Digital Ink

Signature is derived from the Latin word “signare” which means “to sign”. Traditionally, signatures have been used to identify one’s work or provide a contract of intent with regard to that document.  

Three powerful notions can be associated with signatures: identify, authenticate and bind. With the advent of digitally produced documents, how can these three paramount notions translate from ink to bytes? Many different alternatives have been devised since the “John Hancock” signatures. Fingerprints, retina scans, biometric scans, voice recognition and DNA analysis among the few, have allowed computers to identify and authenticate individuals. Even handwritten signatures can be analyzed by software.  

How do we incorporate this authentication paradigm in E-Discovery?  The Electronic Signatures in Global and National Commerce Act (“ESIGN”) [1] has provisions which define the liability and validity of electronic signatures ranging from scanned documents to electronic filing systems, thereby making them enforceable in court.

For scanned documents, we must rely upon the chain of custody in order to identify and authenticate documents.  Unfortunately, the former may be subject to flawed company procedures. One way of validating scanned documents is by combining optical character recognition with graphology techniques, thereby recognizing specific signatures in scanned collections, their nuances and theoretically some of the signee’s personality and behavioral traits.  Moreover, we could extend this methodology to an entire handwritten document and theoretically ascertain the authenticity and validity of the document based on the state of the writer at the time of document creation.

Despite the widespread use of electronic filing system, handwritten signatures by a judge are still required. However, since August 2009, the honorable John M. Facciola [2] has digitally signed court orders and warrants and was the first United States judge to digitally sign judicial orders. His signature, compliant with the Medium Assurance Hardware -- Federal Bridge Certificate Policy for E-Authentication, provides a precedent for reliable signatures in court filings. The Medium Hardware Assurance level certificates provide a framework for authentication which uses hardware authentication keys.  In order to confirm the identity of the signee, an ECA registration authority must verify the keys in person.   

The ability to implement reliable signatures in court filings as well as advances in handwritten signature analysis,  is closing the disconnect between paper authentication and digital authentication. Although this is a step in the right direction, the implementation of digital signatures is far from being “plug and play” and still requires a high assurance digital certificate and time stamp to establish the reliability, accuracy ,integrity and proof of origin of the information.

[1] http://www.ftc.gov/os/2001/06/esign7.htm
[2] http://www.marketwire.com/press-release/US-District-Court-Federal-Magist...
http://blogs.adobe.com/security/2009/09/historysigned_with_adobe_produ.html
[3] Http://www.idmanagement.gov/fpkia