Digital signatures as a form of signature technology are gaining popularity in Indonesia. This technology allows signatures to be done face to face and without physical documents. Digital signature technology is considered to have revolutionized the way that contract agreements are made, since it is easier, faster and more efficient.
However, even though digital-signature technology is considered to provide many benefits, the technology is still shrouded in many doubts. One of these is whether it is true that digital signatures can be recognized legally in the eyes of the applicable law, especially in Indonesia.
To answer this doubt, there are two things you need to know about the laws regarding digital signatures and the technology that supports them. In this article we will explain both of them as clearly as possible, so that you will have the confidence to use digital signatures for various purposes.
Signatures are a very basic part of our culture and societal interactions. They are important, because the signature is a representation of someone's agreement on something.
A signature itself has four main objectives: to serve as a proof of enactment, a sign of approval, a fulfillment of formalities and a means of efficiency. That is why a law regulating signatures is needed.
In Article 1320 of the Civil Code in Indonesia, the legal requirements of an agreement must have several elements:
There must be consent of the individuals who are bound thereby;
There must be capacity to enter into an obligation;
There must be a specific subject matter;
There must be a permitted cause.
Digital signature regulations in law
As a new signature technology, in Indonesia, digital signatures are regulated by law. Since 2008, Law Number 11 of 2008 concerning Electronic Information and Transactions (ITE), which regulates the use of digital signatures and certificates, has been in force.
Based on Law Number 11 of 2008, digital signatures are considered valid in the eyes of the law when they meet the following requirements:
a. Digital Signature creation data relates only to the Signatory;
b. Digital Signature creation data at the time of the digital-signing process is solely in the power of the SigSignatory;
c. All changes to the Digital Signature that occur after the signing time are knowable;
d. All changes to Digital Information related to the Digital Signature after the signing time are knowable;
e. There are specific methods used to identify who the Signatories are; and
f. There is a specific way to show that the Signatory has given consent to the related Digital Information.
The 2008 law was the foundation for the embryo of the application of digital-signature technology in Indonesia. However, it was only in 2012 that a government regulation was issued that became the legal basis for online transactions and digital signatures in Indonesia. Government Regulation Number 82 of 2012 regulates the use of digital evidence in an agreement.
Based on existing laws and government regulations, digital signatures must have certain supporting capabilities to ensure that regulations regarding certain attributes and verification capabilities are met.
Digital-signature supporting technology capabilities
The term “digital-signature attributes” refers to the ability to authenticate the signature and the digital documents it relates to. Remember, digital technology allows anyone to copy and duplicate documents and digital signatures. That's why digital-signature authentication is so important.
There are two aspects that a digital signature must fulfill:
Digital-signature owner authentication. This means that the digital signature is actually owned by the signer who is listed on the digital document.
Document authentication. Digital documents must also be proven authentic, so that after being signed, the documents remain true to the original, and cannot be faked.
The next requirement is digital-signature verification. This is needed to prove that the digital signature on the digital document is authentic, and has not been faked or used by anyone other than the owner of the signature.
Digital signatures require proof of identity such as fingerprints. This is achieved by the cryptographic algorithm hash function, which creates a unique digital signature.
With hashes, digital signatures can store personal data such as biometric records without being able to be copied by other parties. This information can only be accessed using a token or an identity verification system such as a biometric scan, which then gives someone the authority to sign.
The above technological capabilities must all be owned by the Electronic Certificate Operator or PSrE. The PSrE will then get regulatory certification. In Indonesia, this comes from the government through the Ministry of Communication and Information Technology, which can issue digital certificates for certified digital signatures.
This certified digital signature then has legal force and has legal consequences in accordance with applicable laws and regulations.
PT Identitas Digital Indonesia (VIDA) is a digital certificate operator that has been registered with Kominfo since 2018. VIDA collaborates with various companies to implement digital signatures that are easy, safe and officially certified. If you need a digital signature that is legally enforceable and can be accounted for, please get in touch with us.