The introduction of electronic signatures is an important step in a company’s digital transformation process and can bring many benefits – if the appropriate type of electronic signature is chosen based on the desired legal effects.
Authors: Andreas Jaeggi, Ramona Bollhalder
The electronic signature is regulated in particular by the Federal Act on Electronic Signatures (SCSE) and the associated Ordinance on Electronic Signatures (OSCSE). It is based on so-called cryptography (asymmetric encryption) and on a public key infrastructure (PKI) or certification infrastructure, in which providers of certification services digitally certify the assignment of a cryptographic pair of keys to its owner as well as the owner’s identity.
The law defines five types of electronic signature, which are based on three different levels of digital certificates (digital, regulated and qualified certificates):
- the (basic) electronic signature (serves only to ensure the integrity of the document),
- the advanced electronic signature (this is also used to identify the signatory),
- the regulated electronic signature and the regulated electronic seal (both based on a regulated certificate),
- the qualified electronic signature (advanced electronic signature which is additionally based on a qualified certificate).
Regulated and qualified certificates may only be issued by recognized providers of certification services that meet the requirements of SCSE and its implementing provisions. The regulated and qualified electronic signatures are reserved for individuals (natural persons), whereas the regulated electronic seal was designed for legal entities and authorities.
Use of electronic signatures
The qualified electronic signature
Only the qualified electronic signature associated with a qualified time stamp is treated as equivalent to a handwritten signature (art. 14 para. 2bis Code of Obligations, CO). This is decisive for the legal validity of a contract, insofar as the contract is subject to a legal or agreed requirement of written form. For most contracts in Switzerland, though, there are no legal requirements as to the form. Thus, no handwritten signature is required for their validity. Such contracts can therefore also be legally concluded using electronic signatures other than the qualified signature (and, of course, also informally, i.e. without a signature).
Using the qualified electronic signature, business transactions can be handled entirely via digital means. Although this possibility has existed in Switzerland since 2005, until now dissemination has been very slow. The reason for this is not only cost/benefit considerations, especially in connection with the expense of initial identification, but probably also the small number of providers. The new Federal Act on Electronic Identification Services (E-ID Act), which is currently being discussed in the Swiss parliament, is intended to contribute to the wider use of qualified electronic signatures, among other things.
Other electronic signatures
Digital certificates for advanced electronic signatures can be issued both by providers that are officially recognized by the government and those that are not state-recognized. The advanced electronic signature may also be made out to legal entities but it is not based on a government-approved certificate. Therefore, the special liability provisions for certification providers and holders, and the security criteria to be met by recognized providers of certification services for regulated and qualified certificates, do not apply.
Although the regulated electronic signature for natural persons and the regulated electronic seal for legal entities and government authorities – both introduced in 2017 – are not equivalent to handwritten signatures, the origin and integrity of an electronic document can be guaranteed by means of a regulated certificate. As with the qualified electronic signature, the mild causal liability pursuant to art. 59a CO applies. For companies, the regulated electronic seal offers interesting possible uses, especially in mass mailings and electronic business transactions.
Finally, in addition to the legally defined electronic signatures, there are a large number of providers of electronic signatures (e.g. DocuSign) that do not meet the requirements of regulated and qualified electronic signatures according to SCSE, but are accepted as trustworthy by manufacturers of standard software such as Microsoft or Adobe. Such electronic signatures, which are not regulated by law, can be useful for companies if they are also used at the same time by their business partners.
The introduction of electronic signatures can bring various advantages for companies as part of their digital transformation. However, it is advisable in individual cases to clarify precisely on the basis of a cost-benefit analysis whether the use of one of the available electronic signatures makes sense, and which electronic data should be provided with which electronic signature, taking into account the desired legal effects and any legal restrictions.