Under French law, an electronic signature has the same status as a handwritten signature provided that the technology utilized contains reliable means of identification and guarantees the link between the electronic signature and the act to which it is attached.
The reliability of this means shall be presumed when an electronic signature is created, when the identity of the signatory is assured and when the integrity of the act is guaranteed, under the conditions laid down by decree. This is a rebuttable presumption. The French decree 2001-272 dated March 30, 2001 defines 3 conditions of reliability:
- A secure electronic signature
- Created by a secure signature creation device and
- The signature verification is based on the use of a qualified electronic certificate.
The choice of an electronic signature solution shall therefore take into consideration both technical and legal aspects of the relevant jurisdictions.
The European Parliament and the Council adopted Regulation (EU) No. 910/2014 on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation) on July 23, 2014. The eIDAS Regulation – which creates a directly applicable and comprehensive legal framework for both electronic identification and authentication services – is in force since July 1, 2016. It abrogates and replaces the former Electronic Signatures Directive, dated 1993, which had been the basis for the construction of the French law on electronic signatures, via a complex set of legal texts.
In terms of inputs, the regulation notably introduces a distinction between 3 types of signatures: "basic/standard," "advanced" and "qualified" signature. Clarification is, however, still expected as to the interrelation of these new types of signature with the pre-existing French definition of "e-signature."
On November 8, 2023, the European Commission endorsed the provisional political agreement of the European Parliament and the Council of the EU including the key elements of the proposal for a legal framework for a European Digital Identity, also called eIDAS 2.0. This new version of the Regulation 910/2014 of July 23, 2014 aims to strengthen security and user confidence in digital interactions within the EU, and to create a digital environment that is both reliable and fluid.
Indeed, with the eIDAS 2.0 Regulation, it will now be possible to have a unique and recognized means of identification within the European Union. This will apply not only to identity documents, but also to all attributes (such as nationality, age or marital status) used to authenticate a person remotely.