents.

Thus, signature providers can use that field to clarify the purpose of signing, detail the will agreement offered, and outline its limits.

We can argue that compliance with the original does not give legal value to an act, just as signing for receipt does not guarantee that the signatory agrees or even considers the received act authentic.

So, how can the signatory's intent be verified?

We are of the opinion that there is no single means of identification, but that the analysis of the existence of will should be analyzed in the context of the document. Was a document transmitted for the purpose of obtaining approval? Did the receiving secretary sign before submitting the document to the head? Was the registration number assigned and signed for compliance and to prevent modifications?

From the context, one can deduce the existence (or not) of the signatory's agreement, especially given the absence of such information in the signature box. We opine that, in the absence of compliance with the standards by all accredited signature providers, signatures should be analyzed with a certain degree of leniency, even if the contextual analysis is imperfect. We believe that qualified signatures already offer a much higher level of validation compared to holographic signatures.

What's with the signed photo?

That stamp, which transcribes details about the signatory (name, first name, date, etc.), holds as much validity as the agreement it represents. As previously described, supraHowever, the signatures themselves do not indicate the signatory's intent to agree, as that checkbox is optional and rarely used in practice.

💡
These photos, stamps, etc., are not mandatory or imposed by the eIDAS regulation or electronic signature standards.

The small house has only an indicative title, bringing Subjective validity of the act, and over time they became a form incorecta For signature identification.

Even documents that are not altered by applying such signature fields can be electronically signed; the PadES standard (regarding PDF documents) has invisible signature fields, and the respective images are completely separate from the applicable signature standards.

Therefore, in the context of printing documents by regular means, the method of validating the signature is lost, as printing does not preserve the information stored in the signature box, but only the image, which in itself has no legal value whatsoever. The information stored in the signature is completely thrown out the window.

A somewhat worrying story

Upon hearing "about a story in practice" where registrars of courts of law, from the lowest to the highest level, print out documents, mark them as conforming to the original, and subsequently delete them (due to lack of server disk space), we opine that this practice undermines the legal validity of all evidence thus administered.

The Civil Code clarifies that the probative value of copies, even certified ones, is limited by the content of the original document. The parties may at any time request a comparison with the original document, which shall prevail. In the meantime..... deleted and probably irreversibly destroyed by overwriting..

A serious "ups" that, in exceptional circumstances, can even lead to acquittal due to lack of evidence (and the declaration of the beginning of null evidence by certified copies, as the document is lost), for individuals accused of criminal acts.

While we argue that the probability of the original existing in multiple copies (duplicates) through "copy-paste" to other parties (e.g., the prosecution) raises questions about the registry's obligation to carefully and diligently handle the evidence received.

If, in a criminal case where prosecution does not depend on a prior complaint and responsibility does not disappear through reconciliation, the victim receives a bribe from the perpetrator to delete evidence from their computer, which was solely located on the victim's computer and at the registry, and which has since been deleted?

Frequently Asked Questions (FAQ)

Are advanced signatures admissible as evidence?

Yes, they represent the beginning of evidence, even if they are not qualified electronic signatures. They can be used for the unique identification of a party.

If I print the documents with the electronic signature, are they copies or original documents?

They represent imperfect children through which the means of verifying signatures are lost.

Cu excepția tipăririi codului byte (biți) din fișier pe hârtie, într-un format necitibil pentru om, datele necesare validării semnăturii se pierd. IREVERSIBIL

Can I sign holographically with my mouse or finger on my phone?

Yes, because the law does not impose formal conditions for these types of signatures other than that they be done "by hand."

However, from a historical perspective, it could be argued that the formal condition is given by the marking that leaves a residue or affects the physical state of the sheet (by scratches, etc.). Thus, it is somewhat reasonable for public institutions to reject holographic signatures in electronic format.

If I have a time stamp on a sheet of paper, is that document admissible as evidence against third parties

In opinia noastra, neechivoc, da!

Timestamps are presumed to be correct and clearly place the signing/opening and any other operations performed on the document in time.

So, the qualified time stamp is the economical alternative to the certain date at the public notary or lawyer.

Care e diferenta dintre notarii publici si furnizorii de incredere?

Forma de activitate și actele normative relevante (The form of activity and the relevant regulatory acts)

La nivel de atributii si obiect prestat, sunt cat se poate de echivalenti, ambii certificand existenta, sau anterioritatea unor fapte, persoane, identitati, etc.

Useful Documents