You are viewing our site as an Agent, Switch Your View:

Agent | Broker     Reset Filters to Default     Back to List

It’s Time to Take Your eSignature Tool Seriously–The Law Does

July 15 2013

maya esig securityDid you know that June 30 was National ESIGN DayNational ESIGN Day? Bet you didn't know it, but you should, and here's why. First, a quick history...

In 1998 the US Congress amended the Bank Protection Act of 1968 to include digital/electronic signature and authentication, the act was known as "Digital Signature and Authentication Law (SEAL) of 1998Digital Signature and Authentication Law (SEAL) of 1998" permitting, and helping define, the use of electronic signatures in all aspects of business.

In 2000, Congress enacted the "Electronic Signatures in Global and National Commerce Act (ESIGN)Electronic Signatures in Global and National Commerce Act (ESIGN)" into law. This was a turning point for the acceptance of the digital signature and authentication standard. How many REALTOR® members or even real estate professionals are aware of the authentication standards that were set?

To boil it down, you need three primary points to prove a valid electronic signature:

  • Legally valid - This is established by consenting to sign digitally and reviewing a consent statement including information on how to obtain paper copies, how to withdraw consent, and who is requesting the signature.
  • Auditable - There must be an audit trail, including the email address, IP address and potentially even the geographical location of the individual at the time of signing. The time stamp is also necessary. The audit trail becomes part of the verification and certification of the digital signature.
  • Tamper Evident - The digital signature must also be able to reveal if the document has been tampered with.

Surprisingly to me, a majority of real estate professionals may be putting themselves at legal peril by not using an electronic signature that meets the legal standards for ESIGN and SEAL. Are you? You might be. According to NAR's most recent member profile, you are very likely using an electronic signature--over 50% of NAR members asked stated they had used it. It makes our lives, and jobs, much easier, doesn't it? No more faxing, no more mailing, no more scanning, we just get an electronic signature. I hardly even use paper anymore, unless my client requests it.

eSignature has a multitude of benefits, but agents and brokers should be aware that they have a choice in service providers–and not all providers are the same. I was shocked to discover the apparent flaws in a few systems.

Did you know if the eSignature you are using does not comply with ESIGN laws, it might not comply with your state real estate laws, rules or regulations? Or that your E&O insurance may not cover you if someone were to "alter" or "hack" an "authentic" document? It may make your contract unenforceable, or a multitude of other possible problems could arise from not using a legal method for eSignature.

As real estate professionals, compliance with local, state and federal laws is one of our biggest concerns, and I bet it is costing you a LOT more than you realize in your E&O premiums, too. But most people don't know a thing about it and we really should. You don't have regular meetings at your board to review eSignature, or continuing education to update you on the latest authentication challenges or rulings.

Yet we don't dig in to research what provider to use, most of the time.

I did – when I started using DocuSign I knew that by using their services I was protecting the most important aspect of any contract—the signature. I knew I was selecting the standard for creating legally reliable and defensible contracts.

There is a reason that DocuSign has 75% of the eSignature market, so hopefully you are using them, and not other popular-but-riskier choices. There must be a reason that more Fortune 100 and Fortune 500 companies choose DocuSign, and the IRS takes DocuSign on tax documents (I have used it to file my taxes before).

If you, like myself, are using DocuSign, you don't need to worry. If you are not, then you MUST read the rest of this post before you find yourself in a precarious legal position. DocuSign signatures are self-reliant, meaning the copy you have is tamper-evident and you do not need to ask DocuSign to verify authenticity; you will know from the document. If tampered with, it will inform you that it has been changed, and offer to show you the unchanged version. In other words, DocuSign customers can stop reading this article and get back to closing business.

As I noted above, the three true best practice tests for authentication are all easily met and exceed the standards set forth by the US Federal Government. In fact, DocuSign practically invented most of the standards in eSignature, leading the eSignature industry in authentication, security, tamper-proof audit trail, and a privacy policy that truly protects and puts customers first.

Examine Your eSignature Tool – You Get What You Pay For

Take a few minutes and let's examine your eSignature tool. Far too many agents love the words "free" or "low cost," but you get what you pay for, don't you?

Some solutions are offered through our associations or MLS, such as Digital Ink or dotloop. But wait–is that free or low-cost solution making you compromise on features that would validate the authenticity of the document if questioned in a court of law?

Test your eSignature service: have you tried to edit a completed and signed document with these solutions? Is the low price made possible because your information is being sold to third-party telemarketers?

If you are only doing a couple of transactions per year, and your customers are not mobile, Digital Ink--provided by Signix and zipLogix--may be a good choice for you. The documents created by Digital Ink are tamper-proof, and while you may have to endure the occasional service outage, the product meets the legal standards to prevent tampering. One consideration is that the digital signature on the document is Signix, not the actual signer. Both you and your client will need to be comfortable with this quirk.

On the other hand, users of dotloop or HelloSign have more to worry about. These providers do not digitally seal the document upon completion. Documents signed with these solutions can be changed with easily found editing software after they have been signed.

Worse yet, those documents are not self-reliant, meaning a contract can be changed hours, days, or months later outside the system, and neither you nor your client, or any third party down the road may know they are looking at a contract that has been altered. Doesn't that go against the three basic best practices I noted above?

Recently I started using dotloop. I know I was super comfortable with DocuSign, but the first Loop I got, I refused to let my client sign. I demanded the buyer's agent send me a PDF and I would upload it myself for DocuSign.

Have you read dotloop's privacy policydotloop's privacy policy? It provides them with rights to the content of your account, including your information and that of your clients. Enough said. And for full disclosure, I adore and respect the founders of dotloop, and am proud of what they have done. But my standards are unwavering.

As I noted, the original SEAL of 1998 was a banking act--digital signature and authentication are top concerns to banks. Bank of America announced in January that it would accept electronic records and signatures, but only if the eSignature solution met certain security and reliability requirements. That means that not every eSignature service will be accepted. In fact, they even used a DocuSign verification in their documentation to demonstrate what authentication standards they are requiring. Hmmmm, does that mean they support DocuSign? Correct.

You decide--are you putting your business at risk? Check out this brief video demonstrating the easily distinguishable difference between a valid authentication and a document that doesn't quite cut it. I only have access to these two products, so that is the reason I didn't test anything other than DocuSign or dotloop.

To view the original article, visit Maya Paveza's blogMaya Paveza's blog.