T
he rapid transformation in electronic commerce has brought about practical, secure, and global solutions. Today, the largest portion of the total electronic commerce volume worldwide is made up of business-to-business (B2B) electronic commerce. This has given rise to the concept of the “New Economy,” and one of the major contributions of this concept is electronic signatures. The use of electronic signatures, along with the legal aspects of their use and validity, is increasing in tandem with the growth of electronic commerce and the trust associated with it.
What Is an Electronic Signature?
In simple terms, an electronic signature is a code used to sign documents prepared in electronic form. Electronic signatures, which work with public key cryptography, are based on a system where the hash value of the document is matched with the hash value created by the recipient.
The legal recognition of electronic signatures was first established with the 1999/93/EC Directive of the European Parliament and Council on Electronic Signatures, which came into effect in 2000. In Turkey, the Electronic Signature Law was enacted in 2004 as part of efforts to align with the European Union’s regulations.
According to the Electronic Signature Law, an electronic signature is defined as “an electronic data attached to another electronic data or logically associated with it and used for the purpose of authentication.”
What Are the Legal Requirements for the Validity of an Electronic Signature?
According to the European Parliament and Council Directive on Electronic Signatures, for an electronic signature to be legally equivalent to a handwritten signature, it must be an “advanced electronic signature.” In the Electronic Signature Law, this concept is equivalent to a “secure electronic signature,” and for an electronic signature to be legally secure and have the same legal effect as a handwritten signature, it must meet the following criteria:
- It must be unique to the signatory.
- It must be created using a secure electronic signature creation device that is under the sole control of the signatory.
- It must be based on a qualified electronic certificate that ensures the identification of the signatory.
- It must allow the detection of any subsequent changes made to the electronically signed data.
The most critical requirement for a secure electronic signature is that it is based on a qualified electronic certificate. Qualified electronic certificates can only be issued by electronic certificate service providers authorized by the Ministry in accordance with the law. These service providers are subject to various obligations, including compliance with data protection regulations, and may face penalties for non-compliance.
Is Electronic Signature Secure?
It’s important to note that electronic signatures are generally more secure than handwritten signatures. The electronic signature process involves the creation of a hash value for the document, followed by the signatory’s two-step PIN entry. This makes it difficult for someone to claim that they didn’t read or didn’t sign the document. However, in cases where the electronic signature device is stolen, the claim of unauthorized signing may arise. Nevertheless, the use of qualified electronic certificates, two-factor PIN entry, and the difficulty of altering electronically signed documents provide significant security advantages over handwritten signatures.
Electronic Signature in Legal Documents
According to the Electronic Signature Law, all documents, except for promissory notes, bills of exchange, checks, vouchers, warrants, and similar instruments, can be signed with an electronic signature. Additionally, legal notices related to commercial matters can be delivered between traders via registered electronic mail (KEP) using electronic signatures.
In conclusion, electronic signatures have become a valuable tool for ensuring the security and legality of digital transactions. The legal framework in Turkey supports the use of electronic signatures, making them a reliable means of conducting electronic commerce and other digital transactions while enhancing security and efficiency.