As reported by the “Electronic Signature and Records Association” or “ESRA,” a 2012 Michigan case, Zakuski v General
American, discusses the issue. Here a doctor had a life insurance
policy naming his mother as beneficiary. He was enrolled in the
online program to manage his insurance account, which required
numerous authentication steps, including sending confirmation
to the registered email on the account when any changes occur.
At some point the doctor married and the beneficiary on the
policy was changed to his wife via the online system. The doctor
died and the mother sued claiming General American could not
prove it was the doctor who signed the change, since it was done
via the electronic portal and executed via an electronic signature.
The wife filed an affidavit that she was not responsible for any
changes on the account. Michigan law was dispositive where it
allows that an e-signature is attributable to a person “by any reasonable means”—and here, the insurer’s procedure was sufficient
to authenticate and verify (by subsequent email) the identity of
the person who was executing any order electronically. Notably,
the mother had no evidence to present to the contrary.
Disclosures on a Mobile Device:
Two cases related to Uber (O’Connor v. Uber and Meyer v Uber)
and whether a disclosure on a smartphone was valid.
In the first case, the driver argued that the agreement was on a
“tiny iPhone screen” right before the driver began a shift, thereby
making it difficult to read and understand the agreement. The
court did not find this argument persuasive because in the history
of contract law, the issue has never been whether the parties read
or understood the contract, but rather was there an “opportunity”
to read it. The agreement could have been read on the iPhone
(as all users read on their iPhones generally), and the agreement
was also available in other formats. The Meyer case discusses
the “reasonably prudent smartphone or Internet user.” This is
important, as it goes beyond statute in looking at what is current
reasonable behavior. In Meyer, the court finds that a “reasonably
prudent smartphone user” would have had conspicuous notice of
the terms and conditions of service, via a clearly identified (and
uncluttered) hyperlink and that by clicking the “Registration”
button, Meyer understood that the terms were being accepted.
Remember however, if you are going to deliver disclosures
via a smartphone, you will need to provide the E-SIGN disclosure above, have the consumer agree to receive disclosures in
that manner, and prove they can receive the disclosures on their
phone BEFORE you deliver such a required disclosure. Thus,
going through the E-SIGN steps for delivery via online portal or
email does not mean you have completed the process to deliver
via an app on a phone. For clarification, I am not suggesting that
you need to go through a separate E-SIGN process when the
consumer is accessing their disclosures via email or an internet
browser on their handheld device—only that a separate phone
or tablet “app” needs a separate E-SIGN process.
Was a Disclosure “Sent”?
Lavallee v. MED- 1 Sols., LLC, Case No. 1:15-cv-01922-DML-W TL
(S.D. Ind. Sep. 29, 2017). This is a CFPB case where the question
revolves around whether a debt collector complied with the require-
ment in the Fair Debt Collection Practices Act requiring delivery
of a validation notice setting forth certain consumer’s rights under
the Act. The defendant tried to comply with the requirement by
sending emails to consumers which contained a link to a server
from which the consumer could obtain the validation notice.
Note—the consumer had to click through to actually receive the
notice. The court came to the conclusion that the debt collector
did not “send” the consumer the validation notice.
The CFPB argued that E-SIGN applies to electronic versions
of validation notices, since they are required by law and are re-
quired “in writing.” An electronic version of the validation notice
would only suffice if the consumer consents and other E-SIGN
requirements were met. The court found that making a consumer
“click through” was not considered “delivery” and also, in the
dicta, the court showed concern for a financial entity sending a
link or attachment via email to a consumer, since such behavior
should be discouraged due to the possibility of identity theft via
direction to an improper third party.
So, What is the Big Deal?
The takeaway here is that you have to follow all the steps we
detailed above if you are going to send consumers disclosures
and notices, that are required by law or regulation, electronically
only. Also, if you are obtaining signed contracts online, you need
to make sure you have the right systems in place to authenticate
the person doing the signing as a person authorized to do so, and
keep a good audit trail as well as have proper security around the
workflow. If you do these things wrong, you may have a much
larger compliance and/or legal problem on your hands. ■
ABOUT THE AUTHOR
MARGARET “MAGGIE” WEIR WESTBY, ESQ., CRCM, Adjunct
Professor, Boston University School of Law, is an experienced regulatory compliance and legal professional with more than 25 years
of experience in leadership roles with multiple financial institutions and consulting groups.
Maggie is a graduate of the Boston University School of Law
where she earned a J.D. and subsequently a LL.M. in Banking and
Financial Law. She holds an M.B.A. from the University of Denver
and a B.A. in Political Science from the University of Houston.
Maggie is an Attorney in the Boston metro area, and serves
as adjunct faculty within the J.D. and LL.M. programs at Boston
University School of Law. She is a faculty member for ABA’s
National Compliance School. She is a frequent regional and
national speaker on legal and business topics. She can be reached
at magwestbylaw@gmail.com.
Under E-SIGN, you must notify consumers
if you have major hardware or software
changes that could affect how they receive
required disclosures and notices electronically.
