UNCITRAL
Model Law on
Electronic Signatures
with
Guide to Enactment
2001
Part One
UNCITRAL MODEL LAW ON ELECTRONIC SIGNATURES (2001)
Resolution adopted by the General Assembly
[on the report of the Sixth Committee (A/56/588)]
56/80 Model Law on Electronic Signatures
adopted by the United Nations
Commission on International
Trade Law
The General Assembly,
Recalling its resolution 2205 (XXI) of 17 December 1966, by which it established the United Nations Commission on International Trade Law, with a mandate to further the progressive harmonization and unification of the law of international trade and in that respect to bear in mind the interests of all peoples, and particularly those of developing countries, in the extensive development of international trade,
Noting that an increasing number of transactions in international trade are carried out by means of communication commonly referred to as electronic commerce, which involves the use of alternatives to paper-based forms of communication, storage and authentication of information,
Recalling the recommendation on the legal value of computer records adopted by the Commission at its eighteenth session, in 1985, and paragraph 5 (b) of General Assembly resolution 40/71 of 11 December 1985, in which the Assembly called upon Governments and international organizations to take action, where appropriate, in conformity with the recommendation of the Commission,1 so as to ensure legal security in the context of the widest possible use of automated data processing in international trade,
Recalling also the Model Law on Electronic Commerce adopted by the Commission at its twenty-ninth session, in 1996,2 complemented by an additional article 5 bis adopted by the Commission at its thirty-first session, in 1998,3 and paragraph 2 of General Assembly resolution 51/162 of 16 December 1996, in which the Assembly recommended that all States should give favourable consideration to the Model Law when enacting or revising their laws, in view of the need for uniformity of the law applicable to alternatives to paper-based methods of communication and storage of information,
Convinced that the Model Law on Electronic Commerce is of significant assistance to States in enabling or facilitating the use of electronic commerce, as demonstrated by the enactment of that Model Law in a number of countries and its universal recognition as an essential reference in the field of electronic commerce legislation,
Mindful of the great utility of new technologies used for personal identification in electronic commerce and commonly referred to as electronic signatures,
Desiring to build on the fundamental principles underlying article 7 of the Model Law on Electronic Commerce4 with respect to the fulfilment of the signature function in an electronic environment, with a view to promoting reliance on electronic signatures for producing legal effect where such electronic signatures are functionally equivalent to handwritten signatures,
Convinced that legal certainty in electronic commerce will be enhanced by the harmonization of certain rules on the legal recognition of electronic signatures on a technologically neutral basis and by the establishment of a method to assess in a technologically neutral manner the practical reliability and the commercial adequacy of electronic signature techniques,
Believing that the Model Law on Electronic Signatures will constitute a useful addition to the Model Law on Electronic Commerce and significantly assist States in enhancing their legislation governing the use of modern authentication techniques and in formulating such legislation where none currently exists,
Being of the opinion that the establishment of model legislation to facilitate the use of electronic signatures in a manner acceptable to States with different legal, social and economic systems could contribute to the development of harmonious international economic relations,
- Expresses its appreciation to the United Nations Commission on International Trade Law for completing and adopting the Model Law on Electronic Signatures contained in the annex to the present resolution, and for preparing the Guide to Enactment of the Model Law;
- Recommends that all States give favourable consideration to the Model Law on Electronic Signatures, together with the Model Law on Electronic Commerce adopted in 1996 and complemented in 1998, when they enact or revise their laws, in view of the need for uniformity of the law applicable to alternatives to paper-based forms of communication, storage and authentication of information;
- Recommends also that all efforts be made to ensure that the Model Law on Electronic Commerce and the Model Law on Electronic Signatures, together with their respective Guides to Enactment, become generally known and available.
85th plenary meeting
12 December 2001
Part One
UNCITRAL Model Law on Electronic Signatures
(2001)
Article 1. Sphere of application
This Law applies where electronic signatures are used in the context* of commercial** activities. It does not override any rule of law intended for the protection of consumers.
Article 2. Definitions
For the purposes of this Law:
(a) “Electronic signature” means data in electronic form in, affixed to or logically associated with, a data message, which may be used to identify the signatory in relation to the data message and to indicate the signatory’s approval of the information contained in the data message;
(b) “Certificate” means a data message or other record confirming the link between a signatory and signature creation data;
(c) “Data message” means information generated, sent, received or stored by electronic, optical or similar means including, but not limited to, electronic data interchange (EDI), electronic mail, telegram, telex or telecopy; and acts either on its own behalf or on behalf of the person it represents;
(d) “Signatory” means a person that holds signature creation data and acts either on its own behalf or on behalf of the person it represents;
(e) “Certification service provider” means a person that issues certificates and may provide other services related to electronic signatures;
(f) “Relying party” means a person that may act on the basis of a certificate or an electronic signature.
Article 3. Equal treatment of signature technologies
Nothing in this Law, except article 5, shall be applied so as to exclude, restrict or deprive of legal effect any method of creating an electronic signature that satisfies the requirements referred to in article 6, paragraph 1, or otherwise meets the requirements of applicable law.
Article 4. Interpretation
- In the interpretation of this Law, regard is to be had to its international origin and to the need to promote uniformity in its application and the observance of good faith.
- Questions concerning matters governed by this Law which are not expressly settled in it are to be settled in conformity with the general principles on which this Law is based.
Article 5. Variation by agreement
The provisions of this Law may be derogated from or their effect may be varied by agreement, unless that agreement would not be valid or effective under applicable law.
Article 6. Compliance with a requirement for a signature
- Where the law requires a signature of a person, that requirement is met in relation to a data message if an electronic signature is used that is as reliable as was appropriate for the purpose for which the data message was generated or communicated, in the light of all the circumstances, including any relevant agreement.
- Paragraph 1 applies whether the requirement referred to therein is in the form of an obligation or whether the law simply provides consequences for the absence of a signature.
- An electronic signature is considered to be reliable for the purpose of satisfying the requirement referred to in paragraph 1 if:
(a) The signature creation data are, within the context in which they are used, linked to the signatory and to no other person;The signature creation data were, at the time of signing, under the control of the signatory and of no other person;
(b) Any alteration to the electronic signature, made after the time of signing, is detectable; and
(c) Where a purpose of the legal requirement for a signature is to provide assurance as to the integrity of the information to which it relates, any alteration made to that information after the time of signing is detectable.
4. Paragraph 3 does not limit the ability of any person:
(a) To establish in any other way, for the purpose of satisfying the requirement referred to in paragraph 1, the reliability of an electronic signature; or
(b) To adduce evidence of the non-reliability of an electronic signature.
- The provisions of this article do not apply to the following: [...].
Article 7. Satisfaction of article 6
- [Any person, organ or authority, whether public or private, specified by the enacting State as competent] may determine which electronic signatures satisfy the provisions of article 6 of this Law.
- Any determination made under paragraph 1 shall be consistent with recognized international standards.
- Nothing in this article affects the operation of the rules of private international law.
Article 8. Conduct of the signatory
1. Where signature creation data can be used to create a signature that has legal effect, each signatory shall:
(a) Exercise reasonable care to avoid unauthorized use of its signature creation data;
(b) Without undue delay, utilize means made available by the certification service provider pursuant to article 9 of this Law, or otherwise use reasonable efforts, to notify any person that may reasonably be expected by the signatory to rely on or to provide services in support of the electronic signature if:
(i) The signatory knows that the signature creation data have been compromised; or
(ii) The circumstances known to the signatory give rise to a substantial risk that the signature creation data may have been compromised;
(c) Where a certificate is used to support the electronic signature, exercise reasonable care to ensure the accuracy and completeness of all material representations made by the signatory that are relevant to the certificate throughout its life cycle or that are to be included in the certificate.
2. signatory shall bear the legal consequences of its failure to satisfy the equirements of paragraph 1.
Article 9. Conduct of the certification service provider
