Businesses within the United Arab Emirates (UAE) are increasingly using electronic methods to execute agreements. In fact, the UAE government has a strategy to go completely paperless by 2021. However, it is important to distinguish between the UAE in general and the Dubai International Financial Centre (DIFC) as an independent jurisdiction within the UAE that does not yet commonly use electronic and certificate based digital signatures.
Laws and regulations governing the use of electronic signatures and digital signatures in the UAE include:
The E-Commerce Law distinguishes between Electronic Signatures and Secure Electronic Signatures per the following descriptions:
In the UAE, an Electronic Authentication Certificate issued by an accredited Certification Service Provider may be used to fulfill the requirements of a Secure Electronic Signature if it verifies:
In the UAE, a Certification Service Provider is defined as an accredited or authorized person or organization that provides services in connection or relation to Electronic Signatures. Authorized Certification Service Providers are listed at Telecommunications Regulatory Authority (TRA). To date, the only Certification Service Provider currently located and licensed in the UAE by the TRA is Dark Matter L.L.C. However, unregistered Certification Service Providers may be used if they have a level of reliability at least equal to that required by the E-Commerce Law (taking into consideration recognized international standards).
A key principle of the UAE E-Commerce Law is that Electronic Signatures and Electronic Authentication Certificates can be relied upon where reliance is acceptable (subject to any restrictions in other laws or regulations). In order to determine if it is acceptable to rely on an Electronic Signature or an Electronic Authentication Certificate, the following factors should be considered:
While the above factors should be considered when determining if reliance on any Electronic Signature is acceptable, a Secure Electronic Signature carries a rebuttable presumption that reliance is acceptable (absent any proof to the contrary).
The E-Commerce Law confirms that if the law requires a document to be signed, an Electronic Signature will satisfy this requirement and have the same evidential weight, provided that the requirements of the E-Commerce Law are met. The E-Commerce Law also provides that in any legal proceedings, the rules of evidence cannot prevent the admission of a data message or Electronic Signature:
In the UAE, there are several items that require specific consideration, most notably that there are unique laws that govern the DIFC, an independent jurisdiction within the UAE. Additionally, special consideration should be noted regarding the laws that regulate the transfer and use of personal and transactional data in the UAE including:
Transacting with public sector entities
According to the E-Commerce Law Article 6(3), the government must expressly consent to conducting business electronically. Additionally, certain government entities may have specific requirements or procedures regarding the electronic execution of documents. Thus, when contracting electronically with the government, it is recommended to include specific wording stating that the government expressly acknowledges that the electronic execution of the document will be valid and binding.
Use cases that generally require a traditional signature
Under the E-Commerce law, Electronic Signatures cannot be used for the following documents:
As an independent jurisdiction within the UAE, the DIFC is governed by the Electronic Transactions Law No. 2 of 2017 (Electronic Transactions Law) which is the primary legislation governing electronic signatures. The Electronic Transactions Law was designed to:
The Electronic Transactions Law defines an Electronic Signature as an electronic sound, symbol or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record. Additionally, the Electronic Transactions Law requires that an Electronic Signature be attributable to the person signing, which requires that it be shown that it was the act of the person. The act of the person may be shown in any manner, including a showing of the efficacy of any security procedure applied to determine the person to which the electronic record or Electronic Signature was attributable. The effect of an Electronic Signature attributed to a person is determined from the context and surrounding circumstances at the time of its creation, execution, or adoption, including the parties’ agreement, if any, and otherwise as provided by law.
In the DIFC, an Electronic Signature is deemed to identify the relevant person and to indicate that person’s intention in respect of the Information contained in the Electronic Record provided that the Electronic Signature is:
The Electronic Transactions Law confirms that if any law requires a document to be signed, an Electronic Signature will satisfy the requirement. The law also states that nothing shall prevent the admission of an Electronic Signature in evidence on the grounds that the signature is in electronic format. Although there is no express provision within the Electronic Transactions Law for the use of certificate-based digital certificates, an entity registered in the DIFC may choose to use a certificate-based digital signature to add an increased layer of protection to its Electronic Signatures and demonstrate that it had met the attribution requirements under the Electronic Transactions Law.
DIFC Special considerations
Under DIFC Data Protection Law No. 1 of 2007 (Data Protection Law), personal data can only be transferred out of the DIFC under the limited circumstances set out under the Data Protection Law. However, the obligations of the Data Protection Law only apply to Data Controllers.
DIFC Use cases that generally require a traditional signature
Article 8 of the Electronic Transactions Law states that the following types of transactions are excluded from being conducted electronically:
Disclaimer: Information on this page is intended to help businesses understand the legal framework of electronic signatures. However, Adobe cannot provide legal advice. You should consult an attorney regarding your specific legal questions. Laws and regulations change frequently, and this information may not be current or accurate. To the maximum extent permitted by law, Adobe provides this material on an "as-is" basis. Adobe disclaims and makes no representation or warranty of any kind with respect to this material, express, implied or statutory, including representations, guarantees or warranties of merchantability, fitness for a particular purpose, or accuracy.