حقوق التأليف والنشر محفوظة للمؤلفين كلية الحقوق - جامعة بنها

1. POSSIBLE REGULATORY APPROACHES FOR
AUTHENTICATION OF ELECTRONIC MESSAGE
A CRITIQUE OF THE CURRENT STATE OF EGYPTIAN LAW
Walaa A. Arakeeb
L.L.M, S.J.D (PhD) (USA)
Faculty of Law – Tanta University

2. POSSIBLE REGULATORY APPROACHES FOR
AUTHENTICATION OF ELECTRONIC MESSAGE
A CRITIQUE OF THE CURRENT STATE OF EGYPTIAN LAW
TABLE OF CONTENTS
I. INTRODUCTION: THE ISSUE DEFINED FOR EGYPT
II. DIFFERENT FORMS OF SIGNATURES AND LEGAL
CONCERNS ASSOCIATED
A. WRITTEN (―WET‖) SIGNATURE VERSUS ELECTRONIC (―DRY)
SIGNATURE
B. ELECTRONIC VERSUS DIGITAL SIGNATURES: LEGAL AND
PRACTICAL IMPLICATIONS
III. THREE POSSIBLE AUTHENTICATION MODELS AND
APPROACHES FOR
EGYPTIAN CONSIDERATION
A. MODEL: NO REGULATION
B. REGULATORY INTERVENTION MODELS (E.G., UTAH, THE
EGYPTIAN ―E-SIGNATURE LAW,‖ UNCITRAL, AND THE EU
DIRECTIVE)
1. The Technology-Specific Approach
a. The American Bar Association's Digital-Signature
Guidelines
b. The Utah Digital Signature Act
c. The Egyptian E-Signature Law
d. UNCITRAL
2. Preference for Digital Signature (“Technology-Preferred”)
a. EU Electronic-Signature Directive
b. Electronic Transactions and Commerce Law No.2 of 2002
in Dubai
C. REGULATORY MARKET-ORIENTED, ―HANDS-OFF‖ MODEL OR
NEUTRAL
APPROACH
1. The Pedigrees of Market-Oriented (Hands-Off) Solution in the
U.S.
2. The U.S. Regulatory Approach Opts for the Hands-Off Model or
Neutral
Approach
IV. THE EGYPTIAN E-SIGNATURE STATUTORY/REGULATORY
APPROACH:

3. INHERENTLY FLAWED (CRITIQUE OF THE CURRENT STATE
OF
EGYPTIAN LAW)
A. THE TECHNICAL RISK OF CHOOSING PKI TECHNOLOGY
B. PKI TECHNOLOGY RENDERS A FALSE SENSE OF SECURITY
C. THE MYTH OF NONREPUDIATION
D. NONINTEGRATED LIABILITY SCHEME
V. CONCLUSION

4. I. INTRODUCTION: THE ISSUE DEFINED FOR EGYPT
Civil Law countries such as Egypt and United Arab Emirates traditionally
have been statute/code- oriented. But today, both in Civil Law and
Common Law countries,1
we live in a time when the legislatures have
emerged even more so as the dominant force in setting public policy and
translating it into law.2
For our present purposes, the commercialization
of the Internet pushes countries and national law drafters to review their
legal systems in light of new E-commerce applications and to come up
with new statutory/regulatory approaches. Thus, it is not surprising for
Egypt to try to respond legislatively and regulatory to the new legal issues
raised by E-commerce through the promulgation of the E-Signature
Statute no. 15 of 2004 and its Executive Regulations no. 109 of 2005
(collectively, the E-Signature Law) for the primary purposes of removing
barriers to and fueling the growth of E-commerce in Egypt.
In considering appropriate legislation/regulation devoted to removing
barriers to E-commerce, another major issue that arises is the question of
what type of electronic signature qualifies as a ―signature‖ that meets
statutory and regulatory signature requirements. Unfortunately, there is
no uniform answer to this question.3
Typically, legislation has taken one
of three apparently inconsistent approaches: (1) only a digital
signature/PKI (technology-specific) satisfies legal signature
requirements; (2) an electronic signatures satisfies legal signature
requirements only when it possesses certain security attributes with
granting additional legal validity or preference to digital signature
(technology-preferred); or (3) all electronic signatures (technology-
neutral) satisfy legal signature requirements.
Egypt followed the first category of legislation,4
which focused not only
on the security attributes an electronic signature must possess in order to
be enforceable as a signature under Egyptian Evidence Law (E.E.L.), but
also on the authentication technology used to create the signature itself.
Statutes falling within this first category authorize the use of only a
specific type of electronic signature (i.e., a digital signature/PKI) and
1
See ROBERT A. HILLMAN, ET AL., COMMON LAW AND EQUITY UNDER THE UNIFORM COMMERCIAL
CODE 1.01, at 1-2 (1985).
2
See ABNER J. MIKVA & ERIC LANE, LEGISLATIVE PROCESS 1 (1993).
3
See also Thomas J. Smedinghoff & Ruth Hill Bro, Moving with Change: Electronic Signature
Legislation as a Vehicle for Advancing E-Commerce, 17 J. MARSHALL J. COMPUTER & INFO. L. 723,
763 (1999).
4
See Egyptian Electronic Signature Statute no.15 of 2004 [hereinafter E-Signature Law]; E-Signature
Executive Regulations no. 109 of 2005 [hereinafter E-Signature Executive Regulations] [collectively
E-Signature Law].

5. ignore the legal validity of a more general category of electronic
signatures.
II. DIFFERENT FORMS OF SIGNATURES AND LEGAL
CONCERNS ASSOCIATED
A. WRITTEN (―WET‖) SIGNATURE VERSUS ELECTRONIC (―DRY)
SIGNATURE
The basic principle of Egyptian Evidence Law (E.E.L.) no. 25 of 1968
and its amendments no. 18 of 1999 is that the claimant must provide
evidence to substantiate his claim and the evidence must be relevant to
the action.5
The judge may not deliver judgment based on his personal
knowledge of the facts. The judge must decide based on the facts and
evidence filed and the provisions in the laws. In the absence of any
specific legal provisions, the judge will apply the Islamic doctrine of
Sharia or a judgment based on customs and usage, if traditional Sharia
Law is not applicable.
There are two categories of documents under the Law of Evidence. One
is an official document and the other is an unofficial document.
Significant legal consequences have come out of a signature affixed on
paper, but the concept of a signature has not been independently and
adequately addressed under the E.E.L. rules. 6
There is an Egyptian
scholarly consensus7
that signatures are the only basic element that is
required to render a valid unofficial document (written evidence). The
only statutory references concerning the signature definition have
indicated the legal acceptable signing manners rather than exploring the
essence of signature or the signing implications themselves.8
Article 14
of the E.E.L. has explicitly listed acceptable signing methods (i.e.,
handwriting, stamp, or thumbprint), where it presumes that an unofficial
document has been issued by the purported signatory if he does not
overtly deny whatever has been attributed to him.9
As a result, the
definition of a signature remained overwhelmed by vagueness and
ambiguity and was more related to its formalistic pedigrees than to
5
See Egyptian Evidence Law no. 25 of 1968 and its Amendments no. 18 of 1999 [hereinafter E.E.L.].
Section 1 provides, ―The creditor shall have to prove the obligation and the debtor shall have to prove
acquittal thereof.‖ See also E.E.L. § 2 (―The facts which are wanted to be proved must be related to the
lawsuit, produced therein and possibly acceptable.‖).
6
See, e.g., id. § 14.
7
See, e.g., ABD EL-RAZAK EL-SANHURI , EL-WASIT, EVIDENICE & OBLIGATION‘S CONSEQUENCES
180.
8
See E.E.L. § 14.
9
Id.

6. reflecting the charged person‘s intention to approve and authenticate the
written document.
Based on the above, it is evident that whether official or unofficial, a
document must be signed, stamped or thumb-printed, and copies of
documents, whether official or unofficial, are not recognized unless the
original is available. The original will only be legally considered original
if it is also signed , stamped, or thumb-printed by the relevant party.
The requirements in the existing E.E.L., cited previously, will make it
risky to transact, sell, buy, communicate, acknowledge payments or
forward payments through electronic means. In such cases, documents
will not be considered signed since an electronic signature is not
recognized under the E.E.L., as it does not bear the handwriting, rubber
stamp, or thumb-print of the concerned party. Any document issued or
transacted electronically may be considered as a copy or even draft and
therefore cannot stand as evidence as there is no original to compare it to.
As previously mentioned, there is nothing about electronic documents or
electronic signatures in the E.E.L. The main problem lies in proving that
a transaction has occurred or in establishing evidence to prove it. In
addition, problems arise in proving contractual agreements where a
concerned party denies the validity of a electronic contract. There is no
legal uncertainty if both parties recognize the contract and admit the
same. In other words, if both parties agree to the terms and conditions of
a contract transacted electronically and recognize the same, the question
of proof does not arise. The contract will therefore be valid and both
parties will have to adhere to the agreement they have made through
electronic means since each has mutually recognized this contract. The
problem occurs when one party defaults or in the event of fraud, as then
the question will arise and evidence of proof must be established. The
absence of a default regulatory mechanism that regulates and gives value
to electronic signatures and documents caused considerable hindrance to
E-commerce growth in Egypt due to the electronically signed document
had been seen as a mere copy or unsigned draft.
B. ELECTRONIC VERSUS DIGITAL SIGNATURES: LEGAL AND PRACTICAL
IMPLICATIONS
Needless to say signatures are a vital element in commerce. In paper-
based contracts, handwritten signatures legally bind parties and signify
authentication. Handwritten signatures, however, cannot be made online.
Consequently, their equivalent function had to be developed for the

7. Internet. Digital and electronic signatures now fill the role in cyberspace
that handwritten signatures fill with paper-based contracts. These two
types of signature are different, however, and it is important to
distinguish them.10
Both terms ―digital signature‖ and ―electronic
signature‖ caused much confusion to the Egyptian lawmakers because of
the common misconception that they are synonymous. As a matter of
fact, ―electronic signature‖ is a generic, technology-neutral term that
includes all of the various methods by which one can sign an electronic
record. Although all electronic signatures are represented digitally (i.e. as
a series of ones and zeroes), they can take many forms and can be created
by many different technologies. Examples of electronic signatures
include: a name typed at the end of an e-mail message by the sender; a
digitized image of a handwritten signature that is attached to an electronic
document (sometimes created via a biometrics-based technology called
signature dynamics or even voice record); a secret code or PIN (such as
that used with ATM cards and credit cards) to identify the sender to the
recipient; a code or ―handle‖ that the sender of a message uses to identify
himself; and a unique biometrics-based identifier, such as a fingerprint or
a retinal scan. 11
So, technically, an ―electronic signature‖ is ―data in
electronic form which [is] attached to or [is] logically associated with
other electronic data and which serve[s] as a method of authentication.‖12
Conversely, a digital signature13
is an electronic signature which has been
encrypted using asymmetric cryptography. This sort of cryptography
provides a level of certainty that the signature can easily be attributed to a
particular individual and the data to which it is attached by providing a
means of authenticating the signature. Whereas a digital signature is a
means of verifying and authenticating a document by having a computer
create a unique identifier through the application of encryption or
encoding, a digital signature does more than ensure a means of
identifying a specific signor: it also ensures that the signature is for a
specific document and that the document has not been tampered with. A
digital signature can be a type of E-signature.
10
See Edward D. Kania, The ABA's Digital Signature Guidelines: An Imperfect Solution to Digital
Signatures on the Internet, 7 COMMLAW CONSPECTUS 297, 300 (1999).
11
See Doherty v. Registry of Motor Vehicles, No. 97CV0050 (Mass. Dist. Ct. 1997), available at
http://www.loundy.com/CASES/Doherty_v_RMV.html. Id.
12
See Daniel J. Greenwood & Ray A. Campbell, Electronic Commerce Legislation: From Written on
Paper and Signed in Ink to Electronic Records and Online Authentication, 53 BUS. LAW. 307,
309 (1997) (noting that more sophisticated authentication technologies will be available as
technology continues to advance).
13
See W. Diffie & M.E. Hellman, New Directions in Cryptography, IEEE TRANSACTIONS ON
INFORMATION THEORY, vol. IT-22, No. 6, Nov. 1976, at 644-54.

8. The legal implications of following both electronic and digital signatures
simply lie in the legal acknowledgment of each technological and
business approach. Legal systems that adopt a neutral technological
approach and give a legal effect to electronic signatures have seen a
signature as any name, sample or mark executed to reflect the signer‘s
intent without any need for a particular form or employing certain
technology. This flexible perception of a signature was reflected in
defining or otherwise dealing with electronic signatures in some
regulatory acts. For example, the UETA14
and the federal E-Sign Act15
focus upon the question of whether there is the intention to sign, and there
is no mention of the identification function of the signature.16
Both
legislative acts define an electronic signature as follows: ―‗Electronic
signature‘ means an electronic sound, symbol, or process attached to or
logically associated with a record and executed or adopted by a person
with the intent to sign the record.‖17
Both regulatory acts stipulate that
electronic signatures cannot be denied legal validity or effect solely
because they are not in written form.18
Taking the opposite stance, the EU Directive19
and the Egyptian E-
Signature Law attributes no significance to the intent to sign but only
deals with the identification function. They stipulate: ―electronic
signature‖ means ―[w]hat is on an electronically written message in the
form of letters, digits, codes, signals or others and has a unique identity
that identifies the signer and uniquely distinguishes him/her from
others.‖20
Furthermore, the Egyptian E-signature rules did not give legal
effect to all kinds of electronic signatures, but they require electronic
signature to adhere to technical and technological rules in which are
identified in the executive regulations associated with this law. By
exploring these regulations, it is not hard to find that they are
14
See UNIFORM ELECTRONIC TRANSACTIONS ACT § 2(8) (1999), available at http://www.nccusl.org
[hereinafter UETA].
15
See Electronic Signatures in Global and National Commerce Act, Pub. L. No. 106-229, 114 Stat. 464
(2000) (to be codified at 15 U.S.C. § 7006(5)) [hereinafter E-Sign Act].
16
An electronic signature is a piece of data that results from the use of a process that satisfies the
criteria established in the French civil code and by the 1999 European Directive. For more information,
visit http://www.fast.caissedesdepots.fr/_en/annexes/glossary.asp.
17
Federal E-Sign Act §101 (g); accord UETA § 2(8); see also Robert A. Wittie & Jane K. Winn,
Electronic Records and Signatures Under the Federal E-Sign Legislation and the UETA, available at
http://www.law.washington.edu/Directory/docs/Winn/Electronic%20Records%20and%20Signatures.ht
.m
18
See Michael Carlson, Will E-Sign Boost E-Commerce?, NW. FIN. REV., Sept. 9, 2000, available at
http://www.faegre.com/articles/article_452.aspx.
19
See European Union Directive 1999/93/EC, A Community Framework for Electronic Signatures,
2000 O.J. (L 13), available at http://signatur.rtr.at/en/legal/directive.html [hereinafter Electronic
Signature Directive].
20
See E-Signature Law §§ 1(c), 14; see also Electronic Signature Directive § 5(2).

9. promulgated to endorse a particular type of asymmetric cryptography,
which requires a developed system to mange the public keys which are
refereed to as public key infrastructure (PKI) and entail a trusted third
party known as a Certification Authority (CA). As a result, the Egyptian
courts will be invited to judge the validity and the probative value of
electronic signatures in the light of employed technology associated with
questioned electronic signatures.
III. THREE POSSIBLE AUTHENTICATION MODELS AND
APPROACHES FOR EGYPTIAN CONSIDERATION
A. MODEL: NO REGULATION
The non-regulatory approach proposes a non-legislative action and waits
for disputes to arise, leaving it to judges to transform the legal landscape.
However, a great amount of U.S. state and national contract laws
worldwide traditionally require the contracting parties to affix their
signatures to an agreement as acknowledgment of assent to the contract's
terms and in order to properly evidence it. For example, Article 60 of the
E.E.L.,21
Statutes of Frauds22
and similar laws require certain agreements
to be memorialized in a signed agreement as a formal requirement or to
facilitate an evidence of contractual relation. A related problem raised by
electronic contracts with unseen parties is the question of to whom an
electronic signature, message or performance is attributed in law.
Electronic forms of communication do not easily allow one party to
verify the identity of another, or to know whether the person sending an
electronic message or signature has the legal authority to bind the person
or entity purporting to make the contract.23
As we previously articulated, a mere claim that electronic signatures can
be conferred, the desired legal validity can been easily defeated by the
simple E-commerce reality. Without a considerable amount of legal
reform that grants electronic signatures and electronic documents equal
legal standing with handwritten signatures and written documents, there
are some great fears over the legality of E-commerce. Likewise, the need
for laws governing electronic signatures comes from the benefits
that electronic transactions can provide not only to contracting parties,
21
E.E.L. art. 60.
22
The UCC's Statute of Frauds provision, sec. 2-201, requires ―some writing sufficient to indicate that
a contract for sale has been made ... and signed by the party against whom enforcement is sought.‖
Section 2-209 also requires a written signature.
23
See Holly K. Towle, Advanced Issues in Drafting and Updating Online Contracts and Website
Disclaimers, 563 PLI/PAT 427, 435 (1999).

10. but also to the world economy as a whole. Without regulatory
intervention, contracting parties are not taking full advantage of
electronic transactions due to the uncertainty associated with the new
electronic medium.24
By employing the non-regulatory approach, a certain degree of
uncertainty has always remained regarding the legal validity of electronic
commerce. Part of this uncertainty is based on the fact that the statutes of
many states and countries, Egypt one of them, require certain contracts to
be signed by the obligated party. Additionally, the shortcomings of the E-
commerce non-regulatory approach may reflect negative ramifications
whereby preventing formalistic judges from validating electronic
signatures. Judges might prefer the simple calculus that a signature means
paper and ink, perhaps out of electronic commerce ignorance or out of
blind application of traditional rules. Courts might also be uncomfortable
with the fact that properly executed electronic signatures can satisfy all
the underlying concerns for document integrity, authenticity, and the
signers‘ intent to bind them. Commentators seem equally willing to
acknowledge that courts have generally been sensitive to changing
technology, insofar as they have not been willing in the past to apply the
spirit of the signature requirement, rather than formally adhering to its
literal dictates and, therefore the need for regulatory interference was
called for.25
B. REGULATORY INTERVENTION MODELS (E.G., UTAH, THE EGYPTIAN ―E-
SIGNATURE LAW,‖ UNCITRAL, AND THE EU DIRECTIVE)
While there was a general consensus that electronic signatures should be
accorded the same validity as handwritten signatures through some
regulatory interventions, there was little agreement on how to achieve this
goal.26
Yet a quick look at the electronic signature legislation currently
enacted or under consideration reveals that while there is agreement on
where we ultimately want to go (validating, facilitating and promoting E-
commerce), there is little agreement on how to get there.
24
See Sarah Wood Braley, Comment, Why Electronic Signatures Can Increase Electronic
Transactions and the Need for Laws Governing Electronic Signatures, 7 LAW & BUS. REV. AM. 417,
418 (2001).
25
Id.
26
See Smedinghoff & Bro, supra note 3, at 513; see also By Lance C. Ching, Electronic Signatures: A
Comparison of American and European Legislation, 25 HASTINGS INT'L & COMP. L. REV. 199, 201
(2002) .

11. In clarifying that electronic signatures meet signature requirements,
statutes have differed greatly regarding fundamental issues associated
with what qualifies as a signature. The regulatory approaches chosen by
the various governments differ greatly on a major point.27
Some
governments such as Egypt have chosen a detailed regulatory approach
that promotes certain technologies and employs rigid certification
requirements.28
Other governments follow a system of securing an
evidentiary presumption that shall be given to electronic signatures that
possess certain security attributes (secured electronic signature).29
The
rest leans toward a minimalist approach (hands-off) that authorizes
electronic signatures under limited circumstances. An unfortunate result
of this wave of incompatible legislation is that a developing country such
as Egypt is left with much uncertainty regarding the appropriateness of its
chosen regulatory approach in its environment.
1. The Technology-Specific Approach
The technology-specific approach practically focuses on a digital
signature that is generated via public-key cryptography and employs rigid
certification requirements. As a result, legal validation is granted only to
electronic transactions implementing a specific technology and a certain
authentication business model.30
a. The American Bar Association's Digital-Signature Guidelines
The first group to attempt a comprehensive approach to electronic-
commerce-reform legislation was the Information Security Committee of
the Electronic Commerce Division of the Section of Science and
Technology of the American Bar Association..31
27
See Lance C. Ching, Electronic Signatures: A Comparison of American and European Legislation,
25 HASTINGS INT'L & COMP. L. REV. 199, 201 (2002)
28
Id.
29
See, e.g., Electronic Transactions and Commerce Law in Dubai no.2 of 2003, available at
http://www.ibls.com/ibls-internet-law-document.aspx?d=1462 (last visited January. 18, 2007)
30
See Jane K.Winn, The Emerging Law of Electronic Commerce, in HANDBOOK ON ELECTRONIC
COMMERCE, at 9., available at
http://www.law.washington.edu/Directory/docs/Winn/Handbook_on_Electronic_Commerce_Winn.pdf
(last visited Mar.20, 2007).
31
One of the first detailed statements of the technology-specific approach is contained in the ABA
Digital Signatures Guidelines, which were published in 1996. INFO. SEC. COMM.,. For an overview of
arguments supporting a more technology-specific approach, see generally Smedinghoff & Bro, supra
note 3. For a critique of such provisions as unfair and economically inefficient, see generally Carl
Ellison & Jane K. Winn, Comment P994312 to the Fed. Trade Comm’n, Mar. 26, 1999, Regulating the
Use of Electronic Authentication, Procedures by U.S. Consumers in the Global Electronic Marketplace,
available at http://www.ftc.gov/bcp/icpw/comments/revwin1.htm.

12. The drafters of the Guidelines were very concerned about the potential
for fraud in electronic commerce. This potential for fraud is due to the
malleability of digital information and the transmission of this
information over unsecured networks, such as the Internet. There are two
security problems with using digital information over unsecured
networks. One problem, which is sometimes called "document
authentication,"32
is the difficulty in proving that an electronic record has
not been altered. This is because of the malleability of digital information
and the inability to distinguish a digital "original" from a digital "copy."
The second problem, which is sometimes called "signer authentication,"
is the difficulty in reliably identifying the senders and the attributing of an
electronic record to them. Because electronic records lack the ordinary
indicia of authentication, such as a manual signature in ink physically
adhered to paper, and because of the relative ease with which one person
can impersonate another over an unsecured network like the Internet, it is
frequently difficult to reliably identify the sender of an electronic record.
Due to these concerns, the Guidelines offer general principles concerning
the adoption of a public-key infrastructure in order to resolve some of the
legal uncertainty surrounding the technology.33
The Guidelines focused
on the use of the digital signature (PKI) as a method of satisfying legal
requirements that information be contained in a "writing" or that the
writing be "signed."
b. The Utah Digital Signature Act
Utah's Digital Signature Act (the "Utah Act") was the first electronic
commerce legislation, and it adopted public-key cryptography very
similar to the American Bar Association Guidelines. The Utah Act was
actually "developed in collaboration with the Information Security
Committee of the Section of Science and Technology of the American
Bar Association."34
c. The Egyptian E-Signature Law
32
Document authentication is similar to the security service of message integrity which provides
assurance that the information signed has not been altered. See . SEC. COMM., AM. BAR ASS‘N, PKI
ASSESSMENT GUIDELINES 305 (Public Draft for Comment, June 18, 2001), available at
http://www.abanet.org/scitech/ec/isc/pagv30.pdf.
33
See Winn, supra note 30, at 1240.
34
Id.

13. As pointed out above, when a document is used as evidence in judicial or
administrative procedures in Egypt, it has to meet certain requirements in
order to have the probative value of an unofficial document.35
For
example, the contract filed before an Egyptian court must be in the
original version and it must contain the signatures of obligated persons, if
the transaction‘s value exceeds L.E. 1000. This evidence rule operates as
a default rule that fulfills the absence of other contradictory consensual
agreement between contracting parties.36
The problem confronted in the
Egyptian legal system is that in a data message in the electronic-
commerce world no traditional patterns of signature would appear;
therefore, and according to the Egyptian legal system, a traditional
signature requirement is missing from an unofficial document. An
Egyptian court, as a civil court that is known for strictly abiding to
statutes, will be reluctant to confer this electronic document any probative
value equal to a signed written document. Past experiences within the
Egyptian judicial system suggest that the Egyptian judicial system can not
actively respond to technological changes without legislative guidance.
For example, it took the Egyptian courts more than a decade to confer
facsimile copies some probative value. In light of the absence of
legislative guidance, facsimile copies have been granted probative value
lower than that legally assigned to signed written documents (unofficial
documents) and on equal footing with the principle of evidence by
writing.37
The advent of the Internet commercialization has placed considerable
pressure on the Egyptian legal system to recognize the validly and the
probative value of electronic signatures. Recently, Egyptian lawmakers
realized the urgent need for new legislative guidance devoted to removing
legal barriers to E-commerce. The main mission assigned for this law is
to address what type of electronic signature qualifies as a
signature in Egyptian evidence law (i.e., meets statutory and
regulatory signature requirements in the context of unofficial
documents). But however clear the mission was, the legislative
approaches were varied in addressing this type of question. Egyptian
lawmakers have identified three inconsistent regulatory approaches: (1)
all electronic signatures satisfy legal signature requirements; (2)
electronic signatures satisfy legal signature requirements only
when they possess certain security attributes; and (3) only digital
signatures satisfy legal signature requirements. The question of
35
See E.E.L. § 14.
36
See E.E.L. § 60.
37
Id. § 62.

14. which regulatory approach has been followed by the Egyptian E-
Signature Statute needs to be addressed in light of cautious legal scrutiny
to the law rules.
By exploring the Egyptian E-Signature Statute, it is easy to recognize that
article 18 was the central legislative provision that allows the setting of
security attributes that must be associated with electronic signatures in
order to be valid in light of evidence rules.38
An electronic signature is
legally effective as a written signature affixed to an unofficial document
only if it is: (1) unique to the person using it and capable of identifying
the signatory;39
(2) under the sole control of the person using it;40
and (3)
linked to the data in such a manner that if the data is altered, the
signature is invalidated.41
Furthermore, the law requires that generated
electronic signatures must utilize technological and technical
requirements which are endorsed in the Executive Regulations no. 109 of
2005.42
The legislation focuses not on the security attributes an
electronic signature should possess in order to be enforceable as a
signature, but rather on the technology used to create the signature
itself.
As articulated in the previous Part of this article, public-key cryptography
can be used in near-endless creative ways.43
But the Egyptian E-Signature
Law contemplates using it in a particular way by promoting a joint
digital-signature policy, a PKI-asymmetric cryptography, and employing
rigid certification requirements. This technology-specific approach in the
Egyptian E-Signature Law is clearly demonstrated in articles 1444
and
15.45
These two articles are considered the cornerstones of the national
law that confers electronic signatures and electronic writings legal
validity equal to written signatures and traditional writings. The law
strictly requires electronic signatures and electronic wirings to comply
with technical and technological rules that were drawn by the associated
Executive Regulations in order to be considered as valid as traditional
writings and manuscript signatures. So, the Egyptian statute falls within
this technology-specific category, authorizing the use of only a specific
38
See E-Signature Statute § 18.
39
Id. Art. 1(a).
40
Id. Art. 1(b).
41
Id. § 18(c).
42
Id. §§ 14 & 18.
43
See RONALD J. MANN & JANE K. WINN, ELECTRONIC COMMERCE at 350 (2d ed. 2005).
44
See E-Signature Statute § 14.
45
Id. § 15.

15. type of electronic signature (i.e., a digital signature PKI) and ignoring the
general category of electronic signatures that validate other commercially
reasonable business authentications models.
d. UNCITRAL
During the prior development phase of E-commerce, governments‘
attention was focused on ―building trust‖ in electronic data systems. At
that time, offering E-commerce services presented important questions
about the legal validity of electronic documents and separate, complex
issues of identification and authentication. The Model Law on Electronic
Commerce developed in 1996 by the U.N. Commission of International
Trade Law (UNCITRAL E.C. Model) recommended legislative language
to make it clear that a document cannot be denied legal effect as a writing
or as an original solely because it is in electronic form.46
As for
electronic signatures, the law requires a method that is used to identify
that person and indicate their approval of the information contained in
data message.47
The method should be reliable as was appropriate for the
purpose for which the data message was generated or communicated, in
light of all circumstances.48
In a more advanced phase, harder questions
are presented by implemented technological requirements associated with
signatures. In a number of countries, Egypt one of them, policy-makers
seek to create a strict environment of trust for both E-commerce and E-
government. The adoption of the technology-specific regulatory approach
was a preferred model to provide legal certainty in E-commerce,49
being
heavily influenced by the 2001 UNCITRAL Model Law on Electronic
Signatures(UNCITRAL E.S. Model) that was the most common model
for this approach.50
This UNCITRAL model bases ―digital signatures‖ on public-key
cryptography (PKI). PKI involves a branch of applied mathematics that
enables the transformation of messages into an unintelligible form and,
once a ―key‖ is applied, translates them back into the original
form. Setting up PKI is a way to reliably link users and their
cryptographic keys and to provide confidence that a user‘s public key has
46
See the UNCITRAL Model Law on Electronic Commerce with Guide to Enactment, U.N. Doc.
A/CN.9/SER.A/1996, with additional Article 5 as adopted in 1998, available at
http://www.uncitral.org/english/texts/electcom/index.htm (last visited June 22, 2007).
47
Id. § 7 (a).
48
Id. § 7 (b).
49
See the UNCITRAL Uniform Rules on Electronic Signatures ―Consultation Paper,‖ available at
http://www.justice.gc.ca/en/ps/ec/ures.html (last visited January 14, 2007).
50
Id.

16. not been tampered with and that the cryptographic techniques used are
sound. One means of doing so is to establish a certification procedure
administered by Certification Authorities (CAs). These CAs may be
operated by government agencies or licensed to private entities according
to clearly defined rules. The objective is to ensure valid identity in
transactions between two parties.51
2. Preference for Digital Signature (“Technology-Preferred”)
Another category of E-signature legislation attempts to provide a legal
preference to documents signed with a ―digital signature‖ that
implements PKI technology.52
Although the preference may be worded
in technology-neutral-sounding language, in practice it favors PKI digital
signatures.
a. EU Electronic-Signature Directive
When the EU ESD was enacted in 1999, it firmly rejected the claims by
some member states to impose licensing requirements on any
organization wishing to offer services to support the use of digital
signature certificates. It tried to diminish the significance of the split
between member states favoring technology-specific laws, and those
favoring technology-neutral laws, as well as to address what had become
by then the better known shortcomings of digital-signature technology
used within PKI as a system for online authentication.53
Eventually as a comprise solution, the EU ESD decided to provide three
levels of electronic signature: a general notion of electronic signature that
may consist of any technology the parties choose to use for that purpose;
an ―advanced‖ electronic signature that purports to be a technology-
neutral description of a highly secure form of authentication, but which in
reality is merely an abstract description of a digital signature used within
a PKI system; and a ―qualified‖ electronic signature, that is a digital
signature created with a private key stored on a ―secure signature creation
device‖ which consists of a smart card or some similar means of storing
private-key data outside the computer used to sign a document similar to
the Egyptian model.54
51
See generally JANE K. WINN & BENJAMIN WRIGHT, THE LAW OF ELECTRONIC COMMERCE § 3.06[c] (
3d ed. 1998, Supp. 1999-2).
52
See Section 15 to India‘s Information Technology Act of 2000, available at
http://www.cca.gov.in,and Part V of Singapore‘s Electronic Transactions Act.
53
See Jane K. Winn & Yuping Song, Can China Promote Electronic Commerce through Law Reform?
Some Preliminary Case Study Evidence (May 8, 2006), available at http://ssrn.com/abstract=901849.
54
Id.

17. b. Electronic Transactions and Commerce Law No.2 of 2002 in Dubai
Electronic signatures in Dubai are regulated by the Electronic
Transactions and Commerce Law no. 2 of 2002, which was published in
the Official Gazette on February 16, 2002 (the ―ETCL‖), and which
creates the legal framework for electronic commerce transactions in
Dubai. The ETCL sets forth several regulations aimed at supporting
electronic transactions, and notably recognizes the validity of electronic
signatures.
In what perhaps is something of a hyperbole, Dubai‘s law announced that
it accomplishes unprecedented objectives relating to electronic commerce
by the creation of a new category of "secure electronic records" and
"secure electronic signatures" to establish the trust necessary to facilitate
and promote electronic commerce. After reviewing certain concepts
underlying the Dubai law, the author has concluded that while Dubai‘s
law succeeds in establishing (or at least reconfirming for any skeptics) the
legal legitimacy of electronic records and electronic signatures, its
establishment of special categories of electronic records and signatures
and evidentiary presumptions attached to these special categories may, in
fact, hinder the growth of electronic commerce.55
It seems that the drafters of the Dubai law attempted to avoid favoring a
particular business model or technological approach. However, the
drafters unintentionally slipped into same Egyptian legal dilemma by
unintentionally promoting the PKI model of authentication.
Nevertheless, it sought to establish legal solutions before a problem had
been identified that clearly required such efforts.56
In addition, the
established CA industry may not have sufficiently evolved to a point
where legislative intervention is needed either to promote the industry
itself or to protect the users of the services being provided by the
industry. However, the case for granting such a presumption to secure
digital signatures has not been well established. It well may cause
unneeded confusion. As of to date, no court in the world has applied such
a preference, and it is unknown how it will work in practice.57
55
In the United Arab Emirates (UAE), the federal Electronic Transaction and Commerce Law no. 1 of
2006 has followed same approach concerning secure record and electronic signature.
56
See Jane K. Winn, Islamic Law, Globalization and Emerging Electronic Commerce Technologies
(Feb. 10, 2003), available at http://ssrn.com/abstract=877768 (last visited January 22, 2007).
57
See Benjamin Wright, Electronic Authentication in Sri Lanka:
Technology, Law & Policy (September 2003) (unpublished report

18. C. REGULATORY MARKET-ORIENTED, ―HANDS-OFF‖ MODEL OR NEUTRAL
APPROACH
A mere electronic signature-neutral (or ―hands-off‖) model refers to any
symbol, mark, or method, accomplished by electronic means, executed by
a signer with the present intent to be bound by a record or to authenticate
a record, may stand on par to a conventional signature. Unlike the
technology-specific approach, under this approach the signature is
defined broadly to encompass any symbol, sound, process or encryption
of a record in whole or in part executed or adopted by a person or the
person's electronic agent with the present intent to authenticate a record.
To this effect, "electronic signature" is a generic, technology-neutral term
that includes all of the various methods of authentications by which one
can "sign" an electronic record. Although all electronic signatures are
represented digitally (i.e. as a series of ones and zeroes), they can take
many forms and can be created by many different technologies. Examples
of electronic signatures include: a name typed at the end of an E-mail
message by the sender; a digitized image of a handwritten signature that
is attached to an electronic document; a secret code or PIN to identify the
sender to the recipient; a code or "handle" that the sender of a message
uses to identify himself; a unique biometrics-based identifier, such as a
fingerprint or a retinal scan; and a digital signature created through the
use of PKI asymmetric cryptography.
The Hands-Off Model strives to grant the same baseline validity to
electronic signatures already possessed by conventional writings. It does
not designate a valid particular mode of authentication technology. And it
doesn‘t refer to a particular mode or authentication as more valid, or
enforceable, than any other competing technology. As a result, this
approach only attempts to place an electronic contract on the same
minimum level of validity as that of a written contract.58
By employing a
―neutral or hands-off‖ model, national E-commerce legal frameworks
will not designate a specific authentications technology in order to render
a valid signature, but it will rather be based upon the principle of letting
the market determine the appropriate authentication technology upon its
needs.59
prepared for the Sri Lankan Government, under sponsorship of the
United States Agency for International Development).
58
See Stephen Mason, Electronic Signatures in Practice, 6 J. HIGH TECH. L. 148, 152 (2006).
59
See Winn, supra note 56.

19. 1. The Pedigrees of Market-Oriented (Hands-Off) Solution in the U.S.
Since the 1980s, political support for strong regulatory regimes has
eroded in the United States.60
One aspect of the embrace of market-
oriented solutions to social and economic issues is the complex system of
diverse and numerous private standards-developing organizations.61
As
ANSI reports, ―The U.S. standardization infrastructure . . . reflects a basic
national belief that society will benefit and innovation and creativity will
flourish in a system that is free from centralized government control but
strengthened through essential government participation.‖62
In this
context, ―essential‖ signifies limited to the bare essentials, with
government deferring to the market to define a feasible authentication
standard and, instead of the direct exercise of leadership by the public
sector, leveraging the market-pull effect of government procurement to
promote adoption of specific standards.63
The National Technology Transfer and Advancement Act of 1995
(NTTAA) directs U.S. government agencies to use standards developed
by voluntary-consensus bodies whenever available in lieu of government-
developed standards to accomplish its regulatory and administrative
objectives. These limitations on the role of government in setting
standards reflect concerns that if government intervention is not carried
out effectively, it will inhibit economic growth by raising costs without
any corresponding increase in benefits.64
If regulation is not designed
properly, it will definitely hurt the economy and cause the consumer to
pay higher prices for goods and services, especially in an undiscovered
frontier such as authentication technologies.65
Also, the United States‘
inclination to let the market lead is visible in its approach to reforming
60
See Thomas O. McG
L. REV. 1463, 1528-32 (1996).
60
See Thomas O. McGarity, The Expanded Debate over the Future of the Regulatory State, 63 U. CHI.
L. REV. 1463, 1528-32 (1996).
61
See AM. NAT‘L STANDARDS INST., UNITED STATES STANDARDS STRATEGY (2005); AM. NAT‘L
STANDARDS INST., OVERVIEW OF THE U.S. STANDARDIZATION SYSTEM (2005).
62
Id.
63
See also Jane K. Winn, Standard Developing Organizations as a Form of Self-Regulation (July 25,
2006), available at http://ssrn.com/abstract=924008 (last visited January 23, 2007).
64
See John D. Graham, Office of Mgmt. & Budget, Executive Office of the President, An Overview of
the U.S. Regulatory System (Jan. 15, 2002), available at
http://www.whitehouse.gov/omb/inforeg/pres_mgmt_regulatory_state.html.
65
See Winn, supra note 56, at 6.

20. commercial law to accommodate innovations in the technology of online
markets.66
2. The U.S. Regulatory Approach Opts for the Hands-Off Model or
Neutral Approach
The Hands-Off or Neutral Model has gained the wide approval of the
U.S. federal legislature with the passage of the Electronic Signatures
in Global and National Commerce (federal E-Sign) Act on June 30,
2000.67
The E-Sign Act was enacted at the federal level to strengthen the
public's confidence concerning the legal validity of electronic contracts
by creating uniform federal legislation.68
The E-Sign Act states that
signatures procured electronically shall not be rendered invalid solely
because they are in electronic form. This Act also provides that certain
methods of creating electronic signatures, such as using more
advanced signature procedures or employing more stringent security
measures, will not hold greater legal validity than signatures procured
by other means.69
The E-Sign Act is technology-neutral in that no
procedure or process regarding electronic signatures can have a
greater legal effect, enforceability or validity than a different procedure or
process.70
The Act preempts all inconsistent state laws71
but allows states
the choice to instead adopt the similar Uniform Electronic Transactions
Act (UETA) as approved by the National Conference of Commissioners
on Uniform State Laws (NCCUSL). Similar to the federal E-Sign Act,
UETA ensures that a signature is not denied legal enforceability solely
by virtue of being in electronic form.72
The U.S. lesson should lend itself to the Egyptian scene, as the Egyptian
E-Signature Law appears to be ineffective at promoting the growth of
electronic commerce in Egypt till present. If the Egyptian government
66
See Jane K. Winn & Brian H. Bix, Cyberpersons, Propertization, and Contract in the Information
Culture: Diverging Perspectives on Electronic Contracting in the U.S. and EU, 54 CLEV. ST. L. REV.
175 (2006).
15 U.S.C. §nd National Commerce Act of 2000, § 106(5),in Global aElectronic Signatures67
(5) (2000).7006
68
JONATHAN D. HART, LAW OF THE WEB: A FIELD GUIDE TO INTERNET PUBLISHING 204 (2003).
69
15 U.S.C. § 7001(a).
70
Id.
71
UNIF. ELEC. TRANSACTIONS ACT of 1999 § 1-21, 7A pt.1 U.L.A. 225-26 (2002) [hereinafter UETA]
(Uniform Electronic Transactions Act Official Text as approved and recommended by the National
Conference of Commissioners on Uniform State Laws on July 29, 1999).
72
UNIF. ELEC. TRANSACTIONS ACT of 1999 § 1-21, 7A pt.1 U.L.A. 225-26 (2002) [hereinafter UETA]
(Uniform Electronic Transactions Act Official Text as approved and recommended by the National
Conference of Commissioners on Uniform State Laws on July 29, 1999).

21. continues to actively promote the adoption of PKI digital-signature
technologies through legislative incentives, it may push businesses and
individuals in Egypt to incur significant costs with illusionary security
and negligible benefits in return. The law appears to have been enacted in
order to control the behavior of certain technology service providers but
without regard to the actual needs of businesses and individuals trying to
use other authentication technologies. In this infant stage of E-commerce
in Egypt, there is no need for a framework for authentication and
legislation that inhibits rather than encourages migration to more
effective authentication technologies more carefully tailored to meet
actual individual and business needs in the Egyptian market. The current
adopted governmental policy only forces Egyptian businesses to invest in
outmoded or flawed technology, or alternatively force Egyptian
consumers and businesses to contract out of the protection of the legal
umbrella by embracing other workable authentications that may
efficiently meet their needs, E-commerce awareness, and their financial
conditions.

22. IV. THE EGYPTIAN E-SIGNATURE STATUTORY/REGULATORY
APPROACH: INHERENTLY FLAWED (CRITIQUE OF THE
CURRENT STATE OF EGYPTIAN LAW)
The Egyptian E-Signature Law and its Executive Regulations can be
classified as a technical law in nature, since they do not only deal with the
legal validity of electronic signatures in a great part, except in a few
articles,73
rather, its purpose is to provide the conditions for a secure
infrastructure for the use of PKI authentication business model that relies
on a trusted third party like certification authority (CA),74
in order to
render a valid electronic signature. This PKI authentication business
model can be a valuable technology of authentication under some
circumstances. But to enshrine it in legislation is a unwise regulatory
approach as it may raise some legal and technical concerns as following:
A. THE TECHNICAL RISK OF CHOOSING PKI TECHNOLOGY
Under the Egyptian strategy, control of a subscriber‘s private key
becomes all- important. In other words, ―all the eggs are placed in one
basket - the private key,‖ while eggs are distributed among many baskets
in written signature, says Mr. Benjamin Wright in his argument against
Utah‘s technology-specific legislative approach, 75
which is similar to the
Egyptian technical approach. He added further that public-key
cryptography does not reduce risk in the signing of an electronic
document. It transfers risk. It can be very effective in showing whether a
particular document was signed with a certain private key. But this
transfer of risk does not necessarily result in the elimination or even the
reduction of risk. Risk simply shifts onto the private key. That key
becomes the object of any criminals who want to cheat the subscriber or
relying parties. They will try tricking a subscriber into revealing the key
or temporarily surrendering control of it. They will endeavor to
compromise the software that controls the key and its functions. Or they
will steal and unlock the device, such as a smart card, in which a user
stores the key.76
B. PKI TECHNOLOGY RENDERS A FALSE SENSE OF SECURITY
73
See, e.g., E-Signature Statute §§ 14-18.
74
See Jane K. Winn, US and EU Regulatory Competition and Authentication Standards in Electronic
Commerce (May 22, 2006), available at http://ssrn.com/abstract=901324.
75
See Benjamin Wright, A Cyberspace Perspective: Eggs in Baskets: Distributing the Risks of
Electronic Signatures, 15 J. MARSHALL J. COMPUTER & INFO. L. 189, 195 (1997).
76
Id.

23. According to the Egyptian approach, certification by a PKI certification
authority can give a false sense of security. Here is a first-hand story. The
author received an E-mail from a client during the winter holidays, saying
that the client was sending a greeting through a greeting card website.
The author clicked on the URL in the E-mail and was taken to a
reasonably professional-looking website called FriendGreetings.com.77
He was then presented with a familiar box indicating that in order to
access the greeting he needed to download code which had been signed
with a certificate from a well-known certification authority, VeriSign.
The box indicated that the code was signed by a company named
AtlasMedia, Inc. The author could have clicked on the company name,
although the author had never heard of this company.78
He chose not to
click on the company name. Instead, he clicked to indicate he wished to
install the code. When the code installed, his virus-checking software
alerted him that a worm named ―WORM_FRIENDGRT.A‖ had been
passed to his computer.79
Being curious, the author repeated the process through the
FriendGreetings.com website. In the box showing that the code had been
signed by AtlasMedia, Inc., using a certificate from VeriSign, the author
clicked on the link for the company named AtlasMedia, Inc. It led to a
simple but professional looking corporate website having several pages
about a company claiming to be a promotions and communications firm.
On the "contacts" page the company showed an address in Dubai.80
VeriSign no doubt followed its usual procedures in issuing a PKI
certificate to AtlasMedia. But, evidently, the certificate belonged to a
fake company with a fake name and probably a fake address in Dubai.
Under the Egyptian model, one may note that a PKI certificate like this
certifies only that a PKI key pair is associated with a name, but it says
nothing about the quality of that name or the reputation of the people
behind it.81
A crook can foil the Egyptian-invented PKI system simply by
inventing a bogus name and requesting a certificate in association with
that name. Moreover, the certificate does not inform a relying party
77
See Friendgreetings.com,
http://searchportal.information.com/index.mas?epl=00520018UVsPWVALXVUMVV8FSgwDXQVT
FFIGQV4PBkYbW1dZFwRqXQYFDlwH.
78
See BENJAMIN WRIGHT , BUSINESS LAW & COMPUTER SECURITY: ACHIEVING ENTERPRISE
OBJECTIVES THROUGH DATA CONTROL, at 80 (2003).
79
See http://securityresponse.symantec.com/avcenter/venc/data/friendgreetings.html, (last visited June
22, 2007).
80
See Wright, supra note 57, at 82.
81
Id; see also E-Signature Executive Regulations § 20 (providing that nothing related to the quality of
that name or the reputation of the people possessing this digital certificate).

24. whether the name is the famous trade name the public knows and trusts or
not. For example, PKI certificates make no distinction between the
famous brand ―Vodafone in Egypt‖ 82
and the bogus name ―Vodofone in
Egypt.‖83
C. THE MYTH OF NONREPUDIATION
Not only does the Egyptian E-Signature law and its Executive
Regulations shift risk to the private key, but also it concentrates the risk
there by endorsing the non-repudiation principle.84
By employing the
non-repudiation principle, the Egyptian rules give recipients strong
technical and legal reasons (extraordinary legal and technical evidence) to
expect that if a document is signed with an author‘s private key then the
author is legally responsible for the document. Articles 985
and 1086
of
the E-Signature Law‘s Executive Regulations provide that a document
signed with a verified digital signature is normally presumed to be signed
by the person owning the relevant private key (so long as his public key is
certified by a licensed CA. Also, an electronic signature is as valid and
linked to a specific signatory as if it were written on paper, if it meets two
requirements. First, the message must bear a valid electronic signature
certificate issued by a certified CA.87
Second, the electronic signature
must have been "verified by the public key listed in a certificate" that was
validly issued by a licensed CA at the time the digital signature was
created.88
If an electronic signature verified and validated with reference
to ITIDA or any other entrusted certificate CAs, the non-repudiation
principle would be legislatively turned on.89
As a result, the purported
signatory cannot deny the attributed verified digital signature, then an
electronic contract formed by affixing a digital signature to an electronic
record containing a statement of the terms of the agreement should create
an obligation that is "legal, valid and binding," and enforceable according
to its terms. It is obviously that the concept of "non-repudiation" has been
creeping into the governing rules of digital signature in Egypt, which
confused the distinction between a legal conclusion and a technological
function in a way that demonstrates the impact of the PKI authentication
g. (last visited June 22, 2007).Egypt Home Page, http://www.vodafone.com.eVodafoneSee82
83
See Id.
84
See Hisham M. Abd El-Wahab, Technical and Legal Presentation over the Validity of Electronic
Signature, www.electronicsignature.gov.eg (last visited June 22, 2007 ).
85
See E-Signature Executive Regulations § 9.
86
Id. § 10.
87
Id. § 9 (1).
88
Id. § 9 (2).
89
Id. § 7.

25. business model on the Egyptian evidence and contract long standing
rules. This might be contributed to the persistence of the technical saga
that digital signatures are the "next big thing" in electronic contracting.90
On the other hand, and from a legal point of view, the terminology
surrounding repudiation is not particularly uniform within legal systems
and communities, so a clear lexigraphic distinction needs to be clarified.
91
For example, when discussing evidence of the transactions, the term
"non-repudiation" essentially means that the parties to a transaction
cannot deny their participation in the transaction. From an Egyptian legal
point of view, non-repudiation is the principle that keeps a binding party
to a transaction from disclaiming or denying its signature and, as a result,
the obligations arising from a transaction.92
Basically, both official and
unofficial documents are presumed valid, however non-repudiation is a
legislative reward that‘s only granted to official documents as a result of
its strict creation formality. While official documents can only be
challenged by fraudulent defense, unofficial documents can be a subject
to denial in addition to fraud defenses by obligated parties.93
The legal anachronism is while the initial goal of the Egyptian E-
Signature Law is to place electronically signed records on par with
conventionally signed documents (unofficial), regulated certified digital
(cryptographic) signatures offer a level of security and evidentiary
presumptions above the assigned average to regular unofficial documents.
Under article 9 of the Executive Regulations associated with the E-
Signature Law, the purported signatory is legally and technically
presumed to have signed a message if the owner is a "subscriber of a
valid certificate, and the digital signature was verified by ITIDA or other
entrusted third party by reference to a public key listed in the certificate . .
. ."94
The legal shortcoming of this article is that the endorsed
presumption can not be rebutted upon showing of sufficient evidence
when the document was digitally signed and verified by ITIDA. The
90
See Winn, supra note 56, at 371.
91
Id. at 371-72; see also BLACK'S LAW DICTIONARY 1306 (7th ed. 1999) (citing the discussion of
historical terminology inconsistencies surrounding the term found in P.S. ATIYAH, AN INTRODUCTION
TO THE LAW OF CONTRACT 294 (3d ed. 1981)); cf. E. ALLEN FARNSWORTH, CONTRACTS 8.21 (6th ed.
2004).
92
See Susanna Frederick Fischer, Saving Rosencrantz and Guildenstern in a Virtual World? A
Comparative Look at Recent Global Electronic Signature Legislation, 7 B.U. J. SCI. & TECH. L. 229,
What Trust Is in These Times? Examining the Foundation ofD. Scott Anderson,see also;231 (2001)
Online Trust, 54 EMORY L.J. 1441, 1449 (2005).
93
See E.E.L. § 29.
94
See E-Signature Executive Regulations § 9.

26. defrauded author will not technically or legally be able to challenge the
presumed perfection of the enacted Egyptian authentication business
model, because he will be arguing against a presumed technically valid
and perfectly secure authentication business model from the Egyptian
point of view. Furthermore, the defrauded author will be precluded from
a privilege of denying the digital signature that attached to unofficial
electronic document while paper-based counterparts always can be
denied.95
Impliedly the rules assumed that an author is not denying a mere
signature, but he is arguing against a presumed technically valid and
perfectly secure authentication business model that is enshrined by the
Egyptian E-Signature Law. As a result and the same as for official
documents, forgery will be the only viable defense against digitally
signed documents.96
Applying the myth of non-repudiation renders
absolute, undeniable electronic unofficial documents which are not on par
with the probative value conventionally assigned to traditional unofficial
documents.97
By setting its sights on the endorsed non-repudiation in the
Egyptian E-Signature Law, the rules may cause Egyptian E-commerce
implementers to chase unrealistic goals. The Egyptian implementers will
waste efforts seeking unattainable technical perfection and overestimated
probative value, bypassing other, easier alternative authentication
business models which were simply adequate to PKI and do not
contradict with the Egyptian evidence rules.
D. NONINTEGRATED LIABILITY SCHEME
The Egyptian E-signature Law and its Executive Regulations are
premised on an "open system" or "open loop" model of PKI.98
The open
PKI model envisions that subscribers will obtain a single certificate from
an independent, licensed third-party CA that certifies that subscriber's
identity.99
Certificate holders will then use that certificate to facilitate
transactions with potentially numerous merchants or other individuals in
order to intensify trust in all national or foreign E-commerce players.100
As discussed above, the Egyptian PKI scenario implicates considerable
security breaches that can trigger substantial liability risk. Egyptian
legislators, enamored with what digital signatures can potentially
95
See E.E.L. § 29.
96
Id.
97
Id.
98
The terminology ―open PKI‖ and ―closed PKI‖ is not meant to imply open networks or open
standards versus closed networks or proprietary technology, but rather to describe specific business
models. See WINN & WRIGHT, supra note 51, § 3.03.
99
See MANN & WINN, supra note 43, at 358; see also C. Bradford Biddle, Legislating Market Winners:
Digital Signature Laws and the Electronic Commerce Marketplace, 34 SAN DIEGO L. REV. 1225, 1235
(1997).
100
Id.

27. accomplish, have attributed this risk to flaws in the existing legal regime
that must be addressed legislatively. This conclusion is wrong. The
liability exposure faced by CAs under the endorsed Egyptian PKI model
is the product of a business model that cannot internalize the costs of the
inevitable fraud that will result under any public key based system. The
resulting liability problem is unlikely to be solved at all in the open PKI
model, and certainly cannot be solved with any one-size-fits-all
legislative solution, even if it is an Egyptian model.
Private keys will be expropriated, and third parties will rely on apparently
valid but fraudulent documents and suffer losses. The aggregate losses
could be quite sizable, judging from analogous contexts: Credit card
fraud in online transactions could have cost businesses as much as $60
billion in 2005, according to research firm Financial Insights, despite the
efforts of Visa and MasterCard in offering dedicated solutions to reduce
online card fraud.101
Who will bear losses that stems from unauthorized
digital signature use? There are three primary choices: 1) the relying
party; 2) the individual whose key was used to sign the document; or 3)
the Egyptian operator (CA) who performed the initial digital
authentication process.102
Under the Egyptian rules, if an individual has unauthorized usage of her
key, he or she bears unlimited liability as a consequence of article 10 of
the Executive Regulations.103
So, if a subscriber, named "Ali," for
example, has his key stolen or compromised resulting in losses totaling
L.E. 25,000 prior to revocation of his key, Ali (the purported signer) only
bears the loss. The E-Signature Law and its Executive Regulations don‘t
consider how a defrauded individual can present a court with "clear and
convincing" evidence to overcome the technical and legal presumption
that an electronic document signed with his digital signature was in fact
not signed by him. Obviously, this liability outcome does not comport
with well-established consumer protection principles placed in the
Egyptian Trade Law no. 17 of 1999 (compare with the article 528-
imposed drawee (bank) liability for forged checks, or the fact that the
drawer (consumer) cannot be bound by a fraudulent handwritten
signature).104
Moreover, no rational consumer would agree to accept this
level of risk in marketplace transactions. The benefits of having a digital
101
See ePaynews.com, Statistics for General and Online Card Fraud,
http://www.epaynews.com/statistics/fraud.html (last visited Dec. 12, 2006).
102
See E-Signature Law § 4(a).
103
See E-Signature Executive Regulations § 10.
notesupra,RIGHTW&INNWsee also;3(a)40-UCC § 3ee alsosEgyptian Trade Law § 528;See
104
51, § 7.02.

28. certificate simply do not outweigh the very real possibility of facing
extraordinarily large unreimbursed losses.
Could the loss fall on the relying party? The goals of a PKI would be
undermined, and an opportunity for fraudulent collusion would be
presented, if the relying party bears the risk.105
Yet if the subscriber and
the relying party do not bear full liability under this scenario, where else
would the loss fall under the current Egyptian E-signature Law? On the
CA? The straightforward understanding of article 14 of the E-Signature
Law‘s Executive Regulations dictates that licensed CAs must submit
guarantees and security deposits as an insurance coverage to cover their
possible liability for unauthorized use. The insurance coverage is
determined by ITIDA‘s board of directors.106
At this time, there is no
way to know whether or not Egyptian CAs will offer subscribers
adequate insurance to indemnify potential liability arising out using the
digital signature for civil, commercial and administrative transactions.107
The enacted insurance mechanism is not quite clear in the context of
assessing damages stemming from unauthorized use and which entity
shall indemnify subscribers when loss occurs.108
Another risk that may be
associated is a danger that small start-up CAs might not carry enough
insurance or have the financial resources to meet their liabilities, which
negatively impacts the E-commerce trust environment in Egypt under the
PKI authentication business model. This will place Egyptian
subscribers—especially consumers—in a vulnerable situation without a
proper liability cap when the risk of liability arises as a result of the
unauthorized use of digital signatures.109
The CAs could neither prevent
the harm, nor realistically insure against such indeterminate losses via
pricing mechanisms. CAs presumably would not know whether a
particular digital certificate was going to be used in a purchase of a piece
of clip art, in a real estate closing, or in an employee‘s resignation
request.110
Thus, the CA could not charge a price that would be
commensurate with the CA‘s corresponding risk of loss if the CA were to
bear liability for fraud involving the certificate.
105
If relying parties bore the risk of loss, fraudulent collusion could occur when a subscriber willfully
discloses their private key to a criminal knowing that, existing laws concerning fraud aside, the
subscriber will not bear any resulting loss.
106
See E-Signature Executive Regulations § 14.
107
For example, NetSure Insurance offered that VeriSign subscribers will adequately offset any
potential liability arising out of using the Internet for financial and commercial transactions,. For
general information concerning the NetSure Protection Plan, and a discussion of which Certificates are
covered by it, see VeriSign Home Page, http://www.verisign.com/netsure (last visited Jan. 2, 2007).
108
E-Signature Executive Regulations § 14.
109
See Winn, supra note 56, at 1246.
110
Id.

29. V. CONCLUSION
It is important to understand, however, that legislation can come in many
forms and can produce markedly different results depending on the
chosen form. Statutes, or corresponding regulations, can control or
mandate certain behavior. It would be hard to dispute that government
intervention, rigid controls, and heavy bureaucratic structures of
authentication imposed on electronically contracting parties that force
them to implement a single pattern of PKI (digital signature) most
probably will hinder E-commerce growth in Egypt. However, as a matter
of law, statutes that impose mandatory provisions that contracting parties
cannot contract around also can seriously inhibit the development of new
authentication technologies. Nonetheless, party autonomy and freedom of
evidence that are the guiding principles of the E.C.C. and E.E.L.,111
should be preserved in the online environment.
This article has tried to establish the modest legal and technical
arguments that any electronic-signature statute that goes beyond
removing the most obvious legal barriers to E-commerce (i.e., preserving
the validity of e-signature and e-document) through endorsing one flavor
of PKI, including ITIDA, CAs and digital certificates, will actually
hinder, not promote E-commerce in Egypt, especially in this infant stage
of E-commerce development..112
This argument would seem persuasive
when it comes to compulsory controls or regulations that contracting
parties cannot mutually override. As previously concluded above, the
outcome of the E-Signature Law contradicts the freedom of contract
principle and the freedom of evidence—the guiding principles in the
E.C.C. and E.E.L.
It is a truism that we live in the Information Age, although we do not live
in a world of perfect security—no crystal ball will tell us whether the
endorsed authentication model included in the E-Signature Statute that
passed two years ago will in fact achieve its objectives or will cause
unintended adverse consequences. But, we must also keep in mind that
doing nothing more than removing the most obvious barriers is not
necessarily a "safe" approach to promoting E-commerce and avoiding
unintended consequences. It is possible that in standing still and failing to
do what we can to provide default rules and to facilitate trust, it could
111
See ABD EL-WADOD YAHIA, THE SOURCES OF OBLIGATION 20-21 (1981)
112
See Smedinghoff & Bro, supra note 3, at 764.

30. also be hindering the growth of E-commerce.113
It basically depends upon
a number of factors such as the actual condition of the market, the level
of authentication-industry growth, and the level of trust furnished in the
environment that the law was enacted to regulate.
The problem of authentication in Internet commerce will continue to test
Egyptian lawmakers‘ best efforts to endorse strong authentication
technology, such as the endorsed PKI model. In order to avoid ultimate
defeat by the evolving marketplace and technology, it is highly
recommended that the Egyptian lawmakers ―bet‖ on a technology-neutral
rather than a technology-specific approach. The technology-neutral
legislative approach is driven by the ―market-led‖ business approach. The
U.S. ―market-led‖ approach of regulatory deference to business
innovation has succeeded in fueling growth of online commerce in the
United States, even in the absence of enacting strong authentication
technologies. Egypt should legally position itself to use any and all
members of the PKI authentications family, such as SSL, and other
commercially reasonable authentication technologies as well. Egyptian
online contracting parties should be free to decide what technology to
deploy based on the needs in any given situation and at any given time.
For those who may reform the current Egyptian E-Signature Law, they
should do so in a measured manner: anticipating what rules the market
will need as the market and related technology continues to evolve will
not be an easy and as lawmakers are not trained in choosing technologies
or business models. The U.S. Hands-Off or Market-Led Model should
serve as the instructive focal point for the reform. The adoption of
lengthy, detailed technology law/regulations at this point in time would
be hazardous because technology could prove those specific technology
laws to be useless or counterproductive for Egypt. Simpler, non-specific-
technology (hands-off, market-led) legal reform should be the preferred
and recommended course for Egypt.
113
Id.

31. POSSIBLE REGULATORY APPROACHES FOR
AUTHENTICATION OF ELECTRONIC MESSAGE
A CRITIQUE OF THE CURRENT STATE OF EGYPTIAN LAW
BIBLIOGRAPHY
I. PRIMARY SOURCES
Egypt - Civil Code No.131 of 1948 (effective October 15th
1949)
Egypt - Constitution (issued September 11, 1971; amended May 22nd
1980 and recent amendments passed in referendum March 27th
, 2007
Egypt - Electronic Signature Law No. 15 of 2004 and its Executive
Regulation No. 109 of 2005
Egypt - Evidence Law no. 25 of 1968 and its Amendments no. 18 of
1999
Electronic Signatures in Global and National Commerce Act of
2000,
European Union Directive 1999/93/EC, A Community Framework for
Electronic Signatures,
UNCITRAL Model Law on Electronic Commerce with Guide to
Enactment
UNCITRAL Uniform Rules on Electronic Signatures ―Consultation
Paper,‖
Uniform Elec. Transactions Act of 1999 [UETA] § 1-21, 7A pt.1 U.L.A.
225-26 (2002)
Uniform Electronic Transactions Act (1999),
Union Initiative on Electronic Commerce
United Arab Emirates – Electronic Transactions and Commerce Law in
Dubai no.2 of 2003.
United Arab Emirates – Electronic Transactions and Commerce Law No
2 of 2002
United Arab Emirates – Federal Electronic Transaction and Commerce
Law no. 1 of 2006
II. Secondary Sources
A. BOOKS / TREATISES

32. ABD EL-RAZAK EL-SANHURI , EL-WASIT, EVIDENICE & OBLIGATION‘S
CONSEQUENCES 180.
ABD EL-WADOD YAHIA, THE SOURCES OF OBLIGATION 20-21 (1981).
ABNER J. MIKVA & ERIC LANE, LEGISLATIVE PROCESS 1 (1993).
AM. NAT‘L STANDARDS INST., UNITED STATES STANDARDS STRATEGY
(2005).
BENJAMIN WRIGHT , BUSINESS LAW & COMPUTER SECURITY: ACHIEVING
ENTERPRISE OBJECTIVES THROUGH DATA CONTROL, at 80 (2003).
BLACK'S LAW DICTIONARY 1306 (7th ed. 1999).
E. ALLEN FARNSWORTH, CONTRACTS 8.21 (6th ed. 2004).
JANE K. WINN & BENJAMIN WRIGHT, THE LAW OF ELECTRONIC
COMMERCE § 3.06[c] ( 3d ed. 1998, Supp. 1999-2).
JONATHAN D. HART, LAW OF THE WEB: A FIELD GUIDE TO INTERNET
PUBLISHING 204 (2003).
P.S. ATIYAH, AN INTRODUCTION TO THE LAW OF CONTRACT 294 (3d ed.
1981).
ROBERT A. HILLMAN, ET AL., COMMON LAW AND EQUITY UNDER THE
UNIFORM COMMERCIAL CODE 1.01, at 1-2 (1985).
RONALD J. MANN & JANE K. WINN, ELECTRONIC COMMERCE (2d ed.
2005).
B. ARTICLES / BOOK CHAPTERS
Benjamin Wright, A Cyberspace Perspective: Eggs in Baskets:
Distributing the Risks of Electronic Signatures, 15 J. MARSHALL J.
COMPUTER & INFO. L. 189, 195 (1997).
Benjamin Wright, Electronic Authentication in Sri
Lanka: Technology, Law & Policy (September 2003)
(unpublished report prepared for the Sri Lankan
Government, under sponsorship of the United
States Agency for International Development).
C. Bradford Biddle, Legislating Market Winners: Digital Signature Laws
and the Electronic Commerce Marketplace, 34 SAN DIEGO L. REV. 1225,
1235 (1997).
D. Scott Anderson, What Trust Is in These Times? Examining the
Foundation of Online Trust, 54 EMORY L.J. 1441, 1449 (2005).
Daniel J. Greenwood & Ray A. Campbell, Electronic Commerce
Legislation: From Written on Paper and Signed in Ink to Electronic
Records and Online Authentication, 53 BUS. LAW. 307, 309 (1997).
Edward D. Kania, The ABA's Digital Signature Guidelines: An Imperfect
Solution to Digital Signatures on the Internet, 7 COMMLAW CONSPECTUS
297, 300 (1999).
Jane K. Winn & Brian H. Bix, Cyberpersons, Propertization, and
Contract in the Information Culture: Diverging Perspectives on

33. Electronic Contracting in the U.S. and EU, 54 CLEV. ST. L. REV. 175
(2006).
Jane K. Winn & Yuping Song, Can China Promote Electronic Commerce
through Law Reform? Some Preliminary Case Study Evidence (May 8,
2006), available at http://ssrn.com/abstract=901849.
Jane K. Winn, Islamic Law, Globalization and Emerging Electronic
Commerce Technologies (Feb. 10, 2003), available at
http://ssrn.com/abstract=877768 (last visited January 2, 2009).
Jane K. Winn, Standard Developing Organizations as a Form of Self-
Regulation (July 25, 2006), available at http://ssrn.com/abstract=924008
(last visited January 3, 2009).
Jane K. Winn, US and EU Regulatory Competition and Authentication
Standards in Electronic Commerce (May 22, 2006), available at
http://ssrn.com/abstract=901324.
Lance C. Ching, Electronic Signatures: A Comparison of American and
European Legislation, 25 HASTINGS INT'L & COMP. L. REV. 199, 201
(2002) .
Lance C. Ching, Electronic Signatures: A Comparison of American and
European Legislation, 25 HASTINGS INT'L & COMP. L. REV. 199, 201
(2002) .
Michael Carlson, Will E-Sign Boost E-Commerce?, NW. FIN. REV., Sept.
9, 2000, available at http://www.faegre.com/articles/article_452.aspx.
Sarah Wood Braley, Comment, Why Electronic Signatures Can Increase
Electronic Transactions and the Need for Laws Governing Electronic
Signatures, 7 LAW & BUS. REV. AM. 417, 418 (2001).
Stephen Mason, Electronic Signatures in Practice, 6 J. HIGH TECH. L.
148, 152 (2006).
Susanna Frederick Fischer, Saving Rosencrantz and Guildenstern in a
Virtual World? A Comparative Look at Recent Global Electronic
Signature Legislation, 7 B.U. J. Sci. & Tech. L. 229, 231 (2001).
Thomas J. Smedinghoff & Ruth Hill Bro, Moving with Change:
Electronic Signature Legislation as a Vehicle for Advancing E-
Commerce, 17 J. Marshall J. Computer & Info. L. 723, 763 (1999).
‫المحموؿ‬ ‫الياتؼ‬ ‫استخداـ‬ ‫أثر‬‫المجتمع‬ ‫عمي‬
‫الخصوصية‬ ‫في‬ ‫(الحؽ‬–‫االقتص‬ ‫النشاط‬)‫ادي‬

34. ‫مف‬ ‫مقدـ‬ ‫بحث‬
‫سيد‬ ‫العظيـ‬ ‫عبد‬ ‫لطفي‬ ‫صباح‬
‫لممحاسبات‬ ‫ي‬‫المركز‬ ‫بالجياز‬ ‫مساعد‬ ‫اجع‬‫ر‬‫م‬
‫إبريؿ‬0202

35. ‫المقدمة‬
‫ايجابية‬ ً‫ا‬‫ر‬‫آثا‬ ‫ترك‬ ً‫ا‬‫ر‬‫كبي‬ ً‫ا‬‫شوط‬ ‫الحاضر‬ ‫العصر‬ ‫في‬ ‫التكنولوجي‬‫و‬ ‫العممي‬ ‫التقدم‬ ‫بمغ‬ ‫قد‬
‫الخاصة‬ ‫الحياة‬ ‫حرمة‬ ‫تيديد‬ ‫في‬ ‫أسيم‬ ‫أنو‬ ‫سمبياتو‬ ‫أخطر‬ ‫ومن‬ ‫المجتمع‬ ‫عمي‬ ‫وسمبية‬،‫ة‬‫ر‬‫كبي‬ ‫بدرجة‬
‫ء‬‫المر‬ ‫خصوصية‬ ‫انتياك‬ ‫سيمت‬ ‫متعددة‬ ‫مجاالت‬ ‫في‬ ‫معدات‬ ‫و‬ ‫ة‬‫ز‬‫أجي‬ ‫الحديث‬ ‫العمم‬ ‫أفرز‬ ‫فقد‬
.‫حصونيا‬ ‫داخل‬ ‫التسمل‬‫و‬
‫التي‬ ‫الطبيعة‬ ‫انين‬‫و‬‫ق‬ ‫بفضل‬ ‫يب‬‫ر‬‫ق‬ ‫وقت‬ ‫حتي‬ ‫كافية‬ ‫الخاصة‬ ‫الحياة‬ ‫حماية‬ ‫كانت‬ ‫أن‬ ‫فبعد‬
‫خصوصي‬ ‫انتياك‬ ‫حينذاك‬ ‫السيل‬ ‫من‬ ‫يكن‬ ‫لم‬ ‫حيث‬ ،‫الضوء‬‫و‬ ‫الصوت‬ ‫انتقال‬ ‫تحكم‬‫اإلنسان‬ ‫ة‬
‫حد‬ ‫إلي‬ ‫يعوق‬ ‫مما‬ ‫الحائط‬ ‫وجود‬ ‫أو‬ ‫النافذة‬ ‫إغبلق‬ ‫أو‬ ‫المسافة‬ ‫بعد‬ ‫بسبب‬ ‫حصونيا‬ ‫داخل‬ ‫التسمل‬‫و‬
.‫عمييا‬ ‫االعتداء‬ ‫أو‬ ‫الغير‬ ‫حياة‬ ‫عمي‬ ‫التطفل‬ ‫كبير‬
‫وتعرضت‬ ،‫االجتماعية‬ ‫الحياة‬ ‫أمور‬ ‫وتعقدت‬ ،‫اآلن‬ ‫تغيرت‬ ‫قد‬ ‫العصر‬ ‫معطيات‬ ‫ان‬ ‫غير‬
‫م‬ ‫مختمفة‬ ‫أشكال‬‫و‬ ‫لمظاىر‬ ‫الشخص‬ ‫خصوصيات‬ ‫معيا‬‫ائق‬‫و‬‫الع‬ ‫تقف‬ ‫أن‬ ‫دون‬ ،‫االعتداء‬ ‫ن‬
.‫الخاصة‬ ‫الحياة‬ ‫بأزمة‬ ‫يسمي‬ ‫ما‬ ‫ىناك‬ ‫أصبح‬‫و‬ ،‫ذلك‬ ‫دون‬ ‫حائبل‬ ،‫ونحوىا‬ ‫مسافة‬ ‫من‬ ،‫الطبيعية‬
(114)
‫حركة‬ ‫تتعطل‬ ‫لم‬ ‫إن‬ ‫بدونو‬ ‫الذى‬ ‫الحياة‬ ‫عصب‬ ‫تعتبر‬ ‫التي‬ ‫االتصاالت‬ ‫وسائل‬ ‫مجال‬ ‫ففي‬
‫كما‬ ‫ىا‬‫وتطور‬ ‫تقدميا‬ ‫ة‬‫ر‬‫مسي‬ ‫يعيق‬ ‫الذى‬ ‫الحد‬ ‫إلي‬ ‫تتباطأ‬ ‫فإنيا‬ ‫الحياة‬‫أنشطة‬ ‫أىم‬ ‫من‬ ‫أصبحت‬
‫ىذا‬ ‫من‬ ‫ة‬‫ر‬‫االخي‬ ‫ة‬‫ر‬‫الفت‬ ‫في‬ ‫االوسع‬ ‫مدياتيا‬ ‫فبمغت‬ ‫االتصال‬ ‫وسائل‬ ‫وتطورت‬ ،‫ة‬‫ر‬‫المعاص‬ ‫الحياة‬
‫يأخذ‬ ‫االن‬ ‫أصبح‬ ‫التقميدية‬ ‫البلسمكية‬‫و‬ ‫السمكية‬ ‫الوسائل‬ ‫عمي‬ ‫يعتمد‬ ‫االتصال‬ ‫كان‬ ‫فبعدما‬ ،‫القرن‬
)‫نت‬‫ر‬‫الدولية(االنت‬ ‫المعمومات‬ ‫شبكة‬ ‫منيا‬ ‫مختمفة‬ ‫ووسائل‬ ‫متعددة‬ ‫أشكال‬‫وىذه‬ ‫المحمول‬ ‫الياتف‬‫و‬
‫معامبلتيم‬ ‫وتيسر‬ ‫حياتيم‬ ‫في‬ ‫الناس‬ ‫لمنفعة‬ ‫وجدت‬ ‫ى‬‫البشر‬ ‫العقل‬ ‫بو‬ ‫جاد‬ ‫مما‬ ‫ىا‬‫وغير‬ ‫الوسائل‬
.‫المجتمع‬ ‫داخل‬ ‫عنيم‬ ‫العبء‬ ‫وتخفيف‬
‫المحمول‬ ‫الياتف‬ ‫ة‬‫ز‬‫أجي‬ ‫ت‬‫تطور‬ ‫حيث‬–‫بحيث‬ ‫صوتي‬ ‫اتصال‬ ‫وسيمة‬ ‫مجرد‬ ‫من‬ ‫أكثر‬ ‫أصبحت‬‫و‬
‫اعيد‬‫و‬‫لمم‬ ‫تكفي‬ ‫كمبيوتر‬ ‫ة‬‫ز‬‫كأجي‬ ‫تستخدم‬ ‫أصبحت‬‫ة‬‫ز‬‫األجي‬‫و‬ ،‫نت‬‫ر‬‫اإلنت‬ ‫وتصفح‬ ‫الصوتي‬ ‫يد‬‫ر‬‫الب‬ ‫ستقبال‬‫ا‬‫و‬
‫إحدى‬ ‫المحمولة‬ ‫اتف‬‫و‬‫الي‬ ‫أصبحت‬ ‫كما‬ ، ‫قمية‬‫ر‬‫ال‬ ‫ات‬‫ر‬‫الكامي‬ ‫ح‬‫ووضو‬ ‫نقاء‬ ‫بنفس‬ ‫التصوير‬ ‫يمكنيا‬ ‫الجديدة‬
‫تكمفة‬ ‫أصبحت‬ ‫المحمول‬ ‫الياتف‬ ‫ة‬‫ز‬‫أجي‬ ‫مشغمي‬ ‫بين‬ ‫الشديد‬ ‫التنافس‬ ‫بسبب‬ ‫وكذلك‬ ،‫اإلعبلن‬ ‫وسائل‬
‫متنا‬ ‫في‬ ‫المعطيات‬ ‫وتبادل‬ ‫المكالمات‬‫في‬ ‫ة‬‫ز‬‫األجي‬ ‫ىذه‬ ‫مستخدمي‬ ‫عدد‬ ‫فإن‬ ‫لذا‬ .‫المجتمع‬ ‫فئات‬ ‫جميع‬ ‫ول‬
.‫الثابتة‬ ‫االتصال‬ ‫ة‬‫ز‬‫أجي‬ ‫محل‬ ‫ليحل‬ ‫يومي‬ ‫بشكل‬ ‫ايد‬‫ز‬‫يت‬ ‫بي‬‫ر‬‫الع‬ ‫العالم‬‫و‬ ‫العالم‬
) (‫الخاصة‬ ‫الحياة‬ ‫اـ‬‫ر‬‫احت‬ ‫في‬ ‫الحؽ‬ ،‫انى‬‫و‬‫االى‬ ‫كامؿ‬ ‫الديف‬ ‫حساـ‬ .‫د‬–‫الحػ‬‫الخصوصػية‬ ‫فػي‬ ‫ؽ‬–‫ػة‬ ‫الني‬ ‫دار‬ ،‫ة‬‫القػاىر‬ ،‫مقارنػة‬ ‫اسػة‬‫ر‬‫د‬
‫ص‬ .‫العربية‬4.

36. ،‫الجميع‬ ‫قبل‬ ‫من‬ ‫المعروفة‬ ‫األمنية‬ ‫الظروف‬ ‫ظل‬ ‫فى‬ ‫المحمول‬ ‫الياتف‬ ‫ائد‬‫و‬‫ف‬ ‫تعدد‬ ‫غم‬‫ور‬
‫وتشي‬ ‫ذاتية‬ ‫اض‬‫ر‬‫ألغ‬ ‫وتطويعيا‬ ‫استخداماتو‬ ‫فى‬ ‫الغمو‬ ‫فإن‬‫المتحضر‬ ‫غير‬ ‫االستخدام‬‫و‬ ‫ية‬‫ز‬‫ا‬‫ز‬‫ابت‬‫و‬ ‫ية‬‫ر‬‫ي‬
‫وقيمو‬ ‫المجتمع‬ ‫اد‬‫ر‬‫أف‬ ‫عمى‬ ‫سمبية‬ ‫آثار‬ ‫وترك‬ ‫األجتماعى‬ ‫الوسط‬ ‫فى‬ ‫يضة‬‫ر‬‫ع‬ ‫مشاكل‬ ‫أوجد‬ ‫لو‬
‫التنمية‬‫و‬ ‫لممجتمع‬ ‫األقتصادى‬ ‫النشاط‬ ‫عمى‬ ‫بالسمب‬ ‫أثر‬ ‫كما‬ ‫العامة‬ ‫اآلداب‬‫و‬ ‫األخبلق‬‫و‬ ‫االجتماعية‬
‫م‬ ‫أكثر‬ ‫عاج‬‫از‬ ‫وسيمة‬ ‫المحمول‬ ‫الياتف‬ ‫وبات‬ ،‫األقتصادية‬‫أنجاز‬ ‫فى‬ ‫تسيم‬ ‫اتصال‬ ‫وسيمة‬ ‫ىو‬ ‫ما‬
.‫المختمفة‬ ‫المجتمع‬ ‫ائح‬‫ر‬‫ش‬ ‫أعمال‬
‫بينيا‬ ‫التسابق‬‫و‬ ‫لو‬ ‫المنتجة‬ ‫الشركات‬‫و‬ ‫المحمول‬ ‫شركات‬ ‫بين‬ ‫الشديد‬ ‫لمتنافس‬ ‫نتيجة‬ ‫فكان‬
‫الشركات‬ ‫ىذه‬ ‫قبل‬ ‫من‬ ‫لذلك‬ ‫الترويج‬‫و‬ ‫المختمفة‬ ‫بالمعطيات‬ ‫وتزويدىا‬ ‫تو‬‫ز‬‫أجي‬ ‫من‬ ‫الجديد‬ ‫إنتاج‬ ‫عمى‬
‫ال‬ ‫ع‬‫از‬‫و‬‫ال‬‫و‬ ‫الوعي‬ ‫قمة‬ ‫وبجانب‬‫مما‬ ‫بينيم‬ ‫بيا‬ ‫التفاخر‬‫و‬ ‫منو‬ ‫ة‬‫ر‬‫المتطو‬ ‫ة‬‫ز‬‫األجي‬ ‫اقتناء‬ ‫عمي‬ ‫بينيم‬ ‫ديني‬
.‫المجتمع‬ ‫داخل‬ ‫أخبلقية‬‫و‬ ‫اجتماعية‬ ‫مشاكل‬ ‫وجود‬ ‫عميو‬ ‫تب‬‫ر‬‫ت‬
‫داخل‬ ‫عديدة‬ ‫مشاكل‬ ‫خمق‬ ‫إلي‬ ‫أدت‬ ‫ا‬‫ر‬‫كامي‬ ‫عمي‬ ‫تحتوى‬ ‫التي‬ ‫المحمول‬ ‫الياتف‬ ‫اع‬‫و‬‫فأن‬
‫أدى‬ ‫مما‬ ‫بذلك‬ ‫عممين‬ ‫دون‬ ‫الفتيات‬ ‫تصوير‬ ‫في‬ ‫استخداميا‬ ‫بسبب‬ ‫المجتمع‬‫انتياك‬ ‫إلي‬
‫ة‬‫ز‬‫أجي‬ ‫بين‬ ‫الصور‬ ‫ليذه‬ ‫نشر‬ ‫التصوير‬ ‫ىذه‬ ‫أعقب‬ ‫إن‬ ‫خاصة‬ ‫المجتمع‬ ‫داخل‬ ‫اد‬‫ر‬‫األف‬ ‫لخصوصية‬
‫اجتماعية‬ ‫مشاكل‬ ‫وجود‬ ‫عميو‬ ‫تب‬‫ر‬‫ممات‬ ‫نت‬‫ر‬‫اإلنت‬ ‫عمي‬ ‫ىا‬‫نشر‬ ‫أو‬ ‫المختمفة‬ ‫المحمول‬ ‫الياتف‬
.‫الشرف‬ ‫ائم‬‫ر‬‫ج‬ ‫حدوث‬ ‫إلي‬ ‫المطاف‬ ‫نياية‬ ‫في‬ ‫تؤدى‬ ‫قد‬ ‫المجتمع‬ ‫داخل‬ ‫أخبلقية‬‫و‬
‫اع‬‫و‬‫أن‬ ‫يوجد‬ ‫أنو‬ ‫كما‬‫اتف‬‫و‬‫الي‬ ‫قام‬‫ر‬‫أ‬ ‫فة‬‫ر‬‫مع‬ ‫أو‬ ‫استخدام‬ ‫يمكنيا‬ ‫المحمولة‬ ‫اتف‬‫و‬‫الي‬ ‫من‬
‫البموتوث‬ ‫سماعات‬ ‫من‬ ‫ع‬‫نو‬ ‫وكذلك‬ ‫عمييا‬ ‫اإلطبلع‬‫و‬ ‫حوليا‬ ‫الموجودة‬(115)
‫مكالمة‬ ‫سماع‬ ‫يمكنيا‬
‫بمسافة‬ ‫ليا‬ ‫مجاور‬ ‫آخر‬ ‫لياتف‬30‫انتياك‬‫و‬ ‫ين‬‫ر‬‫اآلخ‬ ‫حياة‬ ‫عمي‬ ‫تجسس‬ ‫ذلك‬ ‫يعد‬ ‫.مما‬ً‫ا‬‫يب‬‫ر‬‫تق‬ ُ‫ا‬‫ر‬‫مت‬
‫بع‬ ‫الفرد‬ ‫معو‬ ‫يشعر‬ ‫مما‬ ‫لخصوصيتيم‬‫داخل‬ ‫اد‬‫ر‬‫األف‬ ‫بين‬ ‫الثقة‬ ‫وفقدان‬ ‫االطمئنان‬‫و‬ ‫االمان‬ ‫دم‬
.‫المجتمع‬
‫السيئ‬ ‫استخدامو‬‫و‬ ‫التعميم‬ ‫مجال‬ ‫في‬ ‫خاصة‬ ‫ي‬‫األخر‬ ‫المحمول‬ ‫الياتف‬ ‫سمبيات‬ ‫بجانب‬ ‫ىذا‬
‫ة‬‫ر‬‫المحاض‬ ‫إلقاء‬ ‫أثناء‬ ‫استخدامو‬ ‫يق‬‫ر‬‫ط‬ ‫عن‬ ‫الجامعات‬ ‫طمبة‬ ‫خاصة‬ ‫الطمبة‬ ‫من‬ ‫فئة‬ ‫قبل‬ ‫من‬
‫أ‬ ‫الصور‬ ‫ىذه‬ ‫ونشر‬ ‫عممين‬ ‫دون‬ ‫الطالبات‬ ‫وتصوير‬‫سيأتي‬ ‫مما‬ ‫األحيان‬ ‫بعض‬ ‫في‬ ‫بيا‬ ‫التيديد‬ ‫و‬
.‫البحث‬ ‫في‬ ‫موضعو‬ ‫من‬ ‫بعد‬ ‫فيما‬ ‫تناولو‬
(005
)‫ػوث‬‫ػ‬‫البموت‬Bluetooth‫ػاني‬‫ػ‬‫المج‬ ‫ػمكي‬‫ػ‬‫اللس‬ ‫ػاؿ‬‫ػ‬‫االتص‬ ‫ػة‬‫ػ‬‫أمكاني‬ ‫ػي‬‫ػ‬‫يت‬ ‫ػةي‬‫ػ‬‫ال‬ ‫ػدي‬‫ػ‬‫الم‬ ‫ػير‬‫ػ‬‫قص‬ ‫ػمكي‬‫ػ‬‫اللس‬ ‫ػيؿ‬‫ػ‬‫التوص‬ ‫ػلت‬‫ػ‬‫اص‬‫و‬‫م‬ ‫ػو‬‫ػ‬‫ى‬ .
‫الحاس‬ ‫ة‬‫أجيز‬‫و‬ ‫المحمولة‬ ‫اتؼ‬‫و‬‫الي‬ ‫فييا‬ ‫بما‬ ‫ة‬‫األجيز‬ ‫مف‬ ‫مجموعة‬ ‫بيف‬ )‫اديو‬‫ر‬‫ال‬ ‫تقنية‬ ‫(باستخداـ‬.‫ه‬‫وغير‬ ‫الطابعات‬‫و‬ ‫اآللي‬ ‫ب‬
: ‫اإللكتروني‬ ‫الموقع‬faculty.yu.edu.jo/adel/DownloadHandler.ashx?pg...64dc...

37. ‫المجتمع‬ ‫اد‬‫ر‬‫أف‬ ‫عمي‬ ‫السمبي‬ ‫ه‬‫ر‬‫وتأث‬ ‫األجتماعية‬ ‫الناحية‬ ‫من‬ ‫المحمول‬ ‫الياتف‬ ‫سمبيات‬ ‫إلي‬ ‫ويضاف‬
،‫المجتمع‬ ‫داخل‬ ‫األقتصادية‬ ‫التنمية‬‫و‬ ‫األقتصادى‬ ‫النشاط‬ ‫عمي‬ ‫سمبية‬ ‫آثار‬ ‫لو‬ ‫وجد‬ ‫ايجابياتو‬ ‫من‬ ‫غم‬‫الر‬ ‫عمي‬
‫من‬ ‫بالجديد‬ ‫يوم‬ ‫كل‬ ‫المحمولة‬ ‫اتف‬‫و‬‫الي‬ ‫تزويد‬ ‫عمي‬ ‫المحمول‬ ‫كات‬‫شر‬ ‫بين‬ ‫التنافس‬ ‫ظل‬ ‫في‬ ‫ان‬ ‫المشكمة‬ ‫وتكمن‬
‫الثقافي‬ ‫الوعي‬ ‫قمة‬ ‫بجانب‬ ‫المختمفة‬ ‫اإلعبلم‬ ‫وسائل‬ ‫خبلل‬ ‫من‬ ‫المجتمع‬ ‫اد‬‫ر‬‫أف‬ ‫بين‬ ‫لذلك‬ ‫الترويج‬‫و‬ ‫المعطيات‬
‫عمي‬ ‫تب‬‫ر‬‫ت‬ ‫المحمول‬ ‫لمياتف‬ ‫األمثل‬ ‫االستخدام‬ ‫فة‬‫ر‬‫لمع‬ ‫المجتمع‬ ‫اد‬‫ر‬‫أف‬ ‫لبعض‬‫بين‬ ‫التسابق‬ ‫من‬ ‫نوعا‬ ‫وجود‬ ‫و‬
‫بينيم‬ ‫التفاخر‬ ‫أجل‬ ‫من‬ ‫معين‬ ‫حد‬ ‫عند‬ ‫تقف‬ ‫ال‬ ‫التي‬ ‫المحمول‬ ‫الياتف‬ ‫ة‬‫ز‬‫أجي‬ ‫من‬ ‫الجديد‬ ‫اقتناء‬ ‫عمي‬ ‫الناس‬
‫اإلنفاق‬‫و‬ ‫المحمول‬ ‫الياتف‬ ‫ة‬‫ز‬‫أجي‬ ‫اء‬‫ر‬‫ش‬ ‫عمي‬ ‫الدخل‬ ‫من‬ ‫كبير‬ ‫ء‬‫جز‬ ‫إنفاق‬ ‫الي‬ ‫أدي‬ ‫مما‬ ‫الحديثة‬ ‫ة‬‫ز‬‫األجي‬ ‫بيذه‬
‫االد‬ ‫في‬ ‫ء‬‫الجز‬ ‫ىذا‬ ‫استخدام‬ ‫من‬ ً‫ال‬‫بد‬ ‫عمييا‬‫لمعمل‬ ‫جديدة‬ ‫ص‬‫فر‬ ‫إلتاحة‬ ‫االستثمار‬ ‫في‬ ‫يستخدم‬ ‫ه‬‫ر‬‫بدو‬ ‫الذي‬ ‫خار‬
‫فع‬‫ر‬‫و‬ ‫االقتصادية‬ ‫التنمية‬ ‫تحقيق‬ ‫الي‬ ‫يؤدي‬ ‫وبالتالي‬ ‫البطالة‬ ‫ة‬‫ر‬‫ظاى‬ ‫من‬ ‫الحد‬ ‫عمي‬ ‫يساعد‬ ‫مما‬ ‫المجتمع‬ ‫داخل‬
.‫المجتمع‬ ‫داخل‬ ‫اد‬‫ر‬‫األف‬ ‫معيشة‬ ‫ي‬‫مستو‬
:‫البحث‬ ‫أىمية‬
‫المحم‬ ‫الياتف‬ ‫تأثير‬ ‫مدي‬ ‫فة‬‫ر‬‫مع‬ ‫خبلل‬ ‫من‬ ‫البحث‬ ‫أىمية‬ ‫تكمن‬‫تقنية‬ ‫كأحدث‬ ‫ول‬
‫لسموكيات‬ ‫اإليجابي‬‫و‬ ‫السمبي‬ ‫التأثير‬ ‫ومدي‬ ‫المجتمع‬ ‫اد‬‫ر‬‫أف‬ ‫عمي‬ ‫المعمومات‬ ‫وتكنولوجيا‬ ‫لبلتصاالت‬
‫ام‬‫ر‬‫احت‬ ‫في‬ ‫الفرد‬ ‫حق‬ ‫عمي‬ ‫السمبية‬ ‫ه‬‫ر‬‫آثا‬ ‫فة‬‫ر‬‫مع‬ ‫خبلل‬ ‫من‬ ‫المحمول‬ ‫الياتف‬ ‫استخدام‬ ‫أنماط‬‫و‬
‫اال‬ ‫النشاط‬ ‫عمي‬ ‫السمبية‬ ‫ه‬‫ر‬‫آثا‬ ‫فة‬‫ر‬‫مع‬ ‫وكذلك‬ ‫عمييا‬ ‫ين‬‫ر‬‫اآلخ‬ ‫تطفل‬ ‫وعدم‬ ‫خصوصياتو‬‫قتصادي‬
.‫المجتمع‬ ‫داخل‬ ‫االقتصادية‬ ‫التنمية‬‫و‬
:‫البحث‬ ‫ىدؼ‬
‫المجتمع‬ ‫اد‬‫ر‬‫أف‬ ‫عمي‬ ‫المحمول‬ ‫لمياتف‬ ‫الثقافية‬‫و‬ ‫االجتماعية‬ ‫اآلثار‬ ‫فة‬‫ر‬‫مع‬ ‫الي‬ ‫البحث‬ ‫ييدف‬
‫ه‬‫ر‬‫آثا‬ ‫فة‬‫ر‬‫مع‬ ‫وكذلك‬ ‫المجتمع‬ ‫وقيم‬ ‫التعميمية‬ ‫العممية‬ ‫عمي‬ ‫ه‬‫ر‬‫أث‬‫و‬ ‫منيم‬ ‫الجامعات‬ ‫طمبة‬ ‫فئة‬ ‫خاصة‬
‫ا‬ ‫النشاط‬ ‫عمي‬ ‫ه‬‫ر‬‫تأثي‬ ‫أو‬ ‫االقتصادية‬‫الياتف‬ ‫سمبيات‬ ‫من‬ ‫لمحد‬ ‫حمول‬ ‫إيجاد‬ ‫ومحاولة‬ ‫القتصادي‬
.‫االقتصادية‬‫و‬ ‫االجتماعية‬ ‫الناحيتين‬ ‫من‬ ‫ككل‬ ‫المجتمع‬ ‫عمي‬ ‫المحمول‬
:‫البحث‬ ‫خطة‬
.‫الخصوصية‬ ‫في‬ ‫الحؽ‬‫و‬ ‫المحموؿ‬ ‫الياتؼ‬ : ‫األوؿ‬ ‫المبحث‬
.‫الخصوصية‬ ‫في‬ ‫الحؽ‬ ‫عف‬ ‫نبةة‬ : ً‫ال‬‫و‬‫أ‬
.‫الخصوصية‬ ‫في‬ ‫الحؽ‬ ‫عمي‬ ‫المحموؿ‬ ‫الياتؼ‬ ‫أثر‬ : ً‫ا‬‫ثاني‬
‫ث‬.‫سمبيات‬ : ‫المجتمع‬‫و‬ ‫المحموؿ‬ ‫الياتؼ‬ : ً‫ا‬‫الث‬

38. .‫المحموؿ‬ ‫الياتؼ‬‫و‬ ‫القانونية‬ ‫المسئولية‬ : ‫الثاني‬ ‫المبحث‬
.‫الخصوصية‬ ‫في‬ ‫الحؽ‬ ‫مف‬ ‫ي‬‫المصر‬ ‫المشرع‬ ‫موقؼ‬ : ً‫ال‬‫و‬‫أ‬
.‫المحموؿ‬ ‫الياتؼ‬ ‫استخداـ‬ ‫عف‬ ‫الناجمة‬ ‫ار‬‫ر‬ ‫األ‬ ‫ثبات‬‫ا‬‫و‬ ‫الجنائية‬ ‫المسئولية‬ : ً‫ا‬‫ثاني‬
‫ا‬ ‫ثبات‬‫ا‬‫و‬ ‫المدنية‬ ‫المسئولية‬ : ً‫ا‬‫ثالث‬.‫المحموؿ‬ ‫الياتؼ‬ ‫استخداـ‬ ‫عف‬ ‫الناجمة‬ ‫ار‬‫ر‬ ‫أل‬
.‫ه‬‫ار‬‫ر‬ ‫أ‬ ‫مف‬ ‫القانونية‬ ‫الحماية‬‫و‬ ‫المحموؿ‬ ‫الياتؼ‬ ‫شركات‬ ‫امات‬‫ز‬‫الت‬ : ً‫ا‬‫ابع‬‫ر‬
:‫االقتصادي‬ ‫النشاط‬‫و‬ ‫المحموؿ‬ ‫الياتؼ‬ : ‫الثالث‬ ‫المبحث‬
‫لمدولة‬ ‫االقتصادي‬ ‫بالنشاط‬ ‫المحموؿ‬ ‫الياتؼ‬ ‫علقة‬ : ً‫ال‬‫و‬‫أ‬
.)‫االستثمار‬‫و‬ ‫(االدخار‬
‫الياتؼ‬ : ً‫ا‬‫ثاني‬.‫المجتمع‬ ‫في‬ ‫البطالة‬ ‫ية‬ ‫وق‬ ‫المحموؿ‬
.‫االقتصادي‬ ‫النشاط‬ ‫عمي‬ ‫المحموؿ‬ ‫لمياتؼ‬ ‫السمبية‬ ‫اآلثار‬ ‫اجية‬‫و‬‫م‬ ‫كيفية‬ : ً‫ا‬‫ثالث‬
"‫اهلل‬ ‫ىدانا‬ ‫أف‬ ‫ال‬‫و‬‫ل‬ ‫لنيتدي‬ ‫كنا‬ ‫وما‬ ‫ىةا‬ ‫الي‬ ‫ىدانا‬ ‫الةي‬ ‫هلل‬ ‫"الحمد‬