Are electronic signatures legally binding?

Yes. In the US (ESIGN Act, 2000), EU (eIDAS Regulation, 2014), and UK (Electronic Communications Act, 2000), electronic signatures carry the same legal weight as handwritten signatures for most documents.

What's the difference between SES, AES, and QES?

SES (Simple Electronic Signature) is any electronic indication of intent to sign — a typed name, a click, an email confirmation. AES (Advanced Electronic Signature) is uniquely linked to the signer through cryptographic means. QES (Qualified Electronic Signature) uses a qualified certificate issued by a trusted provider and has the legal weight of a handwritten signature in the EU.

When do I need a Qualified Electronic Signature (QES)?

QES is required in specific EU contexts: real estate transactions in some member states, certain government filings, and regulated financial services. For most commercial contracts, standard electronic signatures (SES) are sufficient.

What is the ESIGN Act?

The Electronic Signatures in Global and National Commerce Act (15 U.S.C. § 7001) is a US federal law enacted in 2000 that gives electronic signatures the same legal validity as handwritten signatures for interstate and foreign commerce.

April 2026 · Legal Guide

E-Signature Compliance: ESIGN Act, eIDAS, and ECA 2000 Explained

"Is this legally binding?" is the first question every developer asks when integrating e-signatures. The short answer is yes. The longer answer involves three laws across three jurisdictions — and knowing which one applies to you.

Michael Beckett

Founder, Signbee

The three laws you need to know

Law	Jurisdiction	Year	Key principle
ESIGN Act	United States	2000	E-signatures cannot be denied legal effect solely because they are electronic
eIDAS Regulation	European Union	2014	Defines three tiers: SES, AES, QES. QES has the equivalent effect of a handwritten signature
ECA 2000	United Kingdom	2000	Electronic signatures are admissible as evidence and cannot be excluded solely because of form

All three laws share the same core principle: an electronic signature cannot be denied legal validity simply because it's electronic rather than handwritten.

US: The ESIGN Act (15 U.S.C. § 7001)

The Electronic Signatures in Global and National Commerce Act is the primary US federal law governing electronic signatures. It establishes that:

A signature cannot be denied legal effect because it is in electronic form
A contract cannot be denied legal effect because it was formed electronically
Consumer consent is required for electronic records (the consumer must agree to receive records electronically)

The ESIGN Act is technology-neutral — it doesn't specify how an electronic signature must be created. A typed name, a click on an "I agree" button, a SHA-256 hash, or a biometric scan can all qualify.

Exceptions: Wills, family law (adoption, divorce), court orders, foreclosure notices, and certain UCC transactions are excluded from ESIGN coverage.

EU: eIDAS Regulation — the three tiers

The eIDAS Regulation (EU) No 910/2014 is more prescriptive than the ESIGN Act. It defines three levels of electronic signature:

SES — Simple Electronic Signature

Any data in electronic form attached to or logically associated with other electronic data, used as a signature. This includes typed names, email confirmations, and checkbox agreements.

Most commercial contracts use SES. This is what Signbee provides.

AES — Advanced Electronic Signature

Uniquely linked to the signer, capable of identifying the signer, created using data under the signer's sole control, and linked to the signed data so any subsequent change is detectable.

Uses cryptographic keys. Higher assurance than SES but does not require a qualified certificate.

QES — Qualified Electronic Signature

An AES created by a qualified electronic signature creation device and based on a qualified certificate. Has the legal equivalent of a handwritten signature across all EU member states (Article 25.2).

Requires identity verification through a Trust Service Provider (e.g., eID Easy).

UK: Electronic Communications Act 2000

Post-Brexit, the UK retained its own framework. The Electronic Communications Act 2000 established that electronic signatures are admissible in legal proceedings and cannot be excluded as evidence solely because they are in electronic form.

UK law also recognised the Law Commission's 2019 statement confirming that electronic signatures are valid for executing documents, including deeds (with witnessing).

In practice, the UK approach is closest to the US — technology-neutral and broadly permissive for commercial transactions.

When do you need QES?

For most developers building commercial applications, SES is sufficient. QES is required in specific cases:

Real estate: Required in some EU member states (e.g., Austria, Belgium) for property transfers
Government filings: Some EU public procurement and regulatory submissions
Regulated finance: Certain financial services compliance in specific jurisdictions
Employment: Some countries require QES for fixed-term employment contracts

If you're building a SaaS, a marketplace, a freelance platform, or an AI agent — SES is almost certainly sufficient for your use case.

What makes an e-signature defensible

Regardless of which law applies, courts look for the same things when evaluating an e-signature's validity:

Intent to sign — did the signer intend to be bound? (explicit action like clicking "Sign")
Consent to electronic records — did the signer agree to receive documents electronically?
Association — is the signature connected to the document? (not just a standalone signature)
Record retention — can the signed document be accurately reproduced and stored?
Audit trail — timestamps, IP addresses, and integrity verification (e.g., SHA-256 hashing)

Signbee's signing certificate includes all five: an explicit signing action, email delivery as electronic consent, signatures embedded in the PDF, permanent document storage, and a SHA-256 hash with timestamps and IP addresses.

Quick reference: which law applies?

Your users are mostly in the US → ESIGN Act applies. SES is fine for most commercial use.

Your users are in the EU → eIDAS applies. SES for most contracts. QES only for regulatory requirements.

Your users are in the UK → ECA 2000 applies. Similar to US — broadly permissive.

Your users are global → Use an API that produces defensible signatures under all three frameworks. Signbee's SHA-256 certificates satisfy evidence requirements across all jurisdictions.

FAQs

Are e-signatures legally binding?

Yes, in virtually every jurisdiction. The ESIGN Act (US), eIDAS (EU), and ECA (UK) all give electronic signatures the same weight as handwritten ones for most commercial transactions.

When is a QES required instead of a simple e-signature?

QES is required in specific EU regulatory contexts: some real estate transactions, government filings, and certain financial services. For standard commercial contracts, SES is sufficient.

What makes an e-signature defensible in court?

Intent to sign, consent to electronic records, association between signature and document, record retention, and an audit trail with timestamps and integrity verification.

Does Signbee support QES?

Signbee provides standard electronic signatures (SES) with SHA-256 certificates. For QES, consider eID Easy, which connects to 80+ identity providers.

Related resources

Guide

How to Send a Document for Signature

Guide

How to Create an Electronic Signature

Glossary

Electronic Signature (E-Signature)

Glossary

Qualified Electronic Signature (QES)

Alternative

eSignatures.io Alternative

Legally binding e-signatures — free tier, no credit card.

Read the docs Get started free