The URL can be used to link to this page

Home My WebLink About6.d. Electronic Signature Policy EXECUTIVE SUMMARY City Council Regular Meeting: July 31, 2017 AGENDA ITEM: Electronic Signature Policy AGENDA SECTION: Consent PREPARED BY: Clarissa Hadler, City Clerk AGENDA NO. 6.d. ATTACHMENTS: Draft Resolution, IPAD Article, MHS Article APPROVED BY: LJM RECOMMENDED ACTION: Motion to approve Electronic Signature Policy. SUMMARY The City of Rosemount is pursuing a number of efforts to increase efficiency, decrease costs, and improve customer service through online forms. To further these efforts, staff recommends the implementation of an electronic signature policy. Staff has reviewed a number of laws and rulings that address electronic signatures. The Uniform Electronic Transactions Act (UETA) is a uniform act that has been adopted by most states, including Minnesota (Minn. Stat. Ch. 325L). The UETA defines "electronic signature" as "an electronic sound, symbol, or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record." The act gives legal recognition to electronic signatures and contracts if the parties agreed to conduct business electronically. Further, both Federal Law and State Statute widely accept electronic signatures as an acceptable form of acknowledgement specific to a wide range of topics, including; Commerce (Electronic Signatures in Global and National Commerce Act), Property (MS Chapter 507), Trade/Consumer Protection (MS Chapter 325K), Business filings (MS Chapter 302A), Legal remedies (MS Chapter 572B), and taxes (MS Chapter 270C). There are a number of types of electronic signature, with varying degrees of authentication of the user. "Key Pairs" create certificates that need to be shared to authenticate the signature and prove that a document has not been altered since it was signed. There are services, such as DocuSign or Adobe Sign, that create an account through which you can share a document to be signed (the account login is the authentication process). Some online forms and retail keypads provide a signature box in which you sign using a stylus, mouse, or finger. Many online "signatures" are simply the individual's name typed in a field. Some of these then allow you to apply your choice of font to your name. According to the Minnesota Historical Society article (attached), "the UETA purposely allows for a wide range of signature technologies. It says, ‘An electronic record or electronic signature is attributable to a person if it was the act of the person. The act of the person may be shown in any manner, including a showing of the efficacy of any security procedure applied to determine the person to which the electronic record or electronic signature was attributable.’" Most of the City’s current paper forms, be they internal or external, require a simple signature. Some, like licensing applications, currently require a notarized signature, due to the presence of an Informed Consent Form for background and/or criminal history checks. It is unclear the reasoning behind the notarized signature, but it is likely due to the sensitive nature of the information that is accessible through the Bureau of Criminal Apprehension (BCA) database. It is the current practice of the BCA to obtain a notarized signature on a hard copy of the consent form, so this was likely a recommendation they passed to those accessing their database. The League of Minnesota Cities also provides this as "optional language" on their model informed consent form. 2 The Information Policy Analysis Division (IPAD) of the Minnesota Department of Administration addresses the concept of informed consent in the attached article. It states "Specifically, Minnesota Rules 1205.1400, subpart 4, requires that a valid informed consent must: • Be voluntary and not coerced, • Be in writing* • Explain why the new use or release is necessary • Prior to affixing a signature*, include any known consequences for giving informed consent *Minnesota adopted the Uniform Electronic Transactions Act in 2000, that says: • If a law requires a record to be in writing, an electronic record satisfies the law. • If a law requires a signature, an electronic signature satisfies the law." Again, the UETA defines "electronic signature" as "an electronic sound, symbol, or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record." Given these facts, staff feels comfortable that the current legislation enables the use of a wide range of electronic signatures for use on informed consent forms. To further examine this concept, staff spoke with Quinn O'Reilly, Staff Attorney at the Minnesota League of Cities, to discuss the League's position or recommendation, specifically around the issue of liability and loss prevention. The question was whether the City would be potentially liable in the event of fraudulent use of electronic signatures. Mr. O'Reilly stated that while there may be a slight increase in risk, the likelihood of misuse is probably similar to that of hard-copy forms and signatures. He questioned whether the city could truly combat someone representing themselves as someone else, even in person, assuming they would go to lengths necessary to find a fake identification that looked similar to themselves. Staff, as well as Mr. O’Reilly, also spoke with the BCA to discuss the use of electronic signatures for informed consent for background and criminal history checks done through their systems. BCA staff stated it was not a requirement of the BCA to have a notarized or “wet” signature nor was it a statutory requirement. While there are a number of electronic signature applications on the market, staff is hesitant to implement one of these as part of our processes for a couple of reasons. First and foremost, the clientele for many forms might not be familiar or comfortable with the concept, or be willing to take the time to register with a service like DocuSign or others. Also, implementing an outside service would add inefficiencies to our process, as well as costs. Rather than implementing an outside service, the City could create a process that utilizes some of the same concepts as those used in these services, such as access codes, identification document upload, and IP address logs. Staff will continue to examine outside applications as they become more widely utilized over time, or as specific needs arise. The Minnesota Historical Society article states "In all cases, the key to demonstrating the trustworthiness of a record and its signature is demonstrating the trustworthiness of the system that creates and manages the record. Having sufficient and appropriate systems documentation is the only way to achieve this." Staff feels that the systems it is designing and proposed policy sufficiently address the issue of authentication, in varying degrees depending on the type of form, necessity for authenticating the user, likelihood of misuse, and risk for liability. The following staff and consultants have been given an opportunity to review and comment on the draft policy; City Administrator Martin, Assistant City Administrator Foster, City Attorney Tietjen, IT Coordinator Solberg, Finance Director May, Finance Supervisor Miller, Chief of Police Scott, Police Records Supervisor Hanson, Community Development Director Lindquist, Parks & Recreation Director Schultz, Public Works Director/City Engineer Erickson, and Auditors Jennifer Dickman and Aaron Nielsen, of MMKR, and Sheanne Hediger and Ryan Engelstad, of Baker Tilly. RECOMMENDATION Staff recommends approval of the above-stated motion. CITY OF ROSEMOUNT POLICY TITLE: ELECTRONIC SIGNATURE POLICY EFFECTIVE DATE: JULY 31, 2017 POLICY NUMBER: ________ PROPOSED BY: CITY COUNCIL DATE APPROVED BY CITY COUNCIL: JULY 31, 2017 PURPOSE The City of Rosemount wishes to further implement paperless processes to increase efficiencies within the organization. The purpose of this policy is to provide guidance on when electronic signatures are considered accepted means of validating the identity of a signer in the City of Rosemount electronic documents and correspondence, and thus a substitute for traditional “wet” signatures, within the organization. POLICY This policy hereby adopts by reference the Definitions of the Uniform Electronic Transactions Act (MS 325L.02). Of note, "Electronic signature" means an electronic sound, symbol, or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record. An electronic signature may be accepted in all situations where requirement of a signature or approval is stated or implied. This policy does not supersede situations where laws specifically require a written signature, or the specific electronic signature policies of other government agencies. Examples of documents, while not all inclusive, where electronic signatures are appropriate include: purchasing and accounting transactions such as purchase orders, inventory, receiving, accounting entries, payment records, timesheets, expense reports, credit card logs, time off requests, and permitting/licensing applications. Other documents may be deemed appropriate by the City Administrator. The electronic signatures/approvals are protected by reasonable security measures as applicable to established computer functions of the City of Rosemount and outlined in the Procedures below. The City Administrator or his/her designee will maintain an organization-wide list of the types of documents and correspondence that are not covered by this policy, which shall be listed in and Appendix to this policy. Electronic signatures must apply to individuals only. Electronic signatures for roles, positions, or titles are not considered valid. The use of electronic signatures is subject to criminal laws pertaining to fraud and computer crimes. PROCEDURES 1. Laserfiche Forms – • Internal signatures by employees may utilize the signature field in Laserfiche Forms. In Forms where a login is required, the authentication process may be considered sufficient authentication and no signature is required. The authentication shall be saved to Laserfiche using the “Include Action History” setting in the Save to Repository tool. • Internal approval processes, such as those that normally may require a supervisor signature, may utilize Laserfiche Forms without the use of a signature field. The electronic approval shall be saved to Laserfiche during the Forms process using the “Include Action History” setting in the Save to Repository tool. In Forms where action history does not track the user, a combination of employee name and ID or user name and passcode shall be implemented to verify the identity of submitter and safeguard the process. • Signatures for external applicants may be obtained via Laserfiche Forms Signature field, except where a "wet" signature is required by other agencies or to meet any legal or contractual requirements. 2. Electronic signatures may be utilized on PDFs utilizing key pair signatures, or through products such as Adobe Sign, DocuSign, or other similar products, provided staff follow appropriate signature validation and authentication procedures for the key pair. 3. In all cases, procedures shall be implemented that sufficiently address the issue of authentication, depending on the type of form, necessity for authenticating the user, likelihood of misuse, and risk for liability. 4. In all cases, forms shall include notifications of the statutes addressing fraudulent use of electronic signatures and the potential penalties for these acts. 5. In all cases, documentation of the Form inputs and supporting actions, shall be saved to Laserfiche and retained as required by the City’s Document Retention Policy. This policy will go into effect the day following its adoption by the City Council of Rosemount, Minnesota. APPENDIX Documents on which Electronic Signatures Are Not Allowed (Updated July 31, 2017) • Resolutions • Ordinances • Contracts or Documents governed by the Uniform Commercial Code ("UCC") • Documents related to o Employee Disputes o Union Negotiations o Real Estate Transactions 7/20/2017 Informed Consent http://www.ipad.state.mn.us/docs/consentmain.html 1/2 Informed Consent What is informed consent and when is it required? Informed consent is written permission from an individual to allow a government entity to release the individual's private data to another government or non- government entity or person, or to use the individual's private data within the entity in a different way (Minnesota Statutes, section 13.05, subdivision 4). A government entity must obtain an individual's informed consent in the following situations: When the individual asks the entity to release his/her private data to another entity or person When the government entity wants to release the individual's private data to another entity or person (government entity created the private data or government entity collected the private data from someone other than the individual) When the government entity wants to release the individual's private data to entities or persons other than those listed in the Tennessen warning notice the government entity gave the individual when it collected the data When the government entity wants to use the individual's private data in a way that is different than what the government entity explained in the Tennessen warning notice the government entity gave the individual when it collected the data The informed consent requirements apply to Minnesota government entities subject to the Data Practices Act (Minnesota Statutes, Chapter 13) and, in some cases, to third party contractors (Minnesota Statutes, sections 13.02, subdivision 11; 13.05, subdivision 2; 13.05, subdivision 11). For information about informed consent when government is releasing data to an insurer, see Minnesota Statutes, section 13.05, subdivision 4a. What is valid informed consent? Minnesota Rules 1205.1400, subpart 3, requires that individuals giving informed consent have sufficient mental capacity to understand the consequences of their decision to give consent. Minnesota Rules 1205.1400, subpart 4, requires that a valid informed consent must: Be voluntary and not coerced Be in writing* Explain why the new use or release is necessary Prior to affixing a signature*, include any known consequences for giving informed consent *Minnesota adopted the Uniform Electronic Transactions Act in 2000, that says: If a law requires a record to be in writing, an electronic record satisfies the law. If a law requires a signature, an electronic signature satisfies the law. If the individual is a minor or has a legally appointed guardian, the entity may also need the signature of the individual’s parent or guardian depending on the situation or the entity’s policy. What is the connection between a Tennessen warning notice and an informed consent? When a government entity collects private or confidential data from an individual about the individual, the entity must give the individual a Tennessen warning notice (Minnesota Statutes, section 13.04, subdivision 2). The Tennessen warning notice must include how the entity intends to use the data and which outside entities or persons are authorized to have the data. Once the entity gives the notice, the entity may use or release the data in the ways described in the notice. After giving a Tennessen warning and collecting private data from an individual, a government entity may wish to use the data differently than it described, or may wish to release the data to an outside entity (government or non- government) or person other than it described. In either of these situations, the government entity would need to obtain informed consent from the individual. Sample Consent Forms Release request by individual Release request by government Release request by government for new use Release request from an education record The Minnesota Standard Consent to Release Health Information (h) "Electronic signature" means an electronic sound, symbol, or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record. 7/20/2017 Informed Consent http://www.ipad.state.mn.us/docs/consentmain.html 2/2 © Copyright 2016. Information Policy Analysis Division, Minnesota Department of Administration 201 Administration Building, 50 Sherburne Avenue, St. Paul, MN 55155 • Phone: 651-296-6733 or 800-657-3721 • Email IPAD• Advisory Opinions RSS Electronic Records Management Guidelines Electronic and Digital Signatures Minnesota State Archives, Minnesota Historical Society March 2012, Version 5 Page 1 Electronic and Digital Signatures Summary The advent of e-government and e-services has changed the way state agencies and local government offices do business. As a result, electronic systems and processes have become as important as traditional paper and ink. In a paper environment, a hand signature, also known as a “wet signature,” authorizes and authenticates the content of a document. A signature provides a level of trustworthiness and accountability that aids the conduct of business. Electronic signatures extend the function of handwritten signatures to electronic documents, providing a way for two parties to conduct business confidently in an electronic environment. Up-to-date technologies and procedures must meet the demand for trustworthiness where hand signatures are not viable. Since signatures derive their primary importance from their legal and evidentiary value, these concerns must drive the selection of electronic signature technologies. Consequently, each agency will need to define its legal and evidentiary needs in relation to its business processes before choosing an electronic signature application. Furthermore, the electronic signature application selected must fit the agency‟s technology architecture to create, preserve, and make available its records. Technical obstacles pose great challenges to the long-term preservation of electronic signatures. Policy regarding the preservation of signatures should be adopted by each agency to ensure consistent practice across the organization. Legal Framework Many government agencies have unique and specific legislative mandates that apply to them and their functions. Two chapters of the Minnesota statutes in particular apply to electronic signatures, Chapters 325L and 325K. Uniform Electronic Transactions Act (UETA) [Minnesota Statutes, Chapter 325L1] addresses the issues of the legal admissibility of electronic records created in a trustworthy manner and the application of the paper-oriented legal system to electronic records. The Minnesota Electronic Authentication Act [Minnesota Statutes, Chapter 325K2] defines an electronic signature uniquely in terms of digital signature using Public Key Infrastructure technology (PKI). This type of digital signature is: a transformation of a message using an asymmetric cryptosystem such that a person receiving the initial message and having the signer's public key can accurately determine: (1) whether the transformation was created 1 Minnesota Office of the Revisor of Statutes. 2009 Minnesota Statutes. Chapter 325L: Uniform Electronic Transactions Act. 2009. https://www.revisor.leg.state.mn.us/statutes/?id=325L 2 Minnesota Office of the Revisor of Statutes. 2009 Minnesota Statutes. Chapter 325K: Electronic Authentication. 2009. https://www.revisor.leg.state.mn.us/statutes/?id=325K Electronic Records Management Guidelines Electronic and Digital Signatures Minnesota State Archives, Minnesota Historical Society March 2012, Version 5 Page 2 using the private key that corresponds to the signer's public key; and (2) whether the initial message has been altered since the transformation was made. Each agency should their specific statutory requirements before making any choices about electronic signature technologies. In addition to state laws, agencies must adhere to federal laws such as: Electronic Signatures in Global and National Commerce (E-Sign)3, a federal law that addresses the issues of the legal admissibility of electronic records created in a trustworthy manner and the application of the paper-oriented legal system to electronic records. (Federal version of UETA.) Health Insurance Portability and Accountability Act of 1996, HIPAA4. This act is concerned with non-repudiation. Non-repudiation “provides assurance of the origin or delivery of data,” so that the sender cannot deny sending a message and the receiver cannot deny receiving it. This prevents either party from modifying or breaking a legal relationship unilaterally. HIPAA holds that only a digital signature technology can currently provide that assurance. For more information on the legal issues you must consider when considering using electronic signature technology, including what constitutes a government record, refer to the Legal Framework chapter of these guidelines and the Minnesota State Archives‟ Preserving and Disposing of Government Records5. Key Concepts When selecting and implementing an electronic signature technology, keep in mind: Functions of Signatures Definitions of Signatures Electronic Signature Technologies Other Means of Authentication 3Thomas. Electronic Signatures in Global and National Commerce Act. S.761. Library of Congress. http://thomas.loc.gov/cgi-bin/query/z?c106:S.761: 4 U.S. Department of Health and Human Services. Understanding HIPAA Privacy. http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html 5 Minnesota Historical Society. Preserving and Disposing of Government Records. Minnesota State Archives. May 2008. http://www.mnhs.org/preserve/records/docs_pdfs/PandD_may2008.pdf Electronic Records Management Guidelines Electronic and Digital Signatures Minnesota State Archives, Minnesota Historical Society March 2012, Version 5 Page 3 Functions of Signatures In general, signatures serve specific functions. The American Bar Association6 enumerates these as: Evidence: A signature authenticates a writing by identifying the signer with the signed document. When the signer makes a mark in a distinctive manner, the writing becomes attributable to the signer. Ceremony: The act of signing a document calls to the signer's attention the legal significance of the signer's act, and thereby helps prevent inconsiderate engagements. Approval: In certain contexts defined by law or custom, a signature expresses the signer's approval or authorization of the writing, or the signer's intention that it have legal effect. Efficiency and logistics: A signature on a written document often imparts a sense of clarity and finality to the transaction, and may lessen the subsequent need to inquire beyond the face of a document. Negotiable instruments, for example, rely upon formal requirements, including a signature, for their ability to change hands with ease, rapidity, and minimal interruption. An electronic signature will have to fulfill some or all of these functions. You should determine which are pertinent to your business processes before selecting a particular electronic signature technology. Definitions of Signatures Using Minnesota Statutes the traditional definition of a signature is as follows: The signature of a person, when required by law, (a) must be in the handwriting of the person or, (b) if the person is unable to write, (i) the person's mark or name written by another at the request and in the presence of the person or, (ii) by a rubber stamp facsimile of the person's actual signature, mark, or a signature of the person's name or a mark made by another and adopted for all purposes of signature by the person with a motor disability and affixed in the person's presence.7 A reliance on the definition above would make it virtually impossible to use technology to deliver services and to meet all legal and evidentiary requirements. To address this problem, and 6 American Bar Association. Digital Signature Guidelines Tutorial. Section of Science and Technology Information Security Committee. http://www.americanbar.org/groups/science_technology.html 7 Minnesota Office of the Revisor of Statutes. 2009 Minnesota Statutes: 645.44 Words and Phrases Defined . 2009. https://www.revisor.leg.state.mn.us/statutes/?id=645.44 Electronic Records Management Guidelines Electronic and Digital Signatures Minnesota State Archives, Minnesota Historical Society March 2012, Version 5 Page 4 to provide a standard approach to the use of electronic signatures, Minnesota adopted the Uniform Electronic Transactions Act (UETA)8 in the 2000 legislative session. UETA defines electronic signatures as: An electronic sound, symbol, or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record. This definition is not technology specific, and so does not mandate the adoption of any particular hardware or software application. Any technology, theoretically, that could authenticate the signer and the signed document could generate a legally admissible signature, as long as the parties could demonstrate the trustworthiness of the process that created and preserved the records in question. In many communities there is no distinction made between the terms „electronic‟ and „digital‟, especially among information technology communities where “electronic” and “digital” are used synonymously and interchangeably. However, in Minnesota law there is a clear legal distinction made between electronic and digital signatures. A digital signature is a particular type of electronic signature that relies on a Public Key Infrastructure (PKI) technology. UETA does not separately define digital signatures but permits their use under the broader definition of electronic signatures. The Minnesota Electronic Authentication Act9 however does define a digital signature uniquely in terms of PKI. A digital signature is: A transformation of a message using an asymmetric cryptosystem such that a person having the initial message and the signer's public key can accurately determine: (1) whether the transformation was created using the private key that corresponds to the signer's public key; and (2) whether the initial message has been altered since the transformation was made. A digital signature may offer the advantage of providing a unique identifier and linking the signature to the record. It can authenticate both the signer and the signed document, thus meeting legal requirements for admissibility and trustworthiness. PKI technology offers the additional advantages of adaptability to a wide range of applications and compatibility with basic office software. 8 Minnesota Office of the Revisor of Statutes. 2009 Minnesota Statutes: Chapter 325L: Uniform Electronic Transactions Act. 2009. https://www.revisor.leg.state.mn.us/statutes/?id=325L 9 Minnesota Office of the Revisor of Statutes. 2009 Minnesota Statutes: Chapter 325K: Electronic Authentication. 2009. https://www.revisor.leg.state.mn.us/statutes/?id=325K Electronic Records Management Guidelines Electronic and Digital Signatures Minnesota State Archives, Minnesota Historical Society March 2012, Version 5 Page 5 Electronic Signature Technologies The Uniform Electronic Transactions Act (UETA) [Minnesota Statutes, Chapter 325L10] purposely allows for a wide range of signature technologies. It says, “An electronic record or electronic signature is attributable to a person if it was the act of the person. The act of the person may be shown in any manner, including a showing of the efficacy of any security procedure applied to determine the person to which the electronic record or electronic signature was attributable.” An example of this is the “click through” option used on many web sites. To order a product, be it a shareware application, an airline ticket, or a book, a web user has to “click through” a page or form that indicates approval of the vendor‟s conditions for the sale. The system makes it impossible to transact any business without first establishing that agreement. In this instance, there is no “signature” or anything like it. Instead, the system is designed to make it necessary to move from “A” to “C” only through “B,” with “B” serving as the equivalent of a signature. Authentication is demonstrated by the documentation of the system and its procedures, not by a signed record of a specific, individual transaction. UETA implicitly legitimates the use of technologies such as faxes, digital imaging, the use of PIN/passwords, and digital signatures, as well as the more exotic iris scans, for electronic signatures. In all cases, the key to demonstrating the trustworthiness of a record and its signature is demonstrating the trustworthiness of the system that creates and manages the record. Having sufficient and appropriate systems documentation is the only way to establish that the signature is authentic and reliable. Digital signatures demand the use of a specific PKI technology. PKI systems use two different keys. One key is kept secret (the private key) and the other key is made publicly available (the public key). The two keys are generated simultaneously and collectively; they are known as a “key pair.” Once a message has been signed using one of the two keys, it can only be verified by the other key. The resulting digital signature is a cryptographic checksum computed as a function of the message and the signer‟s private key. Because the digital signature is generated as a function of the key and a unique message, the signature serves two purposes. It authenticates the signer, since only the individual owner has (in theory, anyway) access to the private key. It also indicates the reliability and integrity of the message, since any alteration to the text would invalidate the signature. This is not the same as encryption. PKI technology was originally developed for encryption (as in the Pretty Good Privacy applications), but the use of a digital signature does not automatically encode a message. In fact, encryption is not covered in the Minnesota Electronic Authentication Act [Minnesota Statutes, Chapter 325K11], which only addresses the use of PKI for digital signatures. 10 Minnesota Office of the Revisor of Statutes. 2009 Minnesota Statutes. Chapter 325L: Uniform Electronic Transactions Act. 2009. https://www.revisor.leg.state.mn.us/statutes/?id=325L 11 Minnesota Office of the Revisor of Statutes. 2009 Minnesota Statutes. Chapter 325K: Electronic Authentication. 2009. https://www.revisor.leg.state.mn.us/statutes/?id=325K Electronic Records Management Guidelines Electronic and Digital Signatures Minnesota State Archives, Minnesota Historical Society March 2012, Version 5 Page 6 The effective use of PKI for digital signatures relies on some policy and organizational factors. There has to be some way to guarantee and to prove that a specific person actually owns a specific key. And there has to be some way to provide quick and easy access to public keys. Because it is completely impractical for each sender and each recipient of a message to work this out on a case-by-case basis, the use of PKI for digital signatures is dependent on the operation of certificate authorities. A certificate authority is an independent, trusted third party who issues and manages key pairs. To get a key pair, individuals must prove to a certificate authority that they are who they claim to be. The certificate authority also provides secure access to public keys that allow for the validation and verification of signatures. The Minnesota Electronic Authentication Act [Minnesota Statutes, Chapter 325K12] creates a mechanism to license and regulate certificate authorities. Other Means of Authentication In addition to electronic and digital signatures, there are other methods of authenticating digital content that may be useful to your agency. These options are thoroughly discussed in two white papers: Authentication of Primary Legal Materials and Pricing Options and Authentication Methods.13 Key Issues to Consider No electronic signature technology by itself is sufficient to meet all legal needs. The evidentiary value of signed records will ultimately rely on an agency‟s ability to produce legally admissible documentation of your recordkeeping system. In addition, the agency will, of course, have to produce the electronic records themselves. Merely preserving and providing access to electronic records present some daunting challenges. Adding electronic signatures to the equation can complicate the situation even further. Hardware and software obsolescence make it difficult, if not impossible, to preserve and provide long-term or permanent access to both the electronic signature and the associated electronic record. For example, if an agency is using different technologies to create and to sign a record, those technologies might “age” at different rates. In a digital signature (PKI) system, the signature is a function of the content of the document. Due to this relationship, any migration or conversion of the document‟s content for preservation will nullify the original digital signature and prevent its use as a means to ensure the authenticity and reliability of that document. Therefore, agencies will need to plan for technology obsolescence of both the record and the signature if long-term preservation of electronic signatures is desirable. 12 Minnesota Office of the Revisor of Statutes. 2009 Minnesota Statutes. Chapter 325K: Electronic Authentication. 2009. https://www.revisor.leg.state.mn.us/statutes/?id=325K 13 Minnesota Historical Society. “Authentication of Primary Legal Materials and Pricing Options” and “Authentication Methods”. Center for Archival Resources On Legislatures (CAROL). 2011. http://www.mnhs.org/preserve/records/legislativerecords/carol/authentication.htm Electronic Records Management Guidelines Electronic and Digital Signatures Minnesota State Archives, Minnesota Historical Society March 2012, Version 5 Page 7 Agencies should plan to document their decisions and transactions. Understanding legal needs and addressing them at the design phase of an application are important factors to making this work. Keeping documentation up-to-date is an on-going responsibility, which could be complicated if relying on a third party. For example, when using digital signatures agencies should make sure that the certificate authority is managing its records and documentation adequately. Agencies should make sure that the electronic signature technology is interoperable with their and their constituencies‟ other software applications. Requiring complex or expensive solutions is probably not practical. It would be especially difficult to ask citizens to buy and maintain multiple signature technologies. Agencies should assess risks associated with the use of electronic signature technology and develop a well-documented risk management plan based upon the risks identified. The human side of the equation is critical: no technology will completely address your legal requirements. For example, a digital signature is only as reliable as the certificate authority standing behind it as well as the ability of the users to protect personal certificate information from loss or inappropriate use. Selecting the appropriate electronic signature technology means defining the most important criteria and then determining if the system and proposed application meet those criteria. The criteria should give priority to legal concerns, since signatures are primarily valuable for evidentiary purposes. A selection decision should also reflect consideration of other factors, such as technology architectures, costs/benefits, agency business practices, and all pertinent policies, hardware, software, controls, and audit procedures. A specific example of the criteria pertinent to a digital signature application can be found in the American Bar Association‟s PKI Assessment Guidelines.14 Discussion Questions Use the following questions to help determine why you need to use electronic signatures, who will use them, what technologies are appropriate, and how other records management issues relate to electronic signatures. Why do you want to use electronic signatures? What business functions will the technology support? Who will have to use and rely on the electronic signature? How long will the signatures and the records to which the electronic signatures are affixed have to be preserved? 14 American Bar Association. PKI Assessment Guidelines: Guidelines to Help Assess and Facilitate Interoperable Trustworthy Public Key Infrastructures. Chicago, Ill; American Bar Association. 2003. http://openlibrary.org/b/OL12199471M/Pki_Assessment_Guidelines__Guidelines_to_Help_Assess_and_Facilitiate_ Interoperable_Trustworthy_Public_Key_Infrastructures Electronic Records Management Guidelines Electronic and Digital Signatures Minnesota State Archives, Minnesota Historical Society March 2012, Version 5 Page 8 Which state and federal statutes pertain to the functions and transactions that generate your signed records? What case law is there? How does the electronic signature technology fit into your overall technology architecture? What‟s the total cost of the technology? What‟s the cost per transaction? What sort of electronic signature technologies do your customers use? Will you have to share these records with any other organizations or agencies? What technologies do they use? What methodology will you use for documenting your information systems, policies, and practices? Electronic Records Management Guidelines Electronic and Digital Signatures Minnesota State Archives, Minnesota Historical Society March 2012, Version 5 Page 9 Annotated List of Resources Government Printing Office (GPO). Authenticity of Electronic Federal Government Publications. June 13, 2011. http://www.gpo.gov/pdfs/authentication/authenticationwhitepaper2011.pdf This paper describes the tools and evidence that the GPO provides to users to help them verify that they can trust the source of the content, and that unauthorized alterations to content have not occurred. In doing such, the GPO provides evidence that the electronic information it maintains is from a trustworthy repository and the history of each item in the repository can be documented. The GPO also provides content integrity tools such as digitally signed PDF files and cryptographic hash values. Minnesota Historical Society. Authentication. Center for Archival Resources on Legislatures (CAROL). March 2012. http://www.mnhs.org/preserve/records/legislativerecords/carol/authentication.htm This resource includes information on the Uniform Electronic Legal Materials Act (UELMA), as well as white papers and resources that introduce authentication, explore options, and associated cost models. The National Archives Records Administration (NARA). Records Management Guidance for PKI Digital Signature Authenticated and Secured Transaction Records. March 11, 2005. http://www.archives.gov/records-mgmt/policy/pki.html Guidelines for the use of Public Key Infrastructure (PKI) digital signatures as authenticated and secure electronic transmissions. The National Archives Records Administration (NARA). Records Management Guidance for Agencies Implementing Electronic Signature Technologies. October 18, 2000. http://www.archives.gov/records-mgmt/faqs/pdf/electronic-signiture-technology.pdf Records management information for agencies concerned about ensuring the trustworthiness of their records. These guidelines address record management issues including trustworthiness, define key terms, and provide resources for further information and assistance. National Institute of Standards and Technology (NIST), U.S. Department of Commerce. Cryptographic Toolkit: Digital Signatures. Washington, D.C.: NIST, 2001. http://csrc.nist.gov/groups/ST/toolkit/index.html Electronic Records Management Guidelines Electronic and Digital Signatures Minnesota State Archives, Minnesota Historical Society March 2012, Version 5 Page 10 NIST‟s web site provides access to three Federal Information Processing Standards (FIPS) standards for digital signature algorithms, along with a variety of other resources on cryptography. Artic Soft Technologies Limited. An Introduction to PKI (Public Key Infrastructure). 2010. http://www.articsoft.com/public_key_infrastructure.htm Introduces PKI, explains public and private keys used for digital signatures, certificates, storage methods for keys, certificate authorities, registration authorities, and certificate management techniques. MBA Knowledge Base. How Public Key Infrastructure (PKI) Works? 2010. http://www.mbaknol.com/business-finance/how-public-key-infrastructure-pki-works/ Explains encryption, digital certificates, digital signatures, PKI, certificate authorities, and registration authorities.