ESigA, eIDAS and UETA – what they say about electronic signatures
Different laws govern the use of electronic signatures in Switzerland, the EU and the United States. Although the terminology and requirements might sound similar, there are still some important differences. An overview.
In Switzerland, electronic signatures are governed by the Federal Law on Electronic Signatures (ESigA). The law regulates the following three points, among others:
Standards for the quality and use of specific digital certificates;
Requirements for providers of certification services such as SwissSign to be recognised for electronic signatures and other applications of digital certificates (certification services);
Rights and obligations of recognised providers of certification services.
This law and its annexes precisely define, for example, what information certificates must contain and what other elements they may contain. It also specifies who they may be issued to and what requirements must be met for them to be issued. For example, natural persons may have to provide proof of their identity.
ESigA recognises four categories of electronic signature:
Simple electronic signature (SES)
Advanced electronic signature (AES)
Regulated electronic signature
Qualified electronic signature (QES)
Good to know: The text of the law contains only very rudimentary mention and regulation of the simple electronic signature (SES). However, the term "SES" is often used for all kinds of signatures that do not meet the requirements for the advanced or qualified electronic signature. The ESigA defines these quite generally as "electronic signatures".
The signature standards and their use cases
What is the difference between the SES, AES and QES? And what is the purpose of each of these signatures? Find out more in our article on the subject.To article
In the EU and the European Economic Area (EEA), the "eIDAS" regulation has been in force since July 2016: the Regulation on Electronic Identification, Authentication and Trust Services. It regulates all matters relating to electronic identification and trust services. The purpose of the regulation is to create a single standard in the EU to enable digital contracts signed in one country to be legally valid in all the others. The regulation also aims to establish additional trust services and promote digitalisation.
eIDAS divides electronic signatures into three categories:
- Simple electronic signature
- Advanced electronic signature
- Qualified electronic signature
How do ESigA and eIDAS differ?
Although both laws recognise a qualified electronic signature, their definition of it is not exactly the same, with slightly different requirements in place. The signatures are generated by different signature infrastructures and are only recognised by the law that defines them.
This means that anyone who wants to enter into contracts with partners in the EU/EEA under the law of an EU/EEA member state must sign these contracts with an eIDAS-certified electronic signature. Recognition under ESigA is not sufficient in the EU in this case.
Are SwissSign signatures eIDAS-certified?
SwissID Sign currently only supports signatures in accordance with the Swiss Federal Law on Electronic Signatures (ESigA). It is therefore only legally valid and binding for contracts subject to Swiss law. eIDAS certification (EU region) is an objective we are aiming towards for 2024.
But with Let’s Sign, we are already able to offer you the opportunity to enter into legally valid contracts under EU law today. The on-premise solution is able to process eIDAS-certified signatures.
USA: UETA and ESIGN Act
In the United States, the Uniform Electronic Transactions Act (UETA) has regulated the use of electronic signatures since 1999. However, it is non-binding and only applies in federal states in which the legislator has passed it.
To prevent conflicts between the laws of individual states, the Electronic Signatures in Global and National Commerce Act (ESIGN Act) was passed in 2000. This federal law applies in all 50 states. It stipulates that every state must recognise electronic signatures and implement a corresponding law, but that law need not be UETA. Forty-nine states and the District of Columbia, Puerto Rico and the US Virgin Islands adopted UETA. New York passed its own law.
Commonalities and differences
There is some overlap between UETA and the ESIGN Act. For example, the requirements for recognition of an electronic signature are identical. But there are also a few differences. For example, the ESIGN Act regulates transactions with foreign countries or between different federal states, while UETA focuses primarily on business transactions, commercial contracts and matters of government.