Privacy-first eSigning
Seamless Identity Check
Digital Twin
Lifecycle Updates
Simple API Integration
Real estate
Financial Services
Healthcare
Education
All industries
Sales
HR
Procurement
Legal
Legal Validity
Blog
News
There is no doubt: eSignatures are immensely convenient, and the rise in remote work in the last two years has highlighted that fact even more. But by definition, documents that require a legal signature are often confidential, with potentially devastating effects for the issuer was privacy to be compromised. Unfortunately, not all eSignature providers are created equal, and the wrong choice could cost you dearly.
How your eSignature provider handles your sensitive documents can make or break your business. And even with the best of intentions, if there is a way to access your documents at all, they likely will be. Therefore, only a zero-trust provider can be fully relied on for upholding your privacy.
And while “trust” generally has a positive connotation to it, when it comes to your most sensitive documents, you’re far better off not having to trust anyone at all by simply opting for the right, trustless technology to handle your data.
Why You Shouldn’t Have to Trust Your eSigning Provider in the First Place
Most eSignature providers do a decent job at providing a basic level of privacy – or at least, so they say. But there clearly is a lack of trust: Many companies have what’s known as “no sign lists”, which contain items (types of documents) that employees are not allowed to sign digitally or send to any eSignature provider.
Another common scenario is only sending the signature pages to be signed electronically instead of the whole contract – which, correct, ensures privacy of the document since the main content is not visible to anyone involved in this stage of the process. But it also makes most contracts invalid because… well, what are you really signing for?
Trust is an issue – and rightly so. Fallen into the wrong hands unencrypted, many sensitive documents could spell disaster for companies if passed on to the wrong parties.
The only way to avoid having to decide on any level of trust is removing it altogether: By opting for a trustless (or zero-trust) system, you don’t need to trust your provider because there is no way to access your documents in the first place. Implementing asymmetric end-to-end encryption means no unencrypted documents ever leave your device, therefore allowing you to use whatever provider is most convenient and worry less about a potential breach of privacy.
Here’s What to Look Out for When Deciding to Trust Your eSigning Provider (or Not)
Many companies are great at marketing and honestly aim to fulfill the promises they make. To separate signal from (marketing) noise, here are the key points to look out for when deciding whether you “need” to trust your eSignature provider at all.
| What is happening | What that means |
| Your provider does not offer encryption | You’re leaving your front door wide open |
| Encryption happens on the provider’s infrastructure | You’re exposed until the actual encryption happens |
| Your decryption key is sent along with the encrypted documents | You’re hiding the key to your front door on your doorstep – in plain sight for anyone |
| You’re being sold the “rule of least privilege” | There is access to your data – and it only depends on the definition of “least” |
| AI is helping you with your eSignature documents | You’re giving AI (or the people behind it) access to your documents |
| Your provider is based in a country known for lax privacy laws | Your documents are at risk of being exposed as soon as the right entity comes knocking |
| Your documents are not fully end-to-end encrypted | If your data can be accessed at all, it will, sooner or later |
Often, it’s not malice but rather ignorance or incompetence that leads to serious privacy issues. Let’s take a closer look at what each of these points means in detail.
Your provider does not mention encryption at all
If encryption is not even a topic for your eSignature provider, you should just move on. In the days of ever-increasing cyberattacks as well as more and more complex laws and regulations regarding online privacy, any provider not giving these topics serious thought is probably not worth your attention. It’s not a question of if, but rather when: Everyone’s at risk of getting hacked at some point. Your provider knows that and should be ready.
Sending your documents unencrypted is like leaving the front door to your house wide open. Sure, you can hope that nobody takes notice, and if they do, they’re decent enough not to enter without your permission. But overly optimistic hope is not a sound strategy when it comes to protecting your privacy. Don’t do it.
Document encryption happens on the provider’s infrastructure
Sending your documents unencrypted, even if they are then encrypted once on your provider’s servers, poses a serious threat to your privacy. Not only do you have no say over what type of encryption will be used, since, at that stage, the document is not in your hands anymore, you also don’t know at what stage the document is encrypted. If it happens 24 hours after arriving on your eSignature provider’s servers, that’s a big wide 24-hour window for anyone to look at (and, worst case, copy) your documents without any barriers.
Server-side encryption exposes you to unnecessary risks. Even with the best of intentions, your provider may have workflows or systems in place that pose serious threats to your privacy. Any minute of unencrypted storage is a minute too many, and trusting in a potentially insufficient encryption mechanism to hold up against malicious attacks is simply a risk not worth taking.
You’re asked to send the decryption key along with the encrypted documents
Many providers offer “encryption”, but their workflow requires you to send the decryption key along with the documents. This makes sense from a process standpoint since it’s efficient to only send one “package” to the end recipient: Both the encrypted document as well as the key to decrypt it. And while it’s one streamlined package from beginning to end, it also means you have to fully trust not only your provider but anyone in the digital chain to simply pass along the key and not use it to pique at your documents.
You would not lock your door and hide your key on the doorstep in plain sight, would you? It’s somewhat of a farce: Yes, you’ve locked your door, but anyone willing to simply grab the key off your doorstep can get in. And just like the key to your door is visible from the street, the decryption key for your “encrypted” documents is in plain sight for anyone catching a glimpse at whatever document you’re sending.
The provider operates under the “rule of least privilege”
While a great marketing slogan, the sheer term “least privilege” implies that someone has access to your documents. Sure, they might be encrypted, and it’s unlikely every single employee at your eSignature provider can simply read your documents. But since you have no way of knowing what they define as “least”, you’ll also never know who exactly can read your highly sensitive documents at any given time.
Your documents should be “no privilege” to anyone except you and your recipient. It’s a very black-and-white issue with absolutely no need for shades of grey: You and your recipient require full access (“maximum privilege”) to your documents – and anybody else does not (“no privilege”). Privacy should never depend on someone’s interpretation of privilege.
Your plan includes “document management tools” and other fancy marketing terms
Increasing efficiency is usually desirable – but not when it comes at the expense of your privacy. And while many AI-driven tools undoubtedly provide value, either by speeding up the process or suggesting improvements on your content, their function by definition requires access to your documents – unencrypted. Because an encrypted document cannot be improved.
Don’t sacrifice convenience for privacy. It’s certainly tempting to start using features like “document management tools” or “proposal and workflow management”, but at the end of the day, they can only do their job with full access to all your data. And if automated tools have access to your data, it means there is access – potentially for anyone with the right means to gain it.
Your provider is based in a country with questionable privacy laws
Low-cost often comes at a high price: Your privacy. Levels of privacy that have to be respected by law vastly vary from country to country, and while it’s tempting to simply opt for the cheapest provider, it’s worth finding out where they’re headquartered. More often than not, countries that allow for the cheap deployment of infrastructure also lack the laws required to uphold your privacy.
Where your data is hosted matters for your privacy. Sometimes, obscure locations in notoriously corrupt countries put your data at risk of either being sold or easily hacked into. But even in otherwise completely respectable locations, laws like the ominous CLOUD Act put your data at risk of (legally) being accessed by any number of government agencies.
If your documents can be accessed at all, they will
It’s not a matter of how, but a matter of when: If there is a way to access your documents, chances are that they will be accessed at some stage. Whether that’s by someone spying on your WiFi connection, a hacker group breaking into your eSignature provider, or the US government asking for access for “legitimate reasons of concern”: Assume your data is breached, no matter what.
Trust is good, but it should not be required to ensure your privacy. Many scenarios put your documents at risk if they can be accessed at all. And with an ever-changing technology landscape, new villains or even legal challenges pop up quicker than anyone can keep track of. If you’re asked to place your trust in anyone in the entire sSignature process, you may have lost before you even begin.
The Bottom Line
If any of these scenarios ring true with your current eSignature provider, your privacy is likely at risk. And this may not be due to any malicious intent whatsoever – in fact, it’s safe to assume that most providers do their best to maintain your privacy at all times. But at the end of the day, it all boils down to one simple statement:
If your data can be accessed at all, it likely will.
Whether that’s with malicious intent, to offer “enhanced features”, or simply because deemed required for any admin role to do their job, the outcome is the same: What you considered private and inaccessible is now at risk of being read, or, even worse, copied.
The only way to keep your data secure is by opting for asymmetric, full end-to-end encryption. This means the documents are encrypted locally on your device and never touch anybody else’s infrastructure in an unencrypted state. It also means the key required to decrypt the documents is sent separately to whoever you want to decrypt them – through whatever means you deem safe, and without risk of someone matching that key to your documents.
Because the only way to prevent any privacy issues at all is to prevent access altogether. No matter what employee, government agency, or hacker group is after your data: Fully encrypted, it’s for your (and your recipient’s) eyes only.
