The Electronic Commerce Act (N.C.G.S. 66-58.1) passed in 1998. “The purpose of this
Article is to facilitate electronic commerce with public agencies and regulate the
application of electronic signatures when used in commerce with public agencies.”
The law is enabling in the sense that North Carolina agencies and governments, whether
or not they possess other authority to use electronic signatures, can use electronic
signatures if they comply with the Electronic Commerce Act and the implementing
The law facilitates electronic commerce by and with state agencies. It authorizes
agencies’ electronic signature use when they are not otherwise enabled. It charges
the Department of the Secretary of State to develop implementing rules.
The Secretary of State, through the Electronic Commerce Act and implementing rules,
facilitates agency electronic signing. The Act is enabling legislation. An
agency might use the act authority when it recognizes the inherent strength of the
signature solution(s) available, when it wants the structure and protection afforded
by the act or when no other agency authority for electronic signature exists.
The NC Electronic Commerce Act does not apply to transactions between private parties.
Business-to-business, private-to-private and similar transactions, where public
agencies are not parties, are not affected by the Act or implementing rules. Generally
speaking, the Federal “Electronic Signatures in Global and National Commerce ”Act
(“E-Sign”) (15 USC 7020) allows private parties to decide how electronic signatures
affect their business processes. North Carolina agencies turn to the North Carolina
General Statutes for authority; E-Sign gives states, as market place participants,
authority to define their electronic signature behavior.
The E-Commerce Act’s electronic signature criteria and solution described by the
implementing rules assure high process and result integrity. Substantial technology,
facility physical security, operating personnel and operating procedure security
expectations characterize the solution. Tight and unique signer to signature (signer
to digital certificate) binding is a solution characteristic and is typical of high
reliability solutions; the tight binding occurs through signer identification, authentication
and controls on certificate issuance.
Electronic signatures with security performance characteristics superior to the
public key methodology identified in the E-Commerce Act implementing rules may evolve
but none are now known. The Electronic Commerce Act and implementing rules
are designed to accommodate alternative technologies if they satisfy the Act’s demanding
Electronic signatures, per NCGS 66-58.1(1), are expected to be:
unique to the person using it;
capable of certification;
under sole control of the person using it;
linked to data in such a manner that if the data are changed, the electronic
signature is invalidated; and
conforming with rules adopted by the Secretary of State.
An electronic signature deriving authority from NCGS 66-58.1(1) must conform to
expectations a. though e.
Only digital electronic signatures currently comply with the act. No other electronic
signature provides digital signature security features and strength.
Electronic signatures deriving authority elsewhere may not have to comply with these
expectations of the Electronic Commerce Act. However, electronic signatures with
highest degree of dependability, security, reproducibility and verifiability (“provability”)
are difficult to achieve outside expectations a. through d. (above). The generally
accepted electronic signature goals of authenticity, integrity, non-repudiation
and privacy (where pertinent) can be achieved with high confidence using digital
signatures in a public key infrastructure; the same is not true for alternative
electronic signature technologies.
Electronic / Digital Signature Decision Model Flow Chart
may give context for decision-making. With little prose, this model may help
you decide on a course of action. If your circumstances do not fit this model well,
the model can be a point of departure for your own model.
Authority for Electronic Signature
Your agency is likely to be affected, at least when planning, by three laws bearing
on electronic signature. The NC Electronic Commerce Act, The North Carolina Uniform
Electronic Transactions Act and the Federal Electronic Signatures in Global and
National Commerce Act likely affect your agency; a look at some characteristics
of these laws may be useful.It is possible other law
affects your agency; your agency may have other authority for signature and electronic
NC Electronic Commerce Act N.C.G.S. § 66-58.1
North Carolina Uniform Electronic Transaction Act N.C.G.S. § 66-311
The Federal Electronic Signatures in Global and National Commerce Act;