The obscurity of clause 7 of the draft Bill

Nicholas Bohm nbohm at ernest.net
Fri, 06 Aug 1999 16:35:52 +0100 

At 03:32 PM 8/6/1999 +0100, Peter Sommer wrote:
>In-Reply-To: <3.0.5.32.19990806142442.00a62100@mail.netkonect.co.uk>
>Surely the starting point is that, following Goodman v Eban (1954)  which 
>allows signatures to make different forms and the Civil Evidence Act, 1995 
>which removes the previous distinctions between originals and copies and 
>forms of documents (and also the need for certificates of proper working 
>of computers) many types of digital signature are admissible already?  

Agreed

>The Bill and s 7, as I read its intent and the associated explanatory 
>notes for s 7 and 8,  is not to restrict this position (though that was 
>the effect of earlier proposals) but to provide clarification by 
>suggesting various definitions.   

My point is that the intent is not well served by its implementation, which
is at best niggardly, and not calculated to reassure the fainthearts for
whom it is needed.

>Nick is reading these clauses as though they impose restrictions;  I think 
>they are seeking to provide non-exhaustive definitions.  

But failing.

>Thus a 
>"communication" includes both an email and contract,  doesn't it?   

Not in plain English, which really is what we need here.

>And I 
>don't think that digital signatures are necessarily limited to issues of 
>authentication and integrity.

They shouldn't be:  but clause 7 renders them admissible only on those
issues - why so half-hearted?

>But I agree:  not the very best drafting.
>
>
>Peter
>
>
>This is what Nicholas said:
>
>> Clause 7 of the draft Bill is the only real meat in the sandwich.
>> 
>> While lots of people claim that other people are doubtful about the
>> validity of electronic signatures, not many people have ever expressed a
>> rational doubt of their own, and I know of no lawyers who think there is
>> anything in this point at all.  So what this clause has to do is lay to
>> rest the alleged doubts of the fainthearts, without raising new doubts 
>> that
>> trouble even the robust.  It fails this test miserably.
>> 
>> (I digress to comment, for avoidance of misunderstandings, that this 
>> clause
>> is *not* about whether using electronics you can meet a *statutory*
>> requirement for a signature, as on a will or a tax return or a passport
>> application.  You cannot do that today, mainly because those things 
>> must be
>> on paper anyway, and it is clause 8, not 7, that may one day enable you 
>> to
>> do so.  Clause 7 is purely for signatures on things not currently 
>> required
>> to be signed and not currently required to be done on paper, i.e. those
>> things you can do by word of mouth, like buying and selling things.)
>> 
>> The first curiosity is that 7 refers only to communications.  What if 
>> you
>> want to sign a contract, not an email?  I can just hear the draftsman's
>> supercilious reply, "Well I assume you will communicate it to the other
>> party, as it won't otherwise be much use; so it's really a 
>> commmunication
>> after all."
>> 
>> This is the sort of thing that gives English statutory drafting a bad 
>> name,
>> deservedly.  All it does is raise a perfectly unnecessary doubt about
>> document signing, which can only be met with an answer that may 
>> technically
>> work but is frankly silly.  And clause 22(2) refers to "communications 
>> or
>> data", so why not 7?  This is no way to lay to rest the doubts of the
>> fainthearts, and it could raise some reasonable doubt in the robust.  It
>> will certainly do more harm than good.
>> 
>> Secondly, electronic signatures are not just simply made admissible; 
>> they
>> are made admissible in relation to any question as to authenticity or
>> integrity.  Why limit them?  Why not accept that they are put there not
>> just to show authenticity or integrity, but to act as signatures, and 
>> make
>> them admissible for whatever they may prove?  Why indeed define 
>> electronic
>> signature precislely so as to discard the function of the thing as a
>> signature?  This sort of pointless finicking about will again do more 
>> harm
>> than good.
>> 
>> (I digress again.  Why are there two different definitions of electronic
>> signature, one for clause 7 and the other in clause 19 for Part III?  I
>> think the clause 19 definition is used only in clause 10(5), and enables
>> signing keys used only for non-communications still to count as signing
>> keys.  But this sort of maze would be unnecessary if clause 7 was wider 
>> in
>> the first place so that only one meaning sufficed.)
>> 
>> Thirdly, clause 7(3) looks technically wrong.  I don't think a 
>> certificate
>> ever certifies a specific signature, so 7(3)(a) never applies; and how 
>> can
>> it be argued that a certificate which says "The following blob is John
>> Smith's PGP public key" is certifying a procedure (except by rather
>> indirect implication)?  I happen to doubt the significance of 
>> certificates
>> for electronic commerce; but if they matter, this is a discouraging
>> foundation for their use.
>> 
>> If clause 7 is the meat in the sandwich, it needs to go back to the 
>> kitchen
>> pretty soon, or the customers will begin to pack up and leave the 
>> restaurant.
>> 
>
>
>
>|->   Peter Sommer   --------------------------------------------->|
>|->   hcorn@cix.co.uk   P.M.Sommer@lse.ac.uk  -------------------->|
>|->   Academic URL:  http://csrc.lse.ac.uk/Sommer/sommer.htm  ---->|
>|->   Commercial URL:  http://www.virtualcity.co.uk  ------------->|      
>  
>
>
>
>
>
Regards,

Nicholas Bohm

Salkyns, Great Canfield,
Takeley, Bishop's Stortford CM22 6SX, UK

Phone		01279 871272	(+44 1279 871272)
Fax		01279 870215	(+44 1279 870215)
Mobile   	0860 636749  	(+44 860 636749)

PGP RSA 1024 bit public key ID: 0x08340015.  Fingerprint:
9E 15 FB 2A 54 96 24 37  98 A2 E0 D1 34 13 48 07
PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF.  Fingerprint:
5248 1320 B42E 84FC 1E8B  A9E6 0912 AE66 899D D7FF