Context of Signature Policies | Social and Economic Transformation in the Digital Era

As signature policies can represent requirements associated with transactions, it is necessary to link a particular signature policy with core elements that call for such formalization. The transaction context determines the general applicable rules associated with signing ceremonies. Such rules may emanate from:

statutes, e.g., an action is to be taken by filling out a form;
corporate conditions, e.g., A, Director of Company B Ltd. represents company B Ltd.; or
a contract, e.g., A authorizes B to act as his agent representing him.

The rules of the transaction context that refer to a signing right or the conditions of acknowledging the usage of signatures can be included in a signature policy.

Signature policies are likely to be of value to large-scale service providers that have a large amount of transactions to process like those carried out in processing centers for, e.g., electronic invoices, as described further below. The transaction objective for using signature policies is to ensure that the limits of the transaction power vested in an individual actor or expected by an action have been properly observed. This feature is especially of value in automated transactions, such as those carried out by using standardized electronic formats in which the boundaries of human interaction are limited.

Electronic signatures based on electronic signatures have a feature that disassociates them from the individual steps of transaction procedure. A trade procedure is often composed of a collection of various steps that are made available to the end user also through various service providers. In a purchase example, roles involved might include the buyer, the seller, as well as the payment mechanism of broker. When signing a transaction, the end user might also unintentionally get in the uncomfortable situation of approving the results of the performance of each individual transaction element within that transaction procedure. Would it be fair to consider that transaction limitations of this sort might also be considered as having the end user's approval, to the user's great dismay if anything is wrong with the lawful performance of the trade procedure? In a typical sales paradigm, such procedural limitations might be imposed if, for example, collecting transaction logs fails to be carried out in a reliable and trustworthy manner, having as a consequence the inability of the end user to benefit from the evidential value in case of a dispute. Any limitations on the usage of a signature with regard to the performance of such individual transaction elements in a transaction can be publicized by means of a signature policy. As in private transactions, there is no mandatory requirement to apply a signature in order to validate one's own intention to transact; the usefulness of signature policies can better be appreciated. Additionally in formal transactions, such as in those where there is a legal requirement to follow a specific form, procedure, etc., a signature policy can be used to outline the requirements for the validation of a transaction and the application of an electronic signature. Signature policy users have to specifically determine themselves the transactions where a signature policy might become required or mandatory.

As signature policies address requirements associated with transactions, it is necessary to meet the needs of commercial, administrative, private contexts. The transaction context determines the general applicable rules associated with signing ceremonies, hence, specific rules of the transaction context that refer to a signing right or the conditions of acknowledging the usage of signatures can also be included in a signature policy, much like elements such as non-repudiation and the like.

Closed vs. Open Transaction Environments

In Closed User Groups (CUGs) where trade parties have previous knowledge of each other, Public Key Infrastructure (PKI) outperforms other technologies to meet user requirements for electronic signatures. In CUGs, signature policies can be conveyed by and accepted also by means of a contract. While a party's agreement may suffice, in this regard other means deemed appropriate under the transaction circumstances can also be used such as informal communications, etc. In closed environments the transacting parties can maintain control over the content and the conditions of acceptance of the signature policies. Within CUGs multiple parties can share signature policies and be subject to negotiation or prior approval.

In open environments a signature policy may have to be scrutinized for consistency, content, fitness for the intended transaction, etc. Unless specifically negotiated, signature policies in open environments can be seen as general conditions having to conform to specific requirements mandated by national legislation.

Through signature policies, parties in open network transactions can provide notice of the conditions of having electronic signatures assuming binding effect. A signature policy in this case provides notice of the will of the issuer of a signature policy to large non-determined populations of users. Standardizing the form and content of signature policies may contribute to their greater acceptance and interoperability in open environments.

Incorporation of Signature Policies in a Transaction

Due to inherent limitations in the space available for digital certificates, policies often have to be conveyed and used in a transaction by incorporating them by reference (Wu, 1998; Mitrakas, 1997). Incorporation by reference is to make one message a part of another message by identifying the message to be incorporated, providing information that enables the receiving party to access and obtain the incorporated message in its entirety, expressing the intention that it be part of the other message (ABA, 1996). The incorporation of a signature policy into the agreement between signatory and recipient can take place by referencing in a signatory's policy the agreement to adhere to the terms of such signature policy. When the recipient accepts the signed document of the signatory, he implicitly agrees on the conditions of the underlying signature policy.

The incorporation of a signature policy into the agreement between signatory and recipient can also be affected by:

Referring to a signature policy in a party's agreement that refers to such signature policy.
Accepting a signed document and implicitly agreeing on the conditions of the underlying signature policy; this possibility might be hard to prove in court.

Repositories can be used to remotely store legal terms so that they can be used by reference. By placing signature policies in repositories, trading partners can browse for the appropriate terms and select potential trading partners according to parameters that include legal terms, conditions of acceptance of certain signatures, authorization, or signing requirements.

A question to be investigated in the following sections is, how and under which conditions a particular signature policy can be incorporated into an agreement of signatory and relying party. In general, incorporation into consumer contracts and incorporation into business contracts follow different rules. Inclusion in a business contract is comparatively easy, whereas in a consumer contract, stricter rules have to be obeyed. Moreover, especially in relation to the content of standard clauses, a distinction can also be made between civil law and common law countries. While in civil law regimes, standard terms generally have to pass a test of fairness to be considered valid by courts, the concept of reasonableness has only been introduced to English law through the Unfair Contract Terms Act of 1977 and is generally interpreted in a more liberal way than in common law jurisdictions.