Enforcing a disputed electronic signature – recent case highlights importance of authentication, audit trails, and record management

A recent decision by the Supreme Court of Texas nicely illustrates both the burden of proof for enforcing a disputed electronic signature and the wisdom of employing a robust authentication process, a comprehensive audit trail, and a secure record management system for any electronically signed document that is likely to be challenged. 

In Aerotek,, Inc. v. Boyd, 2021 WL 2172538 (Tx. S. Ct. May 28, 2021), the plaintiffs, employees of Aerotek, sued for wrongful termination.  Based upon an electronically executed arbitration agreement, Aerotek moved to compel arbitration.   The trial court denied the motion to compel, and an appellate court affirmed. 

The Texas Supreme Court reversed and remanded.  In doing so, the court described the evidence presented to the trial court by an Aerotek employee concerning authentication of the signers, and the process for presenting and executing the arbitration agreements, in some detail:

To keep hiring efficient, Aerotek worked with a software developer to build an online-only hiring application. Aerotek exclusively uses this computerized hiring application to guide employee candidates through the hiring process—a process sometimes referred to as "onboarding". Aerotek's hiring application automatically sends a welcome email to the email address the candidate has provided during the recruitment and initial interview process. The welcome email includes a unique hyperlink for the candidate to use to navigate to the hiring application's online account-registration page. Once there, the candidate creates a unique user ID and password and selects security questions. To later log in to the hiring application, the candidate must enter this user ID, password, and security-question combination correctly. This login process takes place each time the candidate leaves and returns to the hiring application.

The computerized hiring application presents the candidate with employment information and various contracts to sign electronically. The first document requiring an electronic signature is an Electronic Disclosure Agreement (EDA). By signing the EDA, the candidate consents to "be bound" by Aerotek's electronic hiring documents "as though . . .signed . . . in writing." After the candidate signs the EDA, the application presents other documents to the candidate for completion and signature. These documents ask for personal information, such as addresses and emergency contacts. The application requires candidates to complete and electronically sign the documents in a particular order. After the candidate completes the initial documents, the application unlocks four additional documents, including a Mutual Arbitration Agreement (MAA). The candidate may electronically sign these documents in any order, but he must complete all four before the computerized application will allow him to continue and complete the hiring process.

As the candidate enters information and signatures on the documents, the hiring application tracks his progress. For nearly every action the candidate takes, the hiring application stores an electronic record in a database. For instance, each time a candidate electronically signs a document the hiring application stores a new electronic record that includes the candidate's unique identifier, the type of document, and a timestamp showing the date and time the document was signed. Once the application records that information, Aerotek cannot change it.

In opposing the motion to compel arbitration, the plaintiffs agreed they had completed the electronic hiring process and signed the electronic documents that were part of the process, except that they denied signing the arbitration agreement.   The plaintiffs alleged, without evidence, that there could have been a “glitch” in the system or that their signatures could have been added after the fact by Aerotek employees. 

The Texas Supreme Court summarized the plaintiffs’ arguments and the disposition of the motion to compel by the trial court and an intermediate court of appeals:

The trial court denied Aerotek's motion to compel arbitration. A divided panel of the court of appeals affirmed. The majority rejected Aerotek's argument that it had conclusively established the MAAs' validity. The majority concluded that [Aerotek HR employee] Marsh had "insufficient capacity to establish the system was failsafe" since she was "not an IT expert". Her in-court demonstration of the hiring application, the majority said, showed merely "what happened in the system that day in court", not necessarily what the Employees had actually experienced. The majority reasoned that "Marsh never vouched for the [database] records' integrity, nor could she adequately explain the security measures Aerotek took."  The majority noted that Aerotek "did not bring a witness from" the software developer that created the hiring application "to provide technical explanation and vouch for the system security." In any event, the majority concluded, Marsh was an interested witness whose testimony the trial court was free to discount, especially if there were demeanor and credibility issues not apparent on the face of the record.  The [Texas Uniform Electronic Transactions Act] did not influence its analysis, the majority reasoned, because it does not provide a "framework of appellate review". The majority also concluded [*10] that Harper's "total lack of specific memory as to her dealings with" Allen failed to conclusively establish that he had signed the MAA.

The Texas Supreme Court rejected these arguments, reasoning as follows:

Aerotek's evidence showing the security procedures its hiring application used to verify that a candidate electronically signed his MAA was uncontroverted. To enter the application, a candidate was required to create for himself a unique identifier, a user ID, a password, and security questions, all unknown to Aerotek. The candidate was required to enter personal information and sign documents by clicking on them. The application recorded and timestamped the candidate's every action. The application's business rules made it so that the application could not be submitted until all steps were completed and all required signatures provided, including on the MAA. Once a candidate submitted his application, Aerotek could not modify its contents. Aerotek provided the signed MAAs marked with timestamps identical to those in its database records showing each Employee's progress through the application.

The Employees argue that Marsh did not testify that it was impossible to complete the hiring application without signing the MAA, but that was exactly her testimony. Asked whether there was "any possible way" she could "imagine" that happening, she answered, "[n]ot with this process." Marsh explained that every part of the application had to be "signed and completed" before the application could be "finalize[d] and submit[ted]"— statements backed up by her in-court demonstration of the very hiring application that the Employees used. The Employees argue that their signatures could have been added after their applications were completed. Again, Marsh testified to the contrary: "[w]e don't have the ability to alter [forms] after they're submitted" by a candidate. The Employees argue that Marsh's in-court demonstration of the application showed only how it had worked that day, not how it worked when they used it. But Marsh specifically testified that the hiring application process had not changed since the Employees used it. The Employees argue that the application they used may have had a glitch. But Marsh testified that the only time a glitch occurred was when a server went offline and a candidate could not immediately respond to his invitation to use the system. The Employees argue that no evidence supports a finding that they signed the MAAs because Marsh did not "observe" them doing so. But Marsh did not need to observe them because the hiring application did, invisibly storing in a database an electronic record of each action the Employees took.

The Employees argue that testimony from a computer programmer, or at least an IT expert, was required to prove the application's operation and security procedures. But Marsh testified that she had helped develop the application and managed its use in hundreds of thousands of instances. She was sufficiently familiar with the hiring application to give testimony on its actual operation. The Employees argue that Marsh was an interested witness whose testimony the trial court was free to discount. "Testimony by an interested witness may establish a fact as a matter of law only if the testimony could be readily contradicted if untrue, and is clear, direct and positive, and there are no circumstances tending to discredit or impeach it."  Marsh's testimony was certainly "clear, direct, and positive". The Employees argue that their four affidavits averring that they never saw nor signed the MAA have a collective weight that discredits Aerotek's evidence. But Marsh explicitly testified that the hiring application's business rules would have prevented them from completing the hiring process without their signing the MAAs. Moreover, the Employees could have requested forensic tests of the hiring application to show that it did not operate as Marsh described, but they did not.

The court went on to observe:

The Employees also contend that Aerotek's evidence cannot be conclusive for other reasons. The Employees argue that their "printed name[s]" on the MAAs cannot qualify as "a signature of any kind—not an actual signature or even an electronic signature." But both our caselaw, for wet-ink signatures, and [Texas Uniform Electronic Transactions Act] for electronic signatures, plainly provide otherwise. The Employees argue that Aerotek cannot conclusively prove they electronically signed the MAAs because "people onboarding with Aerotek can, from anywhere, create their ID and password, and can also login from

anywhere." In addition to proving too much, that argument does not account for Aerotek's evidence, which conclusively established that the only way a person could access each Employee's information was through a secret combination of unique user ID, password, and security questions known only to the Employee. The Employees complain that Aerotek's prevailing here would establish "an irrebuttable presumption" that electronic signatures on corporate records are valid. That is simply untrue. The Employees were free to seek discovery to discredit Aerotek's evidence. They chose not to. Rather than attacking the reliability of the hiring application's security procedures with evidence of their own, they chose to rely on mere argument. Because arguments are not evidence, no evidence supports the Employees' contentions.

The Texas Supreme Court’s decision joins and re-affirms a long line of cases over the last two decades enforcing electronic signatures where a secure, reliable system, in compliance with the requirements of the Uniform Electronic Transactions Act and the federal ESIGN Act, is used for presenting the documents, authenticating the signers, and preserving the signed records after execution.  The court’s decision also affirms that it is not enough, when disputing an electronic signature obtained through a secure, reliable system, to merely deny signing and speculate about what might have hypothetically gone wrong with the signing process or the post-execution record management  – it is also necessary to adduce and present evidence that something did, in fact, go wrong.