Back to top

News

COVID-19 and Electronic Signatures in Lebanon

June 2020

The outbreak of COVID-19 has disrupted activities on a global scale and has led to extended lockdowns in many parts of the world. The Coronavirus’ measures, notably travel restrictions and social distancing, have created an extra challenge for businesses making it more difficult to have agreements and other documents executed. Although face to face meetings are now less of an option, and the exchange of hard copy documentation is becoming more difficult, contracts must continue to be concluded in order to ensure the continuity of businesses. For this reason, the reference to electronic documents and contracts is currently increasing as a viable option for business, and the electronic signature is encouraged as an alternative to “wet ink” signature where it is practicable and available with little or no legal risk.

This being said, the question is: are electronic contracts enforceable and digital signatures valid in Lebanon?

This article answers the question and sets out the legal requirements for the validity of e-documents and e-signatures under Lebanese legislation.

The Law No.81/2018: Lebanon’s first step into the e-transactions’ world

On October 10, 2018, Lebanon has joined the modern business network where electronic communications are good practice, by issuing an e-transactions and data protection law (Law No. 81/2018). Up until this date, e-documents and signatures could merely serve -upon judges’ discretion- as a preliminary evidence and data protection was absent from the Lebanese legislative environment. 

The law No. 81/2018 has the merit of acknowledging the existence and enforceability of e-documents and e-signatures, but also of drawing a legal framework for e-commerce and setting a protective ground for personal data. 

In this article, we will only address the e-documents and e-signatures’ validity chapter of the abovementioned law. This chapter deserves as special focus taking into consideration the importance and increasing need of businesses for e-signatures in this Coronavirus environment. 

E-documents/e-signatures’ validity and recognition

The law No.81/2018 has brought a first-time definition to both writings and signatures. 

The writingis defined regardless of the format used and the medium through which the information is transferred, which can equally be paper or electronic, while thesignatureis defined by its common function, as a requirement to the completion of a legal process in order to identify the party thereto and confirm their consent to the signed legal process. 

Moreover, the main achievement of this law is in equating e-signatures and e-documents with paper-based signatures and documents. As provided in article 4 of Law No.81/20018, “electronic writings and signatures shall have the same legal effect as the writings and signatures made on paper or any other medium”, under the following two cumulative conditions: 

  • Provided that the person producing the documents is identifiable, 
  • And that the documents are organized and stored in a way that preserves their safety, which we will be detailing thereafter. 

One particular and relevant legal effect tackled by this law (article 7) is related to the evidentiary weight of e-documents and e-signatures, that shall be accepted as evidence and have the same validity and power of proof as the written paper-based document, under the same aforementioned conditions. 

Otherwise, in case the electronic writing does not meet the mentioned criteria, it shall be considered as introduction of written evidence.

The multiple copy rule stipulated in Article 152 of the Civil Procedure Law for paper-based documents is still required for e-documents under article 10 of Law No.8/2018. It is deemed satisfied when the ordinary document is organized as per the reliability requirements set forth in the mentioned law, and when the mechanism used by each party allows to obtain or access a copy of the document.

Challenges of implementation

Although the Law 81/2018 offers many merits, it is however not devoid of “challenges” for the parties who wish to contract electronically or issue an electronic document under the Lebanese Law. 

  • Regarding official electronic documents:

A first challenge in the implementation of the law is related to official electronic documents. These documents will not produce any legal effect until regulated by virtue of a decree of the Council  of Ministers upon a proposal of the Minister of Justice. Said decree, yet to be issued, is expected to govern the special procedures and guarantees pertaining to the documents and their scope as provided for in article 8 of the mentioned law.

Some transactions that shall be official in principle, such as the transactions relating to personal law (marriage, divorce and wills) and to immovable property , tend to be excluded from e-transactions laws in general; this, for instance, is particularly the case of the Federal Law No. 1 of 2006 concerning Electronic Transactions and Commerce of the UAE. 

However, the Lebanese Law No. 81/2018 does not comprise any exclusion in this regard. We are still to discover whether the mentioned transactions will be electronically possible upon the issuance of the decree of implementation relating to official documents, or whether they will be excluded. 

  • Regarding the safety of electronic writings and signatures (official and unofficial):

Another pertinent challenge lies in the means to ensure the safety of electronic writings and signatures as a legal requirement for their validity. 

As mentioned earlier, one of the mandatory conditions that will allow electronic writings and signatures to produce the same effects as if they were paper based, is their organization and storage “in a way that preserves their safety”. 

Article 5 of the mentioned law determines the meaning of “storage of electronic data” as “the recording of the data on a storage medium in a way to ensure that the data is safe and accessible at all times in a way that allows copying or extracting content”, but uncertainty remains as to how to ensure the safety of e-writings and signature? The law 81/2018 doesn’t seem to be clear about it. 

So why would parties resort to protection means? And what are some of these means? 

  • In fact, safety is key in e-commerce which is why e-transactions must be regulated, with regards to all their particularities and technicalities; for safety brings integrity, and integrity brings reliability. This idea is reflected in article 15 of the law which stipulates that “the protection measures are used in electronic writings and signatures to make them more reliable”. The protection measures will help perform several functions such as: verifying the identity of the document organizer, assigning a correct date to the document, and/or ensuring its storage and the integrity of its content (in other words, in way that does not allow the modification of its content). The law sets in article 9 a “presumption of reliability” for electronic signature, if it is produced and authenticated through a procedure by an authorized authentication service provider. Only in this case, it is presumed that the signatory is identified and that the signature corresponds to the legal process in question, unless proven otherwise. But what is an authorized authentication service provider?
  • The reference to one or more authentication service provider(also referred to as Certification service provider or CSP) is one of the means to ensure protection of signatures and writings, stipulated as such by the mentioned law. These authentication service providers shall, upon performance of said functions, deliver a certificate of authentication to the concerned person (article 15). 

Chapter IV of the mentioned law stipulates that the Lebanese Accreditation Council (COLIBAC) shall determine the conditions of accreditation of the CSPs and that an implementing decree is required to address the legal recognition of electronic authentication certificates. 

In the absence of such decree and considering that COLIBAC is non- operational in performing its functions, in particular determining the accreditation conditions, the full implementation of the Law is unfortunately delayed. 

In the meantime, and until CSPs are approved by the COLIBAC: 

  • The presumption of reliability set forth in article 9 is disabled. 
  • Instead, the judges will have a discretionary power to assess the power of proof of the electronic signature or writing, unless the parties agree otherwise (article 18).

The law 81/2018 also stipulates that the functions above (identity of the organizer, date of document, the safety of its content, etc.) may be performed through other techniques as well, left to the creativity of the interested parties since the law does not refer to any of them.  

  • Regarding the general implementation of the law: 

The law is in fact effective since January 2019 (three months from its publication in the official gazette). However, as stipulated in article 134, details of enforcement of the present Law shall be defined, where necessary, by decrees issued by the Council of Ministersupon the proposal of the Minister of Justice, the Minister of Economy and Trade, the Minister of Finance, the Minister of Industry and the Minister of Telecommunications, each within the limits of their power.”  

However, Article 64 of the law remains an exception to the Lebanese government’s pace, since it entitles the Central Bank to issue implementing measures to the authentication of e-signatures relating to e-payments. Such autonomy given to the Central Bank in regulating the implementation of laws relating to the banking sector, explains why this sector is ahead of the rest of the economy especially when it comes to e-commerce. 

Failure of issuing any implementation decree related to the mentioned Law, the consecutive council of Ministers that have been in place since its issuance are delaying the implementation of the new Lebanese e-transactions and data protection law. 

Conclusion and recommendations 

In conclusion, and thanks to the law 81/2018, the electronic writings and signatures now produce the same legal effects and have the same evidentiary weight as paper-based documents when conditions of safety as detailed above are met. That said, decrees are still needed and authentication providers are still to be accredited in order to consider that law as fully applicable. 

Does that mean that it is still not possible at all in Lebanon to use e-documents and e-signatures? 

Since the statutory presumption of reliability is currently disabled, the validity of electronic signatures and writings is left to the discretion of judges until Lebanon is able to have “authorized authentication service providers” (article 18 of the law). 

This, however, does not mean that the law 81/2018 cannot be implemented but means that users must be taking all necessary measures to mitigate the risk of invalidity of their e-documents and signatures. 

How would they do it?  

Article 15 of the law states that the several functions guaranteed by the protection measures, such as the identity of the document organizer, assigning correct date to the document, and/or ensuring its storage and the integrity of its content, are “provided by one or more authentication service provider who shall, upon performance of said functions, deliver a certificate of authentication to the concerned person”.  

Therefore, all parties wishing to electronically contract under Lebanese legislation will have to refer to one or more authentication service provider in order to fulfill the two conditions set forth in article 4 of the law 81/2018 (identification and safety). We can refer here to the authentication service providers who are currently performing at the international market such as GlobalSign, Adobe, Microsoft, etc.

Since no authentication service providers are yet authorized in Lebanon and the power of proof of the electronic signature or writing is left to the discretion of judges, the users are advised to refer to well-known safe and secure CSPs. The more the CSP referred to is safe and secure, the less the risk is. 

For instance, GlobalSign and Adobe happen to be very well-known as secure authentication service providers on the international market, more than Microsoft. If an e-document or signature is authenticated by GlobalSign or Adobe, the risk that the judge would not give it its full power of proof as if it was paper-based is very little, almost non-existent. 

Good thing is that Lebanese judges are currently being trained by the Internet Society- Lebanon on the technical implementation of the law and are getting more familiar with the names of international CSPs and their particularities, which will mitigate their discretion in assessing the power of proof of e-writings and signatures in case they are authenticated by these particular well-know CSPs. 

Article 15 also states that all the above-mentioned functions could be performed through other techniques than the reference to authentication service providers, without mentioning any of these “other techniques”. Could these be for example biometric recognition techniques such as face recognition? In all cases, where parties wish to refer to techniques other than authentication service providers, they are invited to be very prudent in their choice as it will directly affect the power of proof of their e-documents. In the absence of Lebanese case-law in this field, we are not sure how the judges will receive and assess the different techniques of authentication. 

As a last recommendation, it would be useful for parties to e-contracts to incorporate a reference to e-signature in the document itself. They might also agree, in their contract, on the authentication body they are going to use according to article 18 “unless the parties agree otherwise”. 

 

 

KEY CONTACTS  

Carine Tohme               Nour Abi Rached

Managing Partner            Junior Lawyer

ctohme@tohmelaw.com  nabirashed@tohmelaw.com

Back