1. US ESIGN Act
The Electronic Signatures in Global and National Commerce Act (ESIGN Act, 15 USC 7001) was signed into law in 2000 and gives electronic signatures the same legal weight as handwritten signatures for the vast majority of commercial transactions in the United States.
For an electronic signature to be legally binding under ESIGN, four elements must be present:
- 1.Intent to sign. The signer must show they intended the action to be a signature β typing a name, drawing, or clicking a "Sign" button all qualify.
- 2.Consent to do business electronically. Both parties must consent to conducting the transaction electronically. This is usually captured by continuing through the signing flow.
- 3.Association with the record. The signature must be logically associated with the document it signs.
- 4.Record retention. The signed record must be capable of being accurately reproduced by all parties for later reference.
ESIGN applies nationally. Every US state except New York has also adopted the Uniform Electronic Transactions Act (UETA), which provides equivalent state-level protection. New York has its own Electronic Signatures and Records Act (ESRA) that is substantively similar.
Exceptions: ESIGN does not apply to wills, powers of attorney, court documents in most jurisdictions, adoption papers, divorce decrees, and notices of termination of utilities. These still require handwritten signatures.
2. EU eIDAS Regulation
Regulation (EU) No 910/2014 β known as eIDAS β took effect July 2016 and established three levels of electronic signature in the European Union:
Simple Electronic Signature (SES)
Any electronic data attached to other electronic data used by the signer to sign. Examples: typed name, clicking "I agree", drawing a signature. Accepted as admissible evidence in court across all EU member states.
Advanced Electronic Signature (AES)
Uniquely linked to and capable of identifying the signer; created with data the signer has sole control over; linked such that any subsequent change is detectable. Typically requires public key cryptography.
Qualified Electronic Signature (QES)
An AES created with a qualified signature creation device (QSCD) and based on a qualified certificate issued by a qualified trust service provider (QTSP). QES has the same legal effect as a handwritten signature across all EU member states without additional evidence required.
Practical guidance:For standard business contracts (NDAs, service agreements, employment offers), SES is sufficient and is what most e-signature platforms including SignBolt provide. QES is required only for specific regulated transactions in certain member states β consult a lawyer if you're unsure.
3. Australian Electronic Transactions Act
The Electronic Transactions Act 1999 (Commonwealth) is the federal legislation that governs electronic signatures in Australia. Each state and territory has enacted its own mirror legislation with minor variations.
Section 10 of the ETA establishes the legal validity of electronic signatures when three conditions are met:
- Identification: A method is used to identify the signer and indicate their intention in relation to the information.
- Reliability: The method used is as reliable as appropriate for the purpose for which the electronic communication was generated or communicated.
- Consent: The person to whom the signature is required to be given consents to that requirement being met by electronic means.
Recent updates: Since 2022, most Australian states have permanently enabled electronic execution of corporate documents under the Corporations Act 2001 section 127. This means company agents can electronically sign contracts on behalf of corporations without needing a physical common seal.
Exceptions: Wills, statutory declarations, and some property transactions still require handwritten signatures in most Australian jurisdictions. Real estate practice varies by state β NSW and Victoria have expanded acceptance of electronic conveyancing through PEXA; other states are partial.
4. What an audit trail proves in court
An electronic signature without an audit trail is like a handwritten signature without a witness β legal in principle, but much harder to prove authentic in dispute. A complete audit trail records the metadata around the signing event so the signed document can stand up to scrutiny.
A court-ready audit trail typically includes:
- Signer identity verification: email address, name, and ideally a verification step (email magic code, SMS, or government ID).
- Timestamp: the exact moment the signature was applied, in UTC or with timezone.
- IP address: the network address the signer was using when they signed.
- User agent: the browser and device used for signing.
- Cryptographic hash: a SHA-256 (or similar) hash of the signed document so any alteration can be detected.
- Unique audit ID: a reference that can be used to cross-check the signing event against the platform's server-side records.
SignBolt captures all six elements on every signed document. Pro, Business, and Enterprise plans include a full audit trail page appended to the signed PDF; Free accounts get a compact audit footer.
5. Five common mistakes to avoid
1. Assuming electronic signatures are universally valid
They're not. Wills, most real estate transfers, court-filed documents in some jurisdictions, and specific immigration paperwork still require handwritten signatures. Always verify your specific use case with a lawyer for high-stakes documents.
2. Skipping the consent step
ESIGN Act and Australian ETA both require both parties to consent to electronic signing. Most platforms handle this automatically via the "by continuing you agree" pattern β but if you're signing on paper and asking a counter-party to accept electronically, make their consent explicit in writing.
3. Storing the signed document without the audit trail
The audit trail is what makes the signature defensible in court. If you download a signed PDF and store only the last page (the visual signature), you've lost the evidence chain. Always store the full signed document including the audit trail page.
4. Using a free service with no audit trail for contracts over $10k
Some free signature tools only overlay an image on the PDF without capturing any metadata. These signatures are legally binding in principle but nearly impossible to enforce if disputed. For any commercial contract of material value, use a platform that generates a proper audit trail (SignBolt Free includes a basic audit footer; Pro+ includes the full audit page).
5. Missing the signer's identity verification
A signature is only as good as your ability to prove who signed it. Email verification (magic code) is the minimum for most commercial documents. For higher-stakes agreements, consider multi-factor verification (email + SMS, or email + ID document). SignBolt uses email magic code verification on all accounts.
Get updates when this guide is revised
Laws change β this guide is updated quarterly with the latest court cases and regulatory updates. Get notified when we release a new version.
No spam. Just the guide updates. Unsubscribe any time.
Legal disclaimer: This guide is educational content, not legal advice. Laws and regulations change. Consult a qualified lawyer in your jurisdiction for specific legal questions. SignBolt and SeaQae Group make no warranty about the completeness or accuracy of this information.