What are the relevant laws governing electronic signatures in India?
The relevant laws and regulations surrounding the use of electronic signatures in India are the Information Technology Act, 2000 (“ITA”), the Indian Contract Act of 1872 (“ICA”), the Electronic Signature or Electronic Authentication Technique and Procedure Rules, 2015 (“ESEATPR”), and the Indian Stamp Act, 1899 and the relevant state stamp acts. These laws form the basis for (i) what are officially recognized “electronic signatures” in India; (ii) what documents or transactions cannot be entered into electronically; (iii) what conditions all contracts must meet, including contracts using an electronic signature that does not meet the officially recognized requirements under the ITA; and (iv) why whether stamp duty needs to be paid on any particular transaction should be a consideration for transactions entered into electronically.
As a threshold matter, the ITA states that a contract cannot be denied enforceability merely because it was conducted electronically provided the contract fulfills the essential elements of a valid contract under the ICA.
The essential elements of a valid contract are set out in Section 10 of the ICA. The contract is valid if:
- It is entered into by parties who are competent to contract;
- It is entered into by parties as a result of their free will i.e. valid proposal and acceptance;
- It provides for mutual consideration between the parties;
- It does not require the doing of any act which is forbidden by law.
Note that under Indian law, contracts between private parties do not require a signature for validity; the only express requirements for validity are those set forth above.
What constitutes an electronic signature in India?
As high-level background, the ITA establishes when an “electronic signature” has the same legal status as handwritten signatures. The ITA also establishes a separate definition for a “digital signature,” which is a type of “electronic signature” under the ITA. The Second Schedule to the ITA sets forth the techniques required for creating a valid “electronic signature.”
The ITA defines an electronic signature as an “authentication of any electronic record by a subscriber by means of the electronic technique specified in the Second Schedule and includes digital signature.” The ITA defines a “digital signature” as the “authentication of any electronic record by a subscriber by means of an electronic method or procedure in accordance with the provisions of section 3” (discussed below).
However, except for a few filings with governmental authorities, Indian law does not require that private parties use an ITA electronic signature for any category of transactions. This means that electronic signatures that do not qualify as ITA electronic signatures are potentially enforceable, but as discussed below, electronic signatures that do not qualify as ITA electronic signatures do not have the same legal status as a handwritten signature, and may require additional evidence in order to prove their validity.
a) Reliable electronic signatures that combine a unique identification number with an electronic Know-Your-Customer (eKYC) service
To be validly recognized under the ITA as an ITA Electronic Signature, an “electronic signature” must (i) be “reliable” and (ii) use an authentication technique specified in the Second Schedule to the ITA.
An electronic signature is considered reliable under Indian law if:
- the signature creation data or the authentication data are, within the context in which they are used, linked to the signatory or, as (the case may be, the authenticator and to no other person i.e. the signature must be unique to the signatory);
- the signature creation data or the authentication data were, at the time of signing, under the control of the signatory or, as the case may be, the authenticator and of no other person;
- any alteration to the electronic signature made after affixing such signature is detectable;
- any alteration to the information made after its authentication by electronic signature is detectable;
- there should be an audit trail of steps taken during the signing process; and
- the signer certificates must be issued by a Certifying Authority (CA) recognized by the Controller of Certifying Authorities appointed under the IT Act.
The Second Schedule provides that an “electronic signature” or electronic record can be authenticated by using electronic authentication techniques as described in the ESEATPR. The ESEATPR provides that an “electronic signature” can be authenticated by using either of the following methodologies:
- Aadhaar e-KYC services; or
- a third-party service by subscriber’s key pair-generation, storing of key pairs on hardware security module and creation of digital signature provided that the trusted third party providing such services shall be offered by any of the licensed Certifying Authority.
b) “Digital signatures” that are generated by an “asymmetric crypto-system and hash function”
A user obtains a digital signature from a licensed Certifying Authority.
Does India recognize DocHub electronic signature as a valid type of electronic signature?
The DocHub electronic signature is not a recognized electronic or digital signature under the ITA. This means only that a DocHub electronic signature does not have presumptive validity under the ITA, not that persons are prohibited from using it. Further, the ITA states that a contract cannot be denied enforceability merely because it was conducted electronically provided the contract fulfills the essential elements of a contract under the ITA.
What are examples of electronic signature use cases?
Contracts between private parties do not require a signature for validity. Further, except as provided below, India does not preclude documents from being executed electronically, however consideration of whether stamp duty discussed below is paramount before conducting any transaction electronically.
Are electronic signatures prohibited or not allowed for any transactions?
Indian Stamp Act
The Indian Stamp Act or the relevant stamp act applicable to the state requires that certain instruments be stamped at or before the time of execution. The Indian Stamp Act or any other law in force and effect in India does not address electronic records and the method of stamping electronic records. However, several states (e.g., Maharashtra, Gujarat, Karnataka, Delhi, Uttar Pradesh, Rajasthan, etc.), have amended their respective stamp acts to specifically include “electronic records,” as defined under the ITA, under the definition of an ‘instrument’, thereby extending the requirement of stamping an electronic record.
An instrument which is not adequately stamped is inadmissible as evidence in a court of law in India and may further attract penalty for evasion of payment of stamp duty. Therefore, if the relevant document requires stamp duty to be paid, careful consideration needs to be given to the ability to whether the document can be executed electronically and have the appropriate stamp tax paid.
The documents or transactions that cannot be entered into by using an electronic signature are:
- Negotiable instrument such as promissory notes or bills of exchange other than a check;
- Trust deeds;
- Will and any other testamentary disposition by whatever name called; and
- Any contract for the sale or conveyance of immovable property or any interest in such property.
Further, documents to be notarized are generally required to be physically signed before the Notary Public. Documents requiring registration are also to be physically signed before the concerned registrar.
Do parties need to consent to use electronic signatures in India?
India does not contain any formal consent requirements for the use of electronic signatures.
What are the key factors pertaining to the enforcement of electronic signatures in India?
For electronic signatures that are not recognized electronic signatures under the ITA, key factors include: (a) the agreement should not be contrary to law; (b) the terms of the agreement should not be unconscionable; (c) the acceptance must be absolute and unqualified for which the user must be identifiable; (d) the agreement should be rendered tamper-evident after application of the electronic signature, and (e) an audit log should be maintained, also rendered tamper-evident, that captures all the relevant actions taken during the signing session.
* Disclaimer: This page is for informational purposes only. This page is designed to provide a background on the legal framework for electronic signatures in the respective country. This page is not legal advice and should not be used or relied upon as legal advice. You should seek legal counsel regarding any legal questions you have regarding the use of electronic signatures in this jurisdiction. To the maximum extent permitted by law, DocHub provides this page and the material on this page on an “as-is” basis. DocHub disclaims and makes no representation or warranty of any kind with respect to this page or the material on this page, express, implied or statutory, including representations, guarantees or warranties of merchantability, fitness for a particular purpose, or accuracy.