Are electronic signatures legal in the UAE? What are the main laws regulating electronic signatures?

Electronic signatures are legal in the United Arab Emirates (UAE) and are primarily governed by the following legislation:

• The UAE Electronic Transactions Law (Federal Decree-Law No. (46) of 2021 on Electronic Transactions and Trust Services).
• The UAE Electronic Transactions Implementing Regulations (Cabinet Decision No. (28) of 2023 concerning the Implementing Regulation of Federal Decree-Law No. 46/2021 on Electronic Transactions).
• Ministerial Resolution (Minister of Economy Resolution No. 1 of 2008, issuing the list of Electronic Certification Service Providers).
• The Civil Evidence Law (Federal Law No. 35 of 2022, promulgating the Law of Evidence in Civil and Commercial Transactions).

What types of electronic signatures are recognised in the UAE? What are the respective requirements for each?

The UAE recognises three types of electronic signatures: Electronic Signature, Qualified Electronic Signature, and Approved Electronic Signature.

Electronic Signature

A signature consisting of letters, numbers, codes, sounds, fingerprints, or an electronic form processing system attached to or logically linked to an electronic document, used to verify the identity of the signatory and accept the content of the data associated therewith.

Qualified Electronic Signature (QES)

Article 4 of the Electronic Transactions Law specifies that a Secure Electronic Signature (often functionally equivalent to a QES in this context) shall be a signature that meets the following conditions:

• It is exclusively and solely linked to the Signatory and under their control;
• It is capable of identifying the Signatory;
• It is linked to the data signed therewith in such a way that any modification to said data can be detected;
• It is created using technical and security technologies in accordance with the requirements stipulated in the Electronic Transactions Implementing Regulations;
• Any other conditions stipulated by the Electronic Transactions Implementing Regulations.

Approved Electronic Signature (ApES)

• It is created based on an approved and valid authentication certificate in accordance with the provisions of the UAE Electronic Transactions Law;
• It is created using an approved electronic signature creation device;
• The data establishing the authenticity of the Approved Electronic Signature shall be identical to the data submitted to the Relying Party;
• The data identifying the Signatory of the approved authentication certificate shall be appropriately submitted to the Relying Party, and if personal data hiding techniques are used, the Relying Party shall be notified thereof;
• It is created using technical and security technologies in accordance with the requirements stipulated in the Electronic Transactions Implementing Regulations;
• Any other conditions stipulated by the Electronic Transactions Implementing Regulations.

Dubai International Financial Centre (DIFC)

The Dubai International Financial Centre (DIFC) is an independent jurisdiction within the UAE. Electronic signatures are legal in the DIFC and are primarily governed by DIFC Law No. 2 of 2017, the Electronic Transactions Law (DIFC ETL).

What is an electronic signature in the DIFC?

The DIFC ETL defines an electronic signature as an electronic sound, symbol, or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record.

What are the reliability requirements for an electronic signature in the DIFC?

Under the DIFC ETL, an electronic signature is considered to identify the relevant person and to indicate that person's intention with respect to the information contained in the electronic record, provided that the electronic signature is:

• as reliable as appropriate for the purpose for which the document or record was generated or communicated, in light of all the circumstances, including any relevant agreement; or
• proven in fact to have fulfilled the functions described above, either by itself or together with other evidence.

The DIFC ETL affirms that if any law requires a document to be signed, an electronic signature satisfies that requirement; furthermore, an electronic signature shall not be denied admissibility in evidence solely on the grounds that it is an electronic signature.

In what circumstances does the DIFC exclude the use of electronic signatures?

The use of electronic signatures is excluded for the following instruments or in the following scenarios:
Article 8 of the DIFC ETL provides that the law does not apply to any rule of law requiring writing or signatures in any of the following matters under any other DIFC Law:
 

• The creation, performance or enforcement of a power of attorney;
• The creation, performance or enforcement of a declaration of trust (with the exception of implied, constructive and resulting trusts) and any provision under the Trust Law 2005 requiring information to be in writing;
• The creation and execution of wills, codicils or testamentary trusts;
• The production, signing and use of affidavits or statutory declarations as evidence in court proceedings under Rule 29 of the Rules of the DIFC Courts 2014;
• The sale, purchase, lease (for a term of more than 10 years) and other disposition of immovable property and the registration of other rights relating to immovable property.

Abu Dhabi Global Market (ADGM)

The Abu Dhabi Global Market (ADGM), as an independent jurisdiction within the UAE, permits electronic signatures. They are primarily governed by the ADGM Electronic Transactions Regulations 2021 (ADGM ETR).

What is an electronic signature in the ADGM?

Pursuant to the ADGM ETR, an electronic signature is an electronic sound, symbol, or process, attached to or logically associated with an electronic record, which may be used to identify the signatory and indicate the signatory’s approval of the information contained in the electronic record.

What are the reliability requirements for an electronic signature in the ADGM?

The ADGM ETR provide that an electronic signature is reliable if:

• the signature creation data are, within the context in which they are used, linked to the signatory and to no other person;
• the signature creation data were, at the time of signing, under the control of the signatory and of no other person;
• any alteration made to the electronic signature after the time of signing is detectable; and
• where a purpose of the legal requirement for a signature is to provide assurance as to the integrity of the information to which it relates, any alteration made to that information after the time of signing is detectable.

The ADGM ETR specify that if any enactment requires a person’s signature, or provides for certain consequences if a document or record is not signed, that requirement is met by the use of an electronic signature, unless the enactment expressly prohibits the use of an electronic signature.