E-Signature Legislation Takes Effect
The Electronic Signatures in Global and National Commerce Act, the legislation allowing the use of "e-signatures" in transactions, took effect yesterday. The Act gives certain encrypted certificates the same legal authority as written signatures. Although e-signature adoption is expected to be relatively slow, the legislation has been hailed as a step in legitimizing e-business. "Until you have some measure of legal enforcement for a lot of these transactions, it really is a risky environment to do business in," says Michael Rothman, founder and Executive Vice President of Shym Technology Inc. an encryption infrastructure vendor.
The encrypted signatures can be used to authorize documents in areas as diverse as business contracts, health care, and real estate. Rothman expects e-signatures to gain first adoption in highly regulated industries.
Most e-signature implementations are expected to use Public Key Infrastructure (PKI), the same technology used for authenticating credit card transactions over the Web. Although PKI has been in use for some time, the bill is expected to extend the reach of the technology.
The bill has not specified PKI as the preferred technology for e-signatures, but Rothman says that there is general consensus within the security industry that PKI is the most practical means to take advantage of the law.
The passage of the e-signature legislation signals an attitude shift by the US government regarding encryption. In the past, the government has been reluctant to nurture encryption technologies, citing law enforcement and foreign espionage as concerns regarding encryption policy.