Can a certified signature simply be replaced by a (certified) electronic signature? What is possible according to legal practice – and what is the actual state of play when it comes to electronic certification?
The concept of official certification of signatures hardly needs any introduction; I am going to go out on a limb and assume that practically everyone among my readers has come across this legal institution at some point in the past. After all, without certified signatures, one could not successfully transfer any real property (or set of assets including real property) or make even the most basic declarations with respect to legal entities (whether in the role of managing director of a limited liability company or member of a HOA committee). They are also often used as a kind of “higher form of signature” e.g. where parties have not complete mutual trust in each other, and are an essential part of certain administrative procedures (typically in the case of general powers of attorney).
The practice is straightforward enough: the signing person appears before a person authorized to certify (i.e., typically, a notary, attorney, or CzechPOINT branch) and signs the document in question from their own hand (or, as the case may be, declares an existing signature to be theirs), whereupon the certifying officer furnishes the document with the relevant certification clause and creates an internal record of the signature. A very simple and fast process in practice.
However, as technology has evolved, we have now for quite some time had electronic signatures, to the point where we have come to consider them an ordinary part of our lives. Sometimes, the signature is produced using means of cryptographic protection (tokens, or “USB keyfabs”, and corresponding certificates); sometimes, we are dealing with scan copies of a document that was signed on paper; sometimes, it is simply a name at the end of an e-mail. This is because the European eIDAS Regulation (to simplify somewhat) defines the electronic signature as any electronic information which allows one to identify the signatory (e.g., here, the name at the end of an e-mail) and which is attached to or logically associated with another piece of electronic information (e.g., here, the e-mail message itself).
But how to use such a signature when official certification (authentication) is being called for?
The basic legal framework for using this institution has been established for a good number of years. For about as long, we have a group of authorized subjects (i.e., again, notaries, attorneys, and CzechPOINT, plus an automated procedure making use of the information system of public administration). The basic idea is perfectly straightforward and corresponds to “physical” certification: the signatory presents an electronically signed document; the authorized person (or an automated process) checks the identity of the signatory and adds a certification clause. The output thus is a document whose standard of certification is comparable to that of physical certification, the only difference being that it is in electronic form.
The reason why one rarely encounters the mechanism in practice is that its practical implementation leaves much to be desired, to the point of not being properly existent at all.
Notaries have gone “the farthest” in this respect, both theoretically and practically. They are able to certify electronic signatures both in person or remotely via videoconference (with identification of the participant e.g. using the banking identity, a.k.a. Bank iD), both input and output may be in the .pdf format, and while the service carries a fee, it’s only CZK 70, with the only requirement being that the electronic signature be visible or based on recognized certificates. At first glance, then, it appears that this is just what someone needs who is abroad, has no option to travel to a Czech embassy, but needs a certified signature. However, this is where the dream ends and the rude awakening begins. The practice itself suffers from the serious issue that hardly any notary wants to offer the service. More specifically, of the five notary’s offices with whom the author collaborates, not one offers the service (in fact, they all explicitly refuse to provide it).
Fairly recently, CzechPOINT has also launched their system for the certification of electronic signatures. In practice, the procedure entails the initial upload of the document in question into an official document vault created for this very purpose. However, the subsequent steps make certification via this method utterly impractical: a certificate is generated for the signing person, confirming the lodging of the document, which the signing person has to carry in person to a CzechPOINT branch, identify themselves with official ID, whereupon they are being issued the electronically certified document. This absolutely cannot compare to “physical certification”, i.e., it does in no way address those situations in which electronic certification is most desired, i.e., when the signing person cannot (or does not want to) visit a CzechPOINT branch in person.
In the case of attorneys (‘advocates’), the whole concept is still stuck in the theoretical stage. While the groundwork in legislation has been laid, practitioners lack both a methodology, to be provided by the Czech Bar Association, and the requisite technology. I.e., your favorite attorney may gladly want to accommodate you – but cannot.
Similarly, automatic certification using the public administration IS is not working as intended for now. As in the case of attorneys, the legal basis exists, but the technological underpinnings are lacking (though the general idea is that they will take on the form of a component that can be integrated into the Citizen’s Portal, whereupon identification will be automatic (e.g. using Bank iD). Again, though, all of this is rather theoretical.
A rather interesting option, which is rather different from the ones described above, is to link the signatory’s profile on the Citizen’s Portal (or in the citizens’ register) to the serial number of the certificate used by the signatory for electronic signatures. This option is limited to higher forms of electronic signatures, i.e., what is known as qualified certificates (and that means that e.g. the scan copy of a physical signature won’t be enough), but such signatures will (with minor exceptions) be considered “automatically” certified. Which is to say: officially certified without any certification officer, certification clause, record in a ledger of signatures, and, in particular, without any need to go someplace or make arrangements of any kind (to put it in simple terms). In fact, creating the link itself is very easy: upon logging into one’s profile on the Citizen’s Portal, simply add the number of the certificate to the profile – done. In practice, such a signature will generally be accepted by the public authorities, though my personal recommendation is to furnish the signature with appropriate boilerplate (such as “the requirement for official signature certification has been satisfied pursuant to Sec. 6 (2) of Act No. 12/2020 Coll., on the right to digital services and on the amendment of certain laws, as amended”). One also needs to be prepared for the possibility that, in some cases, the authorities (including e.g. the register courts) will demand the presentation of an extract from the Citizens’ Register.
Against the backdrop of all the above, we may summarize that the authentication of electronic signatures certainly has its place in modern legal, administrative, and contractual practice. The fundamental ideas on which the mechanism rests make sense and line up with the desired purpose – providing a stronger warranty that the acting (and signing) person is who they say they are. However, the actual implementation of the idea is (and apparently will remain for some time) horrid and all but useless in practice. This means that we will likely be forced to continue to use workarounds such as the conversion of documents from paper form to electronic form (or vice versa) – comparable, but not always ideal mechanisms. Sadly, only time will tell whether the situation may change for the better.