Regulation of electronic communications in Australia
The Electronic Transactions Act 1999 (Cth) (the Act) sets out the regulatory framework fin relation to electronic and digital signatures in Australia.
One of main features of the framework in the Act is that it requires that appropriate processes be undertaken to verify the identity and the intention of the person providing the electronic signature.
Case Study – Williams Group Australia Pty Ltd v Crocker
The recent New South Wales Supreme Court case of Williams Group Australia Pty Ltd v Crocker highlights that there are risks associated with relying on electronic signatures.
Lee Crocker was a director of IDH Modular Pty Ltd (in liquidation) (IDHM).
In around May 2012, Caleb Brooks (another director of IDHM) set up an account with HelloFax which would enable the directors to apply their electronic signatures to documents. This system would allow the IDHM directors to sign documents electronically when it was not convenient to do so in person.
Mr Crocker initially accessed the HelloFax system on 26 June 2012. However, he never changed the password for his account. The password had been set up by Mr Brooks.
IDHM opened a trading account with the plaintiff, Williams Group Australia Pty Ltd, (Williams Group) in July 2012. The application for the trading account ostensibly bore the signature of each director of IDHM as guarantors under the application.
By July 2013, IDHM was indebted to the Williams Group in the amount of $889,534.35. As IDHM was placed into liquidation, the Williams Group commenced proceedings in the Supreme Court of New South Wales against the directors seeking the enforcement of the guarantee.
Mr Crocker claimed that he had neither executed nor authorised the execution of the guarantee with the Williams Group on his behalf.
The presiding judge, McCallum J, dismissed the claim of Williams Group. Her honour accepted that Mr Crocker never accessed HelloFax for the purpose of applying his signature to the Williams Group application, and that no actual authority had been given by Mr Crocker to any of the co-directors to sign the application.
Important points to take from the decision
There are four main points we can take from this decision:
· Implicit authorisation to use another person’s signature should not be assumed. Applying an electronic signature without permission is the same as forging someone’s handwritten signature;
· The failure to change a default password set up by another director will not automatically result in liability if someone else with access to that default password uses the signature. However, if an individual took positive steps to permit access to their signature such as proactively providing their password to another individual a different conclusion might be drawn;
· Where an electronic signature is used to execute a contract the party accepting the signature should consider mitigating any risk of a forgery or improper use of the signature by taking appropriate steps to ascertain that the signature has been properly applied with consent. This might include requiring a confirmation email before proceeding on the basis of the signature; and
· Courts will be reluctant to find that there has been a ratification or acceptance of an unauthorised use of an electronic signature unless there is clear evidence that the person who is said to be bound by the signature not only saw the relevant document and understood the effect of the document but also failed to take any action to remedy the situation.