As domestic and global digitalisation of all social systems is accelerating, especially as a result of the social distancing measures resulting from the Covid-19 crisis, we can foresee the increasing use of electronic signatures and electronic documents in general, in business and legal transactions. In 2014, the European Union adopted the so-called eIDAS Regulation (Electronic Identification Authentication and Signature), which aims to create the conditions for secure electronic transactions between EU Member States, whereby electronic signatures are playing an important role.
An electronic signature is defined by the eIDAS Regulation as “data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign“. To put it simply, electronic signature is a way of digitally signing documents that, to some extent and under certain conditions, replaces the traditional handwritten signature. In the Republic of Croatia, the use of electronic signatures in business is regulated by several regulations, such as the Electronic Document Act, but the main regulation is the eIDAS Regulation.
eIDAS Regulation establishes the legal framework for the application of electronic signatures and distinguishes simple, advanced and qualified electronic signature.
2.1. Simple electronic signature
Ordinary or simple electronic signature („SES“) is any type of signature in a digital environment whereby the signatory expresses his / her consent to the contents of the document he / she signs. This can be a simple click on a menu button, selecting a specific checkbox, or copying a scanned pdf signature to a specific document. Ordinary electronic signatures are not regulated in detail by the eIDAS Regulation, and it is recommended that such signatures are not used on important high value documents. Such signatures cannot be used before state authorities, such signatures cannot prove the identity of the signatory, nor can the validity of such signatures be verified. In practice, one could say that the security of such signatures is the same as registering by email and setting a password.
2.2. Advanced electronic signature
Advanced electronic signature („AdES“) is an electronic signature that must meet the following requirements:
The European Telecommunications Standards Institute has developed international standards for various AdES formats, making PAdES an advanced electronic signature for PDF, XAdES for XML, and CAdES for CMS signatures.
Advanced electronic signatures can be used, in practice, to sign online contracts, letters, e-mails or other digital documents, and as such in legal proceedings are considered as proof that a particular person has signed a certain document – even if they do not meet all the requirements for so-called qualified electronic signature.
2.3. Qualified electronic signature
Qualified electronic signature („QES“) is legally equalized with a handwritten signature, which means that legally, a document that contains QES will be equally legally credible as the document with handwritten signature. Technically speaking, QES is actually an advanced electronic signature that is created using a qualified electronic signature creation device (called a QSCD cryptographic device) and is based on a qualified certificate for electronic signatures. A qualified certificate is an electronic certificate that represents the electronic identity of an individual and is issued by a so-called trusted service provider, ie an organization that meets the technical requirements for issuing such digital certificates (for example, Financial Agency in the Republic of Croatia).
Qualified electronic signatures are used today, for example, to sign all types of submissions to the courts through e-communication, and it is expected that the use of QES will eventually extend globally to the entire public and private sector.
A qualified electronic signature based on a qualified certificate issued in one Member State is recognized as a qualified electronic signature in all other EU countries. The use of QES can significantly accelerate and increase the security of international transactions based on electronically concluded contracts, especially since the ability to forge signatures is significantly less than with the handwritten signatures, and any QES can be easily validated.
There are numerous free online services, such as in the Republic of Croatia – Fina Validator, or across the EU – Trusted List Browser or DSS Demonstration WebApp, to which a document containing an electronic signature is simply uploaded and then the online service performs the validation function. If the electronic signature is valid, then the validation service will display the identity of the signatory, the time of signing, the format and the signature form.
Therefore, authentication of electronic signatures is free, simple and extremely fast, which until now has not been the case with authentication of handwritten signatures, because in the case of contesting handwritten signatures, graphical expert evaluation is carried out, which is extremely slow and very expensive.
Advanced and qualified electronic signatures should be used where their use is required by law or when risk analyzes indicate their need.
In Republic of Croatia, it is very likely that all legal entities will have QES from September 1, 2020, since all legal entities in the Republic of Croatia are in accordance with Art. 118 (3) of the Code of Civil Procedure is required to request access to e-communication with the courts. If the legal entity did not have QES, it would still be able to access the e-communication system but would not be able to independently sign and upload the documents to court, which required QES.
There are numerous public service providers for electronic signatures (for example, Financial Agency in the Republic of Croatia), but also private companies who can also be authorized issuers of electronic signatures (for example, DocuSign).
When choosing the provider for such services, it is recommended to check if the electronic signatures are in accordance with the eIDAS Regulation and if the provider is on a list of authorized providers (so-called Trusted Service Provider). This can be easily verified by typing the name of the service provider on the online service „Trusted List Browser“ of the European Commission, so if the service provider is on that list it means that it complies with the eIDAS Regulation.
Another point to pay attention to is the purpose of using an electronic signature. For example, certain government electronic services require specific types of electronic signatures, and it is therefore necessary to check such conditions before purchasing.
The last remaining restriction in the Republic of Croatia relates to documents for which a notarization on paper is required by law or other regulation, in which case electronic documents cannot be used. However, given the increasing trends in the digitalization of society and the judicial system, legal changes are expected that will allow notaries to issue electronic certificates or solemnizations of contracts and documents, or in some cases to abolish the need for notarization, given the security and convenience of using new technologies. Such developments will certainly contribute to a significant acceleration and simplification of all legal proceedings.
If you have any questions relating to this article please don’t hesitate to contact us at:
The information in this article does not constitute legal advice in relation to a specific legal issue, but rather general legal information published for information purposes.