mueta: what every public sector lawyer should know department of telecommunications and energy...
TRANSCRIPT
![Page 1: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/1.jpg)
MUETA: What Every Public Sector Lawyer Should Know
Department Of Telecommunications And Energy
Thursday, December 2, 2004
![Page 2: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/2.jpg)
2
The Once and Future Signature
I Traditional Signatures
II Before E-SIGN: The Law pertaining to Traditional Signatures in Massachusetts
III E-SIGN
IV MUETA
V Technology Neutrality
VI The Myth of “Nonrepudiation”
![Page 3: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/3.jpg)
I
TRADITIONAL SIGNATURES
![Page 4: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/4.jpg)
4
Traditional Signatures
Authentication: the original biometric
Attachment of signature to document
Intent of the signor
Some comfort re: document integrity
![Page 5: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/5.jpg)
5
Traditional Signature Imperfections
Authentication
Attachment to document
Intent of the signor
Document integrity
Forgery
Electronic copying can disassociate signature from document
Signature pages can be replaced
Wordprocessed pages can be replaced and altered without detection
![Page 6: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/6.jpg)
II
Before E-SIGN, the Law Pertaining to Traditional Signatures in
Massachusetts
![Page 7: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/7.jpg)
7
Before E-SIGN
Many Massachusetts state statutes and regulations:
require signature for a particular transaction
Suggest what that signature must consist of
Statutes of frauds: Some contracts not valid unless reduced to writing.
![Page 8: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/8.jpg)
8
Before E-SIGN
Various sections of the MGL and regulations
Defined signatures loosely to include many different kinds of signatures or
Defined signatures tightly to exclude many different kinds of signatures or
Explicitly prohibited use of electronic signatures
![Page 9: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/9.jpg)
9
Mass. Common Law on Signatures was Liberal
Where validity of electronic records not at issue, courts treat in the same way as paper records. In the absence of state statute specifying a “wet” signature, lower level courts have permitted a number of different kinds of signatures.
Negotiations conducted through email, fax and phone call satisfies Long Arm StatuteLenient with respect to non-traditional signatures and records (e.g. facsimile signature)Telegram is a writing under statute of fraudsState trooper report signed via email valid
![Page 10: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/10.jpg)
10
III E-SIGN
In the US, business and legal community concerned about validity of electronic signatures, contracts and other records under state lawSome states pass electronic signature lawsNo uniformity; not technology neutralGlobal issue. 1996 United Nations Commission on International Trade Law (“UNCITRAL”) Model Law on Electronic Commerce. Addresses electronic signatures
![Page 11: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/11.jpg)
11
E-SIGN (cont.)
1999 National Conference of Commissioners on Uniform State Laws (NCCUSL) drafts the Uniform Electronic Transactions Act (UETA). Incorporates many provisions from UNCITRAL Model Law. Uniform, technology neutral
A few states start enacting UETA ----in a non-uniform manner
![Page 12: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/12.jpg)
12
Federal E-SIGN, effective 10/01/00.
Goal: bring uniformity and technology neutrality to electronic signatures, contracts and records law in the USMechanism: pass Federal law to pressure states to adopt uniform version of UETA Validates electronic signatures, contracts and other records for most transactionsPreempts state law to the contrary
Reverse preemption provision
![Page 13: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/13.jpg)
13
E-SIGN, cont.
Exemptions for: Family law
Hazardous waste transportation
Some transactions covered by the UCC; but E-SIGN does apply to sections 1-107(waiver or renunciation of claim after breach) and 1-206 (statute of frauds for contracts pertaining to personalty other than contracts for sale of goods covered by article 2-201, securities and security agreements); and Articles 2 (sale of goods) and 2A (leases).
![Page 14: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/14.jpg)
14
E-SIGN, (Cont).
Scope: Documents related to transactions in interstate and foreign commerce
Only state government transactions covered are those related to procurement
Limits state and Federal government ability to regulate in favor of hard copy records used in private transactions
![Page 15: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/15.jpg)
15
E-SIGN (cont.)
Because E-SIGN did not cover most agency transactions, Agency Counsel needed to review Massachusetts statutes and regulations in order to determine whether their agency could use electronic signatures.
![Page 16: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/16.jpg)
16
E-SIGN Reverse Preemption Provision
In States that pass National Commission on Uniform State Law version of the Uniform Electronic Transactions Act, section 101 of E-SIGN (the validating provisions) is replaced by the state UETA
States that pass non-uniform versions of UETA may have some or all of their state UETA reverse-reverse-preempted by E-SIGN
![Page 17: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/17.jpg)
17
Progress of Reverse Preemption
As of today, 44 states have enacted some form of UETA and therefore are not subject to section 101 of E-SIGN
UETA (MUETA) enacted in Massachusetts in 2003 (Senate 2076 ).
![Page 18: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/18.jpg)
18
IV MUETA
Effective February 18, 2004
Codified at Mass. Gen. L. ch. 100G
Chapter 133, Acts of 2003
Applies to any electronic record or electronic signature created, generated, sent, communicated, received, or stored on or after MUETA’s effective date.
![Page 19: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/19.jpg)
19
MUETA and E-SIGN differ in a number of ways, including …
MUETA applies to all government transactions, E-SIGN only to government procurement transactions
Aside from their explicitly excepted provisions, E-SIGN covers only interstate and foreign commerce transactions, MUETA covers all transactions covered by the law of the state in which MUETA is enacted
![Page 20: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/20.jpg)
20
E-SIGN and UETA Both say….
Electronic signature, cannot be denied legal effect or enforceability solely because it is electronic
Signatures subject to E-SIGN/MUETA are also subject to other substantive law
Ex: state law regarding age at which person has capacity to create legally binding signature is not affected by E-SIGN
![Page 21: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/21.jpg)
21
Neither E-SIGN nor MUETA says….
To use a particular electronic signature technology; both are “technology neutral”
![Page 22: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/22.jpg)
22
Agency Counsel Need to Know….
Does MUETA Apply? If so, what part?Is the transaction subject to consumer or other disclosure or notice laws?Does the ES comply with the standards issued by SPR, RCB and ITD?Is the use of the ES voluntary?Does the electronic system address the elements required by MUETA?
![Page 23: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/23.jpg)
Does MUETA Apply? If So, What Part of MUETA?
![Page 24: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/24.jpg)
24
MUETA applies to:
Both “transactions” and government’s non transactional activityDifferent sections of MUETA apply to transactional and non transactional activityTransaction is defined as “an action or set of actions occurring between two or more persons relating to the conduct of business, commercial or governmental affairs”
Example: issuing a license to a doctor to practice in Massachusetts
![Page 25: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/25.jpg)
25
MUETA applies, cont.
Transactions do not include unilateral actions.
Example: Using an electronic system to approve timesheets.
![Page 26: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/26.jpg)
26
MUETA applies (cont.)
Exemptions: If they apply, electronic signatures and records not necessarily invalid but can’t rely on MUETA to validate. Exclusions include:
Creation and execution of wills, codicils or testamentary trustsMassachusetts UCC, other than sections 1-107and 1-206, section 2 and section 2A of chapter 106Adoption, divorce or other matters of family lawCourt orders or notices, official court documents including briefs, pleadings, and other writings, required to be executed in connection with court proceedings
![Page 27: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/27.jpg)
27
MUETA applies (cont.)
Any notice of the cancellation or termination of utility services (water, heat, power); of default acceleration, repo, foreclosure, eviction, or right to cure, under a credit agreement secured by, or a rental agreement for, a primary residence of an individual;Cancellation or termination of health insurance or benefits or life insurance benefits, excluding annuities; Recall of a productDocuments required by law to accompany transportation or handling of hazmat, pesticides, or other toxic or dangerous materials.
![Page 28: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/28.jpg)
Transaction Subject to Consumer or other Disclosure or Notice Laws?
![Page 29: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/29.jpg)
29
Disclosure or Notice
MUETA is written so that it does not reverse-preempt E-SIGN section 7001(c), a consumer protection provision. Must follow rules for consumer disclosure when engaged in market activity with consumerMUETA’s own rules regarding compliance with notice or disclosure (whether or not consumer related) in connection with electronic transaction. MUETA section 8
Example: state law requiring translation of certain notices
![Page 30: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/30.jpg)
Does the Signature Comply with the Standards Issued by the Supervisor of
Public Records, RCB and ITD and, for contracts, OSC?
![Page 31: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/31.jpg)
31
Standards
General provisions of MUETA say that SPR, RCB and ITD “shall determine whether, the extent to which and the manner by which such entities shall create, maintain and preserve electronic records, signatures and contracts and the method of converting paper government records to electronic format”
![Page 32: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/32.jpg)
32
Current Standards
SPR Bulletins1-99 (email)
1-92 (fax transmissions)
1-93 (optical media)
4-96 (access and copying of electronic public record)
![Page 33: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/33.jpg)
33
Current standards (cont.)
RCBStatewide Records Retention Schedule 04/04
Guideline for documentation of recordkeeping systems
![Page 34: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/34.jpg)
34
Standards (cont.)
ITDEvolving standards for information technology in general, nothing specific re: electronic signatures yet.
![Page 35: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/35.jpg)
35
OSC and Electronic Signatures on Contracts
MUETA makes ITD is the agency with authority to say when Executive Department agencies can use electronic records and signaturesITD is currently following OSC’s lead in determining when OSC is comfortable having agencies use electronic signatures for state contracts, since OSC is the subject matter expert in that area. OSC has not yet authorized use of electronic records or signatures for state contracts
![Page 36: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/36.jpg)
Is use of the ES Voluntary?
![Page 37: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/37.jpg)
37
Voluntary
MUETA doesn’t require any government agency to use electronic signatures
Nor does it require any citizen or business to use an ES when doing business with us; to the contrary, MUETA only validates electronic signatures when used voluntarily in transactions
![Page 38: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/38.jpg)
38
Voluntary (cont.)
Practical implication for agencies: always keep a paper option for those with whom your agency engages in transactions. Agency relying on MUETA for validation cannot force citizens or businesses to use electronic signatures for transactions.
![Page 39: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/39.jpg)
Does the Electronic System Address the Elements Required by MUETA for a Valid Electronic Signature?
![Page 40: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/40.jpg)
40
E-SIGN and UETA both define the term electronic signature
An electronic signature is:[E-sign] An electronic sign, symbol or process [MUETA] Information or data in electronic form
attached to or logically associated with a contract or other record
executed or adopted by a person
with the intent to sign the record
![Page 41: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/41.jpg)
41
Elements
An electronic “sign, symbol or process”, or electronic “information or data”, that constitutes the signature
![Page 42: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/42.jpg)
42
Creating Legally Valid E-Signatures…
1. “By a Person”---Proper authentication of the signor.
Authenticate means to determine the signor’s identity
Authentication can be complex or simple. Different levels of authentication can be chosen depending on the purpose of transaction. For some transactions, no authentication may be required.
Typically, look to factors such as whether signature is likely to be denied by putative signor, and legal significance of signature.
![Page 43: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/43.jpg)
43
Creating Legally Valid Electronic Signatures…Example: U.S.Patent and Trademark Office trademark registration. Mickey Mouse can do it!
Mass DOR: Filing taxes
Mass. DEP: Filing for environmental permit
Compare: online application for welfare benefits
![Page 44: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/44.jpg)
44
Legally valid…
Typical means of authentication: something you have, something you know
Ex: At ATM machine, you insert your card (something you have) and provide your PIN (something you know)
Ex: Criminal History Systems Board provides gun dealers with biometric scanners (fingerprint devices) attached to their PCS so they can authenticate holders of gun licenses
![Page 45: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/45.jpg)
45
Legally valid…
2. “Executed or adopted…”Not enough for user to be identifiedHas to take some step that indicates that he executed or adoptedClick on a button that says “sign”, “I Agree”, etc. Present screens and choices to the signor that make clear what he is signing and that he is signing; capture his intent.
![Page 46: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/46.jpg)
46
Legally valid…
3. Attach the signature to the document, or logically associate signature with document
![Page 47: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/47.jpg)
47
Legally valid…..
4. Protect the integrity of the signed electronic document. Document retrieved from the system must be identical to the document signed.
Audit trail with good security
Data authentication software
Encryption
![Page 48: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/48.jpg)
V
TECHNOLOGY NEUTRALITY
![Page 49: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/49.jpg)
49
Any technology that meets the four ESIGN/UETA requirements can be used to
create a valid Electronic SignatureClick through choices online at an online “Store”.
LL Bean
Multi-factor authentication and click throughs (use of ATM)Digitized signature
Use your credit card at Macy’s
Digital Signature
![Page 50: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/50.jpg)
50
Digital Signatures
Digital signatures:Are placed on specific data like an email or web page
Verify integrity of document signed
Can be used to verify that the data comes from where it claims to come from
Use cryptographyHolder of private key encrypts (can’t forge unless you have access to this)
Holder of public key can de-encrypt
![Page 51: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/51.jpg)
51
Digital Signatures, cont.
Meets all four E-SIGN/ UETA requirements
Challenging to administer
Can’t use with “strangers” because no widely used digital identities
Certification authorities
HHS HIPAA Security Regs
![Page 52: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/52.jpg)
VI
MYTH OF NONREPUDIATION
![Page 53: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/53.jpg)
53
The Myth of “Nonrepudiation”
Statutory and Common Law reasons for repudiating a traditional signature:
Forgery or
Not forgery, but signature obtained under (1) unconscionable conduct by party to transaction; (2) fraud instigated by third party; (3) undue influence exerted by third party
![Page 54: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/54.jpg)
54
Forgery in Common Law Jurisdictions
If a person denies that a signature is his, the relying party has to prove that it is truly that of person denying it. Onus of proof is on person seeking to rely on signature
![Page 55: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/55.jpg)
55
Forgery, cont.
Traditional trust mechanism: witnessing the signature. He who would rely on a signature that is denied produces a witness who saw the signature being made.
![Page 56: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/56.jpg)
56
Technical Non Repudiation
Authentication that provides “proof” of the integrity and origin of data in an unforgeable relationship, which can be verified by any third party at any time or
Authentication that with high assurance can be asserted to be genuine, and that cannot be subsequently refuted.
![Page 57: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/57.jpg)
57
Problems with Technical Non-repudiation
Private key theft or illicit usage; identity theft
Relies on post-signature events, where traditional trust mechanism relied on event at time of signature (witness)
Use of “non-repudiation bits”, extension of digital signature, only verifies that the private key of the person whose public key is specified in the DS was used to affix the digital signature.
![Page 58: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/58.jpg)
58
Legal Nonrepudiation: Legal Movement to Reverse Burden of Proof re: electronic signatures
UNCITRAL Model Law on Electronic Commerce Article 13Alleged signatory would have burden of proof to show that he or she did NOT digitally sign a given document (i.e. that it is a forgery)MUETA does NOT support legal nonrepudiation
![Page 59: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/59.jpg)
59
Take Home Message on Non-Repudiation
Not achieved technically
Legally indefensible
Don’t write it into state law or regulations
ITD will not authorize
![Page 60: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/60.jpg)
60
Practical Tips
Know your CIO and IT staff and ask them lots of questions Get involved in agency IT development projects from day oneReview all ES components as system is being developedApply the analysis set forth in this presentation
![Page 61: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/61.jpg)
61
MUETA Resources
NCCUSL notes on UETA are excellent and judges likely to find them persuasive
ITD
Little case law on transactions covered by E-SIGN and UETA, but there will be more.
![Page 62: MUETA: What Every Public Sector Lawyer Should Know Department Of Telecommunications And Energy Thursday, December 2, 2004](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d965503460f94a7f93f/html5/thumbnails/62.jpg)
Contact Information
Linda Hamel
General Counsel
Information Technology Division
Commonwealth of MA
(617)-626-4404