Legality of eSignatures in Rwanda

blogs-ads-banner

Background

Electronic signatures are rapidly transforming the document authentication landscape in Rwanda and globally, introducing efficient and environmentally conscious methods that are building momentum. The shift from paper to digital signatures accelerates the completion of various dealings.

For successful adoption in Rwanda, it is crucial to select an electronic signature tool that aligns with the nation’s legal stipulations, specifically the Electronic Transactions Act1. This is to ascertain the legal validity of electronic signatures compared to their handwritten counterparts in Rwanda. Despite the progressive acceptance, it’s essential to recognize that some documents may still need a physical signature, and seeking legal consultation is advisable to navigate variable regional laws2.
The importance of security surrounding electronic signature platforms cannot be understated. Services must integrate robust protection features, such as data encryption, verification of signer identities, and provision of audit trails to deter wrongful access and ensure document authenticity. For instance, BoldSign offers these imperative security features and complies with legal and security protocols.

Rwandan enterprises must emphasize legal conformity, elevate security measures, and choose user-friendly platforms for integrating electronic signatures into their business frameworks. This approach boosts productivity and ensures the protection of their business exchanges.

Overview of the eSignature regulations

Generally, the law of Rwanda grants electronic signatures and transactions the same legal recognition and validity as traditional signatures and transactions3.

The use of electronic signatures is controlled by:

Law on Electronic Messages, Electronic Signatures and Electronic Transactions4

Additionally, in any legal proceedings, an electronic signature shall be accepted and valued as evidence because it is in electronic form and/or not based upon a security procedure or certificate5. Where the law requires a signature of a person, that requirement is met on an electronic message if:
  • The method used allows the originator to be identified and approve the contents of the message.
  • That method is reliable and is the one that was provided to generate and communicate the electronic message in accordance with any relevant agreement.
The regulations, without prejudice to conventions and technology used, consider all electronic signatures to be valid as long as they conform to the provisions of this law in granting technological fairness to the use of electronic signatures6.

Under the regulation, a legal requirement for verification, acknowledgment, or an oath via electronic signature or message is fulfilled if it includes the electronic signature of a notary or other competent authority7.

The governing regulations categorize electronic signatures into:

  • Electronic signature
  • Digital signatures

An electronic signature is any data in electronic form affixed to or logically associated with an electronic message, which may be used to identify the signatory in relation to the electronic message or to approve the information contained in the electronic message8.

Electronic signatures are deemed to be secure when they are9:

  • Uniquely linked to the signatory
  • Capable of identifying the signatory
  • Created using means that the signatory can maintain their control
  • Linked to the data it relates to so that any subsequent change to the data is detectable

A digital signature is an electronic signature consisting of a transformation of an electronic message using an asymmetric cryptosystem and a hash function such that a person having the initial untransformed electronic message and the signer’s public key can accurately determine that10:

  • The transformation was created using the private key corresponding to the signer’s public key.
  • The initial electronic message is as it was after the transformation was made.
A digital signature is deemed to be secure if11:
  • It was created during the operational period of a valid digital signature certificate and is verified by reference to the public key listed in such certificate.
  • The certificate is considered trustworthy, provided that it is.

The trustworthiness of the certificate is determined by12:

  • A competent, licensed certification authority or a recognized foreign authority issuing it.
  • It has been issued by an organ licensed by the regulatory authority to act as a certification authority by this Law on such conditions that the regulatory authority may impose or specify by regulation.
  • The parties have expressly agreed to use digital signatures as a security procedure, and the digital signature was properly verified by reference to the sender’s public key
In the absence of specific legal or contractual provisions, individuals relying on digitally signed electronic messages assume the risk of an invalid digital signature if such reliance is deemed unreasonable, considering factors such as known or notified acts, the message’s value, past interactions with the subscriber, and trade practices involving trustworthy systems13.

Recognition of foreign electronic signatures and certificates

In Rwanda, certificates or electronic signatures issued abroad are legally equivalent to those issued domestically, provided they meet the legal requirements. No consideration is given to the geographic origin of the certificate, signature, or issuer. Their reliability is assessed based on recognized international standards; agreements between parties on the use of specific types of electronic signatures or certificates are deemed sufficient14.

The scope and limitations of eSignature transactions

The use of electronic signature is not recognized as legally binding for all document types. Some transactions are appropriate for eSignatures, while others are not. Below is a brief analysis and a summary table of these transactions.

Documents that can be signed

Electronic signatures can be employed to affix signatures and provide countersignatures on a diverse array of documents, such as:

  • Legal opinions
  • Offer letters
  • Memoranda & Internal correspondences
  • Non-disclosure agreements
  • Purchase orders
  • H.R.
  • Procurement
  • Employee onboarding, etc.

Exemptions

In limiting the scope of use of electronic signatures, the Act exempts transactions from the following regulations15:
  • Will
  • Negotiable instruments
  • A power of attorney
  • A commercial agreement or other document related to immovable property or any interest in such property.
  • A certificate of transfer of immovable property or any other interest attached to such property.
  • An authentic document or any document deemed authentic.
Rwanda has also ratified the African Union convention on Cybersecurity16. Under the Convention, the following additional set of transactions is exempted from the application of e-commerce17:
  • Gambling, even in the form of legally authorized betting and lotteries
  • Legal representation and assistance activities (except for verification, acknowledgment, or an oath permissible under the national legislation)
  • Activities exercised by notaries or equivalent authorities in the application of extant texts

How does BoldSign help

The following elements of compliance available within BoldSign can be used to comply with the Rwanda eSignature laws:

  • Secure and unique signing link: A secure and unique link to sign a document is sent directly to the signer’s email address. This ensures that the document is only accessed by the intended signer and cannot be tampered with.
  • Password protection: Senders can specify a password that needs to be entered before viewing and signing a document. This adds another layer of security to the signing process.
  • Audit trail: The IP address of the signer and timestamps for all significant events in the signing process are recorded in an audit trail. This provides a record of who signed the document, when, and where.
  • Digital signature: The final document is digitally signed with an AATL-compliant certificate. This ensures that the document cannot be tampered with without invalidating the signature.
  • Consent: Signers are asked to confirm their intent to sign electronically and informed that they could opt out. This ensures that the signer is aware of the implications of signing electronically and has given their consent.
  • Custom terms: Get your signers to agree to a custom set of terms. This can be useful to ensure additional security or that the signer understands the terms of the document.

Disclaimer: The information on this page is intended to help businesses understand the legal framework of electronic signatures for this particular country.

However, Syncfusion’s officers, directors, stockholders, affiliates, attorneys, accountants, employees, or agents cannot provide legal advice. You should consult your personal attorney regarding your specific legal questions. Laws and regulations are subject to frequent changes, and the information may not be current or accurate. To the maximum extent permitted by law, Syncfusion provides this material on an “as-is” basis. Syncfusion disclaims and makes no representation or warranty of any kind with respect to this material, express, implied, or statutory, including representations, guarantees, or warranties of merchantability, fitness for a particular purpose, or accuracy.

Syncfusion makes no warranties of any kind, including but not limited to the information or the product, whether express, implied, statutory, or otherwise. To the maximum extent permitted by law, Syncfusion disclaims all conditions, representations, and warranties, whether express, implied, or statutory, with respect to this information, without limitation of any implied warranty of merchantability, fitness for a particular purpose, accuracy, or currentness of this information.

Syncfusion nor its officers, directors, stockholders, employees, affiliates, attorneys, accountants, or agents shall be liable for indemnification, nor does this create an express or implied, contractual or statutory, equitable or otherwise, under this Agreement. The officers, directors, stockholders, affiliates, attorneys, accountants, or agents will not have any liability in any form.

1 Law on Electronic Messages, Electronic Signatures and Electronic Transactions (No 18/2010 of 12/05/2010) – https://wipolex-res.wipo.int/edocs/lexdocs/laws/en/rw/rw030en.pdf
2Anna Nordén, ‘Electronic signatures in a legal context,’ in Cecilia Magnusson Sjöberg, editor, I.T. Law for I.T. Professionals – an introduction (Studentlitteratur AB; 2005) pp. 152-154; Ubena John, ‘E-documents & E-signatures in Tanzania: Their Role, Status, and the Future,’ p 104; Stephen Mason, ‘The practical issues in using electronic signatures in different jurisdictions,’ Computer and Telecommunications Law Review, 2021, Volume 27, Issue 6, pp. 165-179
3 Ibid (N.1) Art. 3
4 Law on Electronic Messages, Electronic Signatures and Electronic Transactions (No 18/2010 of 12/05/2010) – https://wipolex-res.wipo.int/edocs/lexdocs/laws/en/rw/rw030en.pdf 
5Ibid (N.4) Art. 20.
6 Ibid (N.4) Art. 21
7 Ibid (N.4) Art. 2(15)
8 Ibid (N.4) Art. 2(15)
9 Ibid (N.4) Art. 29
10 Ibid (N.4) Art. 2(10) (35) 11 Ibid (N.4) Art. 32
12 Ibid
13 Ibid (N.4) Art. 34
14 Ibid (N.4) Art. 26
15 Ibid (N.1) Art. 1
16 Josephine Kaaniru “The African Union Convention on Cyber Security and Personal Data Protection: Key Insights” (July 24, 2023) [https://cipit.org/the-african-union-convention-on-cyber-security-and-personal-data-protection-key insights/#:~:text=So%20far%2C%20countries%20that%20have,Togo%2C%20Zambia%2C%20and%20Mauritania]Accessed on August 16 2024
17 Africa Union Convention of Cyber Security and Personal Data Protection (2014) – [https://au.int/sites/default/files/treaties/29560-treaty-0048_-_african_union_convention_on_cyber_security_and_personal_data_protection_e.pdf]

Enterprise-Ready E-Signatures

Built to scale with your business

Close deals faster, cut costs, and stay compliant. From startups to global enterprises, thousands trust BoldSign to simplify document signing.

0 +

Years in business

0 +

Customers

0 +

Countries

0 +

Built-in features

Testimonials

Why our customers love us

The true measure of our impact lies in the stories shared by our valued partners.

Google Integration, 25 free sends, dashboard, Signature font options, App is very responsive / fast, Emails between sender and signer are good, Audit trail is very helpful, No account needed for signer is great, Mobile experience is good for signer.

Jeremy Kadlec

Edgewood Solutions

Jeremy Kadlec, customer testimonial

Switch to BoldSign already! It's intuitive to use and affordable for small businesses. I never have to worry about the status of a document because with BoldSign I know. Plus, they let you program the frequency of reminders signatories receive. I'm so glad to have found it!

Sarah Dillard

Kaleidoscope

Sarah Dillard, customer testimonial

We’re using BoldSign successfully in our b2b SaaS platform - as it’s embedded to allow seasonal farm workers and their agribusiness employers to e-sign their employment onboarding documents for the first time. It’s part of the total solution saving the workers and HR managers 50% more time compared to their traditional pen/paper manual process.

Scott Prince

Croft

Scott Prince, customer testimonial

Sign up for your free trial today!

  • tick-icon
    30-day free trial
  • tick-icon
    No credit card required
  • tick-icon
    30-day free trial
  • tick-icon
    No credit card required
Sign up for BoldSign free trial