08-12-2021

New U.S. Senate Bill Proposes Digital Signatures to Protect Sensitive Court Orders

Stephen Davidson

Important new legislative developments in the United States move forward the use of digital signatures to assert the origin and integrity of important legal electronic documents such as court orders.

Sen. Ron Wyden of Oregon, whose goal is to improve the procedures for the authentication and the secure and tamper-evident delivery and transmission of certain court orders, has introduced the Digital Authenticity for Court Orders Act of 2021.

The problem with current methods

The bill is motivated by the growing problem of bogus court documents being used to improperly authorize surveillance, such as inappropriate wiretaps of love interests. Other problem areas have been counterfeit requests to seize control of website domains or to direct web providers to take down embarrassing information from the internet.

With the exponential increase of remote working during the COVID-19 pandemic, the courts have reduced face-to-face interactions, so often the fraud is as simple as a copy-and-paste of a judge’s signature from a scan of a valid court order into the counterfeit order.

“There are a lot of hard problems when it comes to tech policy – this isn’t one of them,” said Wyden. “Our bill will shut down the scam artists and fraudsters that have abused the insecure court order system, by using time-tested technology that is widely deployed elsewhere in the government. This bipartisan legislation will improve confidence in the legal system and ensure only legitimate court orders are executed.”

How digital signatures work

Digital signatures enable recipients of a digital document, such as a signed PDF, to verify that it was issued by an authorized entity and that it has not been tampered with or modified since it was digitally signed. For example, the U.S. Government Publishing Office digitally signs the PDFs it provides for laws, regulations and presidential documents in the Federal Register to assert their origin and authenticity.

Providers like DigiCert provide digital certificates according to U.S. government standards for a variety of uses including encryption, user authentication, secure email and document signing. Cloud-based platforms such as DigiCert ONE® Document Trust Manager are also key parts of many companies’ digital transformation strategies. DigiCert’s QuoVadis is also an eIDAS Qualified Trust Service Provider, which plays a key role in legally valid e-signatures under European legal systems.

History of digital signatures in the U.S. government

The U.S. government has been using digital signatures for decades. In 1994, the National Institute of Standards and Technology (NIST) first published FIPS 186-4, which is the official standard for digital signatures for the federal government. In 1998, the Government Paperwork Elimination Act started to require some executive branch agencies use digital signatures in certain official business.

There is also recent precedent for using digital signatures on legal documents. Starting in 2021, Congress required that the Department of Homeland Security’s Cybersecurity and Infrastructure Agency adopt digital signatures on subpoenas it issues.

A digitally signed PDF from the Federal Register proves that it is an official U.S. government document and not been tampered with since the signature was applied by the Government Publishing Office.

What the bill proposes

Wyden’s proposal will direct NIST to develop additional standards for digital signatures on court orders within two years. Federal courts will pilot the technology first, and then state and tribal courts will have to adopt it within four years of the NIST standards being implemented.

The bill also advances the cause of evidential weight for digital signatures under the U.S. legal system by providing immunity to telecommunications providers and other technology companies that refuse to comply with court orders that lack a valid digital signature, as well as court costs and attorney fees.

The bill has bipartisan co-sponsorship by Sen. Thom Tillis of North Carolina and Sen. Sheldon Whitehouse of Rhode Island. The Wyden-Tillis-Whitehouse bill is also endorsed by an array of experts and organizations, including Public Citizen, Free Law Project, Yelp and Professor Eugene Volokh of the UCLA School of Law.

Digital signatures are the solution

Michael Lissner, executive director and CTO of the Free Law Project said, “With more and more fake court orders being sent to telecommunications and technology companies, it’s no longer possible to deny that fake court orders are a real problem affecting Americans. Digital signatures are the solution to this problem, and this bill provides all the right pieces to bring them into daily usage by courts.”

UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

07-03-2024

What is a CA’s Role in delivering digital trust?

10-31-2024

Announcing the GA release of DigiCert Device Trust Manager

10-29-2024

Solving the revocation gap with short-lived certificates