go to NIST home page go to Division/CSRC home page go to Focus Areas page go to Publications page go to Advisories page go to Events page go to Site Map page go to ITL home pageCSRC and computer security division home page link
header image with links

Homepage

 Advisories

List of Acroynms

   Projects
Cryptographic Standards
      & Applications
  
 - AES
 - Cryptographic Toolkit
 - KRDP
 - PKI
 - RNG

Security Testing
 - CMVP
 - IPSec
 - NIAP

Security Research &
      Emerging Technology

 - AM&AACM
 - CIPGP
 - Common Criteria
 - ICAT Vuln. Database
 - IPSec
 - MAID&S

Security Management
     & Guidance

 - CSEAT
 - Policies
 - Security Guidance

Outreach, Awareness
      & Education

 - Awareness, Training
     & Education
 - CSRC
 - CSSPAB
 - FASP
 - FCSPMF

 - FISSEA
 - Regional Security
    Awareness Meetings
 - Archive of NISSC

    News & Events  
 - Federal News
 - Events


    Services For the:  
 - Federal Community
 - Vendor
 - User


    Links & Organizations  
 - Academic
 - Government
 - Professional
 - Additional Links

    General Information
 - Virus Information

  Search CSRC
  
  
  Search Vulnerability
     Archive
Enter vendor, software, or keyword


CSRC homepage -> Policies -> OMB Memo
To view the OMB Guidance on Implementing the Electronic Signatures in Global and National Commerce Act
(in .pdf format) based on memo below:

September 25, 2000

M-00-15

MEMORANDUM FOR THE HEADS OF DEPARTMENTS AND AGENCIES

FROM: Jacob J. Lew, Director
SUBJECT: OMB Guidance on Implementing the Electronic Signatures in Global and National Commerce Act

 

This document transmits OMB guidance to Executive Agencies regarding the interpretation and implementation of the Electronic Signatures in Global and National Commerce Act ("E-SIGN") (Public Law 106-229) enacted on June 30, 2000. E-SIGN eliminates legal barriers to the use of electronic technology to form and sign contracts, collect and store documents, and send and receive notices and disclosures.

Under E-SIGN, companies can contract online to buy and sell a broad array of products and services. Businesses can use servers the size of a laptop to collect and store transaction records that once filled up vast warehouses. Consumers can buy insurance, get a mortgage, or open a brokerage account on-line, without waiting for physical documents to be mailed back and forth. E-SIGN will offer improved efficiencies in U.S. markets; this historic legislation will help to bring the full benefits of electronic commerce to our economy. The government will do its part to implement E-SIGN in a manner that best achieves the legislation’s goals.

E-SIGN eliminates barriers to electronic commerce, while also providing consumers with protections equivalent to those available in the world of paper-based transactions. The Act makes clear that no person is required to use electronic records, signatures, or contracts. Indeed, E-SIGN requires that a consumer affirmatively consent to the use of electronic notices and records.  Prior to consenting, the consumer must receive notice of his or her rights.  Moreover, the consumer must provide the affirmative consent electronically, in a manner that reasonably demonstrates that the consumer can access the electronic records that are the subject of the consent.

E-SIGN applies broadly to Federal and state statutes and regulations governing private sector (including business-to-business and business-to-consumer) activities. The Act generally covers legal requirements that information be disclosed in private transactions. It also requires that agencies generally permit private parties to retain records electronically. The government may establish appropriate performance standards for the accuracy, integrity, and accessibility of records retained electronically, to ensure compliance with applicable laws and to guard against fraud.

Agency activities and requirements that involve information, but do not relate to business, commercial, or consumer transactions, are not within the scope of this legislation. Instead they are addressed by the Government Paperwork Elimination Act (GPEA). Certain laws and regulations involve both GPEA and E-SIGN, especially with respect to record retention requirements in agency regulations that relate to business, consumer and commercial transactions. The attached guidance discusses this interaction:

A general summary of the dates when E-SIGN provisions become effective:
  • Most of E-SIGN is effective as of October 1, 2000.
  • Certain provisions relating to government record retention requirements become effective on March 1, 2001, unless an agency by that date has otherwise announced or initiated a rulemaking on a record retention requirement. In the latter case, the law is effective for that record retention requirement on June 1, 2001.
  • For loan guarantees, mortgage insurance, or commitments for such transactions, E-SIGN applies only to transactions entered into on or after June 30, 2001, and to loans or mortgages made, insured, or guaranteed by the United States Government on or after June 30, 2001.
  • E-SIGN establishes specific effective dates for consumer provisions as they relate to the student loan programs of the Education Department.

These effective dates are rapidly approaching and agencies should take all steps necessary to implement this law. Agencies should work with their customers and their regulated communities to help them understand the scope of this law, through appropriate outreach strategies. Agencies should also review recordkeeping and regulatory requirements to identify revisions necessary to ensure proper program oversight.

The attached OMB guidance was developed with substantial input from the agencies most involved in the enactment of E-SIGN: the Departments of Commerce, Treasury, and Justice, working with the National Economic Council.  This guidance is designed to aid in Federal agency implementation of E-SIGN.  The guidance contains three parts: (1) a short summary of the law; (2) a description of specific steps agencies should take to comply with the law; and (3) a detailed description of the law’s requirements, including illustrative examples.

E-SIGN is complex and has wide-ranging implications. Accordingly, the guidance covers many areas. It is essential that agencies become familiar with the Act and determine how it will affect activities within their domain.

Should you need additional information or have general questions about this guidance, please contact Jonathan Womer in the Office of Management and Budget at 395-3785 or jwomer@omb.eop.gov. Any questions related to specific legal issues regarding this guidance may be referred to the Justice Department at ESIGN@usdoj.gov; specific questions about the legislative history of E-SIGN may be referred to the Commerce Department at ESIGN@doc.gov.

View OMB Guidance on Implementing the Electronic Signatures in Global and National Commerce Act (in .pdf format)

 

Last updated: December 28, 2001
Page created: February 23, 2001

Disclaimer Notice & Privacy Statement / Security Notice
Send comments or suggestions to secpolicies-info@nist.gov
NIST is an Agency of the U.S. Commerce Department's
Technology Administration