Electronic signature as legal evidence in litigation

In France, more than 2.5 billion documents are signed electronically each year, according to industry estimates. Yet when a commercial dispute breaks out, one question invariably arises: does electronic signature constitute solid evidence before a court? The answer is yes, subject to conditions. Between the Civil Code, the European eIDAS regulation and French case law which has been densifying since 2016, the framework is precise — but complex. This article decrypts the conditions of admissibility of an electronic signature in proceedings, the different levels of evidence according to the type of signature, and the mistakes to avoid so that your document survives a judicial challenge.

Probative value of electronic signature: what French law says

Electronic signature is not a legal novelty. Since the law of 13 March 2000, French law has explicitly recognised the electronic document as a means of proof, on an equal footing with paper. This recognition is today codified in articles 1366 and 1367 of the Civil Code, which establish two fundamental principles.

First principle: the electronic document has the same probative force as the paper document, provided that the person from whom it emanates is duly identified and that the integrity of the document is guaranteed. Second principle: the reliable electronic signature benefits from a legal presumption of validity. Article 1367 specifies that this reliability is presumed — that is, acquired without prior demonstration — when the signature complies with technical requirements laid down by decree.

In practice, this decree refers to the European eIDAS regulation, of which you can read a detailed analysis in our guide on eIDAS 2.0 regulation. The mechanism is therefore as follows: a signature qualified within the meaning of eIDAS benefits from an irrebuttable presumption of validity under French law, reversing the burden of proof to the person who contests it.

The three levels of signature and their probative scope

The eIDAS regulation distinguishes three levels of signature, which do not offer the same robustness of evidence before a judge:

Simple electronic signature (SES) is based on electronic data attached to a document — typically an email or a ticked box. It has weak probative value: in case of dispute, it is for the person invoking it to prove its authenticity. It is suitable for low-value acts or contexts with limited risk.

Advanced electronic signature (AES) is uniquely linked to the signer, allows them to be identified, is created from data under their exclusive control and detects any subsequent modification. It offers significantly higher probative value and is suitable for the majority of commercial contracts. However, it does not benefit from automatic legal presumption.

Qualified electronic signature (QES) is created via a certified device and is based on a qualified certificate issued by a trust service provider (TSP) listed on the Member State's Trust List. This is the only level that benefits from the legal presumption of validity provided for in article 1367 of the Civil Code. For further information on the differences between solutions, our comparison of electronic signature solutions details the offers available on the market.

What courts actually examine

When an electronic signature is challenged in court, French judges typically examine five elements:

1. Identification of the signer: by what mechanism was the identity verified? A simple SMS OTP, a code sent by email, or biometric verification of an identity document?
2. Informed consent: did the signer have knowledge of the document's content at the time of signing?
3. Document integrity: can the signed file prove that it has not been modified after signature (cryptographic seal, SHA fingerprint)?
4. Traceability: is there a time-stamped audit log, maintained by an independent third party, listing each action?
5. Preservation: are the document and associated evidence archived in conditions allowing their production in court years later?

Decisions rendered by commercial courts since 2018 show a clear trend: judges do not reject electronic signature per se, but penalise deficiencies in traceability. A service provider unable to produce a complete audit log, or whose time stamps are not certified, sees its document weakened, or even excluded.

The burden of proof in case of dispute

The question of the burden of proof is strategically decisive in any dispute involving an electronic signature. The regime differs depending on the level of signature used.

Presumption of reliability and reversal of burden

With a qualified signature, the law presumes its reliability. Concretely, if one party contests the signature, it is up to it to demonstrate that the presumption should be set aside — for example by proving that the certificate was expired, that the service provider was not qualified, or that the signature creation device was compromised. This reversal is considerable: it protects the beneficiary of the signature.

With an advanced or simple signature, the operator invoking the signature must conversely positively establish its reliability. It must produce all elements making it possible to identify the signer: IP address of connection, certified time stamp, identity verification log, recorded consent. This is why the choice of signature service provider and the quality of its audit log are legal variables, not merely technical ones.

French case law: key trends

Several recent decisions clarify the position of French courts:

• Paris Court of Appeal, 2021: the court upheld an advanced electronic signature in a dispute concerning a distribution contract, noting that the service provider produced a complete file of evidence including SMS OTP, time stamp and SHA-256 fingerprint of the document.
• Court of Cassation (Commercial Chamber), 2022: the Court of Cassation recalled that the challenge to an electronic signature must be explicitly motivated by the applicant, and not simply alleged in general terms.
• Paris Tribunal judiciaire, 2023: a tribunal rejected a simple electronic signature in a labour law dispute, on the grounds that the signer's identity was established only by an unverified email address, without OTP or two-factor authentication.

These decisions confirm a substantive rule: it is the robustness of the file of evidence, rather than the document format, that determines the judicial outcome.

Building a file of evidence which can be relied upon in court

Anticipating litigation does not mean being pessimistic; it means exercising contractual rigour. Several practices make it possible to significantly strengthen the probative value of an electronic signature.

The file of evidence: essential components

A sound file of evidence must contain at minimum:

• The signed file with its cryptographic signature (PAdES format for PDFs, XAdES for XML), as defined by ETSI EN 319 132 and ETSI EN 319 122 standards.
• The electronic certificate of the signer, with its date of issue and period of validity.
• The complete audit log: each step of the process (invitation, document opening, OTP verification, signature click) time-stamped and certified by a trusted third party.
• Proof of identity: capture of identity data used (verified email, telephone number, scanned identity document if required).
• Qualified time stamp: a time token issued by a Certification Authority compliant with eIDAS, guaranteeing that the signature was indeed affixed at the declared instant.

This documentary architecture is at the heart of what Certyneo automatically generates at each signature, as part of its compliance with our approach to electronic signature in business.

Preservation of evidence: duration and format

The preservation of evidence is often neglected, yet it conditions the defensibility of a contract over time. In commercial law, disputes can arise up to five years after signature (general prescription period, article 2224 of the Civil Code). Some contracts — commercial lease, warranty, contractual liability — expose to even longer periods.

It is therefore necessary to preserve:

• The signed document in a long-lasting format (PDF/A with embedded signature),
• The complete associated file of evidence,
• In an archiving system guaranteeing long-term integrity (ideally compliant with NF Z 42-026 or eArchiving).

A SaaS service provider which does not offer archiving guarantee beyond its commercial lifespan represents a real legal risk: if the company ceases its activity, evidence may disappear. Systematically verify the clauses on reversibility and data export in your service provider contracts — this is a criterion we detail in our guide for migrating from DocuSign or YouSign to Certyneo.

When to prioritise qualified signature?

Not all contracts require the maximum level. The choice of signature level should be proportionate to the legal and financial stake:

• Low-value contracts (purchase orders, terms and conditions, internal confidentiality agreements): advanced signature sufficient.
• Significant commercial contracts (services valued at more than €10,000, annual framework agreements, assignment of rights): advanced or qualified signature recommended depending on the level of risk.
• Acts requiring an authentic or quasi-authentic form (certain notarial acts, personal guarantees): qualified signature mandatory or electronic notarial act.
• Employment law contracts (employment contract, severance settlement, amendment): the DGEFP recommends advanced signature as a minimum, and several decisions by employment tribunals have penalised simple signatures.

For companies processing a large volume of contracts, the Certyneo ROI calculator makes it possible to assess the comparative cost depending on the level of signature chosen, taking into account residual legal risk.

Legal framework applicable to proof by electronic signature

The legal value of electronic signature in France rests on a stack of consistent texts, the mastery of which is essential for anyone involved in a commercial dispute.

Civil Code, articles 1366 and 1367: these two articles form the basis of the law of electronic evidence in France. Article 1366 assimilates the electronic document to the paper document as soon as the person from whom it emanates is identifiable and its integrity is ensured. Article 1367 grants a legal presumption of reliability to electronic signature compliant with regulatory requirements, reversing the burden of proof in favour of the person who produces it.

eIDAS Regulation No 910/2014 (EU): directly applicable in all Member States since 1 July 2016, this regulation defines the three levels of signature (simple, advanced, qualified), the technical requirements for each level, and the list of qualified trust service providers (TSPs). It establishes mutual recognition across borders of qualified signatures within the European Union, which is crucial for disputes involving parties from different Member States. The eIDAS 2.0 revision (Regulation 2024/1183) strengthens these requirements and introduces the European digital identity wallet (EUDIW).

Decree No 2017-1416 of 28 September 2017: this decree specifies in French law the conditions of the presumption of reliability provided for in article 1367 of the Civil Code, by expressly referring to eIDAS requirements for qualified signature.

ETSI EN 319 132 (XAdES) and ETSI EN 319 122 (CAdES), ETSI EN 319 162 (ASiC) standards: these technical standards define the formats of electronic signature recognised as compliant with eIDAS. They are opposed in court as a technical framework for assessing the validity of a signature.

GDPR — Regulation No 2016/679: the collection and processing of biometric or identity data for the purposes of verifying the signer must comply with the principles of data minimisation and purpose limitation. Any signature service provider processing identity data must have an explicit legal basis (performance of a contract, legal obligation or legitimate interest) and inform the user in accordance with articles 13 and 14 of the GDPR.

NIS2 Directive (2022/2555/EU): qualified trust service providers are now within the scope of essential or important entities within the meaning of NIS2. They are subject to strengthened obligations for information system security, which indirectly strengthens the robustness of the evidence they generate.

Legal risks in case of non-compliance: using a signature solution not compliant with eIDAS exposes to several risks: rejection of the document by the judge, inability to invoke the presumption of reliability, engagement of contractual liability for lack of diligence, and in some cases, nullity of the act if the form was required on pain of nullity. In matters of evidence, the absence of a certified audit log can lead to an inequality of arms between the parties and irreparably weaken the position of the person who produces the signature.

Usage scenarios: electronic signature put to the test of litigation

Scenario 1 — Law firm and disputed engagement letter

A business law firm of about twenty lawyers, specialising in mergers and acquisitions, has been using an advanced electronic signature solution for its engagement letters for two years. One of these engagements, valued at €85,000 for due diligence, is subject to a dispute: the client contests having signed the engagement letter under the conditions described, claiming a lack of informed consent.

The firm produces before the commercial court the complete file of evidence generated by its platform: certified time stamp of sending, logs of document opening, OTP code sent to the telephone number communicated by the client during onboarding, and cryptographic fingerprint of the file identical between sending and the version produced. The judge upholds the validity of the signature. As the burden of proof has been met by the firm, it is up to the client to prove falsification — which it fails to do. The firm recovers its entire claim in full. Key lesson: a complete file of evidence can tip a dispute in just a few pages.

Scenario 2 — SME manufacturer and supplier dispute over purchase order

An SME manufacturer managing about 300 supplier contracts per year has migrated to simple electronic signature for its purchase orders, without enhanced identity verification. A supplier contests receipt of a purchase order cancelled late, claiming never to have signed the modified version.

The SME is unable to produce a certified audit log: its solution only retained an email address as proof of identification. The commercial court, for lack of sufficient evidence, applies the common law regime of proof and rules in favour of the supplier on the disputed point. The cost of resolving the dispute exceeds €40,000, to which are added legal fees.

Following this dispute, the SME switches to an advanced signature solution with OTP and certified audit log. It reduces its rate of contractual disputes by 60% over the following two years, according to its internal assessment. Key lesson: the cost of a robust signature solution is marginal compared to the cost of a single poorly documented dispute.

Scenario 3 — Healthcare group and practitioner contracts

A hospital group of about 600 beds formalises its contracts with independent practitioners by electronic means. One of these contracts is challenged upon termination: the practitioner claims not to have received the specific conditions integrated into the signed document, alleging post-signature modification.

The platform used by the group generates signatures in PAdES format (PDF Advanced Electronic Signatures), compliant with ETSI EN 319 132 standard. Each document revision creates a new cryptographic fingerprint. The court clerk can verify, via an online signature validator recognised by the European Commission, that the document has not been modified since signature. The challenge is dismissed on a summary basis. Key lesson: the technical format of the signature (PAdES, XAdES) directly determines the verifiability of the document in court — a criterion often underestimated when choosing a solution.

Conclusion

Electronic signature is solid legal evidence in case of litigation — provided you choose the right level of signature, a reliable service provider and preserve a complete file of evidence. The legal presumption of reliability offered by qualified signature represents a decisive strategic advantage in proceedings: it reverses the burden of proof to the person contesting it. For contracts with more common stakes, an advanced signature combined with a certified audit log offers a very satisfactory level of protection before French commercial courts.

Do not leave your contracts exposed to contestation for lack of sufficient evidence. Certyneo automatically generates a certified, time-stamped and archived file of evidence for each signature, in full compliance with eIDAS and the Civil Code. Create your Certyneo account for free and secure your contractual commitments today.