Benjamin Wright is a lawyer and the author of ``The Law of Electronic Commerce.'' He started his talk by saying that his background is in law and society, and not in any scientific area. His talk would address, from a lawyer's point of view, an area that lies in the intersection of law and digital signatures.
Ben stressed that, when regulating uses of a technology, one needs to be humble and recognize that people may use the technology differently from how one has assumed. Different uses may require different legal interpretations and therefore require different legislations. So, he wanted to rename this talk ``The Confessions of an Electronic Commerce Lawyer: My Fear of Curves on the Information Super Highway.''
The law of signatures in the US has been around for a long time, and the legal community has been dealing with the question ``what is a signature,'' for legal purposes, for centuries. Ben's own personal interpretation of ``what is a signature'' is liberal compared to that of some of his colleagues. His interpretation is: a signature, for legal purposes, is simply a symbol that someone adopts for the purposes of taking responsibility for a transaction. Generally speaking, the law of signatures in the United States has never required that signatures be secure in any way. This implies that signature, security, proof, and evidence are different things.
He then gave two examples of disputes that have happened with traditional signatures. The first example involved an autograph received through a fax machine. Its supposed signer argued that fax transmissions offered a low level of security, and the autograph was not his or her signature. The court ruled, however, that the lack of security did not interfere with the signatureness of the autograph. Authenticity, the question of whether or not the supposed signer signed it, was a separate issue and would be the one to look at.
The second example involved a real estate sale contract. The buyer backed out after sending a document that said: ``I, X, agree to ...'' At court, the buyer claimed that the document was not signed (no autograph was written at the bottom of the document). The judge, however, ruled that there was a signature in the document. The signature in this case appeared in the content of the message, where the buyer identified himself or herself as X. So, in fact, the document was signed, and the contract was legally effective.
Ben then went on to discuss what is currently happening with electronic signatures. Several states have been working on legislation regarding electronic signatures, and they don't agree with one another. Florida, Texas, Kansas and Iowa have adopted the liberal interpretation that Ben uses and separated the issue of signature from the issues of security, proof and evidence. He stressed that he personally likes this approach, but that there are disagreements in the legal community.
Other states, like CA, have adopted a more constrained approach. According to CA's Digital Signature Law, a digital signature is effective as a traditional signature if the signer has some kind of unique, verifiable code, if the code is under the signer's sole control, and if after the signer uses the code, one can determine if what was signed has been altered. (In addition, digital signatures need to comply with some state regulations that are still being elaborated.) So far, this legislation only regulates digital signatures involving the state of CA.
According to Ben, this view has advantages: it does not specify the technology, only the criteria. On the other hand, traditionally nothing has required that a signature has to achieve any degree of reliability or verifiability, so CA's legislation is less flexible in this sense.
Ben continued by talking about two completely different paradigms of electronic signatures, and the implications that their uses would have.
The first is the paradigm adopted by Utah's Digital Signature Act. Utah is a pioneer in regulating the use of public key cryptosystems in digital signatures. According to Utah's law, before I can use a private key as my signature, I need to go to a licensed certification authority (CA) to have my public key certified. After the certification, the private key has universal powers and I am responsible for keeping it secure. There is a presumption that any document that is signed with my private key is presumed to be my responsibility. It is not impossible to repudiate it, but it is difficult. This means that: 1) recipients of a signature have high evidence that the signer is going to be responsible for it; and 2) the owner of a key needs to be very careful with it, because the key can be used to sign any legal transaction, and the burden of proving the non-authenticity of the signature is on the person that owns the key. Ben's warning: ``Don't let your spouse get it!''
Utah's digital signature law is an example of a concentrated transaction, where all the evidence is in one place: the signature. Dispersed transactions are the opposite of concentrated transactions. In dispersed transactions, the evidence that is needed for the receiver of a document to feel confident about it is dispersed across a number of factors and circumstances that are external to the signature. Previous relationships and the amount of money involved in the transaction are examples of such factors. When asked about Utah's failure to recognize the importance of other elements of a transaction, Ben said that he is concerned that the Utah law is too narrow and too detailed, and that there is no flexibility. However, he sees some areas in which signatures can be regulated this way. Electronic cash is one such example.
A second paradigm was then presented to contrast with the Utah approach. (Ben emphasized that he is not defending either approach, but is only giving us elements by which to judge for ourselves.) It is called PenOp, and uses the notion of dispersed transactions. It has been adopted by the IRS for electronic tax returns. In PenOp, the taxpayer is shown the document he or she is about to sign. For the signature itself, he or she uses a digital pen to write on a digital tablet. The image of the signature, the speed with which it was written, and other biometric, ``act-of-signing'' data are then stored and constitute the signature. This biometric signature is then combined with the cryptographic hash value of the document, and the result is the signed document. For the IRS, having the document signed does not imply the document's non-repudiability. Instead, it is an evidence that you looked through your tax return and knew that you were legally responsible for it. In the case of a dispute, the IRS can not claim based only on the signed form that you were the person who signed it. Lots of other evidence is needed before they can prove that you were the signer.
Ben mentioned that the IRS+PenOp approach is probably not the Cypherpunks' favorite. Cypherpunks favor strong cryptography and oppose governments' intrusions into their citizens' private affairs. ``What the IRS wants,'' Ben clarified, ``is to get a little information about you, but not a whole lot. The security is mild, but things work in the context of other factors and circumstances.'' Ben said that for the IRS, security is a different issue and is ensured in different ways. For instance, the IRS has a private network to transmit its information.
An advantage of PenOp is that there are no keys, no passwords, and no training needed. One only writes one's signature.
Robert Gezelter asked about the shift in the burden of proof when adopting Utah's approach. Ben answered that there is in fact a shift. Traditionally, the receiver of a signature was the one to prove that the supposed signer actually signed it. Under Utah's approach, the signer is the one to repudiate it.
When asked about the method that UPS and FEDEX use, Ben said that their approach is less sophisticated, because only the bitmap of the signature is captured. No biometrics are used.
Someone asked what would happen if a PenOp signature is stolen and appended to another document. Ben said that the signature does not carry too much weight and its owner can easily repudiate it.
Ben Fried commented about the huge power that a signature has under Utah's approach and the ease with which this power can be transfered. Ben Wright agreed and said it is unprecedented in modern Western culture. He added that a private key is not a credit card. One can use private keys not only for financial transactions, but also for all other legal affairs like divorce, child custody, etc. One way to limit this power is to append disclaimers to the keys, restricting their use to specific purposes.