Legality of eSignatures in Kosovo

Background

Electronic signatures are rapidly transforming the document authentication landscape in Kosovo and globally by introducing efficient and environmentally conscious methods that are gaining momentum. The shift from paper to digital signatures accelerates the completion of various dealings.

It is crucial to select an electronic signature tool that aligns with Kosovo’s legal stipulations, specifically the Electronic Identification and Trust Services, for successful adoption¹. This is to ascertain the legal validity of electronic signatures compared to their handwritten counterparts in Kosovo. Despite the progressive acceptance, it’s essential to recognize that some documents may still need a physical signature, and seeking legal counsel is advisable to navigate variable regional laws².

The importance of security surrounding electronic signature platforms cannot be understated. Services must integrate robust protection features, such as data encryption, verification of signer identities, and the provision of audit trails to deter wrongful access and guarantee document authenticity. For instance, BoldSign offers these imperative security features and complies with legal and security protocols.

Enterprises in Kosovo must emphasize legal conformity, elevate security measures, and choose user-friendly platforms for integrating electronic signatures into their business frameworks. This approach boosts productivity and ensures the protection of their business exchanges.

Overview of the regulation of electronic signatures in Kosovo

Despite not being a member of the European Community, Kosovo has established strong connections with the European Common Market. As a result of these connections, Kosovo has incorporated Regulation No. 910/2014³ in its national framework, which pertains to electronic transactions and identification systems.

Operations entailing the use of electronic signatures within Kosovo are regulated by the Electronic Identification and Trust Services Law⁴.

As a rule, the regulation deems electronic signatures legal when completing transactions. The regulation grants all individuals the freedom to electronically execute their contracts upon Agreement by the contracting parties. However, such electronic signatures and contracts shall not be denied legal validity merely because they were completed electronically⁵.

eSignatures under the regulation are classified into three categories⁶:

Simple electronic signature
Advanced electronic signature
Qualified electronic signature

A standard electronic signature is any electronic data connected to, integrated within, or logically linked with other electronic data, and it functions to verify the identity of the supposed sender.

An advanced electronic signature is an electronic signature meeting the following set of requirements⁷:

Uniquely linked to the signatory
Capable of identifying the signatory
Created using means that the signatory can maintain their control
Linked to the data it relates to so that any subsequent change to the data is detectable

Being uniquely linked to the signer

A secure electronic signature must be uniquely connected to the person using it. The signature must be uniquely created with methods only the signer can access, like a private key and confidential information, to verify their identity.

The use and incorporation remain in their sole control

The person using the secure electronic signature must have sole control over the means of creating the signature. Typically, this requires managing a key pair or two-factor authentication, with the signer exclusively holding the private key to prevent signature forgery.

Able to identify the person using the technological process

The process used to create the signature must be capable of identifying the person signing. This may include using a biometric signature, a Personal Identification Number (PIN), an email address, or a company registration number.

Easy to track down any alterations made after signing

Preserving the authenticity of the signed document is essential. Modifications made to the document post-signature should be identifiable. This is commonly accomplished through an audit trail. Audit trails record the signer’s IP address, timestamps of key signing events, and location, providing proof of identity, timing, and signature place.

Under the regulation, an advanced electronic signature issued by any EU member state is recognized as an advanced electronic signature in Kosovo. This depends on whether it meets the conditions specified⁸.

A qualified electronic signature is an advanced electronic signature generated by a certified device. It relies on an accredited certificate specific to electronic signatures.

The Electronic Identification and Trust Services regulations decree a set of validation standards that are to be considered in assessing the validity of a qualified electronic signature, as follows⁹:

Statutory compliant certificate at the time of signing.
A qualified trust service provider issued a certificate that was valid when signing.
Signature validation data corresponds to the data provided to the relying party.
The unique set of data representing the signatory in the certificate was correctly supplied to the relying party.
The use of any pseudonym is expressly indicated to the relying party where used at the time of signing.
A qualified electronic signature creation device creates the electronic signature.
The integrity of the data message has not been compromised.
Meets the validity standards of an advanced eSignature.

Qualified electronic signatures are deemed to have the same legal validity granted to wet-ink signatures. The signature, additionally, benefits from the presumption that the integrity and correctness of the data message are maintained from the point of fixation.

Summary

Types of signature	Unique features
Simple electronic signature	No unique feature other than being data in electronic form
Advanced electronic signature	Uniquely linked to the signer. Capable of identifying the user. Developed through means that the signatory can maintain their control. Linked to the data it relates to so that any subsequent change to the data is detectable.
Qualified electronic signature	Certificate compliant with laws provided at signing. The trust service provider issued a valid certificate at signing. Signature validation matches the data given to the recipient. The signatory's unique data is accurately given to the recipient. Any pseudonym used is disclosed to the recipient. Signatures created with a qualified electronic signature device. Signed data integrity maintained. Meets all features of Advanced eSignature.

The scope and limitations of eSignature transactions

Electronic signature transactions and their utilization do not have universal legal acceptance for document finalization. Consequently, there are specific types of transactions and uses for which electronic signatures are suitable, and others are not. Following is an analysis of this matter, accompanied by a summarized table of the transactions.

Documents that can be signed

Electronic signatures can be employed to affix signatures and provide countersignatures on a diverse array of documents, such as:

Human resources
Procurement
Software license agreements
Insurance industry
Educational field, etc.

Exempted transactions

In limiting the scope of electronic signature, the Directive stopped the following set of transactions from being completed by electronic means¹⁰:

Transactions under family law
Notaries
Deeds
Transactions of bail and bonds

Summary transactions

Permissible transactions	Exempted transactions
Human resources Procurement Non-disclosure agreements (assuming they are contracts, not formal deeds) Software license agreements Insurance industry Educational field Public petitions, etc.	Transactions under family law Notaries Deeds Transactions of bail and bonds

To ensure the authenticity of an electronic signature, it’s advisable to follow these best practices in addition to complying with all applicable legal requirements:

Confirm the signer’s identity and, in situations involving business dealings, verify that the individual is duly authorized to act on behalf of the company in affixing their signature.
Secure explicit Agreement from the individual signing, which may be incorporated in the contract itself or in a separate accord, to signify their intention to use the specified electronic signature for the document in question.
Safeguard the document to prevent any modifications after the signature is applied.
Keep an exhaustive log of the signing procedure, recording each step the signer performs.

How does BoldSign help

The following elements of compliance available within BoldSign can be used to comply with Kosovo eSignature laws:

Secure and unique signing link: A secure and unique link to sign a document is sent directly to the signer’s email address. This ensures that the document is only accessed by the intended signer and cannot be tampered with.
Password protection: Senders can specify a password that needs to be entered before viewing and signing a document. This adds another layer of security to the signing process.
Audit trail: The IP address of the signer and timestamps for all significant events in the signing process are recorded in an audit trail. This provides a record of who signed the document, when, and where.
Digital signature: The final document is digitally signed with an AATL-compliant certificate. This ensures that the document cannot be tampered with without invalidating the signature.
Consent: Signers are asked to confirm their intent to sign electronically and informed that they could opt out. This ensures that the signer is aware of the implications of signing electronically and has given their consent.
Custom terms: Get your signers to agree to a custom set of terms. This can be useful to ensure additional security or that the signer understands the terms of the document.

Disclaimer: The information on this page is intended to help businesses understand the legal framework of electronic signatures for this particular country.

However, Syncfusion’s officers, directors, stockholders, affiliates, attorneys, accountants, employees, or agents cannot provide legal advice. You should consult your personal attorney regarding your specific legal questions. Laws and regulations are subject to frequent changes, and the information may not be current or accurate. To the maximum extent permitted by law, Syncfusion provides this material on an “as-is” basis. Syncfusion disclaims and makes no representation or warranty of any kind with respect to this material, express, implied, or statutory, including representations, guarantees, or warranties of merchantability, fitness for a particular purpose, or accuracy.

Syncfusion makes no warranties of any kind, including but not limited to the information or the product, whether express, implied, statutory, or otherwise. To the maximum extent permitted by law, Syncfusion disclaims all conditions, representations, and warranties, whether express, implied, or statutory, with respect to this information, without limitation of any implied warranty of merchantability, fitness for a particular purpose, accuracy, or currentness of this information.

Syncfusion nor its officers, directors, stockholders, employees, affiliates, attorneys, accountants, or agents shall be liable for indemnification, nor does this create an express or implied, contractual or statutory, equitable or otherwise, under this Agreement. The officers, directors, stockholders, affiliates, attorneys, accountants, or agents will not have any liability in any form.

¹ Law No. 08/L-022 On Electronic Identification and Trust Services In Electronic Transactions –https://www.assembly-kosova.org/Uploads/Data/Documents/PLperidentifikiminelektronikdhesherbimetebesuaranetransaksionetelektronike_JXjyE98JbG.pdf
² Anna Nordén, ‘Electronic signatures in a legal context,’ in Cecilia Magnusson Sjöberg, editor, I.T. Law for I.T. Professionals – an introduction (Studentlitteratur AB; 2005) pp. 152-154.
³ Regulation (E.U.) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/E.C. – https://Kosovor-lex.Kosovoropa.Kosovo/eli/reg/2014/910/oj
⁴ Law No. 08/L-022 On Electronic Identification and Trust Services In Electronic Transactions –https://www.assembly-kosova.org/Uploads/Data/Documents/PLperidentifikiminelektronikdhesherbimetebesuaranetransaksionetelektronike_JXjyE98JbG.pdf
⁵ Ibid (N.1) Art. 32
⁶ Ibid (N.1) Art. 3
⁷Ibid (N.1) Art. 33
⁸Ibid
⁹Ibid (N.1) Art. 35
¹⁰Ibid (N.1) Art 34

Enterprise-Ready E-Signatures

Built to scale with your business

Close deals faster, cut costs, and stay compliant. From startups to global enterprises, thousands trust BoldSign to simplify document signing.

0 +

Years in business

0 +

Customers

0 +

Countries

0 +

Built-in features

Testimonials

Why our customers love us

The true measure of our impact lies in the stories shared by our valued partners.

Google Integration, 25 free sends, dashboard, Signature font options, App is very responsive / fast, Emails between sender and signer are good, Audit trail is very helpful, No account needed for signer is great, Mobile experience is good for signer.

Jeremy Kadlec

Edgewood Solutions

Switch to BoldSign already! It's intuitive to use and affordable for small businesses. I never have to worry about the status of a document because with BoldSign I know. Plus, they let you program the frequency of reminders signatories receive. I'm so glad to have found it!

Sarah Dillard

Kaleidoscope

We’re using BoldSign successfully in our b2b SaaS platform - as it’s embedded to allow seasonal farm workers and their agribusiness employers to e-sign their employment onboarding documents for the first time. It’s part of the total solution saving the workers and HR managers 50% more time compared to their traditional pen/paper manual process.

Scott Prince

Croft

Sign up for your free trial today!

30-day free trial
No credit card required

30-day free trial

No credit card required