Someone did this recently to me i.e. showed me something I'd signed which I didn't. Fortunately this lead to their demise as I am friends with their manager which was unknown by the party in question. Historically I tend to try something on with employment contracts too - I return an unsigned copy to the company. Only 1 out of 6 companies I worked for didn't just stick it in a filing cabinet and forget about it.
Ultimately I learned that a signature is definitely not proof that someone explicitly signed anything or what the state was at the point of signing it. It must be the full document plaintext and date signed with your private key and should be verifiable with your public key by a court before a claim is even approachable. Docusign sort of does a half-assed version of this but there needs to be a full legal PKI system on this planet and people need to understand it too. That's the most difficult problem to solve.
Yes this is the point about docusign being half assed. It doesn't do any identity validation really. It should verify the signer and the signee are the parties in question using identity services. It doesn't. I believe it can but it doesn't usually get used.
Most people's signature these days isn't much more an attestation than putting on an X on the line or checking a box that "I agree." Docusign just makes the process a bit more formal.
To the degree that signing a lot of documents is something of a formality, most of us don't want to have to go to a notary every time we need to put our signature on something.
So then every Docusign use would demand that you help the surveillance companies verify the files they have on you, where you used to live, etc? And then they would use this shoddy "verification" as evidence that the person who clicked accepted was really you? No thanks!
What actually needs to happen is that things like Docusign need to be contextualized and treated as the appropriate amount of evidence of a contract that they are. Which is to say not much, just like a piece of paper with a signature on it these days.
A "signed" Docusign is evidence that someone opened an email link and clicked a box from a certain IP. It does not prove that a specific person did this. It does not prove that the person who did this actually read, understood, and agreed with the words in the document. In fact, a Docusign that didn't allow marking up the document is itself evidence that the person in question was coerced into accepting unilateral boilerplate terms, rather than being able to make modifications.
Like many legacy systems in the US, the jankiness from using an antiquated system is actually preventing a much more draconian system that would develop if the abstraction was made solid (for a straightforward example, see "identity theft").
When you sign a mortgage or take out a loan and it’s all online, lenders will pay someone to come to your house, take a photo of you, verify it, and then video tape you signing.
Because it's a broken model that is just one small step away from a complete disaster. Think about the value of inserting yourself in the signing process of a whole slew of official documents. Just the ability to fake it with authentic looking signatures is a real problem. See TFA...
I had to do a one-off brokerage (where I don't have a personal representative) transfer fairly recently and, although they loosened up a bit during COVID, they were back to basically requiring me to show up at a brokerage branch in person. In theory, I could have gotten a Medallion Signature from my bank but it turned out they couldn't do it at my local branch and getting their central system to do it failed, so I just drove the 40 minutes or so to a brokerage branch.
This is the problem with things like account recovery. If you really want to minimize social engineering etc., you'll do something requiring a physical presence and various sorts of government issued ID and will probably cost money. And people won't like that. (And the companies won't like it because there's a lot of overhead.)
That's how it works in the US. You show the notary your passport or driver's license, they go "Yup, looks like you," you sign the doc in their presence, and they apply their stamp.
But, at some point, what do you do to absolutely 100% guarantee your bonafides to a complete stranger located across the country? The answer is you probably can't so you put a system in place that protects against all but the most serious and determined attacker who is willing to spend significant effort and money to impersonate you.
It's true that you can physically go to the institution in question and prove your bonafides to them so no intermediate is involved but you start to add a lot of friction to all but the most serious transactions.
Many years ago, possessing the values on a passport constituted verification. This data was stored and after a significant number of leaks, this data alone was useless as it became public knowledge. The next step was requiring a photo of the document. The photos were stored, and after a significant number of leaks, the same thing happened. The next step was ID selfies. Then the same thing happened. Now it’s selfie videos with the ID. This too will become useless when those videos are leaked.
It’s a never ending battle. A passport is a physical document and should only be used physically.
Online, we need public/private key authentication. It’s the only way.
And then private keys will leak. Nothing's perfect.
Requiring physical presence is a pain but it's probably tolerable for sufficiently high value transactions. Only works within the US. There's a related process with more hurdles for international.
I assumed this was only in regards to higher value interactions where meeting in person always makes sense.
I'm having trouble imagining a scenario where such a high level of assurance for real identity verification is required but is not worthwhile to meet in person.
Sure. I do stuff with my family's broker in the Philadelphia area who I've never met in person all the time. During COVID, my local broker let me do a big transfer without going into a (probably closed) office--admittedly to another broker who I had transferred to before.
In general, I rarely do anything related to financial accounts in person.
Online account recovery could go a long way by bootstrapping off the notary system, and then having a waiting period to mitigate forgeries. But companies don't want to add the complexity where a user could commit to a less convenient process for more security, so we're at an impasse. Also they'd have to hire someone to verify the authenticity of incoming physical documents, and having skilled labor do things that aren't "scalable" is verboten.
The solution is state-backed asymmetric cryptography, ideally with the private key on a hardware token that is protected by a pin. There would need to be a process for replacing a lost or stolen key, but that process could require physical presence.
I'm pretty sure just about anytime I've had a Docusign link, it's been from someone I already had a relationship with and it's been the pro-forma equivalent of printing out a document, signing it (scribbling a couple lines)/initialing it, scanning it, and sending it back. (ADDED: Except that unencrypted PDFs aren't being emailed around.)
In neither case is there any real additional identity verification.
Not that I necessarily agree with the person you’re responding to, but their point seems to be that this is a bad faith action, not that they will get in trouble for it and need to cover it up with further bad faith.
IANAL,but they're still enforceable, especially in the grandparent's situation where the grandparent's work product was accepted and they were paid. There are realms of contract law where signature compliance is more prescribed like probate.
> I'm also not really sure which situations an employment contract would really hurt you in tech besides maybe some IP stuff
In my first contract for a dev job:
- noncompete
- agreement to work for a minimum amount of time, while my employer could terminate me at will (I don't think this one was actually enforceable where I live, since I didn't get a signing bonus, but I didn't know that at the time)
- IP stuff
- agreement to arbitration for any disputes (and employer chooses the arbitrator of course)
I would probably dispute some of those now, but as at the time I was naive, fresh out of college. And even if I had pushed back, I didn't have much leverage. I had just moved, and had no money, I couldn't afford not to take the job.
I would normally assume a year before a new employee is a net benefit; the first six months is mostly training. Someone who sticks around for less than two, we’d have been better off not hiring.
How does a handwritten signature prove anything? They are so easy to forge.
I always wondered WHY ARE PEOPLE IN THE US ASKED TO SIGN A RECEIPT WHEN THEY PAY BY CREDIT CARD? I can draw literally any scraggles and they’ll accept it. Are they supposed to compare to the signature I put on my card?
The signature is just a physical manifesting of assent. It's presence is indicative that you've agreed to what you're signing.
Signature comparison is a line of defense.
More broadly, There's a whole set of practices that assume a relationship. You scoff at signatures, but in their heyday, my local banker knew me and knew my signature and he could spot a general forgery or even unusual patterns. Every economic transaction I engaged in came with a relationship that helped mitigate fraud.
Even voting in the US today carries remnants of this. If you go to a small town to vote, you know the election workers and they know you. There's no need for an ID and there's no question of fraud. Everybody knows everybody. If you try to vote and nobody knows you, if you've got the paperwork, you'll get a smile and you'll vote, but you can bet your ballot is flagged for extra scrutiny afterwards.
Thats poor phrasing on my part. Voters dont generally need IDs in the US. I meant "need" in the sense that IDs aren't even a desired issue in the political process.
>Are they supposed to compare to the signature I put on my card?
Probably historically; I think I've had it rarely in the distant past.
Signatures are fairly uncommon these days. And the places where you sign a pad you just swipe a finger and no one blinks an eye. I'd say it was just outmoded POS systems but I've seen it on newer systems too. It probably does, as someone else wrote, constitute a bit more assent than clicking a button does even if not much.
> I can draw literally any scraggles and they’ll accept it. Are they supposed to compare to the signature I put on my card?
This is because we have video recording, PIN input, card not present payments and lots of other ways to prove the cardholder approved the payment. That said, if you are a merchant and want lower fees by requiring signatures, make sure you compare signatures with the back of the card, and make damn sure the card is actually signed (no by looking at a driver's license). An unsigned card signature dispute almost always ends up costing the merchant.
I haven't had to sign for a while now, but when that was more common, I just assumed it was for your own ease of verification, since you could see the signature alongside the transaction and so if you see a transaction you don't remember, you can just check the signature to see if it's like what you typically do.
Not just in the US. McDonald's does the same here in Sweden, or at least they used to (but AFAIK only McDonald's, and no one else). Always found that weird.
I doubt the parent did this in his first job, once you get to your 4th job, I can totally understand.
Plus why is it bad faith? The employee is presumably expected to read the contract, or should they just trust the employer? By the same token, the employer should be expected to check that the employee actually agrees to the terms.
> Seeing how you’re first action in each of your new jobs is done in bad faith
This behavior is not bad faith, unless it is done with the intent to deceive the employer. It's on the employer to make sure documentation is done correctly. In my company, we catch these kinds of things when we are setting up payroll. Most of the time the employee genuinely forgot to sign, or read some creative advice on the internet. Most of the time, the employee signs, and life is good. When they don't sign, we often find that that person has accepted an offer elsewhere and is milking us for a check.
> I tend to try something on with employment contracts too - I return an unsigned copy to the company.
So you email it back without comment, which shows you received it and understood what it was, and then started work… I suspect that’s binding in many jurisdictions, and the lack of an actual signature is simply an inconvenience
What if they crossed out a few clauses and signed, and the employer never noticed. Are you saying that because they begin working for the company, that represents the company's tacit acceptance of the modifications to the contract?
years ago I made a habit of making small changes to contracting agreements. The net results off the top of my head? most contracts sent were written for one side, not both sides, making some changes to defend my side simple self-defense (I didn't change the compensation terms); I only got the changes accepted two out of three times or so; when the tides of tech changed, I was the first to be left out.. it seems in hindsight that this was some kind of "larval state" for me.. I had to either get more authority in writing to become stable, or, be replaced by compliant, more desperate, more outsourced "talent" that could do specific tech work. As an intellectual, I went back to school, and lost the chance to embed and define authority in contractual relationships at the same time.
I think you have a significantly bigger burden of proof to prove the other party had accepted it if you signed it and returned it having amended it without mentioning those changes in the email, and it would be much less clear cut. If you mentioned “here it is with a few small changes”, and you got back an email that said “received”, even if they didn’t explicitly ok the changes or sign it, and you started working, I think you’d be on much firmer ground though.
There’ll be explicit case law but it’ll come down to “would a reasonable person think the changes to the contract had been accepted”
This is exactly what I do. I have an amendment on my contract about intellectual property being owned by the company changed from "while under employment" to "using company equipment in employed hours". They sent me two copies they had signed, I modified both with the change, signed it and scanned the contract.
The returned copy was accepted by HR via email (not sure if they ever read it or not)
What will be interesting is if this ever gets to be tested as not ever sheet in the contract was signed.
Doesn't sound like forgery. Whether it will hold up in court is iffy. If you are not a lawyer I would be more hesitant to state your legal opinions as fact.
In Australia it's common to initial pages to indicate they have been read, and next to altered terms specifically. Both parties write their initials in such cases, so you don't need a signature on each page.
I don't think it has a direct legal basis, but like most things to do with contracts it builds the picture of intent and acceptance and understanding of what they were getting into.
Some countries have electronic signatures linked to biometric IDs. Various devices can then be used to verify the signer's natural identity when signing documents online, like a mobile phone (both smart and dumb).
I lived in a country like this and all my electronic signatures were linked to my natural person. Most documents were signed this way - from rental agreements to tax returns. It was very uncanny to start using things like Adobe Sign or DocuSign afterwards which is very popular in the UK and US.
For the curious - look up m-signature and e-signature in Lithuania.
Indeed, it is a pretty cool system, but every time I look into it I'm puzzled by the variety of costs for essentially the same thing. You can buy a cheapest personal certificate that is recognised as equivalent to a physical signature for contract signing for 50eur for 1 year. Or you can spend 500EUR for the same thing. Some come with a smart card, some don't. For some you get software that works offline, for some you can use open source signing software, for others you get nothing and you need to sign the documents via "their website". Some boast "notary approved" which means nothing. For things that require a notary like real estate transactions you still need a notary. My bank even sells "single use" certificates, good for 15 minutes for 5eur.
It's a nice convenience, but some of the costs are insane.
In Lithuania, the majority of mobile providers offer an end-to-end solution to their customers at €1 per month or less. This includes pay-as-you-go plans and is likely to reflect the actual cost of this tech used on a large scale, given the significant adoption rate (which I estimate to be more than 5% of the Lithuanian population).
To provide m-signature services, mobile carriers in Lithuania burn a client biometrics-linked key into the SIM cards they provide. This setup allows the use of phones with these special SIM cards for two-factor authentication, which can be considered three-factor with some caveats due to the inclusion of biometrics. The mobile signature technology has good UX where a user, while signing a document, usually enters their tax ID and phone number into a web form. They then react to a prompt on their phone by inputting one of two memorized PINs. It's easy, cheap, and secure.
I also don't believe this technology is subsidized by the government. Though it's challenging to find specific legal language around subsidies for m-signatures, the price of this tech seems to be asymptotically approaching real costs through free market competition. In the Western world, a similar demand for electronic signatures exists. Although the market is currently dominated by costly certificate providers, they seem to lack moat, and it brings hope that this technology may be more widely adopted in places like the UK and US, once prices naturally fall.
Lithuania is N=1 but it's an interesting case study for how mobile signatures can be made user-friendly (or at least "user-reasonable") and mass-adopted.
As an Lithuanian expat - I absolutely hate this one and all other gov auth methods. They require to keep a contract with either a bank or telco which is an insane third-party dependency.
Fortunately they've introduced smartphone app just few weeks ago where you can finally use your national ID. It has to be pretty new one and I'm not sure how long before it expires (IIRC it used to be a mere 2 years until you need to physically renew), but it's a start.
It's probably one of the biggest mission of Lithuanian diaspora.
p.s. do you have a source that biometrics are "burned-in" into your SIM card? When I set mine up I don't remember anyone scanning it, just visually verifying.
p.p.s. above doesn't work with eSIM (not that any Lithuanian ones are useful, i.e. offering free wifi calling when roaming)
p.p.p.s. buying anything online in Lithuania is becoming near impossible - barely anyone offers option paying by card, only by a few selected online banks and no you can't just pay IBAN via some no-name digital bank.
At least in Latvia use of qualified electronic signature is completely free of charge. And you can use government provided service or a 3rd party one backed by banks.
It used to cost something for each signature since they have to run the time signature server but they quickly reallised that it made no sense to charge for it.
> It must be the full document plaintext and date signed with your private key and should be verifiable with your public key by a court before a claim is even approachable.
This is called a notary public. Its a routine requirement with immigration documents.
.They can also certify copies as true.
In UK for sone reason it costs over £100, and noone uses them, but in eastern europe its common and notarising documents is like €5 - they just check you identity
In the US, you usually just go into your bank branch. I'm not sure what the deal is if you don't have a local financial institution/lawyer/etc. (Exec admins are sometimes also notaries.)
Note: in many states, banks must provide notary services to the public. You do not have to be a bank customer. Banks will try to ask you to sign up for an account “so you can make an appointment with the notary”, but you can decline - insist that you just want a document notarized.
They may give you the run around saying “the notary isn’t in today”, options here are ask them to tell you which branch you could visit where the notary is available, or what day and time is best that you’ll surely catch the notary. They will be uncomfortable about this pressuring but they are required to provide this service.
The UK is weird about this. Generally speaking you wouldn’t actually want to use a notary public, which is (in the UK) a very old profession regulated by the Church of England. Most of the time, you will have a solicitor certify documents. This is much cheaper, and is what is usually used by large organisations who already have engagements with law firms. In Scotland, solicitors are able to get a special smart card to certify and sign documents.
In the US, notaries are often in law, accounting, banking, and real estate offices and do the notarization for little to no money. No church involved .
Solicitor certification of documents is a farce here in the UK. My mortgage company had me have a solicitor certify bank statements etc. I said I didn’t have paper copies. They said printed PDFs would to, and to get the solicitors to certify them. Madness.
Can’t speak for every country in Europe but once you get a national ID or residence permit in some of them then the card will contain a chip with a certificate that can be used for public key crypto.
If you need to sign something then you sign it with your ID. Same ID can get you into your accounts online.
No different to Estonia’s digital ID scheme a decade ago.
The UK and Ireland are uniquely countries in Europe that don’t have any form of national ID card. The UK was going to get (continental) EU style ID cards in 2008-2010 but this proved to be rather controversial at the time due to perceptions of government overreach and dragnet biometrics. Instead of just doing a simple ID card with just facial biometrics (like a passport), the whole project was scrapped. I don’t know why Ireland doesn’t have them but they have derogations from all the EU laws about it, though their passport card is essentially an EU ID card complete with chip.
Yep, from the UK and remember all the fearmongering about ID cards being like a step back towards Nazi Germany and being asked to show your papers on the streets and all that.
I think the real reason was that it sounded like it’d cost £60 (or close to that) per ID, which is pretty damn expensive when it’s mandatory. Most of that money would have been sunk into the black hole that is the IT consultancy industry in the UK, with literally no guarantee of a working solution being built.
I mean, a friend of mine was recently travelling through the Netherlands and asked some police officers for directions, but because he didn't have ID with him he was arrested and put in a cell overnight.
But this story lacks detail so either you can immediately jump to the conclusion that the police in the Netherlands are asking people for ID on the streets when they ask for directions, or you can maybe assume that your friend wasn’t being honest with you and was trying to save face, or something else entirely was going on.
Usually when you travel you keep at least one form of ID on you - probably not your passport but a local ID or driving license or something.
The salient detail is that he was arrested for not presenting his ID, which was in his where he was staying for the night. He didn't know that the NL requires it to always be carried.
Austria has them, but almost nobody has one in practice since AFAIK there is no requirement to carry an ID. Everyone has a social security card though, which has a cryptographic chip. Digital signatures are also possible via a web platform called "Handysignatur", which is pretty good.
> I don’t know why Ireland doesn’t have them but they have derogations from all the EU laws about it, though their passport card is essentially an EU ID card complete with chip.
Due to the track record of the RIC, the British police prior to independence (and something that continued in NI until the 90s with the RUCs to keep the idea fresh), there is decently strong opposition to ID cards on the idea that police could demand them to harass people. It's also why most Gardai (Irish police officers) are unarmed, though I think the rising perception of petty crime in Dublin has swung the pendulum somewhat on that topic.
> once you get a national ID or residence permit in some of them then the card will contain a chip with a certificate that can be used for public key crypto
H.Can you use them at home to sign lime a rent agreeement or something? What equipment do you use them with?
Yeah, in Czechia you pay approx. 1,5 eur for a verified signature. Your identity is verified against your national ID or passport. Every post office, every notary and every barrister can do that.
In New Zealand we've got Justices of Peace (JP's) - it's just some retired lawyers that can notarise your documents. You typically go to their home or they have little popups in public places. Best part - it's free!
I don't think it's just retired lawyers. My uncle is a JP and hes a ferry captain. But he did have to so some kind of ceremony at the courts. I think he did it in order to be the family marriage celebrant and whatnot.
Some JPs take payment in the form of a box of beer or some small thing like that.
Sorry, what happened with your friend? They forged a digital signature for you and threw it in your face later or something? What was the context for all this?
They were asked to prepare a report about a safety incident at an event I went to. They provided a statement to their manager which was more than a bit economical with the truth and copied my signature off a contract signing that the statement was accurate. I ahd neither seen, agreed to or signed the statement.
> Ultimately I learned that a signature is definitely not proof that someone explicitly signed anything or what the state was at the point of signing it.
I've wondered about this from the first moment I scanned a copy of my signature to feed in to Acrobat for signing PDFs. There seems to still be an unreasonable amount of trust in the idea that a squiggle on paper is difficult for other people to reproduce. But then, it's never been about preventing forgery, because forgery has always been relatively simple. Signatures are just a ritual performed between honest people to help them remember that they're honest.
I don’t think that’s an appropriate use of the word demise unless your manager friend killed the person in question. Which scummy move, for sure but I hope it didn’t actually lead to their demise.
Colloquially I think you may be right, but the dictionary definition makes it appropriate here:
Demise Definition & Meaning
noun ; a · death ; b · a cessation of existence or activity ; c · a loss of position or status.
> Historically I tend to try something on with employment contracts too - I return an unsigned copy to the company
That doesn't necessarily mean that you don't have a contract. Barring specific law regulating the form (such as often happens for property exchanges), the contract is sealed with acceptance. An act of acceptance can be overt such as via signature, but it can also be implied.
By returning the contract as if signed, performing the work specified under the contract, and receiving pay, both you and the employer are acting as if you both have accepted the contract. If a court was asked to adjudicate a dispute (such as over a termination issue like severance pay), a judge could reasonably hold you and the company bound to the terms.
> It must be the full document plaintext and date signed with your private key and should be verifiable with your public key by a court before a claim is even approachable.
Why? Most contract disputes don't turn on whether the text of the contract is authentic. That's resolved by a full PKI-based signature, but such a signature can't decide whether the interpretation of the terms is correct, or whether the contract has been performed, or whether the contract was signed under duress (perhaps making acceptance invalid), or whether the contract is conscionable and consistent with public policy.
Was going to say the same thing - doing the work is implicit acceptance of the contract, signature be damned. Verbal contracts are legally binding, after all (although hard to prove). (IANAL).
Are you seriously suggesting that virologists would 'take revenge' on others by using their professional skills or do I read your comment in entirely the wrong way?
Isn't this the normal thing to do? As a physicist I might set up a large pendulum to knock over a foe or perhaps a frictionfull ramp with a uniform cylinder to flatten my foe.
> until recently the online tool who.is indicated that the [Polish arbitration court, Pan-Europejski-Sąd-Arbitrażowy] PESA website was set up by Villa Europa itself in September 2021
Quite alarming.
Is it normal to charge speakers such high fees? I remember some conferences giving free admission to speakers as encouragement.
I don’t think this is quite right with all conferences - I’ve personally found it quite common for these event companies to give talks to “platinum” sponsors as an indirect way of charging for them.
(Although this particular instance sounds like a scam)
Yeah, many conferences absolutely rely on company sponsorships to cover some or even most of their costs and many of those packages cover some sort of speaking slot among other things (booths, logos, swag bags, etc.). And some conferences have a lot of that sort of pay to play going on. But maybe because I'm used to it that seems different from a naked speaking fee situation.
It depends on the type of conference. My wife went to a politically focused conference recently and while there were some paid speakers there were a lot of speakers who got stage time by virtue of paying the $2000 or so for a booth on the floor of the conference.
She said these speakers were annoying as they’d try to keep talking when they’d run out of time and the sound guy would have to resort to cutting their audio or playing music loudly to get them to get off stage. Everything but the long pole with a hook basically.
The norm at tech conferences is to waive conference fees. For certain types of speakers (industry analysts, headliners for keynotes, other people that conferences want that can't afford to pay their own way), it's normal to cover some expenses and pay them to a greater or lesser degree. I have never in decades literally paid to speak at a conference. (Sponsoring companies may of course have a sponsor package that includes some stage time for an employee among other benefits like booth space.)
But directly paying to be a speaker? Absolutely not normal.
You must be that lucky person who doesn't live in Poland. An electric administrative court in Poland doesn't even check if the provided evidence is correct in any way. They automatically assume the plaintiff is right, according to the official law. And if you don't object plaintiff's accusations, you lose. They try to contact you by mail, but if they can't, they don't care. It's your fault they couldn't deliver mail to you which looks just like any other scam.
The scammer fakes the evidence, submits the case electronically, can request any amount of money and wins by default. Nice, isn't it? You've officially lost in this circus "court". Good luck proving anything to the real court now, as it would consume a lot of your money, time and mental sanity. In the meantime, the scammer is officially allowed to seize any of your money they decided you "owe" them.
You would not expect something like this exist in an EU country, would you?
Reminds me of a SPAM email we get quite frequently, the "World Company Register". The attached PDF reads, "To update your company profile, please print, complete and return this form. Updating is free of charge. Only sign if you want to place an insertion."
Then at the bottom in tiny type it says that you've agreed to a 3 year insertion at 995 Euro per year.
I can see small businesses easily falling for this.
It's probably not a valid contract, assuming a fair hearing. The scammers would not sue the victim here, most likely. They get their money from these schemes purely through fear and anxiety and vague legal threats. A simple, pay us what we tricked you into signing or we'll sue you, often gets an impaired or naive victim to pay up even though they owe nothing legally or morally and the threat is empty.
If you register a trademark, you'll get multiple fake bills in the physical mail for hundreds of dollars to similarly record the trademark in various "registers." The fine print says it's not a bill but a solicitation, but of course it's just a scam in reality.
Or a patent, or register a company. These vultures just want to prey on the uninformed or gullible business owners who are just trying to make a living. I received “notices” of “dues” to several different “agencies” for my company’s listing. When I wrote back that all I needed was a federal id number and a business registration on file with the clerk, they stopped harassing me. One of these fake bills was $4,000 for a DUNS registration. Wow. Just wow.
Yeah, this isn't really about the signatures rabbit hole this thread has gone down. I've spoken at well over 100 events (and many webinars/videos) and it's totally routine as a speaker, or even as an attendee, to click through all sorts of routine terms and conditions like codes of conduct, agreement for photos/videos to be used for marketing purposes, and probably various other things. If there were some buried condition about payment after the event, I could easily miss it because it would be so unexpected. (An actual number would hopefully jump out at me but it would be so unexpected it might not if it were carefully hidden.)
I don't see mention of the Polish judicial system in the article.
It mentions a "a Polish arbitration court whose very existence has been questioned by experts in the country" and "Agnieszka Durlik, director general of the Court of Arbitration of the Polish Chamber of Commerce, says she has never heard of it."
If it doesn't exist, then it can't be part of the Polish judicial system.
Putting aside any ethics questions.
Sounds like the guys on their way to court did actually sign the contracts.
Not sure there is much get out clause for them tbh, Im not aware of any court anywhere that will take "didnt read the contract" as a get out of jail free card.
Honestly, it probably needs to be roped into something like the certificate authority system. Like, if you have a deceptive licensing agreement, the certificate is revoked. And similarly, being asked to sign something that isn't tied to a certificate would be a huge red flag.
No, we need laws that anything longer than two standard pages of 12 point text is prima facie invalid. Exceptions for when attorneys are involved, or negotiated contracts that go back and forth a few times with substantive changes. Subjecting individuals to unbounded contract terms, often by contracts of adhesion, is an anti-feature.
But if someone seemingly legit asks me to appear on a webinar--I'd be asking more questions about traveling to an event--I'm pretty much going to say yes. And if they send over some apparently routine paperwork including publicity rights and so forth, it's realistically only getting a quick skim.
You can’t just put anything in a contract and expect a court to unconditionally enforce it. If an included clause is unreasonable and clearly in bad faith (like a buried fee, written in words instead of numbers), a court can choose to annul it. The legal system is run by humans, not robots. (This is also why smart contracts may not be so smart after all — computers can’t use common sense to mitigate unfair smart contracts.)
When will we have regulations that force contracts to be transparent. Perhaps an AI model could be fed with a contract and asked to check for things one should watch out for.
> Many of the speakers, already busy studying COVID-19 and under pressure from the transition to remote teaching, did not notice these clauses. The pandemic “meant working 11 to 12 hours per day,” says another speaker, Johannes Müller, a mathematician at the Technical University of Munich. “The contract was unreadable [but] I eventually sent it.”
Maybe I am cold hearted, but I don’t feel any sympathy for their position. They were busy, so they should get out of the contract they willingly entered? These are educated adults that should have known better than to sign something without reading it.
Now the counter argument is that no one reads EULAs, but courts have held at common law that only abnormal clauses not in line with industry standards need to be highlighted to draw attention, or otherwise explicitly initialled. In this case based on at least one researcher asking if there were conference fees, it seems that there is at least some precedent for fees being charged to speakers (something that surprises me, but I guess it adds value to the speaker’s CV), so again, I have a really hard time feeling like this isn’t the result of a bunch of people not reading their contracts closely and treating their signature as something less valuable than it is - a binding commitment.
Some of the scientists claim they did not sign the contract with the addendum for fees.
Also, apply your judgement - this is highly unusual and my first impression is it’s obviously a scam. If people sign contracts that are altered and a scam, should they be upheld just because someone agreed to it?
It is not unheard of for a presenter to have to pay the same registration fees as a non-presenting attendee, but it is also common for invited speakers to attend for free and even have their travel and accommodation expenses covered. It is extremely abnormal (if not unheard of) for a legitimate conference to charge a speaker an additional fee for presenting.
154 comments
[ 3.4 ms ] story [ 257 ms ] threadUltimately I learned that a signature is definitely not proof that someone explicitly signed anything or what the state was at the point of signing it. It must be the full document plaintext and date signed with your private key and should be verifiable with your public key by a court before a claim is even approachable. Docusign sort of does a half-assed version of this but there needs to be a full legal PKI system on this planet and people need to understand it too. That's the most difficult problem to solve.
Highly annoying these services, they don't do even the most basic verification that the person signing really is the person that should be signing.
If you care enough to get it really signed, pay the notary.
To the degree that signing a lot of documents is something of a formality, most of us don't want to have to go to a notary every time we need to put our signature on something.
What actually needs to happen is that things like Docusign need to be contextualized and treated as the appropriate amount of evidence of a contract that they are. Which is to say not much, just like a piece of paper with a signature on it these days.
A "signed" Docusign is evidence that someone opened an email link and clicked a box from a certain IP. It does not prove that a specific person did this. It does not prove that the person who did this actually read, understood, and agreed with the words in the document. In fact, a Docusign that didn't allow marking up the document is itself evidence that the person in question was coerced into accepting unilateral boilerplate terms, rather than being able to make modifications.
Like many legacy systems in the US, the jankiness from using an antiquated system is actually preventing a much more draconian system that would develop if the abstraction was made solid (for a straightforward example, see "identity theft").
When you sign a mortgage or take out a loan and it’s all online, lenders will pay someone to come to your house, take a photo of you, verify it, and then video tape you signing.
It’s just not convenient.
This is the problem with things like account recovery. If you really want to minimize social engineering etc., you'll do something requiring a physical presence and various sorts of government issued ID and will probably cost money. And people won't like that. (And the companies won't like it because there's a lot of overhead.)
It's true that you can physically go to the institution in question and prove your bonafides to them so no intermediate is involved but you start to add a lot of friction to all but the most serious transactions.
Many years ago, possessing the values on a passport constituted verification. This data was stored and after a significant number of leaks, this data alone was useless as it became public knowledge. The next step was requiring a photo of the document. The photos were stored, and after a significant number of leaks, the same thing happened. The next step was ID selfies. Then the same thing happened. Now it’s selfie videos with the ID. This too will become useless when those videos are leaked.
It’s a never ending battle. A passport is a physical document and should only be used physically.
Online, we need public/private key authentication. It’s the only way.
Requiring physical presence is a pain but it's probably tolerable for sufficiently high value transactions. Only works within the US. There's a related process with more hurdles for international.
I'm having trouble imagining a scenario where such a high level of assurance for real identity verification is required but is not worthwhile to meet in person.
Can you name a few examples?
In general, I rarely do anything related to financial accounts in person.
Your credit card already has contactless chip and it's been ID verified. So does your smartphone. Why can't we just marry the two together?
In neither case is there any real additional identity verification.
Seeing how you’re first action in each of your new jobs is done in bad faith I think I see why you’ve had to fill out six of them…
I'm also not really sure which situations an employment contract would really hurt you in tech besides maybe some IP stuff. NDAs are usually separate.
IANAL,but they're still enforceable, especially in the grandparent's situation where the grandparent's work product was accepted and they were paid. There are realms of contract law where signature compliance is more prescribed like probate.
In my first contract for a dev job:
- noncompete
- agreement to work for a minimum amount of time, while my employer could terminate me at will (I don't think this one was actually enforceable where I live, since I didn't get a signing bonus, but I didn't know that at the time)
- IP stuff
- agreement to arbitration for any disputes (and employer chooses the arbitrator of course)
I would probably dispute some of those now, but as at the time I was naive, fresh out of college. And even if I had pushed back, I didn't have much leverage. I had just moved, and had no money, I couldn't afford not to take the job.
I always wondered WHY ARE PEOPLE IN THE US ASKED TO SIGN A RECEIPT WHEN THEY PAY BY CREDIT CARD? I can draw literally any scraggles and they’ll accept it. Are they supposed to compare to the signature I put on my card?
Signature comparison is a line of defense.
More broadly, There's a whole set of practices that assume a relationship. You scoff at signatures, but in their heyday, my local banker knew me and knew my signature and he could spot a general forgery or even unusual patterns. Every economic transaction I engaged in came with a relationship that helped mitigate fraud.
Even voting in the US today carries remnants of this. If you go to a small town to vote, you know the election workers and they know you. There's no need for an ID and there's no question of fraud. Everybody knows everybody. If you try to vote and nobody knows you, if you've got the paperwork, you'll get a smile and you'll vote, but you can bet your ballot is flagged for extra scrutiny afterwards.
We need more of this system in the modern world.
Probably historically; I think I've had it rarely in the distant past.
Signatures are fairly uncommon these days. And the places where you sign a pad you just swipe a finger and no one blinks an eye. I'd say it was just outmoded POS systems but I've seen it on newer systems too. It probably does, as someone else wrote, constitute a bit more assent than clicking a button does even if not much.
This is because we have video recording, PIN input, card not present payments and lots of other ways to prove the cardholder approved the payment. That said, if you are a merchant and want lower fees by requiring signatures, make sure you compare signatures with the back of the card, and make damn sure the card is actually signed (no by looking at a driver's license). An unsigned card signature dispute almost always ends up costing the merchant.
I doubt the parent did this in his first job, once you get to your 4th job, I can totally understand.
Plus why is it bad faith? The employee is presumably expected to read the contract, or should they just trust the employer? By the same token, the employer should be expected to check that the employee actually agrees to the terms.
This behavior is not bad faith, unless it is done with the intent to deceive the employer. It's on the employer to make sure documentation is done correctly. In my company, we catch these kinds of things when we are setting up payroll. Most of the time the employee genuinely forgot to sign, or read some creative advice on the internet. Most of the time, the employee signs, and life is good. When they don't sign, we often find that that person has accepted an offer elsewhere and is milking us for a check.
So you email it back without comment, which shows you received it and understood what it was, and then started work… I suspect that’s binding in many jurisdictions, and the lack of an actual signature is simply an inconvenience
If they emailed you terms beforehand and you still started work, then most courts would take that to indicate your acceptance of the terms.
There’ll be explicit case law but it’ll come down to “would a reasonable person think the changes to the contract had been accepted”
The returned copy was accepted by HR via email (not sure if they ever read it or not)
What will be interesting is if this ever gets to be tested as not ever sheet in the contract was signed.
* https://www.adamsdrafting.com/making-sneaky-changes-to-a-con...
I don't think it has a direct legal basis, but like most things to do with contracts it builds the picture of intent and acceptance and understanding of what they were getting into.
I lived in a country like this and all my electronic signatures were linked to my natural person. Most documents were signed this way - from rental agreements to tax returns. It was very uncanny to start using things like Adobe Sign or DocuSign afterwards which is very popular in the UK and US.
For the curious - look up m-signature and e-signature in Lithuania.
It's a nice convenience, but some of the costs are insane.
To provide m-signature services, mobile carriers in Lithuania burn a client biometrics-linked key into the SIM cards they provide. This setup allows the use of phones with these special SIM cards for two-factor authentication, which can be considered three-factor with some caveats due to the inclusion of biometrics. The mobile signature technology has good UX where a user, while signing a document, usually enters their tax ID and phone number into a web form. They then react to a prompt on their phone by inputting one of two memorized PINs. It's easy, cheap, and secure.
I also don't believe this technology is subsidized by the government. Though it's challenging to find specific legal language around subsidies for m-signatures, the price of this tech seems to be asymptotically approaching real costs through free market competition. In the Western world, a similar demand for electronic signatures exists. Although the market is currently dominated by costly certificate providers, they seem to lack moat, and it brings hope that this technology may be more widely adopted in places like the UK and US, once prices naturally fall.
Lithuania is N=1 but it's an interesting case study for how mobile signatures can be made user-friendly (or at least "user-reasonable") and mass-adopted.
Fortunately they've introduced smartphone app just few weeks ago where you can finally use your national ID. It has to be pretty new one and I'm not sure how long before it expires (IIRC it used to be a mere 2 years until you need to physically renew), but it's a start.
It's probably one of the biggest mission of Lithuanian diaspora.
p.s. do you have a source that biometrics are "burned-in" into your SIM card? When I set mine up I don't remember anyone scanning it, just visually verifying.
p.p.s. above doesn't work with eSIM (not that any Lithuanian ones are useful, i.e. offering free wifi calling when roaming)
p.p.p.s. buying anything online in Lithuania is becoming near impossible - barely anyone offers option paying by card, only by a few selected online banks and no you can't just pay IBAN via some no-name digital bank.
This is called a notary public. Its a routine requirement with immigration documents. .They can also certify copies as true.
In UK for sone reason it costs over £100, and noone uses them, but in eastern europe its common and notarising documents is like €5 - they just check you identity
They may give you the run around saying “the notary isn’t in today”, options here are ask them to tell you which branch you could visit where the notary is available, or what day and time is best that you’ll surely catch the notary. They will be uncomfortable about this pressuring but they are required to provide this service.
If you need to sign something then you sign it with your ID. Same ID can get you into your accounts online.
No different to Estonia’s digital ID scheme a decade ago.
I think the real reason was that it sounded like it’d cost £60 (or close to that) per ID, which is pretty damn expensive when it’s mandatory. Most of that money would have been sunk into the black hole that is the IT consultancy industry in the UK, with literally no guarantee of a working solution being built.
Usually when you travel you keep at least one form of ID on you - probably not your passport but a local ID or driving license or something.
You may assume anything you like indeed.
Due to the track record of the RIC, the British police prior to independence (and something that continued in NI until the 90s with the RUCs to keep the idea fresh), there is decently strong opposition to ID cards on the idea that police could demand them to harass people. It's also why most Gardai (Irish police officers) are unarmed, though I think the rising perception of petty crime in Dublin has swung the pendulum somewhat on that topic.
H.Can you use them at home to sign lime a rent agreeement or something? What equipment do you use them with?
Some JPs take payment in the form of a box of beer or some small thing like that.
I've wondered about this from the first moment I scanned a copy of my signature to feed in to Acrobat for signing PDFs. There seems to still be an unreasonable amount of trust in the idea that a squiggle on paper is difficult for other people to reproduce. But then, it's never been about preventing forgery, because forgery has always been relatively simple. Signatures are just a ritual performed between honest people to help them remember that they're honest.
That doesn't necessarily mean that you don't have a contract. Barring specific law regulating the form (such as often happens for property exchanges), the contract is sealed with acceptance. An act of acceptance can be overt such as via signature, but it can also be implied.
By returning the contract as if signed, performing the work specified under the contract, and receiving pay, both you and the employer are acting as if you both have accepted the contract. If a court was asked to adjudicate a dispute (such as over a termination issue like severance pay), a judge could reasonably hold you and the company bound to the terms.
> It must be the full document plaintext and date signed with your private key and should be verifiable with your public key by a court before a claim is even approachable.
Why? Most contract disputes don't turn on whether the text of the contract is authentic. That's resolved by a full PKI-based signature, but such a signature can't decide whether the interpretation of the terms is correct, or whether the contract has been performed, or whether the contract was signed under duress (perhaps making acceptance invalid), or whether the contract is conscionable and consistent with public policy.
I hope you mean they just lost their job or something...
Quite alarming.
Is it normal to charge speakers such high fees? I remember some conferences giving free admission to speakers as encouragement.
(Although this particular instance sounds like a scam)
She said these speakers were annoying as they’d try to keep talking when they’d run out of time and the sound guy would have to resort to cutting their audio or playing music loudly to get them to get off stage. Everything but the long pole with a hook basically.
But directly paying to be a speaker? Absolutely not normal.
The only time it's normal to pay to speak is when you are sponsoring an event.
edit: ah, okay, so they signed a "license agreement", which is basically a scam. welp.
The point is that the contract is invalid, so it makes no sense that it would be valid for jurisdiction
> have the speakers agreed to arbitration?
The scammer fakes the evidence, submits the case electronically, can request any amount of money and wins by default. Nice, isn't it? You've officially lost in this circus "court". Good luck proving anything to the real court now, as it would consume a lot of your money, time and mental sanity. In the meantime, the scammer is officially allowed to seize any of your money they decided you "owe" them.
You would not expect something like this exist in an EU country, would you?
Then at the bottom in tiny type it says that you've agreed to a 3 year insertion at 995 Euro per year.
I can see small businesses easily falling for this.
Same with elder scams. Too many potential avenues for scams via contracts.
It is not to introduce entirely new terms, like "actually you have to pay for this"
It mentions a "a Polish arbitration court whose very existence has been questioned by experts in the country" and "Agnieszka Durlik, director general of the Court of Arbitration of the Polish Chamber of Commerce, says she has never heard of it."
If it doesn't exist, then it can't be part of the Polish judicial system.
Not sure there is much get out clause for them tbh, Im not aware of any court anywhere that will take "didnt read the contract" as a get out of jail free card.
Always read the contract kids.
I mean, at one level, yes?
But if someone seemingly legit asks me to appear on a webinar--I'd be asking more questions about traveling to an event--I'm pretty much going to say yes. And if they send over some apparently routine paperwork including publicity rights and so forth, it's realistically only getting a quick skim.
- A good conference will pay you to speak
- An okay conference will wave entry fee
- A bad conference will ask you to still pay entry
- A scam will charge you to speak
https://pubs.acs.org/doi/10.1021/cen-09446-notw13
It turns out the same scammer (Krzysztof Siennicki from Villa Europa) had its part in it:
https://www.adrforum.com/domaindecisions/1764106.htm
Maybe I am cold hearted, but I don’t feel any sympathy for their position. They were busy, so they should get out of the contract they willingly entered? These are educated adults that should have known better than to sign something without reading it.
Now the counter argument is that no one reads EULAs, but courts have held at common law that only abnormal clauses not in line with industry standards need to be highlighted to draw attention, or otherwise explicitly initialled. In this case based on at least one researcher asking if there were conference fees, it seems that there is at least some precedent for fees being charged to speakers (something that surprises me, but I guess it adds value to the speaker’s CV), so again, I have a really hard time feeling like this isn’t the result of a bunch of people not reading their contracts closely and treating their signature as something less valuable than it is - a binding commitment.
Also, apply your judgement - this is highly unusual and my first impression is it’s obviously a scam. If people sign contracts that are altered and a scam, should they be upheld just because someone agreed to it?