In previous posts in this blog, we have analyzed the mandatory requirements for the creation of qualified electronic signatures, that is, the level of signature that we find in most of the legislations at the “top of the pyramid”, the one that provides the highest legal presumptions in their favor with full probatory value and efficacy.
However, the qualified electronic signature is not the only type of electronic signature suitable to carry out operations through digital means, nor the only one with the capacity to produce legal and probatory effects in court. Consequently, the assessment of the suitability of the type of electronic signature we implement in our procedures, processes and digital operations is subject to the verification of several assumptions related to the characteristics of the digital operation in question, as well as the security guarantees offered by the firm that we intend to implement.
In this article we will delve a little bit more into the main aspects that we must take into account in our decision-making process to decide in which cases we should implement a qualified electronic signature solution and in which ones not.
In what type of operations is a qualified electronic signature mandatory? Find out which cases require its exclusive use
The first aspect that we must consider is the type of operation in which we need to implement the electronic signature solution, is that in some particular operations is required the exclusive use of the qualified electronic signature.
The requirement of exclusive use of the qualified electronic signature is generally given by a legal mandate, that is, a Law or regulation of another category that expressly orders that the execution in digital format of an operation requires the use of qualified electronic signatures. In this category we normally find the production of electronic public documents.
Regarding the restriction of only using qualified electronic signatures for the creation of electronic public documents, it is important to remember that legal restrictions must be interpreted restrictively and never expansively.
So then, not all documents produced within the public administration or within other public institutions should be considered as electronic public documents, therefore, not every document managed within public administrations is required to be signed with qualified electronic signatures. So, what are the electronic public documents included in this restriction? Could you sign an internal memorandum or a resolution with a qualified electronic signature?
Public documents and mandatory use of the qualified electronic signature
The first thing we need to understand is that the definition of public documents refers to all those drawn up or issued by public officials, according to the required forms and within the limit of their powers, as well as those indicated with that character directly by law. As can be seen, for a document to have the character of a public document (and therefore requires a qualified electronic signature), it must be a document that meets three requirements:
- That it is issued by a public official;
- That it is issued in accordance with the formalities dictated by law and;
- That it be issued based on the attributions that said official has legally conferred.
In this sense, we deduce then that not every document signed by a public official must necessarily contain a qualified electronic signature to be valid, but only those that are issued in the exercise of functions and attributions that the official is legally invested with, in addition that the corresponding formalities and protocols are produced in accordance with.
By contrary interpretation, any other document (even those signed by public officials) may be signed with an advanced electronic signature, enjoying as well legal and probative value.
For this reason, documents that regard activities of the internal management of an organization that do not have the nature of an electronic public document, such as an internal memorandum or even those electronic documents by sign by individuals who submit requests to public offices, do not necessarily require the use of the qualified electronic signature, or at least they would not be included within the restriction that we normally find in the Law.
In this same sense and under the same logic, it will be required for documents that contains an administrative act, that is, the manifestation of will, desire, knowledge or judgment made by the Public Administration in the exercise of an administrative authority, such as a resolution that imposes sanctions or recognizes rights to third parties.
However, the need of implementing a qualified electronic signature may be caused by other causes in addition to legal mandates or special regulatory provision, such as a strategy to reduce commercial risks, market practices in the company sector, internal policies that establish Legal requirements adopted voluntarily or specific decisions to facilitate subsequent procedures. For further illustration we will present some examples of these cases:
Risk reduction
In terms of risk management, even when it is possible to use an advanced electronic signature, companies can choose to use it to reduce risks in contracts, where, for example, the amount of the transaction causes the commercial or corporate risk tolerance threshold is exceeded.
In these cases, the application of the qualified electronic signature can provide certain guarantees and presumptions that reduce the risks of repudiation of the signature made by the counterpart to minimum levels, without the need to go to a notarial instance for their authentication. In certain sectors, this reduction in risks, for example, may also originate from voluntary compliance standards or again from mandates from the sector's regulatory body.
Sector practices: compliance standards and particular needs
Other cases where it may be necessary to use only the qualified electronic signature may be linked to practices in the sector where the company carries out its business operations. In some sectors, we can find voluntary compliance standards spread uniformly in the sector that may require the use of qualified electronic signatures, even when they are not strictly necessary according to the Law.
There are sectors where private companies impose facto market practices, requiring the use of qualified electronic signatures for their operations, even when legally less robust solutions can be used.
In the same case, those operations would be included where, due to the particularities of the business, one or more documents must be presented or validated before a public administration that requires the use of qualified electronic signatures.
In some other cases, we find companies whose consulting attorneys or internal legal departments establish the use of a qualified electronic signature as a way of simplifying their future work on the procedural assessment of evidence, in the event that it reaches a judicial process.
On this point, it is important to remember that the additional technical-legal security provided by the use of the qualified electronic signature is based on the use of additional devices or dynamic credentials that, in general, require a more in-depth analysis of the design of the user experience or on its application to the different cases of use.
The assessment of the flexibility of the qualified electronic signature solution in terms of implementation and its introduction into the flow of a client application is an important input within the decision-making process when choosing the type of electronic signature to implement. As in any other technological implementation, it is necessary to balance the security needs versus the usability of the customer solutions that are designed, so they ensure good customer conversion ratios and the viability of the project itself.
In any of the cases, Uanataca is able to provide qualified electronic signatures, as well as other non-qualified electronic signature solutions but sufficiently robust and reliable to be adopted in the execution of business operations, even with high risk levels, where the functional requirements demand some characteristics of the qualified electronic signature.
HOW CAN WE HELP YOU ?
Uanataca besides being a Qualified Provider, works to offer a 360º offer around the services, led by a multidisciplinary team of professionals with great technological, legal and business experience that offers the best advice and support to provide technical and legal guarantee to your processes and workflows.
📧 Contact an expert by writing an email to info@uanataca.com or call us at +34 935 272 290