Author: Sangeeta Biswas, Gyan Ganga College of Excellence, Jabalpur, MP

The pace of digitalization of international business has led to the need to introduce a paradigm shift toward the use of electronic systems instead of paper-based contracting. This research essay focuses on the legality of electronic contracts (e-contracts) and electronic signatures. It discusses how the use of physical signatures can be replaced with electronic and cryptographic ones, with the concept of functional equivalence, which is introduced by the UNCITRAL Model Law on Electronic Commerce. The paper adopts a comparative and doctrinal approach in examining the legal and evidentiary soundness as well as the jurisdictional issues of digital agreements in key jurisdictions, such as the United States, the European Union as well as India. In this paper, the topic of the technical-legal dichotomy, the role of Certifying Authorities, and the new challenges of Blockchain-based smart contracts are expanded. The main discoveries show that the legislation frameworks are mature, but the gap between the technical specifications of digital signatures and the enforceability of the so-called click-wrap and browse-wrap agreements remains the source of litigation risk. The paper ends with a recommendation of a harmonized international standard that would reduce cross-border legal uncertainties and improve the security of electronic transactions in an ever more paperless world.

Keywords: Electronic Contracts, Digital Signatures, UNCITRAL, Information Technology Law, Cybersecurity, E-commerce, Smart Contracts.

Electronic contracts (e-contracts) and the use of a digital signature is not just a technological convenience, but a category of reconfiguration of the law of obligations. Since ancient times, the Statute of Frauds and the likes of legal doctrines required writing and signing as the most essential forms of protection against fraud and perjury. But in an interconnected global economy, such physical needs were bottlenecks and not protective.

The main legal issue is to make sure that the digital transactions are equal in the extent of enforceability, integrity, and non-repudiation as their physical counterparts. The initial legal scepticism over the legitimacy of an agreement that is "intangible" has been mostly superseded by strong legislative systems. Nevertheless, the rate of technological change, including Blockchain, Smart Contracts and Artificial Intelligence, often quickly surpasses the rate of legislative change. The move towards bit-based commerce as opposed to atom-based commerce needs a bridge to the law that is capable of bearing the burden of the trillion-dollar industries without undermining the individual consumer.

The research question in the given paper is the following: To what degree does the existing legal frameworks offer a safe and consistent setting to the implementation of electronic contracts and digital signatures? The purposes are manifold: to examine the principles of the e-contracting; to evaluate the technical-legal dichotomy of digital signatures; to define the gaps in international harmonization; and to determine the evidentiary problems of modern litigation.

Moreover, there has been a radical change in the traditional notion of locus contractus, which is the physical location of the formation of the contract. In the real world, the place of signing usually determines the law under which a case would be governed and where a dispute would be settled. The digital ecosystem, with the signers, servers, and beneficiaries often on different continents, the problem of determining the legal seat of a transaction is a thorny jurisdictional problem. It is a shift that leads to a re-evaluation of the law of territoriality as it is based not on physical boundaries, but on a functional or a jurisdiction that is nexal. Moreover, the emergence of automated robot-to-robot transactions also weakens the anthropocentric view of contract establishment in the past. The law system must deal with the notion of an algorithmic intention as the software agents are increasingly being utilized in delivering the agreement without the meddling of a human being. Is it possible that an automated system has the animus contrahendi, or intent to contract? When we begin to think about the law, and especially about the legal mechanics of the digital signatures, we are at once under the impression that the law is not solely digitalizing the old processes, but is faced with the new form of legal obligation which is a dynamic one as packets of data which carry it.

The law has always been a reactionary and not proactive one. This shift was precipitated by the incorporation of the telex and fax messages but the internet had some degree of anonymity and temporality that the technologies that were in use before had never offered. This absence of a physical route gave birth to the so-called principle of Functional Equivalence, which states that the meaning of a signature, i.e. authentication and intent, is even more significant than the media in which it is manifested.

The topicality of the research is justified by the fact that B2B and B2C e-commerce is increasing exponentially, and billions of click- wrap deals are made daily. Absence of legal certainty implies that the digital economy does not have a lack of trust that can impede international trade. In order to eliminate these complexities, the paper will first review the literature in place, provide a description of the methodology and proceed to provide a serious analysis of statutory provisions and judicial precedents. We will describe how the compromise between the position of neutrality to technology (not using one type of software in contrast to using another type of software) and security (enabling the signature not to be forged) has been reached in various legal jurisdictions.

The academic research on the electronic contracts is premised on the principle of Functional Equivalence. It is a principle first stipulated by the UNCITRAL Model Law on Electronic Commerce (1996) that implies that electronic communications should be equally legalized with the paper-based documents provided that they serve the same purpose. The discussion in academia has made the question of whether or not e-contracts can be valid or not into a question of how they may be verified and regulated in a borderless world.

Some scholars like Raymond T. Nimmer have stated that electronic contracts also do not need a new law of contract but a complex adaptation of the old principles to a new medium. In his writing, Nimmer provides the point that the essentials of contract law such as the offer and acceptance have not changed, only the evidence of the same has shifted to the digital world. Some, however, such as Ian Walden, note that the intangibility of digital records presents special evidentiary challenges that the traditional law is not well-placed to address without particular statutory intervention.  Walden underlines that the original in the digital world is a moving notion because with each file opened a new copy is created technically.

The law has been instrumental in developing the literature through judicial rulings. The case of Specht v. Netscape Communications Corp. in the United States is the first case to state that online terms cannot be enforced unless there is conspicuous notice.  This case is one of the points of focus. 

to scholarly discussion on the issue of the duty to read in the digital era. The researchers believe that the very length and intricacy of digital terms of service render the very notion of an informed consent a legal fiction. Likewise, in India, the interpretation of Section 65B of the Evidence Act in Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal by the Supreme Court has re-conceived the conditions of admissibility of electronic records, leading to a lot of discussion on the realities of electronic litigation and the need to ensure that such records are strictly certified.

Another topic covered in the literature is the tiered approach to digital signatures. In regulatory literature, including that of the European Union Agency for Cybersecurity (ENISA), the difference between the so-called electronic signatures (as basic as a scanned image) and the so-called advanced or qualified digital signatures (where third-party validation is involved) is highlighted.  This difference is very important as it sets a level of trust. Scholars have pointed to the fact that the U.S. is more inclined to adopt the minimalist approach where commercial freedom is the main paramount objective, whereas the EU inclines towards the prescriptive approach where security and the safeguarding of the consumer is the primary paramount objective.

Moreover, recent studies in such journals as Springer are devoted to the combination of Artificial Intelligence in the creation of contracts and the juridical position of Smart Contracts on the blockchain.  According to these studies, the future stage of legal scholarship will not only be dealing with the concept of signing a contract but with the self-execution of the contractual terms without human intervention. This presents a critical dilemma of the idea of remedy within the contract law. Can a court enjoin the execution of a contract which is code?

Lastly, Vintage Legal sources also point to domestic deviations of international standards, especially in the emerging economies.  They claim that the Digital Divide introduces a second dimension of legal complexity, in which the legislation of a developed country might acknowledge a. 

digital signature which the infrastructure of a developing country cannot check. The study is of value in the field since it integrates these incompatible strands of law into a unity of the study of the existing validity of digital contracts, bridging the gap between the technical cryptography theory and the application of law.

The research methodology is doctrinal and comparative. The doctrinal aspect involves rigid examination of the so-called black-letter law, including the United Nations Commission on International Trade Law (UNCITRAL) Model Laws, the Electronic Signatures in Global and national Commerce Act (ESIGN) of the US, the eIDAS Regulation of the EU, and the Information Technology Act, 2000 of India. Such a methodology allows investigating the statutory intent in detail and the language that the legislators use to bridge the gap between the physical and the digital world.

The comparative analysis is used to determine the way in which various legal systems respond to the same technological challenges. The paper determines the best practice as well as structural weakness in the comparison of the approach of technology-neutrality followed by the United States i.e. not requiring some software to be used with the approach of prescriptive approach followed by the European Union that established a legal presumption of high-security signatures. Such comparative prism is required in an increasingly globalized economy where one transaction can involve two or more jurisdictions that have non-congruent standards.

Moreover, the study incorporates a case-study strategy, where the key judicial rulings that have interpreted the ambiguities regarding statutes are discussed. This qualitative methodology would make it possible to learn more about the application of abstract legal principles to digital disputes in the real world. As an example, when do courts find out whether a particular click was unintended or not? What happens in case a digital signature is claimed to have been stolen with the private key?

Regulatory framework and technical standards also make part of the methodology. Digital signatures are technical in nature and therefore, a pure legal analysis would be insufficient. Hence, the study discusses the requirements of the ISO and other technical organizations to learn more about the Integrity and Authentication layers of the technology. This multi-disciplinary style will make the legal recommendations technically practical.

The selected methodology is suitable since the legal research regarding technology cannot be in a vacuum. Laws give the bones, and the judicial interpretation gives the flesh, regulations make the flesh give the skin. With the combination of these factors, the study can offer a comprehensive picture of the legal environment and integrate the intent of the legislation with its real existence and global norms. This would guarantee that the paper goes beyond description and gives a critical analysis as to whether the existing laws stand to withstand the next wave of technological disruption as being future-proof.

An electronic contract is established according to the conventional conditions of a proposal, acceptance, consideration, and the willingness to establish legal relations. Nonetheless, the communication mode presents issues which the common law never envisaged.

A. Offer and Acceptance on Cyberspace.

In the online world, there is a loss of distinction between an offer and invitation to treat. As an example, a site showing products is usually taken to be an invitation to treat, whereas the order placed by a user is the offer. The Postal Rule (acceptance by posting) has been pretty much superseded by the Receipt Rule of electronic communications. Electronic record is received under the UNCITRAL Model when the record enters the information system of the addressee, in spite of the human recipient having read it.  This puts an additional responsibility on online companies to check on their servers.

B. Standard Form Contracts: Click-wrap, Browse-wrap, and Scroll-wrapMost e-contracts are "contracts of adhesion" where the user has no bargaining power.

• Click-wrap: The user must click on I Agree. These are always enforced in courts since they show obvious expressed assent.

• Browse-wrap: It presupposes consent under the condition of continued usage of the site. These are perilous in terms of law. The court in Nguyen v. Barnes & Noble Inc. stated that a browse-wrap agreement is inapplicable to a user unless it contains a conspicuous notice.

• Scroll-wrap: A more restrictive form of click-wrap, in which the user has to scroll to the bottom of the terms, then and only then is the button to accept the terms made active. Courts prefer them since they will offer maximum evidence of an opportunity to read.

• Digital Signatures: Technology vs. Law

Whereas electronic signature is a general legal term that also includes a typed name at the bottom of an email, a digital signature is a particular technical methodology that involves Public Key Infrastructure (PKI).

The Cryptographic Framework

A digital signature is based on an asymmetric cryptosystem (a private key used to sign and a public one used to verify). This is legally enough to meet the requirements of:

Authentication: Confirming the identity of the signer.

• Integrity: Using hash functions to ensure the message has not been altered in transit. If a single bit is changed, the signature becomes invalid.

• Non-repudiation: Because the private key is (theoretically) under the sole control of the signer, they cannot later deny having signed the document.

Statutory Approaches: Technology Neutrality vs. PrescriptivityThe US ESIGN Act is technology-neutral, expressing that a signature should not be disqualified on the basis that it is electronic. This facilitates innovation since any approach that embodies intent can be acceptable. In contrast, the Indian IT Act was originally technology-specific with the only Hash-function-based digital signatures implemented by a licensed Certifying Authority (CA). Although it has since shifted towards a more comprehensive regime of the Electronic Signature, a Qualified digital signature is the only regime that has a high presumption of validity in court.

The Role of Certifying Authorities (CAs)

• The Trust Model of digital signatures is based on the third party: the Certifying Authority. CA is a trusted party that signs out the digital certificates ensuring that a particular public key is the one that is owned by a particular individual. 

• A.Liability of CAs: Who is liable in case a CA issues a certificate to an impostor who causes the resulting contractual damage? In most jurisdictions, the maximum liability of CA is restricted with the help of so-called Certification Practice Statements (CPS), yet a due diligence failure can result in serious proceedings.

  
  

• B.Cross-Border Recognition: A certificate issued by a CA in Singapore is not necessarily automatically recognised in the UK. This is one of the main obstacles to the smooth global e-commerce; this is the Trust Gap.

• Evidentiary Value and Admissibility: The contract cannot be enforced in case of inability to prove an e-contract in a court. The Law of Evidence modification in order to accommodate digital records is not a light undertaking and most jurisdictions have modified their Law of Evidence to accommodate the digital records.

• Best Evidence Rule: When dealing with digital evidence, the original is the data in the server. Printouts or digital copies have been accepted by law as primary evidence provided there is a certificate of integrity.

  
  

• Indian Evidence Act, Section 65B: This has been a cause of controversy in Indian litigation. The Arjun Panditrao court elucidated that a certificate is a pre-eminence to the admissibility of electronic evidence. This implies that should a company lose its server logs or it cannot produce the certificate when it is filing the e-contract, its e-contract can be considered legally invisible.

  
  

• Hearsay Challenges: Electronic records are usually contested as hearsay. But records created automatically by a system (such as by automated timestamping) are considered to be business records.

  
  

• The Frontier: Smart Contracts and Blockchain

  Smart contracts refer to self-executing contracts that are coded with the conditions of the contracts.

Code is Law Debate: Does the code have a bug that causes transfer of funds to be incorrect, then it is a breach or the performance of the contract?

The Vulnerability of Consent: Consumer Protection and Unconscionability.

The meeting of minds in the digital marketplace is sometimes a legal fiction. The market is dominated by standard form contracts or contracts of adhesion. Although courts usually enforce click-wrap agreements, one legal field of study that is developing concerns the doctrine of unconscionability in e-contracts. In the event of the terms of a digital contract being so unbalanced that they cause a shock to the conscience, or that the click was obtained by way of false user-interface design (so-called Dark Patterns), the contract can be rescinded.

Illustration 1: The "Hidden Arbitration" Clause

Imagine a situation in which a consumer downloads a fintech app. The Sign Up button is featured with high visibility, whereas the Terms and Conditions are available with a microscopic light-gray link to the bottom of one scrolling page. Among those terms is the provision of the waiver of the right of the consumer to the trial by a jury and the arbitration in another country. By the standards set forth in Meyer v. Uber Technologies, Inc., the courts look into whether the interface offered gives a notice that is reasonably conspicuous. In case the signature is buried, like in the above illustration, the signature, including the one that is digitally captured, might be rendered ineffective because of the absence of procedural fairness. This shows the conflict between the convenience of e-signing and the legal safeguarding of consumer interests.

Electronic Forensics and the Burden of Proof

With the increased sophistication of digital signatures, the ways of contesting them are varied as well. In conventional litigation, an ink flow and pressure expert may be called in to examine handwriting. Electronic forensics is used by the court in digital litigation. The weight of evidence tends to vary depending on the nature of signature applied.

Illustration 2: The Compromised Private Key

Consider a B2B transaction with high value, the digital signature of a Director is applied to sanction a transfer of 5 million dollars. The Director subsequently says that their computer was infiltrated with malware and that the signature was run by a rogue script.

Legal Analysis: Under a Technology Neutral jurisdiction such as that of the US, the company needs to demonstrate that the signature was the act of the person. In an eIDAS such as India or a Prescriptive jurisdiction, in case a Qualified Electronic Signature (QES) was utilized, then there is a legal presumption that the signature is that of the holder and the data has not been manipulated.  This would then fall on the Director to demonstrate that the security of the environment was compromised even though they had performed due diligence in protecting the private key. This demonstrates the stakes of key management in the digital contract law are high.

The greatest change in the core of contract law is the transition of Natural Language Contracts to Computable Contracts. Smart contracts are computer-like codes that are stored in a blockchain.

Illustration 3: The Decentralized Autonomous Organization (DAO) Conflict

The archetype failure story in the boundaries of digital contracting is the "DAO Hack." In this case, a smart contract was written to enable the members to vote on investment projects. One of the participants discovered a loophole in the code (a re-entrancy bug) and stole millions of dollars of Ether.

The Legal Dilemma: A Code is Law view of the matter would be that the participant merely adhered to the computer-written logic of the contract. But according to the common law, this amounted to unjust enrichment or stealing. This example demonstrates that the digital signature and automated consent cannot be completely substituted by the Equitable Jurisdiction of the court. Although a signature may be technically good and the code executed flawlessly, the intent of the parties is the final legal North Star.

As the Internet of Things (IoT) is emerging, we are getting into the period when machines will be signing on behalf of humans. A smart fridge can be an example where the fridge can be programmed to sign a purchase order of milk when there was not much supply.

Legal Analysis: According to the UNCITRAL Model Law on Electronic Commerce, the actions of an automated message system are ascribed to the individual on behalf of whom the system was coded.  But when the system breaks down, and orders 1,000 gallons when it was meant to order one, then the law has to decide where the point of attribution ceases and where the point of system error arises. This introduces a dimension of Product Liability to the traditional contract law combining two legal silos that were formerly separate.

As it can be seen in the analysis, the legal basis of e-contracts is on sound ground, but the "superstructure" is being strained by new technologies and changing consumer behaviors. The emergence of Smart Contracts on the Blockchain is one of the important concerns. These put in question the old concept of breach and remedy. That is not the case in a traditional contract, where breach of any party can result in a court order being made to either perform or pay damages. In a smart contract, the performance is frequently non-reversible and automated. This requires a legal wrap of the code- a conventional contract governing what should occur in case of the failure of the code.

Moreover, legal enforcement of signatures has a Digital Divide. Although the developed economies have shifted to the eIDAS and ESIGN standards, most developing countries do not have the Public Key Infrastructure (PKI) to facilitate high-security digital signatures. This forms an unequal trust of cross-border transactions by the law. A trader in a developed country might not be comfortable taking a digital signature of a country where the Certifying Authority is not governed by a strong law system.

The other significant matter regarding which to talk about is the erosion of consumer autonomy. The click wrap model has essentially changed contracts into take it or leave it offers. Studies indicate that the words are read by a small percentage of the users. The digital economy will become a realm of digital exploitation of algorithms unless the law is reformed to bring about stiffer conditions of fairness. The courts need to go beyond the examination of the presence of a click and commence to assess the unconscionable nature of online terms. Along with such particular corrective actions, which are provided by statutes, there should be more radical change in the juridical attitude to digital evidence. The jurists and lawyers should create a minimum level of technological knowledge in order to determine a difference between an electronic mark and a cryptographically protective digital signature. At present, the gap in competency is enormous in which the courts might have either over-trusted the expert testimony or, conversely, rejected legitimate digital records because of ignorance in metadata and audit trails.

Besides, the discussion should be changed to ethics of the interface. As soon as a digital signature is received based on a platform designed to exploit cognitive bias, e.g. "pre-checked boxes" or "forced continuity" it will technically be an invalid law of contract, the consensus ad idem. Reforms in the future ought to require that the architecture of consent be as open as the contract terms are, so that the digital medium actually supports, and does not hide, what the contracting parties actually mean. 

Global Harmonization: Countries ought to look past the UNCITRAL Model Law and accept the United Nations Convention on the Use of Electronic Communications in International Contracts. This would offer a treaty-based framework which would require these foreign electronic signatures to be recognized and less bilateral agreements would be necessary.

Standardization of Notice: A statutory definition of the Conspicuous Notice should be introduced in online contracts. This must have "Layered Notices in which the most important words (price, data use, dispute resolution) are displayed in a standardized, simple to read summary box preceding the full terms.

Authentication Resilience: With the advancement of AI-generated "deepfakes" and identity theft, legal systems should transition to multifactor authentication based on biometric digital signatures. It is not sufficient anymore to have such a cryptographic key that may be stolen with the help of an advanced phishing attack.

Decentralized Identity (DID): Lawmakers ought to consider accepting DID as a legitimate type of electronic signature in the blockchain. This would enable the users to have control over their digital identity, not depending on the centralized Certifying Authorities, which are prone to hacking and breach of information.

Digitization of contracting is an irreversible aspect of contemporary law. This study has shown that the principle of Functional Equivalence has managed to facilitate the legalization of e-contract and digital signatures in different jurisdictions. Nevertheless, the process of validity to security is a long process. The "wet-ink" signature was a mark of human presence; the digital signature is a mark of mathematical probability.

The central conclusions indicate that in spite of the judicial goodwill towards the use of the so-called click-wrap agreements, the absence of consistency in the jurisdictional regulations, as well as the technical difficulty of the digital signatures, are still important obstacles. This is because the United States technology-neutral approach offers the flexibility required in innovation, and the European Union tiered approach offers the security required in high-value transactions. To ensure that the global economy is a prosperous entity, there must be a compromise between the two philosophies.

With the shift in the direction of automated, AI-assisted contracting, the legal system needs to become not only reactive but also proactive. The legislation should not only be concerned with the way we sign, but with what we are signing. To make the global digital economy remain stable, it is necessary to ensure that a digital signature is not a simple sequence of bits, but a strong legal obligation.

Equity and consent should be at the core of the contract law irrespective of whether the agreement is inscribed by parchment or by the code in the cloud. The future of e-contracts is in Trust-by-Design - the legal criteria are embedded within the technology itself, and all digital transactions are as safe, transparent and enforceable as a handshake in the real world.

• Raymond T. Nimmer, The Law of Computer Technology 1.02 (4th ed. 2009).

• Specht v. Netscape Comm. Corp., 306 F.3d 17 (2d Cir. 2002).

• Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal, (2020) 7 SCC 1 (India).

• ENISA, "Electronic Signatures and Trust Services," https://www.enisa.europa.eu/topics/trust-services (accessed Oct 24, 2023).

• Springer Link, "Legal Challenges of Smart Contracts and Blockchain," https://link.springer.com/chapter/10.1007/978-3-030-62351-7_10 (accessed Feb 10, 2024).

• Vintage Legal, "Research Articles on E-Contracts," https://vintagelegal.com/resources/e-contracts-analysis (accessed Feb 10, 2024).

• UNCITRAL Model Law on Electronic Commerce, art. 15 (1996).

• Nguyen v. Barnes & Noble Inc., 763 F.3d 1171 (9th Cir. 2014).

• Electronic Signatures in Global and National Commerce Act, 15 U.S.C. § 7001 (2000).

• Primavera De Filippi & Aaron Wright, Blockchain and the Law: The Rule of Code 34