Signing Our Death Sentence (Digitally)? On the Dangers of E-Signatures from a Hungarian Viewpoint
Nowadays, we are likely to think that everything around us will change in the near future, even to the core of our democratic process. The proper functioning of our (digital) democracies presupposes the effective functioning of an economy, booming interpersonal relations as the engine of commerce, and a host of other legal prerequisites. How does changing the regulatory regime of signing contracts and documents, in general, affect this change on a larger and smaller scale? The following post ponders upon these questions.
In our constantly changing world, and in the midst of a digital revolution, it would be hard to claim that anything is permanent. As the old adage went: words fly, texts remain, especially written in ink. But if we put pen to paper and start thinking about how the creation of transactions has changed over time, we can be attentive to a trend in this field to outsource, modernize, and simplify mechanical, individual, difficult-to-do (but one might also say menial) work to digital tools. Contracting is also subject to this trend. Should or could there be another way to sign documents than what we have used for millennia before the advent of digital technologies and Legal Tech?
For a broader context of this issue, please note that the overarching government initiative establishing a Digital Citizenship Program has been approved by the Hungarian National Assembly earlier this year, which is an initiative that intends to completely overhaul and challenge social, economic, political, and legal thinking and relevant regulatory and legislative reflexes regarding the role and functions of the state in the face of digitalization. Other subsets of this reform have been ongoing for years as well, one such avenue bringing about the reform in the system of signatures used in transactions. Let us see some of the relevant questions one by one, also reflecting on certain connotations in civil and commercial law.
Verbality—Literacy?
Contracts, as unanimous statements of the parties’ will and mutual assent, have been around since ancient Rome in the form of stipulations. In a culture where the importance of the given word was greater than any written form, they were explicitly strongly binding, workable, enforceable agreements. The words of the oath bound the person who made them. However, as this culture changed, the principle of the “words perish, writings remain” became fundamental. The written form of oral oaths has become a means of proof. The creation of literal contracts was linked to their written form. We have now reached the point where, although we can make some of our legal declarations orally, for transactions of greater importance (sale and purchase of real estate [Section 6:215. (2)], contractual penalty [Section 6:186. (2)], reservation of title [Section 6:216. (2)]) Act V of 2013 on the Hungarian Civil Code (hereinafter referred to as the Hungarian Civil Code, HCC) requires a written form. There are both substantive and procedural aspects of writing, but in this blogpost, procedural evidence will be a secondary analysis. I focus on the substantive legal effects of writing as a form necessary for the creation and validity of legal declarations.
Overview of the Hungarian situation
However, even today, most of our legal declarations do not require a written record under the HCC. In our daily lives, we often conclude contracts by implied conduct, for example by boarding public transport, or, by verbally concluding a contract of commodatum when lending a pen to a fellow student for writing on a paper. These legal declarations, made several times a day, are also starting to sweep into the digital space. Online purchases may also be covered by the part of the HCC regulating electronic contracting, which provides for specific rules between consumer and business, for example on the possibility of correcting data entry errors, and on the issue of non-confirmation. As will be seen below, in certain cases, a legal statement made by such means may also constitute a written legal statement. Furthermore, the provisions of the Hungarian Government Decree No. 45/2014 (II. 26.) on the detailed rules for contracts between consumers and businesses. It applies to consumer contracts concluded by electronic means, and to contracts concluded at a distance, are also applicable to consumer contracts concluded by electronic means.
The legal situation of “the written form” in the Civil Code
But what is the written form? What are the requirements for a written document under the HCC? Pursuant to Section 6:7(1) and (2) of the HCC, a legal declaration is deemed to be in writing if at least its essential content is in writing and, unless otherwise provided by law, if the declaration is signed by the party. However, in many cases, especially in the process of signing a contract between distant contractors, it can be very difficult. Indeed, the signing of a declaration by both parties can be a lengthy process involving uncertainties (e.g. security of postal service). However, in the last 30 years, with globalization, it has become quite common for Hungarian companies, or possibly also individuals, to buy or lease something from a company from another country, the geographical distance has made signing private declarations in person quite problematic.
Written without pen and paper?
The need arose, therefore, to find alternatives for the strictly pen-and-paper signature and replace it with a technique that has similar attributes to the written hand in the digital space. In other words, they are unique, indelible and unalterable. In response to this problem, the HCC offers a definition of technology-neutral writing. According to Section 6:7(3), a legal declaration is deemed to be in writing even if its content, the contracting person, and the time when it was made, can be identified if executed. However, Section 99 (1) of Act CCXXII of 2015 on the General Rules of Electronic Administration and Trust Services, in the case of making statements on family law and inheritance law, explicitly requires the existence of a signature on paper with a pen, which cannot be done by any other technique in these cases in Hungary.
At first glance, it might have been considered that the problem had been solved by the spread of electronic correspondence. After all, an email can be used to identify both the essential content and the time of making the statement (time of sending), but the clear position of the Hungarian jurisdiction is that the declarant cannot be clearly identified on the basis of an email address [BDT2018. 3931.]. Therefore, a legal declaration made by email does not constitute a written legal declaration under Hungarian law.
IT solutions
In light of the foregoing, the HCC allows—by technology-neutral writing—for the authentication of legal declarations in other, non-traditional ways. This has opened a niche market that various LegalTech (legal technology) companies are looking to fill (e.g. in Hungary: DocuSign eSignature, GoodID, Microsec). Their services consist of providing various electronic authentication platforms to service users for a fee. The customers who become users can then have their private legal declarations stamped with an identification, a time stamp, which has the properties of a paper signature, using a program developed for cryptography, the “secret writing” of computers. They are unique, indelible, and unchangeable since the authentication software provides the document with an indelible identification code and, where appropriate, a visible stamp, which is attached to the document. These unique stamps allow people to connect to blockchain systems. Blockchain is a network where individually identifiable people can connect transactions (in form of blocks) to each other, that cannot be modified later. These transactions also can be the subject of contracts, in that case, we talk about smart contracts.
EU legislation
However, the above service model has been subject to regulation. It could not be allowed that the specific and sometimes very different techniques of private companies could be used to produce a document with evidentiary value without any specific requirements. For this reason, the European Union (hereinafter: EU) has regulated trust services in Regulation EU No. 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market (hereinafter: eIDAS). The eIDAS Regulation explicitly supports the transposition of signatures into the electronic space in some way, stating explicitly that the authenticity of a signature cannot be questioned only on the basis of its electronic form. It sets different categories for electronic signatures. Simple electronic signatures are those that are probably most commonly encountered in everyday life when delivering services or when dealing with banks or government offices, where a small display is used to sign the document with a suitable pen-like device. A similar simple electronic signature can be made by using a touch screen in an image or document editing program to engrave a signature on a document. Electronic signatures with enhanced security are considered to be more reliable, have a stronger evidential value, are characterized by the fact that the signature is identifiable, and include a means of preventing or tracking changes to the document. The highest level of security is provided by qualified electronic signatures, an electronic signature platform provided by an eIDAS-qualified service provider that ensures that a document can be authenticated by the holder of a specific identifier or access device, a so-called “token.”
And, more recently, eIDAS 2.0 [EU 2024/1183, entered into force on 20 May] has been published, which further distances trust services and sets out additional requirements for service providers.
E-signature report
Taking the above aspects into account, Investcee Consulting Ltd. has summarized the electronic identification service providers available in Hungary in its report titled E-signature Hungary LegalTech. The main focus of the report is the analysis of the trust services provided in Hungary by private companies or even from central government level, according to the three categories of the eIDAS Regulation.
Of these, I would like to highlight only the two free services, ESzemélyi and AVDH (Authentication by Document Authentication).
ESzemélyi (Electronic Identification Card)
The ESzemélyi solution has the huge advantage of being a qualified electronic signature and being recognized in all EU Member States under the eIDAS. However, the disadvantage is that it is possible to apply for an ESzemélyi during the personal administration process, and, as an ID card is required to use this service, companies cannot implement this option. For them, it is most likely that a market-based service, which can be used for a fee, can provide a better and more suitable personalized electronic authentication service. Examples in Hungary are NetLock or Microsec.
AVDH (Authentication by Document Authentication)
AVDH is, as the report says, a “Hungaricum,” a Hungarian specialty. The Nemzeti Infokommunikációs Szolgáltató Zrt. (National Infocommunication Service Provider, NISZ) offers the possibility to electronically stamp and time stamp uploaded documents in the possession of a user profile of the Hungarian administration (Ügyfélkapu). However, the document is not signed by the signatory, but by the NISZ, and an automatic attachment is needed to identify the actual authenticator, but this is easily available. AVDH is a Hungarian product, but this also means that while it can be used to create a private document with full evidentiary value in the country, it does not provide qualified electronic signatures in the other states of the EU. Nevertheless, for domestic personal or even corporate use, we are talking about an electronic authentication service that is very fast, with a practical interface, and which also meets the requirement of being written. Another drawback of this system could be that the person who gets the signed document cannot identify who signed the legal declaration.
Summary
In conclusion, AVDH is a very useful tool in Hungary, fully replacing the signature, but if another person from another EU Member State is a party to the transaction, it is recommended to use another EU-certified trust service provider. These tools are available on a dedicated website, and there is also a website for back-checking if someone wants to check when a document that has supposedly been authenticated was actually authenticated, by whom, and with which tool.
As written above, our written legal transactions, which were previously only possible on paper, are now increasingly moving into the cyberspace. Several LegalTech companies are working to create authentication mechanisms that can lend a suitable written form to a document that may be entirely electronic. Hence, our pen-and-paper signature may indeed be “at risk,” but to eradicate it completely, it requires more faith in electronic solutions, greater security of electronic services, and a complete paradigm shift to accept that a written document of a certain weight (e.g. a sales contract for a real estate that can be worth a lot) can be handled and signed in electronic form only. It may be a big contradiction that while electronic signatures help environmental awareness by eliminating the need to print out contracts of hundreds or even thousands of pages, the disorderly nature of cyberspace, the attacks on it and its lack of regulation, may still mean that traditional contracts may dominate in the near future. However, this is just one opinion among many, and the debate on this issue is crucial if we are to have a uniform set of rules and practices in the future.
Bertalan Máté NAGY is a law student at the Faculty of Law at the Eötvös Loránd University in Budapest and a scholarship student of the Aurum Foundation. In December 2023 he acquired a certificate at an IT academy for lawyers and gained experience in coding, IT law, and LegalTech. He is a member of the CapsLaw digital law working group of the university that deals with IT law and LegalTech problems.