It is a common observation that electronic commerce is being held back by the perceived insecurity of the Internet. Consumers’ reluctance to supply card details over the Internet is frequently cited. This reluctance is frequently derided as irrational, on the grounds that consumers supply the same details readily to strangers in person or by telephone. Unfortunately, both those who are reluctant and those who deride their reluctance have missed the point, explained above, that most of the risks of misuse of card information over the Internet fall not on the consumer but on the merchant.
Electronic commerce is much more likely to be held back by the justified unwillingness of merchants to take the risk of card transactions at which the customer is not present, than by the unjustified anxiety of consumers. (Consumers could of course be reassured by publicity about their freedom from this particular risk, but the banks and the merchant may not be enthusiastic to educate customers about these particular rights.)
The SET standard having failed to gain ready acceptance, as mentioned above, many in Government and industry have seen a solution in building trust in digital certificates linking a user’s name with a verification key. We have explained above why proposals of this kind are irrelevant to online banking. The Government’s proposals were originally devised to kill several birds with one stone: by promoting the importance of digital identity certificates obtained from approved providers, the Government hoped to increase confidence in electronic commerce, to introduce citizens’ identity cards without incurring the resulting cost or political hostility, and to provide an inducement to consumers to deposit copies of their confidentiality keys with the approved providers (as a means, called ‘key escrow’, for maintaining access by the intelligence and law enforcement agencies to intercepted communications). The proposals were perhaps too clever by half, and the stone did a good deal more harm to the Government than to any of the birds.
The proposals provoked damaging controversy and considerable mistrust of Government objectives. Indeed the Government’s continuing but misguided conviction of the central importance to electronic commerce of digital name certificates for consumers can only intelligibly be explained by the fact that to abandon that conviction would involve the unpalatable admission that the Government’s ‘consumer protection’ justification for its digital certificate policy was a bogus cover for its key escrow objective.
All-purpose digital name certificates are of very doubtful utility, among other reasons because names do not adequately distinguish people in large populations. They are also irrelevant to many transactions (what the merchant needs to know is that a card number is given by the person authorised to give it, whatever their name may be), where they needlessly reduce legitimate privacy. Their widespread use would depend on a complex hierarchical infrastructure of mutual recognition of different certificate issuers’ certificates, and on achieving practical solutions to many unsolved problems connected with expiry and revocation of certificates. And the suspicion inevitably remains that Government’s continuing enthusiasm for these castles in the air derives mainly from its hope that from among them may emerge (free from cost or blame to Government) a citizen’s identity card. Convenient for Government as such a development would be (because Government typically needs to assign a unique identifier to each citizen to avoid multiple claims for social security benefits or tax reliefs, for example), Government’s wish to portray the solution to its own problems as being promoted for the benefit of electronic commerce as a whole continues to be profoundly counter-productive.
13: Misperceptions of security: legislative bungling
We have concluded that there will be no early technical fix for the problems of safeguarding a user’s signature key, and that users should therefore not be burdened with proving that what seems to be their signature was in fact not made by them. In this section we review the legislative initiatives being pursued in the European Union and the United Kingdom in the light of this conclusion.
The European Union’s Signature Directive (‘Directive 1999/93/EC ... on a Community framework for electronic signatures’) came into force on 19th January 2000. Its primary objective is to discourage divergence between the various member states’ treatment of electronic signatures, and in particular the creation of barriers to free trade within the EU, and it is undoubtedly valuable for these purposes.
The Directive distinguishes between electronic signatures in general and ‘advanced electronic signatures’, the definitions being as follows:
‘electronic signature’ means data in electronic form which are attached to or logically associated with other electronic data and which serve as a method of authentication;
‘advanced electronic signature’ means an electronic signature which meets the following requirements:
it is uniquely linked to the signatory;
it is capable of identifying the signatory;
it is created using means that the signatory can maintain under his sole control; and
it is linked to the data to which it relates in such a manner that any subsequent change of the data is detectable.
We have concluded that neither PCs nor smartcards nor biometrics nor any methods currently available or likely to be available in the near future can enable a user to keep a signature key secure; and it follows in our view that condition 2(c) cannot be fulfilled, and that no advanced electronic signatures can be made.
It is of course no fatal reproach to the Directive that it should thus deliver thunder with no lightning; and it could be excused on the basis that the law will for once be ahead of events. But the existence of a legislative régime that seems to assume the existence of advanced electronic signatures may mislead users into believing that they do indeed exist. This assumption appears from the ensuing series of definitions:
‘signatory’ means a person who holds a signature-creation device and acts either on his own behalf or on behalf of the natural or legal person or entity he represents;
‘signature-creation data’ means unique data, such as codes or private cryptographic keys, which are used by the signatory to create an electronic signature;
‘signature-creation device’ means configured software or hardware used to implement the signature-creation data;
‘secure-signature-creation device’ means a signature-creation device which meets the requirements laid down in Annex III
The requirements laid down in Annex III are as follows:
Secure-signature-creation devices must, by appropriate technical and procedural means, ensure at the least that:
the signature-creation-data used for signature generation can practically occur only once, and that their secrecy is reasonably assured;
the signature creation data used for signature generation cannot, with reasonable assurance, be derived and the signature is protected against forgery using currently available technology;
the signature-creation-data used for signature generation can be reliably protected by the legitimate signatory against the use of others.
Secure signature creation devices must not alter the data to be signed or prevent such data from being presented to the signatory prior to the signature process.
These requirements represent an admirable wish list, and indeed reflect an awareness of many of the threats discussed above. But they seem to reflect an assumption that ‘currently available technology’ does in fact provide adequate means of protection against forgery, and in our view this is dangerously misleading.
Article 3 of the Directive provides that:
4. The conformity of secure signature-creation-devices with the requirements laid down in Annex III shall be determined by appropriate public or private bodies designated by Member States. The Commission shall, pursuant to the procedure laid down in Article 9, establish criteria for Member States to determine whether a body should be designated. A determination of conformity with the requirements laid down in Annex III made by the bodies referred to in the first subparagraph shall be recognised by all Member States.
The law can no more make an insecure system secure than it can determine the value of pi. There appears to be no mechanism for public scrutiny of determinations of conformity under the Directive, and no opportunity for challenge. Some member states with well established smartcard industries may appoint bodies which prove unable to resist the temptation to promote the interests of their national industries by finding that their products conform to Annex III. The resulting determination must be recognised throughout the EU.
Even a justified determination would be of limited value to the user. Recital 15 to the Directive makes it explicit that ‘Annex III covers requirements for secure signature-creation devices to ensure the functionality of advanced electronic signatures; it does not cover the entire system environment in which such devices operate.’ The result is that despite the requirement of Annex III that ‘Secure signature creation devices must not alter the data to be signed or prevent such data from being presented to the signatory prior to the signature process,’ the possibility remains that PCs or point of sale terminals to which such devices are presented may (without any nonconformity with Annex III) allow a signature key to sign a document of which the signatory is unaware.
If an electronic signature is taken to be an advanced electronic signature (justifiably or otherwise), this raises the question of what legal consequences follow. The point is addressed, up to a point, by Article 5 of the Directive, which provides as follows:
Member States shall ensure that advanced electronic signatures which are based on a qualified certificate and which are created by a secure-signature-creation device:
satisfy the legal requirements of a signature in relation to data in electronic form in the same manner as a handwritten signature satisfies those requirements in relation to paper-based data; and
are admissible as evidence in legal proceedings.
Member States shall ensure that an electronic signature is not denied legal effectiveness and admissibility as evidence in legal proceedings solely on the grounds that it is:
in electronic form, or
not based upon a qualified certificate, or
not based upon a qualified certificate issued by an accredited certification-service-provider, or
not created by a secure signature-creation device.
(We disregard the matter of qualified certificates, which are irrelevant to this discussion.)
English law on signatures lays down no formal requirements. The impression of a rubber stamp can be a signature, as can a facsimile of a handwritten signature sent by fax machine, as can a faint piece of handwriting made using a pencil. Anything which benefits from paragraph 2 of Article 5 has nothing to gain from paragraph 1. Subject to possible future changes in English law discussed below, therefore, it is immaterial whether an electronic signature is an advanced electronic signature. Any greater security enjoyed by an advanced electronic signature (whether real or illusory) has no legal effect in England.
In particular, it is important to note that the Directive does not require an advanced electronic signature to be accorded any special status. Indeed, by requiring it to satisfy legal requirements ‘in the same manner as a handwritten signature’, it may well prevent it from being given any special status. We have argued that there is no technical justification for treating an electronic signature which wrongly appears to have been made by a particular signatory as nevertheless binding on that signatory; and likewise no technical justification for putting on to the apparent signatory the burden of proving that he or she did not make the signature. To do so would be to depart from the existing English law rule that it is the relying party, and not the apparent maker, who bears the burden of proving the genuineness of a signature. The Directive clearly does not require a departure from this rule, and arguably prohibits such a departure. Whether intended or not, we think that this is a highly desirable result.
Just as the Directive is approaching the end of its legislative journey, the United Kingdom’s much debated Electronic Communications Bill has begun its passage through Parliament. As introduced it is consistent with the Directive, providing for electronic signatures (similarly defined) to be admissible, and establishing machinery for treating statutory requirements for writing to be satisfied by electronic data. It makes no distinction between one kind of electronic signature and another. In the event of a dispute about the genuineness of an electronic signature, the issue would have to be decided on the basis of expert evidence about the method used.
There remains one cloud in this serene sky, however. Clause 8 of the Bill, which provides the machinery for amending legislation to enable the use of electronic writing, gives the following powers:
(4) ... the power to make an order under this section shall include power to make an order containing any of the following provisions—
(g) provision, in relation to cases in which the use of electronic communications or electronic storage is ... authorised, for the determination of any of the matters mentioned in subsection (5), or as to the manner in which they may be proved in legal proceedings
(5) The matters referred to in subsection (4)(g) are—
(d) the person by whom such a thing was done.
An order under the clause could therefore provide that if a signature can be proved to have been made by a particular private key, it is to be treated as made by the owner of that key unless the contrary is proved by the owner (and perhaps even then). This is precisely the approach that we argue to be unjustified, and indeed contrary to the EU Signature Directive. Unfortunately, that Directive, with its references to secure signature devices which the UK would be obliged to ‘recognise’, might encourage just this use of the clause 8 powers.
When Australia considered these issues, the Commonwealth Attorney-General appointed an Electronic Commerce Experts Group to produce a report; and one of its conclusions was that there should be no reversal of the ordinary rule that the relying party must prove the genuineness of a signature. That conclusion was accepted, and the resulting Australian legislation provides accordingly. We think that UK legislation should similarly deny Ministers any power to alter this rule. We would therefore support an amendment to clause 8 (already published by the Foundation for Information Policy Research) to introduce the following limitation:
(9) No order under this section shall make any provision inconsistent with the following provisions of this section.
(10) Unless otherwise agreed between the purported sender and the recipient of an electronic communication, the purported sender of the electronic communication is bound by that communication only if the communication was sent by the purported sender or with the authority of the purported sender.
(11) Unless otherwise agreed between the purported maker of an electronic signature and any person relying on it (or any person through or under whom the person relying on it claims), the purported maker of the electronic signature is bound by that signature only if the signature was made by the purported maker or with the authority of the purported maker.
(12) Subsections (10) and (11) are not intended to affect the operation of a law (whether written or unwritten) that makes provision for:
(a) conduct engaged in by a person within the scope of the person’s actual or apparent authority to be attributed to another person; or
(b) a person to be bound by conduct engaged in by another person within the scope of the other person’s actual or apparent authority.
Unfortunately the Government at present remains unwilling to accept such an amendment.