Signed, sealed, delivered

Our ambition at HM Land Registry (HMLR) is to become the world’s leading land registry for speed, simplicity and an open approach to data. A major part of delivering this ambition is our Business Strategy 2017 to 2022 and our increased use of digital technology. We want to reduce the time taken to receive, process and deliver services to our customers, to improve the conveyancing process and make it simpler, faster and cheaper. HMLR therefore has a keen interest in digital signatures, as a means of helping to deliver our strategic objectives. On 5 April 2018, we announced that the first fully digital mortgage deed was entered into the Land Register .

We are aware that practitioners want clarity about our policy and practice relating to digital signatures on documents and deeds, as their use becomes more common.

This article uses the terms digital signature, electronic signature, digital document and electronic document interchangeably. Although they are commonly used to denote different types of signature or document, the relevant legislation (the eIDAS Regulation referred to below, and the Land Registration Act 2002 (LRA 2002)) use the terms electronic signature and electronic document.

Deeds

Section 52 of the Law of Property Act 1925 requires that legal estates in land, or any interests in land, must be conveyed or created by deed (apart from the limited exceptions listed in section 52(2)).

It is clear that the Law Commissioners, when working on the LRA 2002, were not convinced that an electronic document with an electronic signature could be regarded as a deed, without statutory provisions confirming that to be the case. The statutory provision relevant to land registration is section 91 of the LRA 2002. Section 91(5) confirms that an electronic document will be regarded for statutory purposes as a deed if it complies with the provisions of that section. The section applies when an e-document purports to effect a disposition of a registered estate, charge, or noted interest, or is a registrable disposition.

HMLR will be certifying the identities of the borrowers who sign digital mortgages.

Section 91 also provides that the electronic document must have ‘the electronic signature of each person by whom it purports to be authenticated’, and each signature must be certified. Also, the disposition must be of a kind specified in the rules, and meet any other conditions included in the rules. The rules made under that section were originally the Land Registration (Electronic Conveyancing) Rules 2008, but on 6 April 2018, those were revoked, and replaced by rules 54A to 54D inserted into the Land Registration Rules 2003 (LRR 2003).

The newly inserted rules provide that any disposition that must be registered may be carried out using digital documents with digital signatures, once the registrar has published a notice that a new digital service is ready to use. This will allow the incremental introduction of secure electronic conveyancing and registration services, in accordance with user needs and user testing. It will allow the flexibility and speed that is vital in the digital world.

Initially, HMLR is introducing digital mortgages for use when there is no change of ownership. Once that service is established, we expect to develop it further, and introduce other digital conveyancing documents.

Will HMLR only accept e-deeds that satisfy section 91?

HMLR will not accept an e-document with an e-signature as a deed for registration unless it complies with the provisions of the LRA 2002 and LRR 2003.

HMLR expects the highest standards for the authentication of deeds relating to registrable dispositions, whether they are paper or digital. We intend to use our own purpose-built electronic signature solution for the authentication (signing) of the new digital mortgage. Moving forward, we will continue to monitor customer and market needs and, where necessary, adapt our services and solutions to meet those needs.

The solution will provide an advanced electronic signature, as defined in EU Regulation No 910/2014 on electronic identification and trust services for electronic transactions (known as the eIDAS Regulation). EU regulations are directly applicable to member states, so this regulation applies to the UK until we leave the EU. In addition, the UK government has made the Electronic Identification and Trust Services for Electronic Transactions Regulations 2016 (SI 2016/696), pursuant to the eIDAS Regulation. The domestic regulations deal with supervision of trust service providers, and penalties for breaches of the eIDAS Regulation. The supervisor for the purposes of the eIDAS Regulation is the Information Commissioner.

The eIDAS Regulation

An advanced electronic signature must meet the following requirements (article 26 of the eIDAS Regulation).

• It is uniquely linked to the signatory.
• It is capable of identifying the signatory.
• It is created using the electronic signature creation data that the signatory can, with a high level of confidence, use under their sole control.
• It is linked to the data signed in such a way that any subsequent change in the data is detectable.

These are the fundamental characteristics of a digital signature, and you would like to think that they are also the requirements for a handwritten signature, but we think that a digital signature can achieve them better.

To meet the requirements, our signature solution uses public key infrastructure (PKI). PKI is a system that provides the functions needed to create and use an advanced electronic signature.

PKI provides the technology needed for digital signatures in the form of private keys and public keys. The keys are electronic software, and each key pair consists of a private key and a public key that are mathematically related to each other using algorithms and cryptography.

Practitioners want clarity about our policy and practice relating to digital signatures on documents and deeds, as their use becomes more common

The private key is uniquely controlled by the person signing the digital document. It is applied to the document to be signed. It creates a data string using mathematical algorithms, called a message digest, or ‘hash’, from all the data contained in the digital document that is being signed. The hash is unique to the document, and represents the entire data string of the document. No two private keys will produce the same data string. The hash is the signature, and is then attached to or logically associated with the digital document.

The public key is used by those relying on the signature, to decrypt it, ensuring that the signature was applied by the person who controls the corresponding private key. Any tampering or corruption of the document means that the hash, when decrypted by the public key, will not match a second computed hash of the same data. This serves the dual purpose of proving both that the signature is that of the person whose identity has been certified, and that the integrity of the document has not been breached.

PKI provides the means of checking digital signatures are valid.

PKI also provides a hierarchy of trust for those who certify identities for the purpose of digital signing. HMLR will be certifying the identities of the borrowers who sign digital mortgages. It will do this by issuing a certificate alongside the digital signature, and signing that certificate using HMLR’s own digital signature (the ‘root key’). That signature has, in turn, been certified by a highly trusted group of people who witnessed the key-signing ceremony, when HMLR’s own key pair was generated.

In the event of a challenge to an electronically signed contract, it would be for the court to decide on its legal effect if the parties could not agree.

Certifying digital signatures introduces a form of notarial system into the online environment. The certificate is effectively saying: ‘I have checked the identity of the person to whom the e-signature was issued. I certify the identity of the signer, and you can trust this signature.’ The trust certificate issued with the e-signature links the signature data to a natural person and confirms their identity.

Electronic signatures are not witnessed. Indeed, it is not possible for an electronic signature to be physically witnessed in the way that a pen and ink signature can. An electronic document is a collection of data in a computer system, and the electronic signature is another data string that is attached to it. The e-signature is applied to the data within a software system, or in a hardware security module, or through some other computing device. A person cannot witness that process. A ‘witness’ might stand behind someone typing on a keyboard, and see some writing on the screen indicating that the person typing has electronically signed the document shown on the screen. But the ‘witness’ could not be sure that the signatory had electronically signed the data that the screen purports to represent, or that the screen represents the data that is intended to be signed.

That is why electronic signing relies on trust services and certification. Consequently, section 91 of the LRA 2002, which deals with electronic dispositions for the purpose of land registration, refers to e-signatures being certified. Certification of an electronic signature takes the place of witnessing. Establishing the identity of someone purporting to electronically sign a document is vital to establishing its evidential value.

It is useful to have a basic knowledge of the eIDAS Regulation, since it sets the standards for e-signatures across Europe, and the responsibilities and liability of trust service providers. When Britain leaves the EU, it appears likely that the regulation will become British law in some form, to facilitate online trading across Europe. HMLR will be a trust service provider, certifying the identities of those signing digital mortgages, and providing the e-signatures for them. So we will be closely following any transposing of, or changes to, the law relating to e-signatures, since it will affect our strategic objective to drive innovation and digitise more services.

To help with verification of identity, HMLR is currently using a combination of the information provided by the conveyancer together with the GOV.UK Verify service.

Contracts

HMLR does not register contracts, but we can note them in the register of a title affected by the contract, pursuant to section 32 of the LRA 2002. The fact that an interest is the subject of a notice in the register does not necessarily mean that the interest is valid, but does mean that the priority of the interest, if valid, is protected for the purposes of sections 29 and 30 of the act (section 32(3)).

If a contract, signed using electronic signatures of whatever kind, is sent to HMLR with an application to note it, we can enter a notice on the affected register, provided other requirements for the entry of a notice are satisfied. Section 32(3) applies equally to agreed and unilateral notices (the main difference between them being the procedure for cancellation).

In the event of a challenge to an electronically signed contract, it would be for the court to decide on its legal effect if the parties could not agree. If the document were found to be invalid, there would not be a mistake on the register, since the validity of the document is not guaranteed by noting.