Michele Martoni and Monica Palmirani
This means that signatories will be held liable for any consequences that may flow from their accepting to activate a nontransparent procedure. The opinion, then, appears to be grounded in the full‐awareness principle framing the very idea of consent as a cognizant and informed decision.
It also bears pointing out that the opinion does not strike down the idea of identifying documents by class( Solution C above), so long as certain constraints are satisfied which will be illustrated below.
5.3 The signature over time
Question( 2): If Solution C above is adopted, will it be possible for someone other than the signatory to block an automated signing procedure, even remotely, if the need should arise. A case in point would be the paradoxical scenario where a signatory has died and yet keeps signing documents because the procedure is still active.
CNIPA replied by commenting that a signature‐creating device must always be activated by the signatory and that it deactivates only once a“ specific stream of documents” has been completely signed. It is clear from this comment that CNIPA treats an entire procedure as a single action delimited by a“ document stream.” We take the view, then, that each document stream is understood to be indivisible: if the procedure were to be interrupted in midstream, it would not be possible to restart it without a new intentional act on the signatory’ s part. In practice, then, it will be possible to stream documents into bundles.
And if we wanted to implement a system for issuing certificates on demand, then each request for one or more documents could make a bundled stream requiring its own acceptance on the signatory’ s part. Or, on the contrary, a bundled stream might be defined by the signatory on the basis of two or three predicates describing the documents to be submitted for signing: documents would make it into this class as a bundled stream on the basis of their( 1) type,( 2) date range, or( 3) number.
5.4 Control on the signature
Question( 3): Under Solution C, should signatories be informed in advance of what happens once they unlock a signature‐creating device and what characteristics the device has( especially in view of the fact that the procedure these devices set in motion will run to completion and won’ t stop on its own without any input from the signatories themselves). CNIPA replied to this question by referring us to its comment under the previous Question 2. I take this to mean that CNIPA recognizes automated procedures as legitimate only when applied to document bundles, this in part in order to ensure that the signatory does not lose control of the signing procedure.
5.5 The nature of the signature
Question( 4): The last question was whether the final recipient of a document digitally signed through an automated procedure should be notified of the nature of the signature, namely, its being affixed in a different way than is the case with a single digital signature( a question asked in light of the previously quoted CNIPA guideline( p. 26) under which it ought to be“ possible to immediately determine, when running a check, that an automated procedure was used”). If so, what should such a notice say? CNIPA replied here that“ it does not seem [...] necessary to notify final recipients if the document they received was signed through an automated procedure.” We take the view that this is because an automated signature is at bottom a digital signature, so much so that it carries the same legal effect. Indeed, the way a signature is affixed does not change its legal effect from the recipient’ s standpoint, and so there is no reason to require a notice. Still, CNIPA went beyond the strict framing of the query and noted, too, that“ the signatory must expressly accept to use the procedure and must be adequately informed of its characteristics.” It was further noted by CNIPA that“ the signatory needs to be informed about the way the PIN is used, about the use restrictions stated in the digital certificate relative to the key pair used for the signature, and especially about the documents to be signed.”
This last comment— on the need to inform signatories“ about the documents to be signed”— does not seem entirely clear. Here I would refer the reader to the discussion of CNIPA’ s replies to the previous questions.
316