In many companies, new employees sign key documents and policies—including arbitration agreements—with the use of electronic signatures. There has been a growing trend in litigation brought by former employees to challenge these signatures as inauthentic in response to employers’ motions to compel arbitration of the employees’ lawsuits. These challenges are based on employees’ claims that they either did not sign the agreement or that they can’t remember ever having seen the agreement and, if they had, that they would never have signed it. Many judges have been taking these challenges seriously and requiring employers to respond through extensive briefing and evidentiary hearings to authenticate the employee signatures.

On April 22, 2016, the California Court of Appeal for the Second Appellate District issued a ruling on the enforceability of electronic signatures in arbitration agreements. In Espejo v. Southern California Permanente Medical Group (B262717), the court provided much-needed clarity on what an employer must show in order to authenticate an electronic signature on an arbitration agreement. This article analyzes Espejo and seeks to identify what employers can do to avoid the legal pitfalls associated with electronic signatures.

Background

In 2011, plaintiff Jay Espejo electronically signed various documents as part of his offer to work as an associate physician at defendant Southern California Permanente Medical Group (SCPMG). One of the documents electronically signed by Espejo was a dispute resolution procedure, requiring the parties to arbitrate any dispute that would otherwise be cognizable in a court of law.

In 2014, Espejo sued SCPMG and the corporate entity that owned and operated the medical centers and hospitals through which SCPMG provided medical services for wrongful termination and whistleblower retaliation. SCPMG filed a petition to compel arbitration. Espejo opposed the petition, contending that defendants failed to properly authenticate his signature on their arbitration agreement. In support of its petition, SCPMG filed a declaration from an SCPMG systems consultant providing details regarding the electronic review and signature process for SCPMG’s employment agreements.

The trial court denied the defendants’ petition, finding that SCPMG failed to provide evidence to authenticate the signature on the arbitration agreement and therefore failed to meet its burden of showing that an agreement to arbitrate the lawsuit existed. The California Court of Appeal heard the case and reversed the decision of the trial court.

Standard for Enforcing Electronic Signatures in California

Both federal and California law (the state Uniform Electronic Transactions Act and the Electronic Signatures in Global and National Commerce Act (E-SIGN) provide that agreements may not be denied legal effect because they are in electronic form or have electronic signatures. California’s Uniform Electronic Transactions Act provides that “[a]n electronic record or electronic signature is attributable to a person if it was the act of the person. The act of the person may be shown in any manner, including a showing of the efficacy of any security procedure applied to determine the person to which the electronic record or electronic signature was attributable.”

Despite the express mandate of the California act, California courts have often applied what appears to be a heightened standard for enforcement of electronic signatures on written agreements. In one recent California case, Ruiz v. Moss Brothers Auto Group, a California Court of Appeal upheld a trial court’s refusal to enforce an arbitration agreement based on questions regarding the authenticity of an electronic signature. The court held that the employer failed to submit sufficient evidence that the employee was the person who electronically signed the arbitration agreement in the face of the employee’s testimony that he did not recall signing the agreement and would not have signed the agreement if it had been presented to him. The employer’s declaration submitted in support of its petition to compel arbitration explained that each employee was required to log into the HR system with a unique username and password in order to review and electronically sign the agreement. However, the court held that this was insufficient evidence to authenticate the signature. In particular, the court pointed out the following deficiencies in the employer’s declaration:

  • It did not explain that the electronic signature could only have been placed on the agreement by a person using the employee’s unique username and password.
  • It did not explain that the date and time printed next to the electronic signature indicated the date and time when the electronic signature was made.
  • It did not explain that all employees were required to use their unique usernames and passwords when they logged into the HR system and signed electronic forms and agreements.

The Decision

The Espejo court relied on Ruiz to determine that the employee’s electronic signature was, in fact, authentic because it offered “the critical factual connection that the declarations in Ruiz lacked.” In reaching this conclusion, the court relied on the following specific facts:

  • The employer’s declaration detailed the electronic review and signature process for employee agreements.
  • The employer’s declaration detailed the security precautions regarding transmission and use of an applicant’s unique user name and password.
  • The employer’s declaration detailed the steps an applicant would have to take to place his or her name on the signature line of the agreement.

Given this process for signing documents and protecting the privacy of the information with unique and private usernames and passwords, the systems consultant was able to conclude that the electronic signature was made by Espejo on the agreement at the date, time, and IP address listed on the documents. The court concluded that these details met the requirements articulated in Ruiz and established that the electronic signature on the agreement was “the act of” Espejo.

Key Takeaways 

The Espejo decision sets forth how it is possible for employers to successfully use and defend an online orientation platform. It provides employers with important information on how they can minimize risk by implementing the following safeguards:

  • The procedures used in any online orientation platform should fully comply with all the statutory requirements of both California’s Uniform Electronic Transactions Act and the federal E-SIGN Act.
  • Employers will want to ensure that employees affirmatively agree to complete the employment documents using an electronic signature.
  • Each employee should have a unique username and password to access the HR system, which should require all users to create a private password before signing electronic documents. The employee-created password should be known only to the employee. This will allow the employer to show that the electronic signature on any particular agreement is the “act of” the employee.
  • Employers should inform their employees of the need to review every document and provide them with sufficient time to do so before employees affix their electronic signature on a document.
  • Employers should inform employees of their right to ask questions about the process and provide them the opportunity to do so before employees affix their electronic signatures on a document.
  • Employers should ensure that each electronic signature is accompanied by an accurate date and time stamp, along with the IP address of the device the employee used to sign the document.
  • Before implementing any system that provides for the use of electronic signatures, the employer should prepare a sample declaration—for use in the authentication of employee signatures in the future—that includes all the above safeguards. The sample declaration should also include a detailed description of the steps taken to ensure that the employee is the only individual who can affix his or her electronic signature on a document and verification from the online platform provider that the contents of the sample declaration are true and correct.