The legal validity of registered electronic communications

What is a registered electronic communication?

Registered electronic communications are a type of telematics means where a third party, alien to the communication, bears witness of the communication.
As far a Lleida.net is concerned, when we talk about registered electronic communications, we are talking about SMS and email.
Conventional electronic communications are easy to manipulate, being relatively simple for an unregistered electronic communication to be challenged in court.
Certification minimizes the risk to its lowest terms, thanks to a third party proving content and timing the communication. To prove content, a document including a set of technical measures is issued, thus preventing any possible debate on such data.

Are registered electronic communication legally binding?

Definitely yes.
Both Article 24 of the LSSICE, which refers to the Civil Procedure Law, as the LEC recognize electronic documents both as evidence and as notification.
According to the Spanish Supreme Court Sentence 2501/2013 21st March;

“A registered electronic communication (whether SMS or email) is in any case an item of legitimate documentary proof in court, and subject to the norms thereof.
-If not impugned, it constitutes proof in full 
-If its validity as proof is impugned, this will be determined by the judge”.

The certificate is the attestation of the sending of the communication, the documentary evidence, the documentary proof.

Connectaclick, Lleida.net’s electronic contracting service

Connectaclick, the electronic contracting service of Lleida.net arises from the combination of Lleida.net different services of certification of communications.

Lleida.net’s Connectaclick service provides customers with a contracting solution that allows them to identify the user, send the contract to sign, and certify the different electronic operations carried out during the signing process.

Thanks to the integration of Lleida.net’s systems with those of our customers, each user is uniquely identified at the beginning of the process and, as the contracting flow progresses, Lleida.net collects and certifies the technical tracing of the evidence that are generated along the different steps of the flow until signing the contract that is, therefore, linked to the signer in a unique way and to the data to which it refers to.

As before mentioned, Lleida.net makes use of a platform capable of collecting all the data linked to one or more electronic communications (SMS, email or web) and fixing them in a file, the so-called “certificate”, digitally signed and sealed by a certification authority.

To prove content, a document including a set of technical measures is provided, preventing any possible debate on such data. This document is provided to the client and stored by Lleida.net for 5 years to serve as evidence to third parties of the content and all the data of the communication.

Why to choose Lleida.net as trusted third party for registered communications

Lleida.net is an electronic communication provider acting as third trusted party. Currently, integrated in the CNMC (National Commission on Markets and Competition) since 1998 and as  operator, the company has been asked on hundreds of times by Courts and Tribunals to certify the data of a communication.

From the experience and knowledge of the customer needs, we got the know-how we need to continue to provide our services with the highest quality certification and trustworthiness.

The evidence provided by Lleida.net is subject to the civil procedural law of each legal order, in charge of developing the probative value of the evidence. On the other hand, electronic signature legislation (national and European) must also be taken into account, since the certificate issued by Lleida.net incorporates its electronic signature and time stamp.

Lleida.net orders a legal report prior to the start of the activity in each country  where the service is provided.

In Spain, the implementing regulations are:

  • General Telecommunications Law (article relating to providers of electronic communications services).
  • Law on Information Society Services and Electronic Commerce (article regarding the figure of “third trusted party”, the electronic document as proof and the moment of consent in electronic communications).
  • Civil Procedure Law (regarding the assessment of evidence in private document, in relation to electronic documents).
  • Law on Electronic Signature (regarding the effects of the recognized and advanced electronic signature).
  • eIDAS Regulation- Trusted services in electronic transactions and certification services.

Standards to which Lleida.net certificate is subject to

The certificate constitutes evidence of a private nature, an evidence, surrounded by technological security measures aimed at guaranteeing the authenticity and integrity of its contents. The mechanics of collecting the evidence is only and exclusively carried out in the control environment of Lleida.net, with an Information Security Management System certified in ISO 27001: 2013. All the information is recorded in a document, digitally signed with a qualified signature, and a time stamp from a Certification Authority included. This document is stored securely in accordance with the criteria of the Information Security Management System.

 Notification services

 Provision of notification.

How do you link individuals who have issued and / or received an electronic communication certified by Lleida.net?

Article 28.2 of the LSSICE states that “it is deemed to have been received and confirmed when both involved parties have record of it. If reception is confirmed by acknowledgement of receipt, it will be presumed that the recipient has the aforementioned evidence since it has been stored on the server where his email account is or in the device used to receive the communication”.

Therefore, the evidence that prove the constancy of registered notifications are:

  • Registered SMS
    • Proof of delivery to the phone number ( operator and handset)
  • Registered email
    • Email Proof of delivery in an email server
  • Registered email with confirmation of opening ( business name Openum:)
    • Email Proof of delivery in an email server.
    • Proof of email opening ( if the link provided in the communication is clicked)
    • Identification of the IP from which the web page has been opened with the content of the communication.

CONTRACTING OF SERVICES

Identification of signatory parties.

How do you link individuals who have issued and/or received an electronic communication certified by Lleida.net?

As for the identification of the signatory, only the recognized electronic signature is equivalent to the handwritten signature for legal purposes. However, this does not imply that any other type of electronic signature does not generate legal effects, as set out in the standards.  The signatures collected through this solution (Connectaclick) are considered as “Advanced Electronic Signature” within the framework of the Electronic Signature Law, by complying with the requirements established in Article 3.2 of said standards.

Art. 3.2) Advanced electronic signature is the electronic signature that identifies the signer and detects any subsequent changes to the signed data, which is linked to the signatory in a unique way and to the data to which it refers and which has been created by means that the signer Can keep under its exclusive control “.

Therefore, Lleida.net allows the collection of different documentary evidence. The more number of documentary evidence (e.g. telephone number, email address, IP address, identity document, videoconference …), the bigger linkage with sender thus providing an  evidential strength to the certificate issued as proof of the existence of such communication.

In case of the contracting solutions, the documentary evidence collected depend on the type of signature that is made, among others it is possible to collect the following:

  • Email Proof of delivery in an email server.
  • Proof of email opening (when the link provided in the communication is clicked)e.g.
  • Identification of the IP from which the web page has been opened with the content of the communication.
  • Accreditation of the actions carried out by the signer on the webpage:
    • Insert signature
    • Upload documentation
    • If there is signature with OTP:
      • Send the OTP by SMS OTP Proof of delivery to the phone number ( operator and handset)
      • Entering the OTP in the web page

Likewise, it is important to note that since July 1, 2016, the eIDAS Regulation – Trusted Services in Digital Transactions and . Article 25 of the eIDAS regulation says,

“An electronic signature shall not be denied legal effect and admissibility as evidence in legal proceedings solely on the grounds that it is in an electronic form or that it does not meet the requirements for qualified electronic signatures. “

EIDAS Regulation- Trusted services in electronic transactions and certification services

The EIDAS Regulation comes on the initiative of the European Commission and since its entry into force on 1 July 2016, the Spanish law on electronic signatures remains in force, although it is very likely to be updated in the future to adapt to the regulatory changes that the eIDAS regulation establishes. The new EIDAS Regulation contains a closed list of trusted services, in order to delimit the scope of the European standards.

EIDAS establishes as trusted services the following:

  • Electronic signature
  • Time stamping
  • Electronic seal
  • Electronic registered delivery
  • Website authentication

In general, there are two levels of trusted services:

  • Ordinary level, scarcely regulated
  • Qualified level, controlled based on a strong regulatory model prior checking by the supervisor (in Spain, SETSI), for qualified trust service providers (QTSP) .

Diagram1 : Trusted service levels

eIDAS

Lleida.net and Connectaclick in the new regulatory framework

Connectaclick, the electronic contracting service by Lleida.net, arises from the combination of the various services of certification of communications and allows to certify the different electronic operations carried out during a signing process.

These electronic transactions are considered CERTIFIED ELECTRONIC DELIVERY SERVICES or E-DELIVERY.

E-DELIVERY services allow the transmission of data between third parties by electronic means and provide evidence related to the management of transmitted data, including proof of sending and receiving of data, as well as protection of transmitted data against the risks of loss, theft, deterioration or unauthorized alteration.

Qualified certified electronic delivery services enjoy the presumption of data integrity.

This data is:

  • Sending the data by the identified sender
  • Receipt by identified recipient
  • Accuracy of the date and time of delivery
  • Reception of the data indicated by the service

Lleida.net is working to obtain the qualification in specific services of E-DELIVERY.  There is currently no qualified E-DELIVERY service provider (although there is for other trusted services, such as electronic signature).

In any case, as before mentioned, it is necessary to consider that the regulation eIDAS establishes in its article 25:

“Art. 25) No legal effect or admissibility shall be denied as evidence in judicial proceedings to an electronic signature simply because it is an electronic signature or because it does not meet the requirements of the qualified electronic signature.

Therefore, now, we can state that Lleida.net’s electronic contracting solutions comply with the criteria established by the eIDAS Regulation, to be considered a consistent tool for signing and closing on-line contracts, even though no service currently has the status of “qualified level”.

Leave a Comment