What is digital signature: the ultimate guide to AES and QES signatures | Autenti
Read more
Reading time:
Date of publication:
Updated:
The notion which is being heard more and more often in the context of circulation of documents in B2B and B2C relations is the durable media. Below, we describe what they are, how they increase the safety of documents signed online and when their use is mandatory and when voluntary.
Let us imagine a situation (more and more frequently encountered in everyday life) where we electronically accept regulations, place orders or sign documents. This can take place in a webstore, in online banking or during shopping in a shopping centre, where you purchase products on a tablet.
•Do you have access to the signed document (regulations, content of the order) then?
•Is the access to the content in any way conditional on any of the parties to the agreement?
•Do you have certainty that the content which you accepted will not change in any way from the time of its acceptance?
Failure to meet the abovementioned requirements creates a risk for safety and credibility of the transaction you have made. The solution which is to minimise those risks is the durable media. According to Art. 2 page 4 of the Act on consumer rights, a durable medium is defined as:
(...) material or tool enabling the consumer or entrepreneur to store information directed personally to them in a manner allowing access to information in the future for the time period appropriate to the purposes for which the information is used and which allows to reproduce the stored information in unaltered form.
•accessibility, which means that each party has the option to reproduce the information at any time and this option is not conditional on action of another party,
•integrity, which means that the document has not been altered in any way from the time of submittal of the declaration of will.
In order to talk about durable media in case of signing documents online, tools which will fully protect the document against any change need to be used in the first place and then such a protected document needs to be shared with all interested parties: however, this must be done as part of a service which is not conditional on any of the parties. Another significant feature of durable media is a possibility to share it further if there is such need (e.g. to offices, attorney or court).
Relevant authorities have been repeatedly asked whether solutions used by companies meet the requirements of a durable medium. In March 2017, the Office of Competition and Consumer Protection indicated that banks do not meet those requirements when sharing the content of changes to service regulations only in their own systems. The Office of Competition and Consumer Protection argued that the content of the document can be freely changed by the bank (no integrity guaranteed) and is available only in its system (no availability). In effect, many banks, adapting to the decision of the Office of Competition and Consumer Protection, have sent the content of changes to the clients in form of printouts on paper, on CDs or USBs, in addition confirming this fact by sending text messages to their clients. For more information in this regard, look e.g. here: https://uokik.gov.pl/aktualnosci.php?news_id=13063 and here https://uokik.gov.pl/aktualnosci.php?news_id=14574&news_page=4). Such a solution – though it allows to meet legal requirements – is very costly, time-consuming and not ecological. It is worth to add here that examples of durable media (according to
https://prawakonsumenta.uokik.gov.pl/trwaly-nosnik/) are paper, CD/DVD, memory stick, memory card, hard disc drive, or e-mail message saved on hard disc drive). Which materials or tools are durable media is not specified in an exhaustive list but results from their features.
Documents signed electronically can be easily verified in terms of integrity using such tools as the website of weryfikacjapodpisu.pl or Adobe Acrobat Reader. They inform who signed the document and if it was altered from the time of signing it. Only lack of any alterations means that the integrity of the document is kept. On the other hand, saving the document signed by electronic means and sharing it through independent service guarantees its availability. This way, the document meets the requirements of durable media. On September 2018, the PKO BP bank started to implement blockchain to save and share information for the clients (more information on this topic here: https://fintek.pl/pko-bank-polski-rozwiazal-problem-trwalego-nosnika/). The implementation of such a register also allows to guarantee integrity of documents (thanks to use of cryptography).
Documents signed through the Autenti platform allow to meet the requirements of durable media. After signing the document by all members of the process:
•integrity is guaranteed by sealing the document with the qualified electronic Autenti seal and
•availability by means of:
osharing signed files on the Autenti platform,
ooption to send such document to the selected e-mail address,
odownloading the file to the computer disc, or
osending the file to the cloud disc.
Autenti enables to sign documents online by many parties. The number of represented entities is practically unlimited. It is also possible to sign documents unilaterally and send them exclusively "for inspection". This can be applicable in case of communicating unilateral decisions such as changes in the terms and conditions or changes in personal data processing rules.
Use of durable media in communication with contractors is not obligatory for most enterprises. Detailed requirements in this scope are specified in respective Acts and regard selected sectors or institutions such as banks, loan companies, payment institutions, operators and travel agents, Internet shops or service provision companies conducting sale away from enterprise premises. Depending on the type of conducted activity and decisions made, every entrepreneur should analyse the reasonableness of using durable media to communicate with their clients. Among Acts which regard the use of a durable medium, there are the following:
•Act of 30 May 2014 on consumer rights – https://prawo.sejm.gov.pl/isap.nsf/download.xsp/WDU20140000827/U/D20140827Lj.pdf
•Act of 24 November 2017 on tourist events and associated tourist services – https://prawo.sejm.gov.pl/isap.nsf/download.xsp/WDU20170002361/U/D20172361Lj.pdf
•Act of 16 September 2011 on protection of rights of residential premises or single-family house purchaser – https://prawo.sejm.gov.pl/isap.nsf/download.xsp/WDU20112321377/U/D20111377Lj.pdf
•Act of 12 May 2011 on consumer credit – https://prawo.sejm.gov.pl/isap.nsf/download.xsp/WDU20111260715/U/D20110715Lj.pdf
•Act of 19 August 2011 on payment services – https://prawo.sejm.gov.pl/isap.nsf/download.xsp/WDU20111991175/U/D20111175Lj.pdf
Durable media have so far been associated mainly with paper documents, CDs or memory sticks. Thanks to modern solutions such as cloud computing and cryptography, it is possible to use much faster and definitely cheaper solutions such as signing documents electronically on the Autenti platform.
Lidia Zagórska
Visit author's profile
Mateusz Kościelak
Read more
Mateusz Kościelak
Read more
Anna Kaleta
Read more