This article is written by Raslin Saluja, from KIIT School of Law, Bhubaneswar. This article throws light on the validity and enforceability of electronic contracts and electronic signatures.
Electronic contracts known as e-contracts are quickly replacing paper-based contracts as we move towards digital India. With time, there has been a shift in the way of carrying out business wherein virtual work is being preferred. Businesses are preferring e-contracts as they are cost-effective and offer massive benefits. Besides, the Covid-19 outbreak and nationwide restrictions in movement and physical interactions have made it rather difficult for people to come together physically and sign new contracts. The sense of urgency in certain matters and the need for the companies to move ahead with their businesses have made them resort to this means.
What is an e-contract
These are the digital or electronic versions of the regular paper-pen based contracts. The requirements for the e-contracts are the same as that of a written or oral contract under the Indian Contract Act, 1872. In addition to that, another significant requirement of the e-contracts includes being accepted by means of electronic signature/other electronic modes of acceptance.
The most commonly used e-contracts include:
- Shrinkwrap contracts: These are used for licensing agreements for software.
- Clickwrap contracts: These are found in web-based software/services and comprise the terms and conditions that the user agrees to in order to access the website/software.
- Browse wrap contracts: These are contracts that users agree to upon continuing to use a service/ browsing a web page.
- Emails: They are legally binding contracts and be legally binding upon having a digital/electronic signature.
It derives its validity from Section 10 of the Indian Contract Act, 1872 and is governed by the basic principles of contract like offer and acceptance, free consent, capacity and lawful consideration. Similarly, in the case of clickwrap agreements, the terms and conditions are provided as an offer and upon confirmation by the user by clicking on “I Agree” gives the acceptance. Further, under Section 4 of the Information Technology Act, 2000 (IT Act), any legal requirement of physical records that requires information to be in the typewritten form/printed, is deemed to be satisfied if it is in electronic form and accessible from future reference.
In addition to that, Section 10(A) of the IT Act provides validity by recognizing the contract formation, acceptance, revocations in electronic form. After its execution, an e-contract is stored/recorded with the involved parties in electronic form as an electronic record. It shall not be unenforceable only on the ground that it is an electronic form. These provisions have been applied and upheld by the Chennai High Court in the case of Tamil Nadu Organic v. State Bank of India (2019). The outcome of the electronic auction was upheld and the Court said that liabilities may arise from such electronic contracts and means as long as general principles of the contract are being fulfilled and are enforceable under law as provided in the Contract Act. Therefore, e-contracts are largely legally valid and can be enforced in a court of law.
These provide an electronic representation of an individual’s identity. Section 2(1)(ta) of the IT Act has defined an electronic signature as: “Authentication of any electronic record by a subscriber by means of the electronic technique specified in the second schedule and includes a digital signature.”
Need of e-signature
The primary purpose of a signature is to authenticate a contract and make it binding over the parties implying their consent to be a part of the contract. For cases where the contracts are entered online and documents are exchanged through email, the parties may not actually be able to sign it in a practical sense, which makes the identification and the authentication of the originator of an online document difficult. This limitation can be overcome by using ‘e-signatures’, which have been given legal recognition and are regulated through the IT Act.
Recognized forms of electronic signature for authentication of the e-contracts
Electronic signatures are governed under the IT Act. The Act essentially gives recognition to two types of e-signatures to verify and authenticate electronic documents and records.
- Digital signatures that work through the application of symmetric cryptosystems and hash functions.
- Electronic signatures or electronic authentication methods as specified in the Second Schedule of the IT Act.
A digital signature is an electronic form of a physical world handwritten signature. These are applied to electronic documents instead of paper documents. Similar to a written signature, it has a dual function of integrity and non-repudiation. They are unique for each individual and are possessed only by their holder and therefore they cannot be repudiated later. It also helps in preserving the integrity as any tampering with the document gets caught due to the encryption technology. It uses an asymmetric cryptosystem and hash function.
A message that needs to be signed is delineated and processed using a hash function creating an output known as a hash result. The hash result is smaller than the original message and is unique to it, which changes upon altering the original message. The hash result is then encrypted (transformed) through a private key of the sender. This encrypted hash result is the digital signature. This signature is then affixed and sent along with the message and can only be decrypted (reconverted into the original message) by the intended receiver who has the public key as provided by the sender.
Regulated under the second schedule of the IT Act, it includes electronic authentication techniques or procedures. These methods are as follows :
- Biometric and One-Time-Password (OTP) based Aadhaar e-KYC (Know Your Customer) method-
An example of this is also known as Aadhaar e-Sign (eSign). Herein a person with their Aadhar ID linked to their mobile number can use an online e-signature for signing the digital documents online. It is done by integrating the online e-signature with an Application Service Provider (ASP) to provide the users with a mobile/ web application interface to apply e-signatures to digital documents by authenticating their identity through the e-KYC or OTP.
- Other e-KYC services like Offline Aadhaar e-KYC, Organizational eKYC or Banking eKYC methods-
You can find the Identity Verification Guidelines issued by the Controller of Certifying Authority (CCA) for details regarding the various forms of identity verification used forms of user identification for generation of digital signature certificates; and
- E-authentication technique and procedure for creating and accessing subscriber’s signature key facilitated by trusted third parties-
These methods are used for issuing digital signature certificates (DSC) after successful verification of the identity and the address of the applicant. It is signed by a trusted independent third party (certifying authority) licensed under the IT Act. A certifying authority (CA) is an entity licensed by the CCA to issue electronic/ digital signature certificates. The CCA is the authority appointed under the IT Act to license and regulate the CAs. The current list of CAs is available here.
Usually, a DSC is contained in a universal serial bus (USB) token with a personal PIN which can be used by plugging the USB into a computer and signing the digital document using that PIN. A DSC consists of three elements which are:
- Names and extensions including nationality, email address, details of one’s workplace, holder’s picture, a layout of his fingerprints, passport number etc.
- Public key information of the holder.
- Certifying authority.
Validity and enforceability
Under Section 5 of the IT Act, electronic signatures are recognized and any requirement of signature will be considered and deemed satisfied if the document is authenticated by way of electronic signature in the manner prescribed under the Act. There is no difference between the enforceability of electronic/digital signatures and other accepted valid electronic signatures having the same status as handwritten signatures under Indian law. There is a presumption of validity for electronic records signed using a valid electronic signature (as recognized under the IT Act), which is treated as equivalent to a wet signature.
For an electronic signature to be valid, there are two criteria:
- It has to be reliable.
- It has to be recognized under the Second Schedule.
An electronic signature is considered reliable when they satisfy these conditions:
- It has to be unique to the holder/signatory.
- The signatory must have control over the data used to generate the signature, at the time of signing.
- Any alteration to any document holding must be detectable.
- There should be an audit trail of steps taken during the signing process.
- The DCA must be issued by a CA recognized by the CCA.
However, the electronic contracts formed through click-wrap, non-CA issued certificates are not given any recognition under the IT Act. Though they may not be invalid by virtue of Section 10A of the Act, they do not hold presumption of validity and therefore may be disputed. In those cases, the signatory will have to prove the following:
- the generated signature is unique and can only be linked only to the signatory;
- only the signatory had access to and control over the document at the time of signing;
- any alteration to the signature or the information made after the signature is affixed is detectable; and
- it adheres to the essentials of a valid contract under the Indian Contract Act, 1872, such as offer, acceptance and intention to create a legal relationship, the capability of the parties, consideration etc.
Any other conduct of the parties with respect to the subject matter of the contract/electronic record may also be relevant in this context.
Electronic signatures also serve as proof of signature and presumption of electronic agreements under the Indian Evidence Act, 1872. It states that e-agreements have the same legal effect as that of a paper agreement and are included under the definition of evidence in Section 3. It recognizes electronic records as documentary evidence. As per Section 65B, it makes any information contained in an electronic document admissible in proceedings as evidence without further proof of the original, if it is accompanied by a certificate stating that:
- The computer that generated the record is used regularly by a person who had lawful control over it at the time of producing the record.
- The said computer received/stored the information of the electronic record during the ordinary course of activities.
- The output computer was in a proper operating condition, or, in case it had operational difficulties, it did not affect the accuracy of the data entered, and
- The information contained in the electronic record reproduces information fed into the computer in the ordinary course of activities.
Execution of an electronic record has been exhaustively dealt with in the case of Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal and Others (2020) interpreting Sections 65 A and 65B. The originality of an electronic record can be proved by the owner if they are able to prove the above-mentioned points either by stepping into the witness box or by providing a printout of such electronic document in accordance with Section 65B along with certificate as under Section 65B(4) as provided in Anvar P.V v. P.K Basheer & Ors (2014).
Under Section 47A, the Court can refer to the opinion of the Certifying Authority which has issued the electronic Signature Certificate as a relevant fact to form an opinion. Furthermore, under Sections 85A & 85B, it gets the benefit of presumption unless otherwise proved. The Court presumes that:
- That the electronic record has not been altered since the time it has received the status of being secured.
- That the subscriber had the intention of signing/ approving the electronic record upon affixing the secured digital signature.
Thus, the recognized electronic signatures are deemed valid unless the contrary is proved.
Documents on which digital and electronic signatures are invalid
The Central Government has also provided on what classes of documents the electronic signatures cannot be used. These include:
- Any class of documents as stated by the central government through a notification published in the Official Gazette.
- Any contract for the sale of immovable property, interest or conveyance in such property.
- Power of Attorney as per Section 1A of the Powers of Attorney Act, 1882.
- A will and/or testament as per Section 2(h) of the Indian Succession Act, 1925.
- A negotiable instrument(except cheque) as per Section 13 of the Negotiable Instruments Act, 1881.
- A trust as per Section 3 of the Indian Trusts Act, 1882.
Upon combined reading of the laws and the case laws, it can be concluded that there is sufficient recognition of the validity of the electronic contracts and signatures. Their usage too has been widely increased with time. Many fintech entities have been rigorously using this mode in order to avoid any fraud in documentation and execution. With the advent of technology, an extra layer of security can be added for the protection of e-signatures by using OTP, geolocation for verification or tracking of the details of the electronic device.
LawSikho has created a telegram group for exchanging legal knowledge, referrals, and various opportunities. You can click on this link and join: