24-7 Electronic Signature White Paper



Similar documents
ELECTRONIC SIGNATURES AND ASSOCIATED LEGISLATION

ELECTRONIC SIGNATURES FACTSHEET

Ericsson Group Certificate Value Statement

SSLPost Electronic Document Signing

REPUBLIC OF LITHUANIA. LAW ON ELECTRONIC SIGNATURE

Guidelines for the use of electronic signature

2002 No. 318 ELECTRONIC COMMUNICATIONS. The Electronic Signatures Regulations 2002

Merchants and Trade - Act No 28/2001 on electronic signatures

E-SIGNATURE CONSENT FOR OBTAINING INFORMATION FROM MEDICAL RECORDS HIGH LEVEL PRINCIPLES

Business Issues in the implementation of Digital signatures

User Manual. For. Digitally Signing of your application

and contractual notices

AGENDA ITEM : ELECTRONIC SIGNATURE

ELECTRONIC SIGNATURE LAW

GRTGAZ NETWORK TRANSMISSION CONTRACT

Electronic Commerce ELECTRONIC COMMERCE ACT Act. No Commencement LN. 2001/ Assent

UKAS Guidance for bodies operating certification of Trust Service Providers seeking approval under tscheme

ELECTRONIC SIGNATURE LAW. (Published in the Official Journal No 25355, ) CHAPTER ONE Purpose, Scope and Definitions

Client Assets. Chapter 7. Client money rules

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

OB10 - Digital Signing and Verification

WACOM esignature Solutions

ELECTRONIC TRANSACTIONS LAW N0 (85) OF Article (1)

UNCITRAL United Nations Commission on International Trade Law Introduction to the law of electronic signatures

The Statute of Frauds in the Digital Age - Maintaining the Integrity of Signatures

Qualified Electronic Signatures Act (SFS 2000:832)

PARLIAMENT OF THE DEMOCRATIC SOCIALIST REPUBLIC OF SRI LANKA

Management and E-Discovery

General Disposal Authority. For encrypted records created in online security processes

HKUST CA. Certification Practice Statement

An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Mar.2010

GOVERNMENT OF THE REPUBLIC OF SLOVENIA CENTRE FOR INFORMATICS ELECTRONIC COMMERCE AND ELECTRONIC SIGNATURE ACT

LAW. ON ELECTRONIC SIGNATURE (Official Gazette of the Republic of Montenegro 55/03 and 31/05)

THE LAW OF THE AZERBAIJAN REPUBLIC ON DIGITAL ELECTRONIC SIGNATURE

CHAPTER 1 INTRODUCTION

Law Governing Framework Conditions for Electronic Signatures and Amending Other Regulations

Profession Practice Advice for the Profession

Protection Profiles for TSP cryptographic modules Part 1: Overview

THE ELECTRONIC SIGNATURE - TECHNICAL AND LEGAL IMPLICATIONS

All Rights Reserved - Library of University of Jordan - Center of Thesis Deposit

SubmitedBy: Name Reg No Address. Mirza Kashif Abrar T079 kasmir07 (at) student.hh.se

Long-term archiving of electronically signed documents in Hungary

Client Assets. Chapter 11. Debt management client money chapter

Bill. Electronic Signatures 1)

investment portfolio service

ing and Texting with Patients

User Guide. Version 3.0 April 2006

RPost Outlook Quick Start Guide

Guidelines Related To Electronic Communication And Use Of Secure Central Information Management Unit Office of the Prime Minister

DRAFT. By: Daniel Silien and Christopher R. Yukins Co-Chairs

Představení nařízení EU eidas a možný přístup ČR k implementaci. Ondřej Felix Hlavní architekt egovernmentu MV

Concept of Electronic Approvals

Law of the Republic of Azerbaijan on Electronic Signature and Electronic Document

Haynes Manuals & Books

Electronic Signature Law of the People s Republic of China

Please ensure that the full date is entered (including the month and year e.g. 14 th December 2010.) Page 2 paragraph 7.1 Please insert the date

Electronic Signature Law,

2.0 Emended due to the change to academy status Review Date. ICT Network Security Policy Berwick Academy

TC TrustCenter GmbH Certification Practice Statement and Certificate Policy for Qualified Certificates

EMA esignature capabilities: frequently asked questions relating to practical and technical aspects of the implementation

Electronic and Digital Signatures

TARGET COMPENSATION SCHEME CLAIM FORM 1 (Please complete sections 1 to 4 and send signed original form to your home NCB)

means the period during which the Contractor is engaged by the Employment Business to render services to the Client.

Foreign Payments Private Client Application Form

HICAPS. Provider Agreement. Terms and Conditions

ELECTRONIC TRANSACTIONS ACT 2008 ARRANGEMENT OF SECTIONS PART I PRELIMINARY PART 2 APPLICATION OF LEGAL REQUIREMENTS TO ELECTRONIC RECORDS

ETSI TS V1.4.3 ( )

ACT. of 15 March 2002

Digital Signatures For Engineering Documents

Questions & Answers. on e-cohesion Policy in European Territorial Cooperation Programmes. (Updated version, May 2013)

CHAPTER 6. UNIFORM ELECTRONIC TRANSACTIONS ACT

Controller of Certification Authorities of Mauritius

The Global Standard for Digital Transaction Management. Legal Aspects

ELECTRONIC SIGNATURES AND ACTS IN ELECTRONIC TOOLS USED IN PUBLIC PROCUREMENT MICHAELA POREMSKÁ *

United States Railroad Retirement Board Office of Programs. SUBJECT: Requests for 12(o) and 2(f) Reimbursement Amounts

ETSI TR V1.1.1 ( )

THE WESTERN UNION MONEY TRANSFER SERVICE (THE SERVICE ) SHALL BE MADE AVAILABLE SUBJECT TO THE FOLLOWING CONDITIONS

Rapid Border Intervention Teams who are those officers?

Authorization for Systematic Investment in Equities Authorization to India Infoline Ltd.

GlobalSign Subscriber Agreement for DocumentSign Digital ID for Adobe Certified Document Services (CDS)

READY RECKONER FOR SAFE EXIM VALIDATION

Montana Code Annotated 2011 Title 30, chapter 18, part 1 Electronic Signatures

Legal Status of Qualified Electronic Signatures in Europe

E-Signatures. Chris Reed. Professor of Electronic Commerce Law

ACCOUNT OPENING FORM. CUSTOMER INFORMATION (Please fill in where applicable) Customer Name Registration N BRN: Registration Date

Directorate Of Health Service s ONLINE NURSING HOME & CLINICAL ESTABLISHMENT LICENSING SYSTEM

GlobalSign Subscriber Agreement for DomainSSL Certificates

It s important to understand how the Companies Act 2008 opens the door to do things electronically by referring to the ECTA.

GlobalSign Solutions. Using a GlobalSign PersonalSign Certificate to Apply Digital Signatures in Microsoft Office Documents

CERTIMETIERSARTISANAT and ELECTRONIC SIGNATURE SERVICE SUBSCRIPTION CONTRACT SPECIFIC TERMS AND CONDITIONS

5 FAM 140 ACCEPTABILITY AND USE OF ELECTRONIC SIGNATURES

Service Appendix to Posti Ltd s General Delivery Terms, February 9, Letter Services. February 9, 2015

ACHIEVING BEST PRACTICE IN YOUR BUSINESS. Information Security: Guide to the Electronic Communications Act 2000

Money One Federal Credit Union Pocket 2 Pocket Service E-SIGNATURE AND ELECTRONIC DISCLOSURES AGREEMENT

ODETTE CA Subscriber Agreement for Certificates

The Concept of Trust in Network Security

(This agreement is in rich text format and appears in a scrolling text box once you ve reached

Land Registry. Version /09/2009. Certificate Policy

Electronic Signature: Increasing the Speed and Efficiency of Commercial Transactions

An Act to provide for the facilitation of the use of electronic transactions and signatures and for related matters.

Transcription:

24-7 Electronic Signature White Paper

24-7 Electronic Signature White Paper The following document describes 24-7 Box s interpretation of the current UK legislation relating to validity of electronic signatures in UK law and how the 24-7 Box can meet this. The discussion starts by looking at the problem to be solved by the delivery box. A brief summary of the current pieces of UK legislation are then discussed. This is followed by a more detailed look at what the legal requirements are for an electronic signature and a brief summary of what a signature means in the delivery context is proposed. The discussion then demonstrates how the 24-7 Box operation can meet courier and legal requirements. The discussion is summarized with the important points highlighted. 1 The Problem In order for the 24-7 Box to be used in place of a transcribed signature it must solve the following problems: 1. The electronic signature generated by the 24-7 Box needs to be as valid legally as a transcribed signature. 2. The 24-7 Box needs to be associated with the address at which it is being used. 3. The sender of the delivery needs to know that the 24-7 Box will be used. 2 Electronic Signature Vs Transcribed signature The following is based on research carried out by 24-7 Box and with reference to Electronic Signatures In Law Second Edition by Stephen Mason published May 07 (ISBN 978 1 84592 425 6) and Practical Cryptography Second Edition by Ferguson & Scheier published Jan 03 (ISBN 0-471-22894-X). In the UK there are three pieces of legislation which relate directly to the legal admissibility of an electronic signature in place of a Transcribed signature and these are: The Electronic Signatures Directive 1999/93/EC (European Parliament Directive of 13th December 1999) http://eur-ex.europa.eu/lexuriserv/lexuriserv.do?uri=celex:31999l0093:en:html Incorporated into UK law by The Electronic Communications Act 2000 Chapter 7 http://www.opsi.gov.uk/acts/acts2000/ukpga_20000007_en_1 & The Electronic Signatures Regulation 2002 http://www.opsi.gov.uk/si/si2002/20020318.htm

From an investigation of the relevant legislation both of the UK documents do mainly describe what is in the EC directive as far a description of the legal admissibility of electronic signatures is concerned. There are a large number of documents which attempt to describes these pieces of legislation in an easy to understand manner, but from what we have seen most seem to actually change the meaning of the legislation in the process! The best documents we have found so far which do a reasonable job of simplifying the legislation without actually changing the meanings are produced by the Department of Trade and Industry. All three pieces of legislation describe ways in which an advanced electronic signature can be as legally binding as a handwritten signature. The European Parliament directive describes the following: advanced electronic signatures which are based on a qualified certificate and which are created by a secure-signature-creation device can be regarded as legally equivalent to hand written signatures only if the requirements for hand written signatures are fulfilled The requirements for an advanced electronic signature are described as: It is uniquely linked to the signatory; capable of identifying the signatory; created using a means that the signatory can maintain under his sole control; and linked to data to which it relates in such a manner that any subsequent change of that data is detectable. In this particular application we believe the requirements for a handwritten signature are: A signature is provided on receipt of an item. A signature is only valid if the signatory intends to sign The directive does also describe the following: Member states shall ensure that an electronic signature is not denied legal effectiveness and admissibility as evidence in legal proceedings solely on the grounds that it is: - In electronic form, or - not based upon a qualified certificate, or - not based upon a qualified certificate issued by an accredited certification-service-provider, or - not created by a secure signature-creation-device The following proposals will describe the ways in which the 24-7 Box meets the above requirements.

3 A signature in the delivery context In the delivery context a signature is provided for the following reasons: A package has been received at an address. And NOT for the following reasons: A package has been received at the address on the package (a neighbour can sign for a package or a package can be collected from a depot) A certain package has been received (no disclaimer is signed to this effect). A package and contents has been received undamaged (no disclaimer is signed to this effect). A package contains the correct contents (no disclaimer is signed to this effect). In fact, given that a neighbour can sign for a package without any prior authorization of the occupant of the address on the parcel, in UK law the signature does not provide any proof at all that the parcel was delivered to the intended address. Whether a signature is electronic or transcribed it must be demonstrated there was the intent to sign. Seeing as the occupant of the intended address has not given any prior authorization to the neighbour there is no way to prove that had the occupant been present they would have signed. In this respect the 24-7 Box actually provides more proof than a neighbours signature as the occupant has previously authorized the box to sign on their behalf.

4 The Solution 1. Every 24-7 Box will have a unique alpha numeric serial number which starts with the numbers 247. When the 24-7 Box is purchased this serial number will be supplied to the recipient. 2. The recipient will then secure the 24-7 Box outside their property, agreeing to the 24-7 Box Ltd terms of use and liability. 24-7 Box Ltd will guarantee to reimburse the recipient up to a certain value if goods or letters go missing as a result of the 24-7 Box malfunctioning. If the recipient chooses to use the box for goods or letters who s value is more than the 24-7 Box Ltd Guarantee they will do so at their own risk. 3. When the recipient places an order for an item or arranges delivery of goods they will ensure that this serial number forms part of their address. This information will then be printed on the letter or parcel to be delivered, for example: Andrew Nesling Box: 247 9A3 22F 8CC 24-7 Box Ltd 83 Ashmead Road Banbury Oxfordshire OX16 1AA 4. The courier will arrive with the package and confirm the address matches the address printed on the item to be delivered. On opening the 24-7 Box it displays its unique serial number on the LCD display. The serial number on the display can then be checked with the number printed on the delivery, for example: Box Serial No =. 247 9A3 22F 8CC 5. The 24-7 Box will then display its current time & and date, for example: Made at => 10:30 AM. MON 25/ SEP/ 2008. 6. If happy the courier can make the delivery and on locking the 24-7 Box will receive an advanced electronic signature, for example: F3 1D DC 69. F5 6A 65 50

7. The advanced electronic signature is an encrypted code made up from a private key a date & time stamp and a randomly generated number. 8. If a dispute over delivery arises, the advanced electronic signature, the date & time of the delivery and the box serial number can be entered into the 24-7 Box secure website. The website will then, use the private key, to decrypt the advanced electronic signature and generate a page detailing the box serial number, the time and date of the delivery and whether the electronic signature is valid. 9. If there is a problem with the delivery, by not opening the clear lid the recipient can demonstrate to the courier that they have not gained access to it as the advanced electronic signature is the same as the one that was recorded when the delivery was made. The advantages of the system are: The signature is uniquely linked to the signatory (the 24-7 Box) by the serial number and is capable identifying the signatory. It is the recipient and sender that verify a particular 24-7 Box belongs to a particular address by adding the box serial number into the address for delivery. By adding the box serial number to the address the recipient and sender are agreeing for that delivery to be left in the 24-7 Box and authorising the box to sign for the delivery, demonstrating the intent to sign. By securing the box outside the address the recipient is demonstrating the intent to sign and also that the signature is created using a means that the signatory can maintain under their sole control. The proof of delivery to the location (the 24-7 Box) is an advanced electronic signature. If the box serial number does not make up part of the address the courier knows that they cannot leave the delivery in the 24-7 Box if it requires a signature. If legal documents or other sensitive items are being delivered which require a signature the sender or recipient may decide not to include the box serial number in the address. If the recipient is having a particularly valuable item delivered they may decide not to include the box serial number in the address. If the courier has a valid Proof Of Delivery they can prove a delivery was made to the correct location, the correct box, at a certain time and date. As the unique serial number starts with 247 the courier will know that it is a 24-7 Box which will be providing, or has provided, the signature. By clearing the advanced electronic signature when the clear lid is opened and creating a new one if the box is subsequently re-locked the advanced electronic signature is linked to data to which it relates in such a manner that any subsequent change of that data is detectable.

5 Summary In UK law an electronic signature can be as valid as a transcribed signature provided the requirements for a transcribed signature are met. With an electronic signature as with a transcribed signature the intent to sign must be demonstrated. An advanced electronic signature provides both parties with an electronic signature that can be more secure. The requirements for a signature in the delivery context are a great deal less onerous than signatures for other applications. It could be argued that where a signature is provided by a neighbour even the intent to sign could not be proved. The 24-7 Box can be associated with an address by the sender and/or the recipient of the delivery adding the box serial number to the address. When the sender puts the box serial number in the address they are agreeing to the delivery being left in the box. If the sender is not happy for the item being delivered to be left in and signed for by the 24-7 Box (e.g. a court summons) then they do not include the serial number in the address. 24-7 Box Ltd are confident that the 24-7 Box can meet the legal requirements for electronic signatures.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information