E-signature: who bears the burden of proof?

 

The Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC (the “eIDAS Regulation”) was adopted to establish multi-jurisdictional legal recognition of electronic signatures.

The main objective of the European legislator was to put in place a complete interoperable legal framework for the different systems set up within the Member States which confers legal certainty, increases confidence in electronic transactions, and promotes the development of a trusted digital market.

Although it is directly applicable in all Member States since 1 July 2016, a Luxembourg new law adopted on 10 July 2020 (and not yet published – draft of bill n°7427) aims at implementing the eIDAS Regulation in order to introduce national level issues requiring national legislative intervention such as applicable sanctions, a designation of the control body and its powers.

This eIDAS Regulation defines three categories of electronic signatures, namely the “qualified” electronic signature (QES), the “advanced” electronic signature (AES) and the “simple” electronic signature (SES) (see in that respect our article of 21 April 2020 entitled “COVID-19: Use of e-signature”).

Do all electronic signatures have the same reliability and probative value?

The question is related to which probative value should be attached to each type of electronic signatures and on which party stays the burden of proof. The commentaries of the draft of bill n°7427 give some indication, as well as article 25 of the eIDAS Regulation.

Indeed article 25 of the eIDAS Regulation defines three main principles :

  1. An electronic signature shall not be denied legal effect and admissibility as evidence in legal proceedings solely on the grounds that it is in an electronic form or that it does not meet the requirements for qualified electronic signatures (the non-discrimination principle).
  2. A qualified electronic signature shall have the equivalent legal effect of a handwritten signature (the highest legal effect of an electronic signature).
  3. A qualified electronic signature based on a qualified certificate issued in one Member State shall be recognized as a qualified electronic signature in all other Member States (the EU electronic signature passport).

The eIDAS Regulation distinguishes between qualified trust services and unqualified trust services as well as qualified trust service providers (“QTSP”) and unqualified trust service providers.

The QTSP is the only one authorized to provide qualified trust services which can be hardly contested in court. Indeed, only a QTSP can issue the certificates required for a qualified electronic signature.

In accordance with the Commission Decision (EU) 2015/1505 of 8 September 2015, each Member State must provide a “trusted list” of QTSP. For Luxembourg, this list contains two QTSPs: LuxTrust S.A. and BE INVEST International S.A. All the national lists can be found on the European Commission’s website.

The level of security and reliability depends on the choice of qualified or unqualified trust services.

Indeed qualified trust services benefit from a presumption thus relieving the user from the burden of proof in the event of a dispute, while unqualified trust services benefit only from the non-discrimination clause. The legal effect, probative value, and admissibility of unqualified trust services cannot be refused as evidence in court on the sole ground that these services are in electronic form. The user of unqualified trust services must provide proof of the reliability and guarantees normally expected of these services.

Any document with a simple or advanced electronic signature is admissible in court in the same way as a document with a qualified electronic signature, subject to proof that the requirements of reliability are met (identification of the author and integrity of the act).

Qualified electronic signature is the only type of e-signature that has the same legal value and effect as the handwritten one. In case of litigation, its authenticity is presumed and the reversal of burden of proof is applied. It will be up to the party who challenges its authenticity to bring evidence and prove its inaccuracy.

Furthermore, only qualified signatures can benefit from the EU passport. Indeed “qualified” trust services will be able to claim recognition of the validity of their services in all the Member States. In other words, once a company has been included on the “trusted list” of a Member State, it obtains the recognition of its qualified trust services in all Member States. Companies as well as private individuals from any Member State can then use the services of this company to obtain qualified certificates for their electronic signatures, offering the highest level of security and allowing them to have legal recognition equivalent to that of a handwritten signature at the European level. Thus, a qualified electronic signature which is based on a qualified certificate issued in one Member State shall be recognized as a qualified electronic signature in all other Member States.

As to international recognition, article 14 of the eIDAS Regulation provides that trust services provided by trust service providers established in a third country shall be recognized as legally equivalent to qualified trust services provided by qualified trust service providers established in the European Union where the trust services originating from the third country are recognized under an agreement concluded between the European Union and the third country in question or an international organization in accordance with Article 218 TFEU and Article 14 § 2 of the eIDAS Regulation.

Valerie Kopéra & Lucile Lebeaux