Sneddon, Mark --- "Legislating to Facilitate Electronic Signatures and Records: Exceptions, Standards and the Impact of the Statute Book" [1998] UNSWLawJl 59; (1998) 21(2) UNSW Law Journal 334

Many jurisdictions around the world are considering enacting legislation to facilitate electronic transactions, both commercial and with government. There are several models of this type of legislation, involving different degrees of legal and regulatory change, which are described in more detail below.

The simplest model of this type of legislation is essentially facultative. It seeks to remove legal obstacles to electronic transactions presented by existing form requirements for writing and signature and rules of evidence that might exclude or discriminate against electronic records or electronic authentication of records. It does this by providing that electronic records satisfy form and evidence requirements for writing and that the electronic authentication of records satisfies form and evidence requirements for signature. Most laws of this kind aspire to be technology neutral, that is, they do not seek to advantage or disadvantage any particular technology for electronic records or electronic authentication of records.

The simplicity of concept behind this type of law can disguise its potentially wide-ranging effect across the statute book and the difficulties in determining:

1. the transactions to be included in the scope of operation of the law;

2. the existing form requirements for manual signature and writing (if any) which should be excepted from the scope of the law because their underlying policy objectives would not be satisfied by electronic authentication methods and electronic records;

3. the need for government agencies to have a managed process to implement the receiving, processing and issuing of electronic records with electronic authentication; and

4. the need to set standards and process controls for the use of electronic records and electronic authentication to ensure that the policy objectives of existing form requirements and the administrative needs of government agencies are met; and to address the tension between the setting of standards and the desire to legislate in technology neutral terms, so as not to distort technical innovation or market development.

This article reports on a research project that was undertaken to evaluate the impact of a proposed facultative electronic transaction Bill[2] on the statute book of the State of Victoria. The project analysed the effect of the Bill on existing requirements for both signature and writing on physical media, in a selection of the principal transaction-related statutes (and in a selection of their related subordinate legislation) in the Victorian statute book. The methodology, analysis and findings are described. Analysis and comment is provided in relation to issues 2 to 4 above. The discussion of the project is deliberately generalised so as to be relevant to most facultative electronic transaction statutes, not just the particular drafting of the proposed Victorian Bill.[3]

Part 1 of the article provides background description and analysis of electronic transaction law reform. In this Part, section A defines terms relating to electronic records and electronic authentication. Readers familiar with this material may wish to proceed to section B, which considers the fundamental legal and commercial issues that retard confidence in electronic transacting. Section C outlines the different types of legislation that can be enacted to deal with electronic transactions. Section D provides a brief account of facultative law reform work in Australia to date by the Federal and Victorian governments, including the relevant text of the proposed Victorian Bill.

Part 2 of the article describes the research project which was conducted into the effects of the proposed Victorian facultative electronic transaction Bill on a sample of Victorian Acts and regulations. This Part:

• analyses the policy objectives underlying form requirements for manual signature and writing on physical media;
• describes the methodology used to identify existing form requirements in a sample of Victorian Acts and regulations, and to classify those requirements by underlying policy objectives;
• presents the findings of that analysis;
• considers the appropriate types of exceptions to a facultative electronic transaction statute (including the setting of standards and process controls) to ensure that electronic authentication and electronic records satisfy the policy objectives underlying existing form requirements; and
• considers options for the managed implementation of electronic transaction statutes in government agencies (including the setting of standards and process controls).

A. Definitions of Terms

This section briefly explains the concepts of electronic records, electronic authentication of records, message integrity and some particular authentication methods, including digital signatures based on public/private key encryption and supported by certification authorities. The description is necessarily brief and more detailed explanations can be found in other articles in this symposium and elsewhere.[4]

(i) Electronic Messages and Electronic Records

An `electronic message' is a communication from one person or thing (in this context usually a computer) to another by electronic means. `Electronic record' is the broader term, encompassing electronic messages but also including data records not intended to be sent to another, such as file notes, diary entries and accounts.

(ii) Authentication

`Authenticate' means to establish the genuineness, validity or credibility of a statement or reputed fact. For precise usage, it is necessary to identify the fact(s) or statement(s) sought to be authenticated. For example, in the context of electronic messages, the expression `sender authentication' is often used. `Sender authentication' commonly means authentication of the identity of the sender of a message and of that person's intention to associate himself or herself with the content of the message. But it might mean authentication of some attribute of the sender instead of, or in addition to, the identity of the sender (for example a status such as a doctor or a licensed driver or an enrolled student, financial standing, or authority within an organisation to make the statements in the message). Other facts that may be authenticated are the identity of the computer that sent the message or the routing of the message.

If the intention of the electronic signer is sought to be authenticated, it must be recognised that a person may have one or more of a number of possible intentions in applying an electronic authentication method to a record, just as a person manually signing a written record may have one of a number of possible intentions (for example to indicate authorship of the record, to adopt the content of a record as binding upon the signer, to verify the content of the record made by another, to indicate that the record has been completed properly, to indicate that the signer has seen the record).[5]

(iii) Electronic Signatures

Used broadly, an `electronic signature', in relation to an electronic record, is any means of electronic authentication of the identity of a person and of the intent of that person to be associated with that record. The term `electronic signature' has no universally accepted meaning and is variously defined in different statutes.

A range of electronic authentication methods, of varying security and reliability, is available for a person to authenticate an electronic record. Examples include a typed name at the end of an email, a personal identification number and the swiping of a magnetic stripe card (EFTPOS), inserting a chip card in a reader, typing passwords, transmitting a digitised form of a manual signature, encryption of the message using a secret key, and biometric identifiers (fingerprint, face, voice recognition, retinal scan and signature dynamics such as the speed and pressure of the person's manual signature)). Other methods will be developed over time.

(iv) Authentication and Symmetric and Asymmetric Encryption

Encryption of a message may be achieved using a secret `symmetric' key or code, symmetric because it is known only to both the sender and intended recipient. In that case, presumptive authentication is achieved by the recipient reasoning that, if the message can be decrypted using the key and assuming the security of the key was not compromised, the message was sent by the other person who knows the key.

Encryption of a message may also be achieved using `asymmetric key encryption'. This relies on the generation of a pair of different keys which are mathematically related but which (in the current state of cryptography) cannot be derived from one another. The keys have the property that a record encrypted with one key can only be decrypted using the other paired key. One key in the pair is kept private to the key holder and the other is published to the world together with information identifying the key holder to whom the paired private key belongs. If the private key holder encrypts a message with that private key, the message can be successfully decrypted only with the paired publicly available key. If the recipient of a message can successfully decrypt the message using the public key, then the recipient can assume that the message was encrypted using the paired private key and, on the assumption that the private key holder has kept the private key secret, that the message was encrypted by the identified private key holder.

Both systems of authentication are based on the assumed non-compromise of a key.

(v) Message Integrity

`Message integrity' means that the form of the message received is the same as that sent. Currently, the best available means of ensuring message integrity in open networks is digital signatures, which use asymmetric encryption of message fingerprints (one way hash functions).

(vi) Digital Signatures

`Digital signatures' are a particular type of electronic signature and are based on public/private key encryption.

Instead of encrypting the whole message with the private key, the sender can use a widely available hash algorithm to compute a unique hash value (a long character string) for the message. Any change in the content of the message, no matter how small, will produce a change in the hash value. The private key can be used to encrypt that hash value. The encrypted hash value is the digital signature to that message, tying together the private key with that particular message's content. (The message itself need not be encrypted and can be sent `in the clear' with the digital signature appended.)

The recipient of the message can independently compute the hash value of the message sent in the clear. The recipient can then decrypt the digital signature using the sender's public key to determine the sender's calculated hash value. If the two hash values disagree, the message has been altered since it was digitally signed. If they match, then the recipient is assured of message integrity and authentication of sender identity.

(vii) Certification Authorities

Certification authorities are a necessary part of a private/public key infrastructure. These bodies:

• keep a record of the public key and link that key to the identity of the private key holder;
• issue certificates certifying that the public key belongs to the stated person/entity (a sender may include the certificate with a message);
• maintain a Certificate Revocation List (checkable on-line) containing information on compromised or revoked private key/holder links; and
• may issue certificates about other attributes of key holders such as credit rating, membership or access status.

(viii) Public Key Authentication Framework

It is expected that there will be many certification authorities and these authorities will need either to certify each other in a hierarchical structure with a root authority, or cross-certify each other across a flatter structure. The licensing and regulation of certification authorities, the relationship structure of authorities, the existence and powers of a root authority, policies for cross-certification and for issuing certificates and the forms of certificates are all matters that are dealt with in a `Public Key Authentication Framework'. Standards Australia has proposed such a framework for Australia.[6] The Federal Government has established such a framework for digital signature use by and with Federal Government agencies.[7] The National Office for the Information Economy has recently released a Discussion Paper on Establishment of a National Authentication Authority.[8]

B. Basic Legal and Commercial Issues in Electronic Transactions

There are many legal issues in electronic transactions but the principal issues which are retarding user confidence in conducting transactions electronically and which could be remedied by appropriate law reform are as follows:

(i) Doubts as to the Legal Efficacy of Electronic Records and Electronic Authentication.

Preferably, electronic records and electronic authentication should be as effective as written messages and manual signatures, including for contract formation. This means that they should:

• satisfy legal form requirements for writing, signature and originals;
• be admissible in evidence; and
• satisfy statutory record retention requirements.

(ii) Uncertainty of Application of Existing Legal Rules

This includes the time and place of receipt of electronic messages.[9]

(iv) Risk of Fraud and Error in Electronic Messages

This is sometimes described as the `non-repudiation' issue. As in paper-based transactions conducted at a distance, there are risks that a message has not in fact been sent by the apparent sender, that the message may have been altered in transit, and that the apparent sender therefore may repudiate the message, leading to loss if the message has been relied upon by a recipient. The technical management of these risks requires a technical means to reliably authenticate the message sender's identity and the sender's intent to approve or otherwise associate himself or herself with the message content and to guarantee message integrity. The legal allocation of risk of loss caused by unauthorised or altered messages as between the apparent sender and the recipient in paper-based transactions is determined by the general law of agency and, in some cases, by contract between the parties. The same legal mechanisms will operate for electronic transactions and, in some law reform models, are supplemented by new legal rules.[10]

C. Types of Electronic Transaction Law Reform

Three types of electronic transactions law reform can be distinguished: [11]

(i) Facultative laws

These are intended to make electronic records as legally effective as written records and electronically authenticated records as legally effective as manually signed records. Laws of this type deal with issue 1 above and sometimes with issues 2 and 3. These laws can be sub-divided into those that:

• are technology neutral, that is they do not seek to advantage or disadvantage any particular technology for electronic records or electronic authentication of records. While the laws may set minimum standards for acceptable electronic records or authentication systems, these standards are not tied to any particular technology. Because of the commitment to technology neutrality, the same legal consequences are assigned to all electronic records or authentication systems which meet the minimum standards.

• distinguish between different technologies for electronic records or signatures for the purpose of attributing different legal consequences to the different types. As the ECEG Report notes, these laws involve two elements: (a) a means of distinguishing different types of electronic records or signatures; and (b) the assigning of certain legal consequences to only those electronic records or signatures which meet the definition or standards.[12]

(ii) Laws which Regulate Particular Authentication Technologies and Infrastructures.

Most, if not all, laws in this group regulate some aspect of digital signatures based on public and private key encryption and the supporting public key authentication framework (PKAF), for example:[13]

• the establishment of a national peak body which may set standards and policy for a national PKAF and be a root certification authority;
• licensing and regulation of certification authorities;
• cross-certification between authorities, including cross-border; and
• allocating or limiting the liability for unauthorised or altered messages between key owners, recipients who rely on certificates and certification authorities.

(iii) Laws which Extend or Adapt Existing Regulation of Transactions to Cover Electronic Transactions

Examples include laws concerning electronic transactions in the context of taxation, industry licensing and regulation, privacy, consumer protection, law enforcement and interception of communications.

This article is concerned with facultative law reform of type (i).

D. Facultative Electronic Transaction Law Reform in Australia

(i) Federal Attorney-General's Expert Group on Electronic Commerce

The Federal Attorney-General's Expert Group on Electronic Commerce presented its report, Electronic Commerce: Building the Legal Framework on 31 March 1998 (the ECEG Report).

The ECEG Report recommends federal legislation to remove existing legal obstacles to electronic transactions and to reduce the legal uncertainty surrounding the use of electronic messages and electronic signatures for transactions. The ECEG Report recommends that the legislation should be broad in its operation, covering all data messages in trade and commerce and all data messages used in transactions with government (for example tenders, permit applications, filing, benefits processing), subject to the development of some categories of exceptions (possible examples include wills, negotiable instruments, some consumer transactions).

Three broad aims underlie the ECEG Report:

• Functional Equivalence: as far as possible, paper-based commerce and electronic commerce should be treated equally by the law;
• Technology Neutrality: the law should not discriminate between forms of technology; and
• Facilitation of International Harmonisation and Standards: by broadly following the framework of the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce with some amendments.

Following these aims, the ECEG Report does not try to pick technological winners or prescribe detailed rules for particular technologies, such as digital signatures relying on asymmetric public key encryption and certification authorities. In other jurisdictions which have legislated to give digital signatures some legal preference over other authentication methods, such as Utah and Malaysia, the legislation has had to be highly prescriptive as to standards in order to responsibly confer preferential legal benefits and the market has so far been reluctant to utilise these prescriptive regimes. On the contrary, certification authority businesses have emerged in jurisdictions without prescriptive and preferential legal rules.

The ECEG Report follows the framework of the UNCITRAL Model Law on Electronic Commerce and recommends the adoption of provisions based on the Model Law with some amendments and omissions. The main recommendations of the ECEG Report are as follows:

• Legal Effect: Information, records, signatures, messages and contracts are not to be denied legal effect solely on the ground that they are in electronic form.

• Writing: Information in the form of an electronic data message is sufficient to satisfy any legal requirement that information be in writing.

• Signature: Where the law requires the signature of a person, that requirement is met in relation to an electronic data message if a method is used to identify that person and to indicate their approval of the contents of the message and that method is as reliable as is appropriate for the purpose (such as a password, PIN or digital signature).

• Originals: Legal requirements for information to be presented or retained in its original form are satisfied by an electronic form of that information which can be displayed and which reliably assures the integrity of the information.

• Evidence: Information in the form of an electronic data message is not to be denied admissibility in evidence on the sole ground that it is a data message.

• Record Retention: Legal requirements for retaining records (for example under tax or corporations law) can be satisfied by retaining electronic data messages subject to satisfying conditions of reliability and identification of place, time and date of origin and receipt.

• Time and Place of Dispatch and Receipt: Rules are proposed to make certain when and where electronic messages are sent and received (for example at an Internet service provider's server, in an electronic mailbox or when read).

• Forged Signatures and Altered Messages: The common law position applies that a person is bound by a message which is sent by that person or with their authority. Following the principle of functional equivalence with paper-based commerce, no special legislative rules are created to presume the attribution of a message to the apparent sender and the non-alteration in transit of data messages.

After a period for public comment, the Federal Government decided that the report generally provided a sound basis for the development of legislation. However, the Government decided that this legislation should not be federal, partly because of doubts over the constitutional power to enact such legislation under s 51(v) of the Constitution. Instead, the Government decided to develop a uniform model law for enactment in all Australian jurisdictions in consultation with the States and Territories through the Standing Committee of Attorneys-General.[14]

(ii) Victorian Electronic Commerce Framework Bill

In 1997, the Victorian Minister for Multimedia established the Electronic Business Framework Group within the Office of Multimedia in the Department of State Development Victoria. The Group proposed that Victoria enact an Electronic Commerce Framework Bill (ECFB).[15] A Discussion Paper outlining the content of a draft Bill was made available for public comment in July 1998.[16] Following the comment period and further consultation within government, it is likely that the Bill will be redrafted and Cabinet approval sought for introduction into Parliament.

The main effect of the Bill is to provide that electronic signatures, subject to some exceptions, satisfy legal form requirements. The principal provisions in the Discussion Paper draft of the Bill are as follows: 3. Definition

In this Act, `electronic signature', in relation to a person, means a process applied by the person to a document in electronic form:

(a) by which the document is authenticated by that person; and

(b) which contains an acknowledgment that the document is being signed.

4. Electronic signature instead of manual signature

(1) Where, by or under an Act or law, the signature of a natural person is required in relation to a matter, the electronic signature of the person in relation to that matter is, in the absence of evidence to the contrary, deemed to satisfy the requirement.

(2) The mere requirement for `writing signed by a person' is not by itself sufficient to exclude the operation of sub-section (1).

(3) Unless an Act or law expressly authorises the use of an electronic signature, sub-section (1) does not apply to a requirement by or under an Act or any rule of law relating to:

(a) the creation, execution or revocation of:

(i) a will, a codicil or any other testamentary instrument; or

(ii) a trust; or

(iii) a power of attorney; or

(b) an affidavit or declaration; or

(c) the disposition or acquisition of an interest in real property; or

(d) process in a court, subject to a rule of the court to the contrary; or

(e) a negotiable instrument; or

(f) a prescribed document or a document belonging to a prescribed class of documents.

This Bill is clearly in the class of facultative laws for electronic transactions and is technology neutral.[17]

(iii) Unresolved Issues in Facultative Law Reform for Electronic Transactions[18]

There are several outstanding issues in facultative electronic transaction law reform, of which three are addressed in this article:

• Scope (Inclusive and Exclusive): The determination of the inclusive scope of facultative electronic transactions laws and of exceptions to such laws have proved very difficult all over the world.[19] The Electronic Commerce Expert Group recommended that facultative legislation should have a broad inclusive scope, applying to data messages in trade and commerce or with government. But the Group recognised and recommended that further work was needed as to the exceptions that should be specified from the scope of the legislation.[20]

• Technology Neutrality and Standards: The Electronic Commerce Expert Group recommended that legislation should be based upon the principle of technology neutrality, recognising that in a number of instances, such as electronic signatures, pursuing neutrality will necessarily limit the ability to ascribe specific legal consequences to the use of the mechanisms.[21] This recommendation precludes favouring particular technologies. But it leaves unaddressed the issue of standards and process controls that may be imposed to satisfy particular legislative policy requirements as to form or record-keeping or particular needs of government administration.

• Managed Implementation for Government Agencies: Government agencies need to receive, process and issue a wide range of records to a wide range of persons. They need a mechanism for setting standards and process controls as to the types of records and electronic authentication processes which they will receive and process and which they will issue.

The Electronic Commerce Framework Bill 1998 (Vic) (ECFB) provides in clause 4(1):

Where, by or under an Act or law, the signature of a natural person is required in relation to a matter, the electronic signature of the person in relation to that matter is, in the absence of evidence to the contrary, deemed to satisfy the requirement.

This general `assimilation' rule that electronic signatures satisfy existing legal form requirements for signatures is subject to the general exception "in the absence of evidence to the contrary" and to a series of specific exceptions in sub-clause 4(3). There is no equivalent general rule in the ECFB that electronic records satisfy legal form requirements for writing because at this stage of the drafting it was thought that a broad definition of "writing" in the Interpretation of Legislation Act 1984 (Vic) would cover the point.[22] Nevertheless, it was recognised that there might be explicit requirements for a particular mode of writing (such as "signed under his hand") or implicit requirements that the writing be on a physical medium such as paper (for example "service by post") which the Interpretation of Legislation Act may not extend to cover electronic records.

The purpose of the research project was to anticipate as far as possible the impact of the ECFB on the Victorian statute book through analysing its effect on existing requirements for (a) signature and (b) writing on physical media, in a selection of the principal transaction related statutes (and in a selection of their related subordinate legislation) in the Victorian statute book. The research project focused on:

1. Whether general and specific exceptions to the signature assimilation rule were needed and, if so, what they should cover. This required:

(a) an analysis of the policy objectives of existing requirements for signature and writing on physical media;

(b) a classification of those existing requirements according to their underlying policy objectives; and

(c) a consideration of whether those policy objectives could be met by any type of electronic signatures or electronic records or only electronic signatures or records with certain features or standards (such as a message integrity feature) and, if so, what features or standards.

3. Whether government agencies need a mechanism for setting standards and process controls as to the types of records and electronic authentication processes which they will receive and process and which they will issue, and if so, how that mechanism could be implemented.

A. Historical Policy Objectives of Writing and Signature Requirements

Any discussion of whether an existing legal rule (such as form requirements for manual signatures or writing on physical media) should be retained requires an examination of the principles upon which the rule was created and the objectives the rule seeks to achieve.[23] Broadly, there are four historical policy objectives for legislative writing and signature requirements. They are: evidentiary, cautionary, channelling and record-keeping. These functions are not discrete, indeed they are intimately connected.[24] Generally speaking what tends to accomplish one function also accomplishes the others.[25]

(i) Evidentiary Function

Formalities such as signatures serve an evidentiary purpose by ensuring the availability of admissible and reliable evidence. This helps to prevent perjury.[26] In particular, signatures can perform the following evidentiary functions:

• identify the signer by name;
• primarily identify a particular characteristic or attribute or status of the signer, rather than the person's name (for example solicitor, Secretary of a Department, company director);
• provide evidence that the signatory has agreed to be bound by the record by adopting[27] or approving it;
• provide evidence that the signatory has acknowledged[28] or verified[29] or witnessed the record, but not necessarily agreed to be bound by its contents;[30]
• provide evidence of the authenticity and voluntariness of another signature (witnessing);
• provide evidence that the record is the original;
• provide evidence of the date, time or place of the signatory's signing;
• provide prima facie evidence of the content of the record (such as averment provisions);
• provide prima facie evidence that the record is a true copy of another record;
• provide evidence that the document is complete and final; and
• provide evidence that the document's information content has not be altered subsequent to the signature.

Requirements for writing also perform evidentiary functions including the provision of a durable record of information (including the terms of an agreement) and discouraging reliance on oral statements or agreements which are not permanently recorded and which can be more easily disputed and more costly to prove in the event of a dispute.

(ii) Cautionary/Protective Function

Signature requirements have a protective effect by cautioning the signatory. A signature requirement encourages deliberation and reflection before action.[31] The need for a signature can warn the signatory that the document has legal consequences, and encourage them to think about whether they really want to be legally bound.[32] This function may be particularly important in protecting consumers. For example, Victorian law currently requires that (usually) a borrower's, mortgagor's or guarantor's written signature is necessary to constitute a consumer credit contract[33] and a buyer's signature to waive cooling off rights when buying a second hand motor car.[34]

Signatures may also serve a protective function for people who receive or rely on a document by providing some evidence that the maker of the document had given his or her full attention to the document and, according to the context, authored, adopted or verified its information content. This was the argument of counsel for the defendants in Goodman v J Eban Ltd,[35] where it was argued that the requirement that bills be signed by the solicitor, protected the lay client by assuring that the solicitor had personally approved the Bill.[36] The protective function that the verification of the information content of the document can serve clearly overlaps with the evidentiary function.

(iii) Channelling Function

Formalities such as signatures serve a channelling function by clarifying the line between intent to act in a legally significant way and intent to act otherwise.[37] "Parties are forced to use a particular form, and similar agreements are given a similar form."[38] The channelling function also affects the decision as to whether or not a document is legally binding by reducing the need for evidence on the facts of a particular case.[39] In this sense it is clearly related to the evidentiary function. Signatures indicate that the signatory intended the document to have legal status and effect according to its terms and to be bound by the document.

To a lesser extent, a requirement of writing on physical media serves a channelling function because people know that the information content is being durably recorded rather than recorded only in human memory. That fact may caution people in what information they record.

(iv) Record-keeping Function

Formalities such as signatures and requirements for writing also create a durable record of the parties and the terms of arrangements. This facilitates the execution of government regulation, such as licensing laws and taxation. For example:

• stamp duty is imposed on written records that affect or record the transfer of the ownership of assets or the creation of rights in respect of assets. The law might require a written document to be brought into existence in order to levy duty upon it;
• licences may be required to be on physical media so they can be displayed at a business' premises or carried by the licence holder for ease of checking by the public or law enforcement personnel.

The law may require a signature on these writings to assist in the identification and imposition of legal duties or powers on responsible or authorised parties (for example the licensee or transferor of property must sign). Audits typically involve the examination of documents and records, and law enforcement and revenue authorities rely on the `paper trail', an expression used in this context, which suggests that physical documents and records are contemplated.

B. Current Relevance of Policy Objectives

In general, all of these policy functions of signature and writing requirements are still important today. Evidence in durable form is still required of records and of the many facts that can be represented by a signature. A requirement for a signature still cautions prospective signatories and provides some protection to those who receive or rely on a record. For the same reason, the requirement provides a channelling function. Modern society seems to require more records not fewer, for private record-keeping purposes and for audit, investigation, law enforcement and revenue collection purposes. The issues are:

• whether existing legislative requirements for manual signatures and writing on physical media are still necessary to fulfil their original policy function; and if so,
• whether some or all of the electronic equivalents of manual signatures and writing on physical media can fulfil the policy functions implicit in legislative requirements for manual signatures and writing on physical media.

A. Classification System Used in the Project

All four policy functions of signature and writing requirements described above are still important today. However, in classifying individual requirements in Acts and subordinate legislation, this simple fourfold classification is not sufficiently detailed to usefully distinguish the policy functions behind different provisions. For example, some evidentiary, channelling and record-keeping functions are almost always present in a requirement for signature or writing on physical media.

But to understand whether any type and what particular types of electronic records or electronic authentication systems can satisfactorily meet the policy functions underlying a particular requirement for signature or writing, it is necessary to understand, as far as possible, the detailed policy functions of that particular requirement.

For example, only some electronic signatures may be capable of reliable use for witnessing or for time and date-stamping the signature or certifying copies of a record. Only some electronic records may be portable for production and viewing on demand (such as an identity card) or being viewable at a fixed location (on a condemned property or near a storeroom of dangerous goods) or being deliverable to a wide range of persons (such as through the post or personal service). On the other hand, electronic signatures could satisfy policy functions and enhance privacy over manual signatures. Manual signatures inextricably bind together identity and status or attribute of the signer but an electronic signature could represent attribute without identity. Commonly, statutory requirements for signatures relate to the office or status of the signatory not the individual's identity and could be satisfied by an electronic authentication of any person holding that office or status without needing to identify the name of that person.

This need for detail in the analysis of policy functions was achieved in three ways:

(i) The Channelling Function was Eliminated from the Detailed Analysis.

It is difficult to conceive of a signature requirement which did not suggest there was a legal significance to the act of signing and hence performed a channelling function. Accordingly, the channelling function was not included in the analysis of requirements because every requirement would be analysed as performing a channelling function and therefore the analysis would provide no distinction between legislative requirements.

This does not mean that channelling is an unimportant function. Quite the opposite, it is so important and widespread that any rule authorising the use of a system for electronic authentication in lieu of manual signature would need to ensure that the use of the electronic authentication system fulfilled the channelling function by conveying the same sense of legal significance to the user that a manual signature does.

(ii) Record-keeping Function was Retained but its Focus Limited to Explicit Requirements to Generate or Retain Records to Facilitate Law Enforcement or Revenue Collection

Every requirement for a written signature or writing on physical media produces a record which can be retained by parties for their own private record keeping purposes and which, if retained, may assist law enforcement and taxation authorities. Again, on this broad view, all requirements for written signature or writing on physical media would be classified as fulfilling a record-keeping function and there would be no distinction between legislative requirements. Instead, the analysis categories of R1 and R2 (see below) exclude record-keeping for private purposes and are limited to requirements for the retention or the creation and retention of writing on physical media or signature to facilitate the enforcement of laws (non-tax: R1 and tax laws: R2) by public authorities by enhancing investigation (for example production of licence or ID card on demand) and auditing or otherwise making avoidance more difficult.

Because of these choices, there were relatively few public authority record-keeping classifications in the analysis.[40] This does not mean that private record-keeping with incidental benefit to public authorities is unimportant. Any rule authorising the use of a system for electronic authentication in lieu of manual signature or electronic records in lieu of writing on physical media would need to consider whether the electronic authentication and electronic record systems should provide a durable, reliable record of the act or event for private record-keeping purposes as well as for the classified public authority purposes.

(iii) Evidentiary and Cautionary Functions were Divided into Sub-categories

(a) Evidentiary

A preliminary survey of a sample of statutes suggested a large range of particular policy functions which signature requirements fulfilled within the evidentiary category. These functions included:

• to provide evidence of:
  • signatory's identity;
  • signatory's special characteristic or attribute rather than identity (eg director, solicitor, owner, minister, enrolled student);
  • signatory's intent to adopt and be bound by the contents of the record signed;
  • signatory's intent to acknowledge, verify or witness the record (but not necessarily be bound by its contents);
  • the date, time or place of signatory signing;
  to make the signed record prima facie evidence of some or all of the contents of the record;
• to make the signed record prima facie a true copy of another record (eg certified copies); and
• to provide evidence of the authenticity or voluntariness of a signature by requiring witness(es) to the signature.

(b) Record Keeping

Requirements for writing on physical media also fulfil a range of policy functions which have been distinguished in the analysis. These functions include:

• to provide a record on tangible media so it is available for viewing at a fixed location when requested or from which extracts can be provided (eg register of licences, applications);
• to provide a record on tangible media so that it can be put on display for viewing at particular locations (such as safety notices, planning permit notices on land) or available to be viewed on demand in a variety of locations (for example ID cards); and
• to ensure a record is deliverable to a range of persons (such as by personal or postal service or otherwise).

(c) Cautionary

If all signature requirements fulfil a channelling function by pointing to the legal significance of the required act of signing, then all signature requirements will automatically provide a degree of cautioning of the intending signatory. For the purpose of analysis, the project looked for an explicitly enhanced cautioning function beyond this general level of cautioning. Four policy sub-divisions were created:

• two covered the need for cautioning arising from the particular transactional context (the legal, economic or social risk or significance of signing):
  • in a consumer protection transaction context (eg credit, fair trading, residential tenancies); and
  • in a more general non-consumer protection transaction context (such as land transfers and organ donation, although many of these types are already excluded by existing exceptions like land transfers, wills, powers of attorney); and
  two covered the type of additional formality or disclosure which must occur before or with signing to caution the intending signatory.

Because of these choices, there were relatively few cautioning classifications in the analysis.[41]

This does not mean that the cautionary function of signatures is rare or unimportant. At a basic level the cautionary function is omnipresent and very important. Any rule authorising the use of a system for electronic authentication in lieu of manual signature would need to ensure that the use of the electronic authentication system fulfilled the basic cautioning function by conveying the same sense of legal significance to the user that a manual signature does. In addition, for those requirements analysed as having a special cautionary purpose, the electronic authentication system would need to replicate the effect of the special caution through disclosure or additional formality to parallel the current requirements.

The following classification system was developed for use in the project, based on the three broad functions of Evidentiary, Cautionary, and Record-Keeping.

E Evidentiary Function

(i) Signatures

• E1 primarily to provide evidence of signatory's identity rather than signatory's special characteristic or attribute;
• E2 primarily to provide evidence of signatory's special characteristic or attribute rather than identity eg office, authority, entitlement, qualification (such as director, solicitor, owner, minister, enrolled student);
• E3 primarily to provide evidence of signatory's intent to adopt and be bound by the contents of the signed record;
• E4 primarily to provide evidence of signatory's intent to acknowledge, verify or witness the record (but not necessarily be bound by its contents);
• E5 to provide evidence of the date, time or place of signatory signing;
• E6 to make the signed record prima facie evidence of some or all of the contents of the record (like council planning certificates, signed minutes of meetings);
• E7 to make the signed record prima facie a true copy of another record (like certified copies); and
• E8 to provide evidence of the authenticity or voluntariness of the signature by requiring witness(es) to the signature.

(ii) Writing on Physical Media and General

Writing requirements provide evidence of the content of a record.

• E9 to provide a record on tangible media which must be available for viewing at a fixed location when requested or from which extracts can be provided (for example register of licences, applications);
• E10 to provide a record on tangible media which must be on display for viewing at particular locations (such as safety notices) or available to be viewed on demand in a variety of locations (such as ID cards);
• E11 to ensure record is deliverable to a range of persons (for example by personal or postal service or otherwise); and
• E12 for other (specify what).

R Record-Keeping Function

• R1 to require retention or creation and retention of writing on physical media or signature to facilitate the enforcement of laws (not tax laws) by public authorities by enhancing investigation (eg production of licence or ID card on demand) and auditing or otherwise making avoidance more difficult; and
• R2 to require retention or creation and retention of writing on physical media or signature to facilitate the enforcement of tax laws by public authorities by enhancing investigation and auditing or otherwise making avoidance more difficult.

C Cautionary/Protective Function

• C1 to caution intending signatory about signing because of the legal, economic or social risk/significance of signing. This may be for land transfers, organ donation, powers of attorney (but not specifically consumer protection contexts);
• C2 to caution intending signatory about signing because of the legal, economic or social risk/significance of the transaction for `consumer protection' purposes, for example acknowledging/agreeing to liability limitations, waiver of rights;
• C3 to caution intending signatory about signing by additional procedural formality of witnessing or swearing; and
• C4 to caution intending signatory about signing by requiring other additional formalities (not witnessing or swearing), for example a document under seal,[42] independent advice to precede signing.

A. Selection of Statutes and Regulations

Seventeen (17) statutes were analysed. These were chosen to represent a range of transaction types including government/individual, government/business, business/business, business/individual, and business/consumer transactions.

Sixteen (16) regulations made under these statutes were subject to some analysis but only eleven (11) of these were fully analysed.[43]

The following Victorian statutes and regulations underwent full analysis:

• Architects Act 1991, Architects Regulations 1993;
• Business Names Act 1962, Business Names Regulations (No. 2) 1992;
• Consumer Credit Code 1995, Consumer Credit Regulations 1995;
• Fair Trading Act 1985, (no regulations);
• Goods Act 1958;
• Health Act 1958, Health (Certificate of Analysis) Regulations 1997, Health (Immunisation) Regulations 1990;
• Instruments Act 1958;
• Magistrates Court Act 1989, Magistrates Court (Civil Procedure) Rules 1989;
• Motor Car Traders Act 1986, Motor Car Traders Regulations 1998;
• Partnership Act 1958, (no regulations);
• Planning and Environment Act 1987, Planning and Environment Regulations 1998;
• Property Law Act 1958;
• Residential Tenancies Act 1997, Residential Tenancies Regulations 1998;
• Retail Tenancies Reform Act 1998, Retail Tenancies Reform Regulations 1998;
• Sale of Land Act 1962, (no relevant regulations);
• Stamps Act 1958, Stamps Regulations 1992; and
• Transfer of Land Act 1958.

The Property Law (Registration of Instruments) Regulations 1992 were analysed as to total number of requirements but not as to full individual provision analysis.

B. Keyword Search of Selected Statutes and Regulations

Provisions that might contain requirements for signature and writing on physical media were identified by a keyword search of the selected statutes and regulations using CD-ROMs. Because requirements could be expressed using a wide variety of terms (including signed, signs, signature, endorse, served, lodged, filed, post), the first task was to identify the keywords on which to search.

An initial global search across all Victorian principal Acts and Regulations on a range of search terms produced the results shown in the table below:[44] 1: Global search: frequency of selected search expressions across principalActs and Regulations

The range of search terms was refined in light of experience. Some possible terms were rejected as returning too high a percentage of non-requirement provisions such as:

• the expressions "writing" and "written" do not necessarily connote writing on physical media;[45]
• the expressions "endorse" and "execute" do not necessarily connote signature; and
• the expression "prescribed form" almost always was a reference to a form to be set out in a schedule or regulations. Consequently, it was decided to analyse the forms themselves for requirements and drop the phrase "prescribed form".

After refinement, the following search expressions were used for the selected statutes and regulations:[46]

• serv* by post;
• sign, signed, signing, signature;
• deed;
• under seal;
• under the hand;
• certify, certified;
• sealed, witness, swear*, sworn;
• serve upon, served upon, addressed to; and
• prescribed form.

C. Keyword Search Results

Searching on these search expressions across the 17 selected statutes produced 1131 occurrences of the search terms. The results appear in Appendix 1, Table 2.[47]

Across the 16 selected regulations, there were 615 occurrences. The results appear in Appendix 1, Table 3.

In general, Acts and Regulations searched were up to date to 1 June 1998 or later. Detailed information on the currency of the sources used for searching appears in Appendix 1.

It is important to note that by using the keyword search methodology, not all requirements for signature and writing on physical media in the selected statutes and regulations have been identified because some will have been expressed in language which does not contain the chosen search terms. The only alternative, which was not feasible in terms of time or cost, was a manual reading and analysis of the entirety of the statutes and regulations. The keyword search methodology will have detected the substantial majority of requirements in the selected statutes and regulations.

D. Determining Which of the Keyword Occurrences Amounted to a Requirement and Excluding Requirements within the Listed Exceptions in the Bill

The provisions containing occurrences of the search expressions were then individually read and analysed to determine whether they were requirements, whether they were excluded by the existing exceptions in the Bill and (for Step 3 below) how they should be analysed by policy function using the classification system. This was, as expected, a very time consuming exercise.

Not all occurrences of the search expressions amounted to a requirement.[48] One requirement could contain multiple keyword occurrences.[49] Thus the number of requirements differed from the number of keyword occurrences. Requirements coming within existing exceptions in the Bill clause 4 were not analysed.

The provisions containing requirements were then counted and tabulated by Act or regulation against a list of the requirements: see Appendix 1, Tables 4 and 5.[50]

The number of requirements for signature and writing on physical media (as opposed to keyword occurrences) was as follows:

• in the seventeen statutes analysed (Table 4): 323
• in the twelve regulations analysed (Table 5): 188

The analysis to derive these figures involved a considerable degree of judgment as to what was a `requirement', when it `related to' a listed exception and the interpretation of the listed exceptions. These issues are discussed in more detail below.

Having identified the requirements which were not covered by existing exceptions in the Bill, these requirements were classified using the classification system described in Step 1. The results were presented in the form of individual spreadsheets for each of the seventeen Acts and eleven regulations analysed in this way. These spreadsheets were presented to the Victorian government for further analysis by departmental officers, where required. Appendix 2 contains the spreadsheets for the Consumer Credit Code 1995, the Instruments Act 1958 and the Planning and Environment Act 1987 and their Regulations.

All three Acts contain a significant number of requirements for signature which are classified as E1 to E5. The Consumer Credit Code and Regulations, as might be expected, contain some signature requirements with a cautionary function and some writing on physical media requirements. The Planning and Environment Act also contains a large number of requirements for signatures which serve to give the status of prima facie evidence to the content of the signed record or to the record's status as an accurate copy of the original. The issues arising in permitting the use of electronic authentication for these requirements include: which electronic authentication methods are sufficiently reliable to fulfil the policy functions of cautioning, evidencing assent after disclosure or warning and evidencing genuineness of authentication sufficient to attract the prima facie evidence effect?

The issues of what constituted a "requirement" for signature or writing on physical media and the correct interpretation and scope of the specific exceptions in the Bill proved troublesome and involved frequent difficult judgments of statutory interpretation on which reasonable minds might differ.

A. What Constituted a "Requirement": Clause 4(1)

It was not always easy to determine what was a requirement. Requirements might be expressed as a condition on a power[51] or be implicit or contingent.

Many provisions assumed common practices of manual signature and writing on physical media without commanding that those practices be followed. For example:

• section 75 of the Goods Act makes it an offence to sign an untrue bill of lading and thus assumes the universal practice that a bill of lading will be signed by the ship's master and may be signed by others (such as the consignee) but does not command such signature;
• provisions in the Property Law Act (s 74(2) to (4)) permit a corporation to authorise an officer to execute or seal documents on behalf of the corporation - there is no requirement for signature or sealing in the provisions themselves;
• many provisions command a court to take judicial notice of a particular officer's signature but do not require that signature to be applied to any record;
• some provisions (for example section 32 of the Sale of Land Act) require the provision of plans of subdivision sealed under the Subdivision Act or the Local Government Act - the requirement for sealing is not in the Sale of Land Act provision but in the other Act; and
• statutory provisions conferring regulation-making powers expressly authorise the imposition by regulation of requirements for a deed or a signature or a statutory declaration but the statutory provision itself does not require that.

It was determined to adopt a reasonably strict definition of what constituted a "requirement" (for the purposes of the project) as being:

• a command or stipulation[52] for signature or writing on physical media; or
• the provision of negative consequences if the record was not signed or not on physical media (for example not admissible in evidence, not enforceable or not effective).

The reasons for adopting this definition of "requirement" were to keep the number of provisions selected for analysis manageable and to make the analysis meaningful. A broader approach of including provisions which permitted or authorised or assumed signature or writing on physical media (such as the examples above) would have included potentially all references to signing and like words in the selected statutes and regulations (potentially 1746 references), and would have made an analysis of the underlying policy objectives more difficult.

Even using the adopted definition, there were some fine judgment calls, on which reasonable minds could differ, as to whether, within a provision:

• there was an implicit command or stipulation; or
• the degree of assumption in the provision that there would be a signature or writing on physical media was so great that it was tantamount to a requirement because the provision could not function unless the assumption was true.

Many electronic transactions statutes provide that electronic records or signatures satisfy existing "requirements" for writing or signature. It is possible that provisions which assume manual signature and writing on physical media without requiring it, may present obstacles to electronic transactions under this drafting approach. Arguably, such provisions are not "requirements" and would not be affected by the assimilation provision expressed to apply only to "requirements". The difficulty might be solved by an expanded wording such as "required or permitted" but the ramifications of that expansion would necessitate careful thought. A broad sample of provisions that did not require but permitted or authorised or assumed signature or writing on physical media is included in Appendix 4.

B. Difficulties in Interpreting the Scope of Specific Exceptions

(i) Degree of Directness of Relation of the Requirement to the Subject Matter of the Exception

It was not clear how closely the requirement for signature or writing on physical media must relate to the subject matter of the exception. The exception concerning disposition or acquisition of an interest in real property illustrates this issue.

(ii) Scope of clause 4(3)(c) Excepting Requirements "Relating to the Disposition or Acquisition of an Interest in Real Property".

There was considerable uncertainty as to whether this exception covered only requirements relating directly to "disposition or acquisition of an interest in real property" or requirements relating more generally to land transactions. Because of this uncertainty, the analysis of provisions varied somewhat from Act to Act and even within Acts.[53] For example:

• requirements of signature or writing on physical media relating to applications for the removal of a caveat[54] or a title search[55] under the Transfer of Land Act were not considered to come within this exception and were analysed;
• the provisions in Part 1 of the Property Law Act[56] relating to the registration of deeds and conveyances were considered to come within the exception and were not analysed, although it is arguable that those provisions relate to the relative priority of competing interests in land rather than the disposition or acquisition of an interest in real property; and
• no provisions in the Residential Tenancies Act or the Retail Tenancies Reform Act were excluded under this exception, although arguably requirements concerning signing and providing copies of tenancy agreements relate to the disposition or acquisition of an interest in real property.

To further illustrate the difficulties in interpreting this exception (and the interpretive approaches taken in the analysis), Appendix 5 contains:

• a list of the requirements in the Property Law Act and Transfer of Land Act which were considered to be within this exception and were not analysed; and
• a list of the requirements in the Property Law Act and Transfer of Land Act which were considered to be outside the exception and were analysed.

The problem of determining the degree of association required by the phrase "relating to" might be reduced (but probably not eliminated) by adopting a different phrase or more precise specification of the subject matter of the exception. For example, the Singapore Electronic Transactions Act 1998 provides that it does not apply to any rule of law requiring writing or signatures "in any of the following matters", including:

• any contract for the sale or disposition of [any interest in immovable property]; and
• the conveyance or transfer of [any interest in immovable property].

A. International Models for Exceptions

The determination of scope of an Electronic Transactions Act and the drafting of exceptions to a general assimilation provision have proved very difficult all over the world. The drafters of the Draft Uniform Electronic Transactions Act in the USA (who have been working on this Draft Act for several years and have devoted considerably more people and resources to the task than Australia) have written:

The scope of this Act remains one of the most difficult areas to be resolved by the Drafting Committee. [T]he Act now will apply to all electronic records and electronic signatures unless specifically excluded in Section 104. A Task Force was formed to review sample state legislative compilations to determine which documents and records or transaction types should be excluded from the Act. The work of the Task Force is continuing and still in progress. Hopefully, the Task Force will have a report for the Committee in time for the results of that report to be reflected in the Draft to be discussed at the Committee's upcoming meeting in October, 1998.[57]

The intention is to exclude by listing transaction types but no detail has yet been provided.

The State of Massachusetts Draft Act in sub-section 66(a) has a broad general repugnance exclusion and a specific one for transferable negotiable instruments and instruments of title:

The provisions of sections sixty-five to seventy-two shall not apply:

(i) to the extent that their application would involve a construction of a rule of law that is clearly inconsistent with the manifest intent of the law making body or repugnant to the context of the same rule of law, provided that the mere requirement that information be "in writing", "written", "printed", or "signed", or any other word that purports to specify or require a particular communications medium, shall not by itself be sufficient to establish such intent; or

(ii) to any record that serves as a unique and transferable physical token of rights and obligations including, without limitation, negotiable instruments and other instruments of title wherein possession of the instrument is deemed to confer title.[58]

Government agencies are not subject to such sweeping assimilation, however, because s 66(b) provides:

(b) Nothing in sections sixty-five to seventy-two shall be construed to require any public entity of the Commonwealth to use or permit the use of electronic records or electronic signatures.[59]

The State of Massachusetts has listed on the web all the provisions in its statute book which reference or require a signature and is researching the provisions referencing or requiring writing. It has invited people to email recommending areas of law that should be specifically excluded from the draft Act.

The Illinois Electronic Commerce Security Act[60] also has a general repugnance exception and two others as follows:

5-120 (c) The provisions of this Section shall not apply:

(1) when its application would involve a construction of a rule of law that is clearly inconsistent with the manifest intent of the law making body or repugnant to the context of the same rule of law, provided that the mere requirement of a "signature" or that a record be "signed" shall not by itself be sufficient to establish such intent;

(2) to any rule of law governing the creation or execution of a will or trust, living will, or health care power of attorney; and

(3) to any record that serves as a unique and transferable instrument of rights and obligations including, without limitation, negotiable instruments and other instruments of title wherein possession of the instrument is deemed to confer title, unless an electronic version of such record is created, stored, and transferred in a manner that allows for the existence of only one unique, identifiable, and unalterable original with the functional attributes of an equivalent physical instrument, that can be possessed by only one person, and which cannot be copied except in a form that is readily identifiable as a copy.[61]

In addition, the attribution rules for secure electronic signatures (for example digital signatures) do not apply as follows:

s 10-130(b) The provisions of this Section shall not apply to transactions intended primarily for personal, family, or household use, or otherwise defined as consumer transactions by applicable law including, but not limited to, credit card and automated teller machine transactions except to the extent allowed by applicable consumer law."[62]

The Singapore Electronic Transactions Act 1998 has no general exception but has specific exceptions. Section 4 provides:

4 (1) Part II or IV shall not apply to any rule of law requiring writing or signatures in any of the following matters:

a) the creation of execution of a will;

b) negotiable instruments;

c) the creation, performance or enforcement of an indenture, declaration of trust or power of attorney with the exception of constructive or resulting trusts;

d) any contract for the sale or other disposition of immovable property, or any interest in such property;

e) the conveyance of immovable property or the transfer of any interest in immovable property;

f) documents of title.

The Minister may by order modify the provisions of subsection (1) by adding, deleting or amending any class of transactions or matters.[63]

This international experience indicates that the drafting of exceptions is one of the most difficult aspects of a general assimilation law. This suggests that maximum flexibility should be sought both in the process of developing and amending exceptions; and in the terms of the exceptions (for example making them subject to conditions).

For this reason it may be preferable to leave the specification and amendment of exceptions to regulations rather than in the electronic transactions statute itself.

B. A General "Inconsistency" Exception

As noted above, the Massachusetts Draft Electronic Records and Signature Act and the Illinois Electronic Commerce Security Act 1998 contain a general exception to their assimilation rules for electronic signatures and electronic records, where the application of those rules would be:

• inconsistent with the intent of the law-making body that created the requirement for a signature or writing on physical media; or
• repugnant to the context of the requirement.

Other statutory models do not have a general "inconsistency" exception to the application of their assimilation rules.

The Draft Uniform Electronic Transactions Act has varied in approach over its successive drafts. Until 1998, it had included a general "inconsistency" exception and specific exceptions. The intention in the 1998 drafts is to list specific areas of law and transactions types to which the Act will not apply. The creation of that list is still underway and the specificity or generality of its content remains to be seen.

The Singapore Electronic Transactions Act 1998 does not contain a general inconsistency exception but excepts six specified classes of transaction and allows the Minister to add other classes by regulation.

(i) The ECFB General Exception

The ECFB also has a general exception but it is expressed differently to the above models. Clause 4(1) applies to requirements for signatures, "in the absence of evidence to the contrary".

Presumably, as in the overseas models, it is intended that the assimilation rule will not apply to:

• a requirement, where its application would be contrary to the intention of the law making body that imposed the requirement. Contrary intention can be most clearly demonstrated by the requirement explicitly specifying the use of manual signature or paper or other physical media. For example:
• Motor Car Traders Act, s 35 requires that a trader keep a dealings book. Section 35(8) requires that if a trader keeps a dealings book in an electronic or mechanical form, the trader must ensure that the entries relating to a transaction are copied on to paper and signed and that all the papers are stored together.
• Business Names Regulations (No 2) 1992, reg 8 requires that a document to be lodged with the Commissioner under the Act or the regulations must be on paper of medium weight and good quality of A4 size with specified margins and, if consisting of multiple sheets, be bound together securely.
• Stamps Act 1958, s 38 requires that all duties may be denoted by adhesive stamps or impressed stamps and, in the case of adhesive stamps, the stamp shall be cancelled by the person who first executes the document. Section 39 provides that a person cancels an adhesive stamp by writing his or her name or initials across the face of the stamp together with the date of writing.

2. To a requirement where it is not practically feasible to implement the requirement using electronic signatures or records. For example:

• Motor Car Traders Act, ss 52 and 55 require that there be attached to each used motor car offered for sale, a notice containing required particulars.
• Motor Car Traders Act, s 34 requires that a licensee must display at each place of business a notice containing the prescribed particulars which is clearly visible to persons entering the place of business.
• Motor Car Traders Regulations requires that a form by which a prospective purchaser by signing waives their cooling-off rights
  
  (s 43) must contain warning statements printed or typed in red in point type at least three times larger than surrounding point type.
• Planning and Environment Act, s 145 provides that notices to an owner or occupier of land under the Act may be personally served on the owner or occupier or left with a person apparently living there or be served by post or be put up on a conspicuous part of the land.

(ii) Retaining a General Exception

These examples (and others included in the E12 list in Appendix 6) suggest that a general exception is useful to resolve the conflict between the general assimilation rule in clause 4(1) and provisions like the above examples which will be scattered throughout the statute book. Provisions like the examples will be so diverse (even idiosyncratic) that they cannot be dealt with by way of specific exceptions unless the whole statute book were surveyed and a long list of specific exceptions provided. Because these provisions cannot be exhaustively identified in advance without a full analysis of the statute book, it is impossible to say that there is no risk of unintended consequences in applying the assimilation rule to them. It is prudent to leave a general exception in the legislation to cover these provisions and, over time, undertake further work to progressively identify provisions like the above examples throughout the statute book and to individually amend them to accommodate electronic signatures and records unless there are good reasons why they cannot be satisfied by electronic signatures and records.

(iii) The Drafting of a General Exception

In the case of requirements in (1) above, the assimilation rule applies unless it is contrary to the manifest intent of the law maker who created the requirement, that intent being demonstrated by more than a simple requirement for a signature (or writing).

In the case of requirements in (2) above, the assimilation rule applies unless it is not practically feasible to implement the requirement using electronic signatures (or electronic records). Case (2) could be viewed as an instance of case (1), the infeasibility of implementation demonstrating a contrary intent of the law-maker.

It would therefore seem that the assimilation rule in clause 4(1) should not operate if there is a sufficiently explicit contrary intention expressed by the law-maker who made the requirement or the use of electronic signatures or records is not feasible in the context.[64]

The broad aim of electronic transactions statutes is to provide that electronic signatures satisfy legal requirements for manual signatures and that electronic records satisfy legal requirements for writing, provided there is:

• equivalent functionality in the operation of electronic signatures and electronic records with manual signatures and written records on physical media; and
• equivalent satisfaction of policy goals underlying the legal requirements.
  
  

A. Unconditional Exceptions Should Apply Where Electronic Technology Cannot Provide Equivalent Functionality to that Required of Manual Signature or Writing on Physical Media

There are some existing requirements where existing electronic technology, as a practical matter, cannot provide functionality equivalent to manual signature or writing on physical media for certain purposes or where the technology is not yet available to enough persons or locations to ensure equivalent functionality such as:

• requirements to affix a record to a physical structure (next to a boiler, on condemned property, on a car for sale);
• requirements to deliver a record to a wide range of people not necessarily equipped to receive the message electronically (service by post or in person); and
• negotiable instruments - there is no yet devised system by which a digital data packet can replicate the functionality of a negotiable instrument by serving as a unique and transferable representation of rights and obligations (this is mainly because any packet of data can be indistinguishably copied thus destroying the uniqueness of the record).

In these cases, it is appropriate to provide for an unconditional exception to the operation of the assimilation rule. These exceptions should be kept under review as technology develops towards a point of functional equivalence.

B. Conditional Exceptions (or an Equivalent Mechanism) should Apply where Electronic Technology may Satisfy the Policy Goals Underlying Form Requirements but only if the Technology and its Use Conform to Certain Standards and Process C ontrols.

There are many other existing form requirements whereby an electronic record or electronic authentication can be performed. These provide a basic level of equivalent functional operation with records on physical media and manual signatures but the equivalent satisfaction of policy objectives (such as providing reliable records or suitably cautioning the intending signatory or providing reliable evidence of the authenticity or voluntariness of a witnessed signature) depends upon the features and standards of electronic record or electronic authentication system used and the way in which it is used. In these cases, to ensure the policy objectives of the requirement are met, a process is needed to set standards as to the type of technology that can be used and to establish process controls for its use to ensure satisfaction of the policy objectives underlying the requirement. For example:

(i) Witnessing

Witnessing can be done electronically but the policy objectives of a witnessing requirement will only be fulfilled in a particular case if:

• the authentication technology used is certified as suitably reliable for the function of witnessing;
• the manner in which the technology is used truly enables the witness to say that they can be sure that they witnessed a person signing a document rather than merely clicking a mouse; and
• the circumstances of the electronic witnessing give the same implicit evidence of the authenticity or voluntariness of the witnessed signature as in a paper-based environment.

In short, electronic witnessing can satisfy the policy objectives of a witnessing requirement but only if certain technical standards for the authentication technology and process controls for its use in the particular case are met.

(ii) Cautioning and Channelling

Cautioning and channelling functions through written warning disclosures and signing requirements acknowledging the warnings can be satisfied electronically but the fulfilment of the cautioning and channelling objectives of these requirements depends upon:

• the way in which the electronic warning is presented (in similarly large and distinctive point size, colour, boxing as is required on paper to focus attention, see for example requirements under the Motor Car Traders Regulations and Consumer Credit Regulations);
• the absence of other distractions from the warning (for example the warning is not framed in an Internet browser with spinning icons and other flashing text and pictures); and
• the electronic authentication system conveying to the signer the same degree of legal significance and cautioning that manual signature on paper does.

At this stage in the development of electronic commerce, it is unlikely that a single mouse click on an "OK" or "I agree" icon conveys the same degree of legal significance and cautioning that a manual signature does, particularly given the enormous number of not legally significant "OK" icons there are to click on in ordinary computer use and the Pavlovian impulse of most computer users to move through these as quickly as possible. Thus, consumer credit contracts can be entered into electronically but only if it is determined that the electronic record disclosures and electronic authentication system used produce a cautioning function (warning and agreement acknowledging the warning) equivalent to that of paper disclosures and manual signature.

(iii) Record-keeping Requirements

Record-keeping requirements can be satisfied by electronic records and archiving but only if the electronic record-keeping systems meet the policy goals of providing durable and reliable records.

This could be achieved in part by a provision along the lines of UNCITRAL Model Law on Electronic Commerce Article 10: