Government Paperwork Elimination Act of 1998 (Title XVII of Division C of the Omnibus Appropriations Act), Pub. L. No. 105-277, §§1701-10 (1998), codified as 44 U.S.C. §3504 n.
The Act sought to "preclude agencies or courts from systematically treating electronic documents and signatures less favorably than their paper counterparts," so that citizens can interact with the federal government electronically (S. Rep. 105-335). It requires federal agencies, by October 21, 2003, to provide individuals or entities that deal with agencies the option to submit information or transact with the agency electronically, and to maintain records electronically, when practicable. It also addresses the matter of private employers being able to use electronic means to store, and file with federal agencies, information pertaining to their employees.
GPEA states that electronic records and their related electronic signatures are not to be denied legal effect, validity, or enforceability merely because they are in electronic form. It also encourages the federal government to use of a range of electronic signature alternatives.
The Office of Management and Budget (OMB) developed guidance to assist agencies in implementing The Act's requirements. As part of the OMB Guidance, the Department of Justice was charged with developing, in consultation with federal agencies and the OMB, practical guidance on legal considerations related to agency use of electronic filing and recordkeeping.
The Act also directed the Office of Management and Budget to develop procedures for the use and acceptance of “electronic” signatures (of which digital signatures are one type) by executive branch agencies.
Electronic signatures Edit
GPEA goes so far as to define the term "electronic signature" and to legitimate the legal force of such signatures in the scope of public interactions with federal agencies. In doing so, federal law and policy help to clear up what has historically been the subject of some debate among federal agencies about what is legally sufficient to "sign" a transaction with a member of the public. Section 1709(1) of GPEA reads:
|“||The term “electronic signature” means a method of signing an electronic message that — (A) identifies and authenticates a particular person as the source of the electronic message; and (B) indicates such person's approval of the information contained in the electronic message.||”|
It is important to note as well what the definition does not do, which is to specify the technologies or policies that an agency might use to comply with this definition. The OMB implementation guidance to federal agencies cites examples of appropriate technologies — shared secrets such as PINs and passwords, digitized signatures or biometrics such as fingerprints, and cryptographic digital signatures such as those used in PKIs. The OMB guidance does, though, suggest an analytical framework for an agency to use to help determine the risk inherent in the transaction it hopes to automate and which authentication technology might most appropriately mitigate that risk.
GPEA also addressed directly the enforceability of electronic signatures. For transactions involving electronic records submitted or maintained consistent with the policy enabled by GPEA and using electronic signatures in accordance with the same policy, neither the electronic record nor the signature is to be denied legal effect just because it is electronic instead of paper. Both Congress and the OMB stated that the intent was to prevent agencies or the public from reverting to paper instead of electronic transactions and electronic signatures because of concerns that any subsequent prosecution — in a benefits fraud case, for instance — might be thrown out of court.
Consistent with the fair information practices and the Privacy Act of 1974, GPEA requires that information gathered from the public to facilitate electronic signatures services be disclosed only for that purpose.
- ↑ OMB, Procedures and Guidance; Implementation of the Government Paperwork Elimination Act, 65 Fed. Reg. 25508-21 (May 2, 2000) (full-text) ("OMB Guidance").
- "Electronic signatures" section: Who Goes There?: Authentication Through the Lens of Privacy, at 144-45.