Legality of eSignatures in Peru

Background

Electronic signatures are rapidly transforming the document authentication landscape in Peru and globally by introducing efficient and environmentally conscious methods that are gaining momentum. The shift from paper to digital signatures accelerates the completion of various dealings.

It is crucial to select an electronic signature tool that aligns with the nation’s legal stipulations, specifically the Law on Digital Signatures and Certificates, for successful adoption in Peru¹. This is to ascertain the legal validity of electronic signatures compared to their handwritten counterparts in Peru. Despite gaining acceptance, it’s essential to recognize that some documents may still require a physical signature, and seeking legal consultation is advisable to navigate variable regional laws².

The importance of security surrounding electronic signature platforms cannot be understated. Services must integrate robust protection features such as data encryption, verification of signer identities, and provision of audit trails to deter wrongful access and guarantee document authenticity. For instance, BoldSign offers these imperative security features and complies with legal and security protocols.

Enterprises in Peru must emphasize legal conformity, elevate security measures, and choose user-friendly platforms for integrating electronic signatures into their business frameworks. This approach boosts productivity and ensures the protection of their business exchanges.

Overview of the eSignature regulations

The operation of electronic signatures in Peru is regulated by:

Law on Digital Signatures and Certificates³
Supreme Decree No. 004-2007-PCM⁴
Decreto Supremo Nº 052-2008-Pcm

The Peruvian regulation grants all individuals the freedom to execute their contracts upon agreement by the contracting parties electronically⁵. Such contracts shall, however, not be denied legal validity merely on the grounds that they were completed electronically⁶.

Electronic signatures are deemed valid in all judicial proceedings and granted such admissibility as evidence⁷.

The regulation divides electronic signatures into:

Standard electronic signatures
Digital signatures (Advanced electronic signatures)
Digital signatures generated within the official electronic signature infrastructure (Qualified electronic signatures)

A standard electronic signature is any data, including a sound, symbol, or process, executed or adopted to identify a person and indicate that person’s approval or intention regarding the information contained in a data message and which is attached to or logically associated with that data message⁸.

An advanced electronic signature is an electronic signature based on a valid certificate from an accredited certification service provider and designed so that, together with a security procedure, it can be verified that the signature is⁹.

Uniquely linked to the signer
Capable of identifying the signatories
Created using means that the signer can keep their sole control
Linked to the data it relates to so that any subsequent change to the data is detectable

Being uniquely linked to the signer

An advanced electronic signature must be uniquely connected to the person using it. The signature must be uniquely created with methods only the signer can access, like a private key and confidential information, to verify their identity.

The use and incorporation remain in their sole control

The person using the advanced electronic signature must have sole control over the means of creating the signature. Typically, this requires managing a key pair or two-factor authentication, with the signer holding the private key exclusively to prevent signature forgery.

Ability to identify the signatories

The process used to create the signature must be capable of identifying the person signing. This may include using a biometric signature, a Personal Identification Number (PIN), an email address, or even a company registration number.

Ease in tracking down any alterations made after signing

Preserving the authenticity of the signed document is essential. Modifications made to the document post-signature should be identifiable. This is commonly accomplished through an audit trail. Audit trails record the signer’s IP address, timestamps of key signing events, and location, providing proof of identity, timing, and signature place.

A qualified electronic signature is an eSignature that, using an asymmetric cryptography technique, allows the identification of the signatory. It has been created by means that the signatory keeps under its control so that it is linked only to the signatory and the data to which it refers. This guarantees the integrity of the content and detects any subsequent modification¹⁰.

It has the same validity and legal effectiveness as a handwritten signature, as long as it has been generated by a duly accredited Digital Certification Service Provider within the Official Electronic Signature Infrastructure—IOFE, and none of the defects of the will provided for in Title VIII of Book II of the Civil Code mediate.

A qualified electronic signature:

Identifies the signer and establishes a unique association with them
Exclusively controlled by the signer
Connected to the data in a way that ensures the integrity of the information
Supports the detection of any changes to the data after signing
Generated using a digital certificate that complies with specific regulatory standards.

Types of eSignature	Unique features
Standard electronic signature	N/A
Advanced electronic signature	Uniquely linked to the signatory Capable of identifying the signatory Created using means that the signatory can maintain their control Linked to the data it relates to so that any subsequent change to the data is detectable
Qualified electronic signatures	Identifies the signer and establishes a unique association with them Exclusively controlled by the signer Connected to the data in a way that ensures the integrity of the information Supports the detection of any changes to the data after signing Generated using a digital certificate that complies with specific regulatory standards.

Validity of electronic signatures

The digital signature generated within the IOFE has the same legal validity and effectiveness as a handwritten signature. In this sense, when the law requires a person’s signature, this requirement will be deemed to be fulfilled in relation to a data message or electronic document if a digital signature generated within the framework of the IOFE is used.

Recognition of a foreign electronic signature

Digital Signature Certificates issued by foreign entities shall have the same validity and legal effectiveness recognized in this law, provided that such certificates are recognized by a national certification body that guarantees compliance with the requirements and procedure, as well as the validity of the certificate, in the same way as it does with its own certificates¹¹.

The scope and limitations of eSignature transactions

Electronic signature use is not legally recognized for all document types. Some transactions are appropriate for eSignatures, while others are not. Below is a brief analysis and a summary table of these transactions.

Documents that can be signed

Electronic signatures can be employed to affix signatures and provide countersignatures on a diverse array of documents, such as:

Legal opinions
Offer letters
Memoranda & internal correspondences
Non-disclosure Agreements
Purchase orders
H.R.
Procurement
Employee onboarding, etc.

Exemptions

The regulations lack an express provision on which classes of transactions are not to be completed in electronic form. However, caution is to be taken when dealing with:

Certification of documents
Oaths
Notarizations
Powers of attorney
Deeds

Summary list

Permissible transactions	Exempted transactions
Legal opinions Offer letters Memoranda & internal correspondences Non-disclosure agreements Purchase orders H.R. Procurement Employee onboarding	Certification of documents Oaths Notarizations Powers of attorney Deeds Conveyance of real property

How does BoldSign help?

The following elements of compliance available within BoldSign can be used to comply with Peruvian eSignature laws:

Secure and unique signing link: A secure and unique link to sign a document is sent directly to the signer’s email address. This ensures that the document is only accessed by the intended signer and cannot be tampered with.
Password protection: Senders can specify a password that needs to be entered before viewing and signing a document. This adds another layer of security to the signing process.
Audit trail: The IP address of the signer and timestamps for all significant events in the signing process are recorded in an audit trail. This provides a record of who signed the document, when, and where.
Digital signature: The final document is digitally signed with an AATL-compliant certificate. This ensures that the document cannot be tampered with without invalidating the signature.
Consent: Signers are asked to confirm their intent to sign electronically and informed that they could opt out. This ensures that the signer is aware of the implications of signing electronically and has given their consent.
Custom terms: Get your signers to agree to a custom set of terms. This can be useful to ensure additional security or that the signer understands the terms of the document.

Disclaimer: The information on this page is intended to help businesses understand the legal framework of electronic signatures for this particular country.

However, Syncfusion’s officers, directors, stockholders, affiliates, attorneys, accountants, employees, or agents cannot provide legal advice. You should consult your personal attorney regarding your specific legal questions. Laws and regulations are subject to frequent changes, and the information may not be current or accurate. To the maximum extent permitted by law, Syncfusion provides this material on an “as-is” basis. Syncfusion disclaims and makes no representation or warranty of any kind with respect to this material, express, implied, or statutory, including representations, guarantees, or warranties of merchantability, fitness for a particular purpose, or accuracy.

Syncfusion makes no warranties of any kind, including but not limited to the information or the product, whether express, implied, statutory, or otherwise. To the maximum extent permitted by law, Syncfusion disclaims all conditions, representations, and warranties, whether express, implied, or statutory, with respect to this information, without limitation of any implied warranty of merchantability, fitness for a particular purpose, accuracy, or currentness of this information.

Syncfusion nor its officers, directors, stockholders, employees, affiliates, attorneys, accountants, or agents shall be liable for indemnification, nor does this create an express or implied, contractual or statutory, equitable or otherwise, under this Agreement. The officers, directors, stockholders, affiliates, attorneys, accountants, or agents will not have any liability in any form.

¹ Ley nº 27.269 Ley de firmas y certificados digitales – https://fiadi.org/wp-content/uploads/2017/10/LEY-27269-FIRMA-DIGITAL.pdf
² Anna Nordén, ‘Electronic signatures in a legal context,’ in Cecilia Magnusson Sjöberg, editor, I.T. Law for I.T. Professionals – an introduction (Studentlitteratur AB; 2005) pp. 152-154;
³ Ley nº 27.269 Ley de firmas y certificados digitales – https://fiadi.org/wp-content/uploads/2017/10/LEY-27269-FIRMA-DIGITAL.pdf
⁴ Supreme Decree Nº 004-2007-PCM Rules the Official Infrastructure of Electronic Signature – https://www.gob.pe/institucion/pcm/normas-legales/292459-004-2007-pcm
⁵ Ibid S. 13(3)
⁶ Electronic Transactions Act, 2011.- S. 5(1)
⁷ Art. 6 | Ibid (N.1) Art. 1
⁸Ibid (N.4) Art. 4
⁹Ibid (N.4) Art. 19 | Ibid (N.1) Art. 3
¹⁰Decreto Supremo Nº 052-2008-Pcm – Art. 6 – https://diariooficial.elperuano.pe/Normas/obtenerDocumento?idNorma=21
¹¹ Ibid (N.1) Art. 11

Enterprise-Ready E-Signatures

Built to scale with your business

Close deals faster, cut costs, and stay compliant. From startups to global enterprises, thousands trust BoldSign to simplify document signing.

0 +

Years in business

0 +

Customers

0 +

Countries

0 +

Built-in features

Testimonials

Why our customers love us

The true measure of our impact lies in the stories shared by our valued partners.

Google Integration, 25 free sends, dashboard, Signature font options, App is very responsive / fast, Emails between sender and signer are good, Audit trail is very helpful, No account needed for signer is great, Mobile experience is good for signer.

Jeremy Kadlec

Edgewood Solutions

Switch to BoldSign already! It's intuitive to use and affordable for small businesses. I never have to worry about the status of a document because with BoldSign I know. Plus, they let you program the frequency of reminders signatories receive. I'm so glad to have found it!

Sarah Dillard

Kaleidoscope

We’re using BoldSign successfully in our b2b SaaS platform - as it’s embedded to allow seasonal farm workers and their agribusiness employers to e-sign their employment onboarding documents for the first time. It’s part of the total solution saving the workers and HR managers 50% more time compared to their traditional pen/paper manual process.

Scott Prince

Croft

Sign up for your free trial today!

30-day free trial
No credit card required

30-day free trial

No credit card required