This month, Richard Oliphant spoke to Lawyer Monthly about his role at DocuSign, the implementation of the eIDAS (electronic identification and trust services for electronic transactions in the European internal market) Regulation and what impact this could have on organisations and transactions.
We’ve picked out a few of the questions and answers from the article, below. You can read the interview in full, here.
Q: What are commonly the challenges of your role at a digital transaction management company and how do you navigate these?
One of the key challenges I currently face in my role at DocuSign is providing assurances about the legality and validity of electronic signatures to customers. As with any technological innovation, change takes time to affect and electronic signatures are no different. Using an e-Signature tool to complete transactions offers huge benefits for customers (both economic and environmental), but first and foremost, trust services such as DocuSign must be able to prove to customers that electronic signatures are a secure method of authenticating transactions.
This challenge has been compounded by the fact that until recently, legislation around eSignatures in the EU was based on the E-signature Directive (1999). The directive was has been compounded by the fact that until recently, legislation around eSignatures in the EU was based on the E-signature Directive (1999). The directive was confusing, and failed to take into account recent developments in mobile and cloud technologies. Fortunately, the implementation of the eIDAS regulations on July 1st embodies a significant step in the right direction in terms of encouraging the adoption of electronic signatures and pushing the region closer to the ideal of the Digital Single Market.
Q: Could you describe what a workday in your shoes looks like?
My overarching focus is providing advice and consultancy on legal and regulatory issues in relation to the DocuSign electronic signature platform, and ensuring the business complies with, inter alia, its global data protection, data security, privacy and cyber-security obligations. On a daily basis, this involves drafting and negotiating cloud service/SaaS agreements for subscribers in the EMEA region, and advising on EU electronic signature laws.
Currently one of the biggest focuses in my role is making customers aware of the new eIDAS regulation and how it applies to their business. It is important that businesses understand when they are required to use certain signatures as well as how they can take advantage of what is now a more predictable regulatory framework for electronic trust services. As such, advising companies on how they can work with eIDAS is now a central part of my role.
Q: Can you tell LM about the recent implementation of eIDAS, what this is, your involvement and how it will affect regulatory procedure?
The eIDAS Regulation aims to enable citizens, businesses and public sector bodies to carry out convenient and secure electronic transactions across EU borders. The regulation comes in two component parts. Firstly it will enable mutual recognition and acceptance of electronic identification systems across EU borders. The second part of the regulation is concerned with establishing a common legal framework for a selection of ‘trust services’, consisting of electronic signatures, electronic seals, time stamping and website authentication.
There are three types of signatures as defined by the regulations: electronic, advanced and qualified. Whilst a simple electronic signature is adequate for the vast majority of transactions, there are some situations where advanced or qualified electronic signatures may be required, due to matters of national law, because they afford more security and a higher level of authentication.
It will be in the best interest of businesses operating within the EU, to work through secure electronic signature platforms in order to add the highest levels of security and evidential weight to their electronic transactions. The businesses that do so will play an important role in pushing the EU towards its ideal of the Digital Single Market.
Q: How will this then affect private businesses, non-profits and government transactions?
Whilst eIDAS is to be welcomed, I do not think its implementation will have a profound impact on the current market practice in the UK. The business community favours – and UK jurisprudence supports – the use of simple electronic signatures for transactions under UK law. Having said that, there are some industry sectors – notably banking and healthcare – where we have seen a marked preference for digital signatures and the Regulation may reinforce this trend.
I also think that the Regulation could potentially spur greater adoption of electronic and digital signatures by public sector bodies offering online services. From a business perspective, eIDAS will establish a more predictable regulatory framework for electronic transactions. Therefore, I anticipate rising demand from businesses for trust services and for secure electronic signature platforms like DocuSign.
If you’d like to learn more, watch the on-demand webinar: Be Boundless: Drive Global Business with eSignatures