Signature Automation: A Dispatch from the Front Lines

I recently received the following inquiry from longtime reader John “Fitz” Fitzpatrick:

Pardon me if I missed a blog discussion on e-signature (have you had one?), but recently a bunch of companies have requested that we sign our contracts with them using e-signature through a company called EchoSign.

Nice idea in principle, but I have a three issues.

First, I think that it’s poor etiquette for someone to e-sign a contract and process it through Echosign without the other party’s consent. For example, this morning I received an email request that I sign an unspecified document, and when I followed the link to my surprise I found, residing on EchoSign’s server, a contract that I had drafted and regarded as confidential. I was not pleased.

Second, how secure and dependable are services such as EchoSign? Should they be reserved for low-value transactions? Should any contract that contains confidential information be signed with actual signatures only? As an attorney for a publicly traded company in the pharmaceuticals industry, I expect that I’d have to jump through a series of hoops if I wanted to implement a signature-automation service (written statement of purpose, pre-qualification audit, annual review).

And third, if we elect to remain in the Stone Age, how about stating explicitly in a contract that it will be enforceable only if each party signs using a manuscript signature? (I’m on the point of including such a provision in my contracts, as I don’t want to see another of my documents on EchoSign’s servers.)

I’d be interested to know your thoughts.

I have in fact written about EchoSign, in this May 2007 blog post. I mentioned other vendors in this April 2008 post and this May 2010 post. But given the nature of my work, I don’t have occasion to use signature automation, so I’ll let others take a first crack at responding to Fitz.

About the author

Ken Adams is the leading authority on how to say clearly whatever you want to say in a contract. He’s author of A Manual of Style for Contract Drafting, and he offers online and in-person training around the world. He’s also chief content officer of LegalSifter, Inc., a company that combines artificial intelligence and expertise to assist with review of contracts.

3 thoughts on “Signature Automation: A Dispatch from the Front Lines”

  1. Our firm regularly offers the ability to coordinate the signing of contracts via e-signature. In making the decision to do this, we considered the following:

    1. The enforceability of e-signatures (long proven).
    2. The checks against fraud (which in my opinion are more robust than a wet signature).
    3. Our ability to ensure no signature, date, or other field is missed by a signing party (perhaps the greatest benefit).
    4. Efficiency of execution (turnaround times improved 10x).
    5. Inserting a standard "e-signature" provision in contract boilerplate (often in the place of "facsimile").

    In my opinion, the legal industries move toward e-signature is inevitable. It's simply a better solution.

  2. I like the idea in principle. There are a couple of kinks that I can think of:

    1. I very much dislike the idea that a person who is not an authorised signatory of a party can be the person who decided to sign and execute the agreement, and no one can be any the wiser. I am less concerned about fraud than about directors, for the sake of convenience, forwarding on the signing emails or giving a junior access to their account. The likelihood of this depends on the company, but is reasonably likely for some of the people that I deal with, where many signatories are directors of hundreds of companies. This opens up a lot of difficult questions about agency and apparent authority etc. that can be entirely avoided by having a wet ink signature.

    Judging from Ken’s 2007 post, Echosign’s solution is to provide a facility for a password protected log-in, which may work to a degree (though a signatory can always give another party their PIN) but obviously reduces the convenience with which the service can be used (because a signatory needs to have an established account).

    2. Secondly, deeds have to be signed in ink to be valid (under UK law at least). One day the law may catch up, but until then wet ink signatures will be required for deeds.

    Neither of these points seem fatal to me, but I would not want to use the system generally until there was a solution to the first point, at least.

  3. Writing from EchoSign, we appreciate these very interesting comments and questions. We actually just wrote a blog post on the etiquette for sending a document for e-signature, and suggest best practices are to let the signer know a document is coming for e-signature first.

    We've thought through many of these issues over 5 years and 20,000 customers.

    Beyond Ryan Howell's great summary of the benefits of e-signatures, a few more detailed thoughts:

    1. On security: this is key for e-signatures. EchoSign in particular is in enterprise-wide deployment in legal departments and related departments at 100s of leaders including Dell, BT, Google, Bristol-Myers Squibb, Time Warner, Comcast, GE, Delta Airlines, Proctor & Gamble, and many others. At a practical level, signed documents do not need to be stored on EchoSign once signed, and they are fully encrypted both in transit and in rest through the service.

    2. The stone age: if you do not wish to use e-signatures, it makes sense to explicit state so. At an application level, EchoSign offers several options for Stone Agers: sign by fax instead; sign with a mouse; or just send over a PDF. You can that upload that PDF to EchoSign and match it to the original transaction.

    3. On authorized signatories (the third post): there's an answer here too. On EchoSign, you can limit the authorized countersigners or other signers at your company. This eliminates the ability to e-sign of directors or others who you don't want to sign and can restrict it to a desired/narrow group.


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.