ABSTRACT
The term of “Electronic signature” should generally be analyzed within the scope of the term “signature” and it should be clearly defined taking its technical and legal dimensions into account. Various types of electronic signatures exists. The types of electronic signatures and their legal characteristics as genuine legal institutions are defined by certain legal regulations, which contain the functions and verification of electronic signatures. Thus, electronic signature system should follow the latest developments like any other legal and technical institutions.
1. INTRODUCTION
Electronic signature is dEfined in the law numbered 5070, titled as the Electronic Signature Law (“ESL”), published in the Official Gazette numbered 25355 and dated January 23rd, 2004. It is detailed in the (b) subsection of the third clause of this law as “an electronic datum which is attached to other electronic data or having a logical connection with another datum, used for the identification of the user.” Yet, for better understanding, first the terms with regard to technical functions and legal validity of an electronic signature should be defined. A signature in its classic sense is a sign confirming that a written document has been written and/or verified by the signatory1. To determine the will of the parties that confirms the current version of a text written on a paper can be ensured by the handwritten signature. Hence, it is considered that the signatory announces his or her will by a sign that is specific to him or her2.
Signing is a legal procedure and it is one of the most important elements one should sustain on order to ensure the validity of all kinds of documents whether it be official or private and to convey the will of the signatory. However, the 15th subsection of the Law numbered 6098, called the Turkish Code of Obligations (“TCO”) states that those who do not incur a debt have no obligation to sign a document. Only the party incurring a debt have the obligation to sign the document with handwriting, and the other party’s statement is considered valid in any case.
There is no specific law restricting the location of the signature that should be on a document. However, the general acceptance is that the signature should be at the bottom of the document as an indication that the whole text is covered. Therefore, the signatory declares and agrees that he or she has red the text and admits all the responsibilities3 . As a matter of fact, the signature at the end of the document implies that all the aforementioned declarations are legally binding but not the changes or additions that are subsequently made.
The Official Gazette numbered 2891 and dated December 27th, 1934 has promulgated “The Surname Regulation”, the second subsection of which was amended by the Council of Ministers’ decision numbered 2009/14848 and dated March 25th, 2009 states that “in the signature; there may exist the initial of first name, the two initials in case of the first names are two or one initial and the other components of the name may be included in all.” Yet, if the signature has dissimilar features to these definitions, this does not lead to the invalidity of the signature. In practice, a signature can include only first and last names as usually practiced, it does not have to include neither or it can include some signs that are not even letters as long as the identity of the signee can be defined4.
2. ELECTRONIC SIGNATURE
It is obvious that the aforementioned statements only include paperwork applications. The main problem is to ensure the identification of online transactions and to provide a secure channel for electronically processed documents. Electronic documents often have no differences with the original copies but just the lack of handwritten signature. For this reason, it is quite easy to change the text on electronic documents and this can be untraceable. In respect of the documents with an obligation to be made in a written form, since there is no electronic counterpart of paperwork signature, their electronic application is being prevented and the usage of these documents as an evidence for substantiality has led to a legal definition of an electronic signature and elaboration of the technical details of this process5.
2.1 Electronic Signature in General
As stated in the Article 15 of the TCO, an authenticated electronic signature is deemed equivalent to a handwritten signature. Accordingly, a signature is not only the trace left by ink on a paper. An electronic record or a symbol or code on data may be considered as signature as well6.
The real persons or corporations can obtain an electronic signature through applying to the Electronic Certification Service Providers (“ECSP”), qualification of which concords with the ESL. A simple installation which is done in the medium of computers will suffice to get an amending signature and signatures either created in an electronic environment or transferred into it. The signature has digital and biometric codes functioning as an identification method in electronic documents. The newly created signature can be used on e-Devlet (EGovernment Application in Turkey) applications or any other context requiring a genuine signature7.
2.2 Types of Electronic Signature
There are different types of electronic signatures based on their technical features in terms of security in legal transactions. According to the ESL, there are two main types of electronic signature known as “Simple Electronic Signature” and “Authenticated Electronic Signature” and based on their technical qualities, they are classifies as Simple Electronic Signature, Advanced Electronic Signature, Authenticated (Qualified) Electronic Signature and Electronic Signature given by Accredited Certification Service Providers.
2.2.1 Simple Electronic Signature
The existence of simple electronic signature only shows that the document signed is secured. A handwritten sign digitized on a computer scene or scanning a handwritten signature may be shown as examples of this type of electronic signature8.
2.2.2 Advanced Electronic Signature
Generally, advanced electronic signature is defined as a normal electronic signature with added functionalities on the original. As for the simple electronic signature, it signifies the security of the document as well as the traceability of the signatory9.
The ESL does not have a specific definition for advanced electronic signature. Yet, according to the Directive of European Council numbered 1999/93/CE and dated December 13th, 1999 (“Directive”) an advanced electrronic signature shall meet the following requirements;
a. it is uniquely linked to the signatory,
b. it is capable of identifying the signatory,
c. it is created using means that the signatory can maintain under his sole control, and
d. it is linked to data which it relates in such a manner that any subsequent change of the data is detectable10. These features of advanced electronic signature have been adopted in the Article 4 of the ESL, as well.
2.2.3. Authenticated Electronic Signature
Authenticated Electronic Signature, as defined in the Article 4 of the ESL; (i) is only bound to the signatory as in the position of mere shareholder, (ii) is created by secure creation devices, (iii) provides identification of the signatory with the help of qualified certificate, and (iv) determines whether a change has been made to the document signed before.
The phenomenon on which the signature is bound only to the signatory defines the comparison of the qualified electronic signature provided by electronic certification providers and opposite to signature creation data, signature verification data contrast with documentation. These processes are necessary to match the person to the retrieved data11.
Authenticated electronic signature corresponds to all known functions of genuine handwritten signature. Hence, as the Subsection 5 of the Directive states, all the member countries should provide it as evidence if all of the qualities of an authenticated electronic signature are satisfied12.
2.2.4. Electronic Signature Given by an Accredited Certification Service Provider
The Directive, as in the perspective of electronic certification service providers, mentions accreditation system which is not manifested in the Turkish Law System. Voluntary accreditation is the permission procedure given to a certification service provider according to certain private rights and responsibilities13.
2.3. Electronic Signature Creation-Verification Data and Device
2.3.1 E-Signature Creation Data
As stated in the Article 3/d of the ESL, signature creation data are defined in the periphrasis of being owned solely by the signatory, unique signs to be created for the purpose of electronic signature creation. It also includes the cryptographic data like components. The creation data are owned by the creator of the signature. Being solely owned by one person, it should not be accessible by other parties. The mere responsibility of protecting the security of the signature is on the signatory14.
2.3.2. E-Signature Verification Data
As stated in the Article 3/f of the ESL, signature verification data includes the confirming passwords to verify electronic signature and/or other components such as cryptographic open keys. Signature verification data belongs to the certificate holder. They are used to verify the signature and commuting an encrypted delivery to the signature owner. It is unique and current in the certificate as encrypted and non-obligatory to be hidden15.
2.3.3. E-Signature Verification Device
As stated in the Article 3/f of the ESL, signature verification device is defined as the software or hardware to verify the electronic signature.
Defined in the Article 7 the ESL, during the signature verification process, it should be ensured that;
a. the data used for verifying the signature correspond to data displayed to the verifier; b. the signature is reliably verified and the result of that verification is correctly displayed;
c. the verifier can, as necessary, reliably establish the contents of the signed data;
d. the authenticity and validity of the certificate required at the time of signature verification are reliably verified and the result of verification and the signatory’s identity are correctly displayed;
e. the use of a pseudonym is clearly indicated; and
f. any security-relevant changes can be detected.
2.3.4. Creation and Verification of Electronic Signature
In the process of creation of e-signature, the option of copying the handwritten signature to the digital medium is nonexistent. Certain tremendously complex algorithms and processes are involved and all of the maximal matter is processed by computers. Electronically created documents are encrypted with asymmetric keys to produce e-signature.
“Public Key Infrastructure” (PKI) is defined as all the promised services of e-signature given to users including person-specificity, integrity, identification and nonrepudiation. This infrastructure is the most widely accepted one in regard to the verification of the e-signature process system16.
Two keys one of which being open and the other one closed are created by the ECSP and delivered to the user. The data encrypted by the open key of the signatory can only be decrypted with the open key of the recipient of the document17.
2.4. Functions of Electronic Signature
In order for electronic signature to replace the handwritten signature, it needs to bear the functions of (i) identification, (ii) eventuation, (iii) authenticity, (iv) monition, (v) continuity and (vi) attestation. Being said that, electronic signature can be more attributable to the aforementioned qualities with a greater precision18.
The most significant function of electronic signature to fulfill is non-repudiation. Unless the signatory loses the control of the use of the signature, electronic signature is non-imitable19.
The identification process in the system of electronic signature is provided by the control of the unique key of the signatory assigned as one-time by certain certification offices. This coordination is achieved by a signature key certificate and provides an identification procedure with a certain check done by the recipient who knows the open key of the owner of the signature using the open signature key certificate to verify the signature20. Nonetheless, the repudiation of an electronically signed data is possible according to the Article 210 of the Code of Civil Procedure numbered 6100 (“CCP”). If need be, after the irresolution of the issue by a judge, an expert opinion shall be searched respectively to the hearing of the repudiating party.
As stated in the ESL, if there is an issue regarding to a refund of a debt, electronic signature has a certain binding function with respect to the call of the signatory. Because of the fact that even the infinitesimal gaps in the text are encrypted with electronic signature, it has a more reinforced credibility than the handwritten signature21.
With respect to other benefits and functions of an electronic signature, first it should be discussed that an electronic signature has the advantage of efficiency and logistics. The use of electronic signatures will add the beneficiary attributes such as speed, easiness and cheapness to processes. Data will easily be transferred and the cost of print, paper and post etc. will be minimized. The electronic signature can hardly be imitated, thus the recipient may not claim that the document has not arrived or vice versa, the sender may not allege that the document has not been sent. The content of the document is safely encrypted and cannot be changed after the document is sent, therefore neither the recipient nor the sender may repudiate the content. In addition to this, a copy of the document would be in the hands of the certificatory.
2.5. The Evidential Quality of Electronically Signed Documents in Legal Proceedings
As stated in the Article 5 of the ESL, “authenticated electronic signature has the same juridical consequences as the handwritten signature.” Yet, “certain jurisdiction processes and contracts of guaranty which has a specific form or special formal procedure determined by laws cannot be signed with authenticated electronic signature.”
As the aforementioned Article of the provision states, it will be adequate to say that an electronic signature has only the coverage of base written validity form. Hence the jurisdictionally imposed written forms such as such as marriage, divorce and financial loan contracts cannot be signed with an electronic signature.
In addition, in this matter it should be noted that the evaluation of electronically signed documents with respect to bonded proof issues should be verified. In the jurisdiction system, on a specific event or act of law, the judge will decide whether it is necessary to prove this circumstance with final or discretionary proofs. In this sense, with respect to the CCP, final verdicts and oaths have the quality of final proofs, whereas the other specific acts signifying discretionary proofs such as witness, expert, investigation and other non-counted acts may refer to discretionary proofs.
Finality aspect of a muniment implies that the judge has bound by the document. The verification or authentication of a signature at the bottom of a muniment is not an issue for a judge to investigate ex officio. Qualifying of the written signature will be done by the judge through a mundane examination with eyesight22.
In this matter, through the Article 23 of the ESL, Article 205 of the CCP states that the electronic data created by an authenticated electronic signature has the quality of a muniment. The bond value and the function of final proof of these data are determined through the condition of these data created by an authenticated electronic signature. Simple electronic signed documents will not count as having the value of bond. That being said, the type of the signature of a document must be detected by judge using the commending in the Article 205/3 of the CCP ex officio. This determination is an appropriate measure to the circumstance in which parties have no objection and preventing a simple electronic signed text to have the value of final proof23.
Alas, since a judge cannot make the distinction with regard to the type of an electronic signature used in the document with eyesight, unlike the handwritten signatures examined by the court, an expert should examine the document signed with an electronic signature. As the Article 210 of the CCP states, “in the event of denial of data signed with an authenticated electronic signature, if there is no verdict after the hearing of the denying party by the judge, an expert investigation will be executed.” As when the previous Code of Civil Procedure numbered 1086 (“pCCP”) was in force, there was no evident rule when the denial of an authenticated electronic sign was handled according to the Article 308 of the pCCP24. The judge was in charge of the detection of the owner of the signature, possibly being the opposed party, using the protocol issued in the Article 308 of the pCCP. Hence, with the accepting of the judge being not technically equipped with the necessary information, it is stated in the doctrine that an expert should obligatorily use the expertise in the period that the pCCP was in force. Although there are certain controversial points25, the Article 210 of the CCP has helped the hindrance of all the controversy surrounding the case and when the denial of an authenticated electronic signature, it has allowed the demand of expert opinion.
Certain acts in the law could only be executed through the use of an authenticated electronic signature. For instance, the Official Gazette dated December 20th, 2009 has promulgated the “Law of Cheques” numbered 5491. In the Article 5, subsection 8 of the Law, it is stated that the data related to cheque making and opening a cheque account are signed with an authenticated electronic signature and after that they are electronically reported via the Ministry of Justice National Judiciary Informatics System (NJIS) to the Central Bank of Turkish Republic. These reports and the bases and procedures related to the announcements done to banks are determined by the Central Bank of Turkish Republic with the confirmation by the Ministry of Justice.
3. PRACTICEAREASOF ELECTRONICSIGNATURE AND NEW DEVELOPMENTS
Electronic signatures, having a wide variety of practice areas, can be used in every case in which data are moved, copied and processed electronically . Articles 14 and 15 of the TCO state that an electronic signature has all the juridical qualities of paperwork signature in every written shape obligatory situation, and thus available to replace the written shapes condition. In this circumference, all acts of law obliging any written shape may be signed with an authenticated electronic signature.
Practice areas of e-signature in public sphere can be listed as; applications to Student Selection Examina tion, Public Personnel Selection Examination, Academic Personnel and Postgraduate Education Entrance Exam, passport etc., inter-institutional communication, social security applications, medical applications, tax payment and tax declarations and electronic votes. In moving governmental services to digital medium, the time and resources gain are aimed, especially with the project of e-Devlet. Thus, it is possible to argue that the NJIS is the most active platform for electronic signatures through courts, public prosecutor’s offices, all clerks and lawyers. The improvements in e-Devlet is still ongoing.
For the use of e-signature in trade, internet banking, insurance transactions, e-contracts and e-shopping may be considered. In addition to this, in the Turkish Commercial Code numbered 6102 and dated July 1st, 2012, electronic signature and electronic data are extensively discussed. According to the Article 18/3 of the TCC, e-signature has the potency to put in default, nullify a contract or to make denunciation or warning processes. According to Articles 24, 64 and 65 of the TCC, the trade registry entries and commercial registers may be stored in an electronic medium.
Article 94 of the TCC states that the rejection period is one month and can be executed by holder of the schedule which shows the surplus determined in the current account balance with a text involving an “authenticated electronic signature”. All obliged processes in accordance with the TCC can be done by commercial corporations, corporates, and real persons in an electronic medium through an authenticated electronic signature.
The Notary Act numbered 1512 (“Notary Act”) has an additional Article 198/A since February 12th, 2014 issued with the law numbered 6572. This addition should be examined separately. According to this Article; the processes set in the Notary Act may also be done in an electronic medium with an authenticated electronic signature. A caveat for this is that processes forced as edit and testaments of will should be executed in the presence of notary to be signed with an authenticated electronic signature.
All data and documents related to notary acts are stored and saved in the Union of Turkish Notaries Informatics System. For documents signed with an authenticated electronic signature, the seal affixing process done in handwritten signed documents is not present and it is unnecessary to prove another copy. It is also stated that a physical copy for a document containing an authenticat ed electronic signature is not printed unless demanded. When there is a need for a physical copy, the notary involved affixes seal to the document and sign it declaring that it is identical to the original. If the copy of the electronically signed document contradicts the handwritten signed copy, the electronically signed document stored in informatics system will be considered as the original one. Thus, the wide use of an authenticated electronic signature by notaries and increasing the security of notary embodied documents will be ensured.
4. CONCLUSION
There is no doubt that the developments in information technology race against time. As the internet gets as near as a phone, undoubtedly it plays an important role in both commercial transactions and government transactions. Hence, e-Devlet and e-commerce are constantly developed by both technical and judicial adaptations.
The E-signature justified with the Electronic Signature Law numbered 5270 is a known and spreading application. In near future, it is quite possible that e-signature will be used by individuals more often. E-signature accelerates and facilitates electronic relations by tremendous amounts, thus it is significant for all citizens.
The effective use of an electronic signature will increase the efficiency of using resources recognizably. Especially in commerce, there will be copious developments on widely acclaimed base factors such as transparency, simplicity and accounting, and complete security of legal transactions will be ensured. In this matter, an electronic signature has many advantages which can be exemplified as preventing change on data and documents, secrecy, non-repudiation, integrity of data and identification. That being said, in near future it is quite possible to state that handwritten signature will be replaced completely by electronic signature.
BIBLIOGRAPHY
Erbayraktar, Burcu. “Elektronik İmza Ve Elektronik İmza Kanunu’na Göre Sertifika Sağlayıcının Üçüncü Kişilere Karşı Hukuki Sorumluluğu”. Yüksek Lisans Tezi, İstanbul, 2011.
Erturgut, Mine. Medeni Usul Hukukunda Elektronik İmzalı Belgelerin Delil Olarak Değerlendirilmesi. Ankara: Yetkin Yayınları, 2004.
Gökalp, Ziya. “PKI (Açık Anahtar Altyapısı) Nedir?” 04.06.2008, https://www.bilgiguvenligi.gov.tr/guvenlik-teknolojileri/pki-acik-anahtar-altyapisi-nedir.html (22.02.2015).
Keser Berber, Leyla. “E-Sözleşme Bağlamında Digital İmza ve ETKK Yasa Taslağı Açısından Türkiye’de Durum”. İnternet ve Hukuk, Derleyen: Yeşim Atamer. İstanbul: İstanbul Bilgi Üniversitesi Yayınları, 2004.
Keser Berber, Leyla. “İnternet Üzerinden Yapılan İşlemlerde Elektronik Para ve Dijital İmza”, Yetkin Yayınları, Ankara, 2002.
Kuru, Baki/ Arslan, Ramazan ve Yılmaz, Ejder. Medeni Usul Hukuku Ders Kitabı, Ankara: Yetkin Yayınları, 2014.
Orer, Gürsel. Elektronik İmza ve Elektronik Sertifika Hizmet Sağlayıcısının Hukuki ve Cezai Sorumluluğu. Ankara: Adalet Yayınevi, 2011.
Orta, Mesut. “Elektronik İmza ve Kavramlar”. Adalet Bakanlığı Bilgi İşlem Dairesi Başkanlığı. http://www.adalet.gov.tr/duyurular/2007/nisan07/eimza/sunum/02_EKavramlar.pps.
Özler, İsmail. “Bilgi Güvenliği Ve Elekronik İmza Kavramları, Ekonomik Boyutlarının İncelenlemesi ve Elektronik İmza Uygulamaları”. Dicle Üniversitesi Sosyal Bilimler Enstitüsü Maliye ve Ekonomi Ana Bilim Dalı Yüksek Lisans Tezi, Diyarbakır, 2007.
FOOTNOTE
1 Türk Dil Kurumu, (20.02.2015). http://www.tdk.gov.tr/index.php?option=com_gts&arama=gts&guid=TDK.-GTS.54e667fc2f94f3.39308255.
2 Gürsel Orer, Elektronik İmza ve Elektronik Sertifika Hizmet Sağlayıcısının Hukuki ve Cezai Sorumluluğu, (Ankara: Adalet Yayınevi, 2011), 5.
3 Orer, Elektronik İmza ve Elektronik Sertifika…, 13.
4 Erkut Güçlü Kahraman, “Delillerin Doğrudan Doğruyalığı İlkesinin Belgede Sahtecilik Suçlarıyla İlişkisi”, İzmir Barosu Dergisi 78/2 (2013), 228.
5 Burcu Erbayraktar, “Elektronik İmza Ve Elektronik İmza Kanunu’na Göre Sertifika Sağlayıcının Üçüncü Kişilere Karşı Hukuki Sorumluluğu”. Yüksek Lisans Tezi, İstanbul, 2011.
6 Orer, Elektronik İmza ve Elektronik Sertifika…, 32.
7 Orer, Elektronik İmza ve Elektronik Sertifika…, 37.
8 Mesut Orta, “Elektronik İmza ve Kavramlar”, Adalet Bakanlığı Bilgi İşlem Dairesi Başkanlığı, http://www.adalet.gov.tr/duyurular/2007/nisan07/eimza/sunum/02_EKavramlar.pps.
9 Orta, “Elektronik İmza ve Kavramlar”.
10 Orer, Elektronik İmza ve Elektronik Sertifika…, 43.
11 Orer, Elektronik İmza ve Elektronik Sertifika…, 44.
12 http://eur-lex.europa.eu/legal-content/EN/ALL/;ELX_SESSIONID=6KTPJq0pn1nsL2hylTD2lJQB3 wpx1-BwyHs3cRrPQCFZgJpcpk1Tn!-1800912348?uri=CELEX:31999L0093, (12.05.2015).
13 Orta, “Elektronik İmza ve Kavramlar”.
14 Orer, Elektronik İmza ve Elektronik Sertifika…, 59.
15 Orer, Elektronik İmza ve Elektronik Sertifika…, 59.
16 Ziya Gökalp, “PKI (Açık Anahtar Altyapısı) Nedir?” 04.06.2008, https://www.bilgiguvenligi.gov.tr/ guvenlik-teknolojileri/pki-acik-anahtar-altyapisinedir.html (22.02.2015)
17 Orer, Elektronik İmza ve Elektronik Sertifika…, 61.
18 Orer, Elektronik İmza ve Elektronik Sertifika…, 48.
19 Orer, Elektronik İmza ve Elektronik Sertifika…, 48.
20 Orer, Elektronik İmza ve Elektronik Sertifika…, 49.
21 Orer, Elektronik İmza ve Elektronik Sertifika…, 50.
22 Mine Erturgut, Medeni Usul Hukukunda Elektronik İmzalı Belgelerin Delil Olarak Değerlendirilmesi, (Ankara: Yetkin Yayınları, 2004), 69.
23 Erturgut, Medeni Usul Hukukunda Elektronik İmzalı Belgelerin…, 138.
24 Mehmet Ertan Yardım, “Güvenli Elektronik İmzanın İnkarı”, www.iscturkey.org/2010/2008/2006/-pdf/bildiri/29
25 Yardım, “Güvenli Elektronik İmzanın İnkarı”.
26 Leyla Keser Berber, İnternet Üzerinden Yapılan İşlemlerde Elektronik Para ve Dijital İmza, (Ankara: Yetkin Yayınları, 2002), 177.
