Legality Reference

eSignature Legality & Law in Malaysia

eSignature usage is considered legal and permitted in Malaysia, as stated in the Digital Signature Act 1997 (โ€œDSAโ€) and Electronic Commerce Act 2006 (โ€œECAโ€).

Images by Mekari e-sign
Daftar isi

    The legality overview

    Malaysian law recognizes eSignatures within two types: electronic and digital signatures. The electronic signatures are governed under the ECA [Section 6], which acknowledges their legal effect, validity, and enforceability.

    On the other hand, digital signature is the form of a more secured signature, backed by trusted certificates & regulated under the DSA [Section 62(2)]. It deems the digital signature is legally equivalent to handwritten signatures & thumbprints. Although both types can be considered enforceable as โ€œwet signaturesโ€ as long as they meet the required legal standards.

    Types of eSignature used

    Electronic signatures

    Electronic signatures in Malaysia are governed by the 2006 ECA. It is defined as โ€œany letter, character, number, sound, or any other symbol or any combination thereof created in an electronic form adopted by a person as a signature.โ€

    To be legally recognized under the ECA [Section 9], an electronic signature must:

    • Be attached to or logically associated with the electronic message
    • Adequately identify the signer and indicate their approval of the information to which the signature relates, and
    • Be as reliable as is appropriate for the purpose and circumstances in which it is used.

    An electronic signature is deemed โ€œas reliable as is appropriateโ€ if:

    • The means of creating the signature is uniquely linked to and under the sole control of the signer,
    • Any alteration to the electronic signature after signing is detectable, and
    • Any alteration to the signed document after signing is detectable.

    These requirements ensure the integrity, authenticity, and non-repudiation of electronic signatures, making them legally binding and enforceable when the outlined conditions are met.

    Digital signatures

    Digital signatures in Malaysia are regulated under the Digital Signature Act 1997 (DSA). A digital signature is defined as โ€œa transformation of a message using an asymmetric cryptosystem such that a person having the initial message and the signerโ€™s public key can accurately determine:

    1. Whether the transformation was created using the private key that corresponds to the signerโ€™s public key; and
    2. Whether the message has been altered since the transformation was made.

    To fulfill the legal requirements under the DSA [Section 2], a digital signature must:

    • Be verified by referencing the public key listed in a valid digital certificate issued by a licensed certification authority;
    • Be affixed by the signer with the intention of signing the message;
    • The recipient must have no knowledge or notice that the signer has breached a duty as a subscriber or does not rightfully hold the private key used to affix the digital signature.

    As required by the DSA, the signers must obtain a valid license to issue digital certificates. These certifications under DSA ensure that digital signatures are secured and legally binding under Malaysian law, equivalent to handwritten signatures.

    Permitted usages in Malaysia

    Under the 2006 ECA, electronic signatures (including digital signatures) are not mandatory yet legally valid for most electronic commercial transactions, including those involving federal and state governments. Section 6 of the ECA ensures that electronic messages cannot be denied legal effect or enforceability if they are accessible and meet the criteria for electronic signatures.

    However, certain documents are explicitly prohibited from being signed electronically under the ECA, including:

    • Powers of attorney
    • Wills and codicils
    • Trusts
    • Negotiable instruments

    Additionally, documents requiring notarization or attestation, such as real property instruments and instruments of transfer, generally cannot be signed electronically unless allowed by specific legal provisions.

    In the public sector, the Electronic Government Activities Act 2007 (EGAA) extends the recognition of electronic signatures for interactions with government entities. For Malaysia’s government procurement via the ePerolehan system, digital signatures are mandatory and must be backed by digital certificates issued under the Government Public Key Infrastructure (GPKI).

    While digital signatures can fulfill the legal requirement of affixing a seal to electronic documents under the 1997 DSA, the use of electronic signatures is still limited in scenarios.

    Disclaimer

    This information is for general guidance only and not legal advice. For specific legal questions & advices, please consult to the legal authorities of the respective country. Laws on electronic signatures may change and vary based on context. While efforts are made to ensure accuracy, this material is provided “as-is” and Mekari Sign cannot guarantee these legality to be current & fully correct.

    WhatsApp WhatsApp Sales