Electronic Signature as Legal Evidence in Litigation

In France, more than 2.5 billion documents are electronically signed each year, according to industry estimates. Yet, when a commercial dispute erupts, a question regularly comes up: does electronic signature constitute solid evidence before a court? The answer is yes, subject to conditions. Between the Civil Code, the European eIDAS regulation, and French case law that has been developing since 2016, the framework is precise — but complex. This article decodes the admissibility conditions for electronic signature in court, the different levels of proof depending on signature type, and the mistakes to avoid so that your document survives a judicial challenge.

Probative Value of Electronic Signature: What French Law Says

Electronic signature is not a legal novelty. Since the Law of March 13, 2000, French law explicitly recognizes electronic writing as a means of proof, on equal footing with paper. This recognition is today codified in articles 1366 and 1367 of the Civil Code, which establish two fundamental principles.

First principle: electronic writing has the same probative force as paper writing, provided that the person from whom it emanates is duly identified and that the integrity of the document is guaranteed. Second principle: the reliable electronic signature benefits from a legal presumption of validity. Article 1367 specifies that this reliability is presumed — that is, acquired without prior demonstration — when the signature conforms to technical requirements set by decree.

In practice, this decree refers to the European eIDAS regulation, which you can explore in detail in our guide to eIDAS 2.0 regulation. The mechanism is therefore as follows: a signature qualified within the meaning of eIDAS benefits from an irrebuttable presumption of validity under French law, shifting the burden of proof to whoever contests it.

The Three Levels of Signature and Their Probative Scope

The eIDAS regulation distinguishes three levels of signature, which do not offer the same legal robustness before a judge:

Simple Electronic Signature (SES) is based on electronic data attached to a document — typically an email or a checked box. It has weak probative value: in the event of contestation, it is up to whoever invokes it to prove its authenticity. It is suitable for acts of low value or contexts with limited risk.

Advanced Electronic Signature (AES) is uniquely linked to the signatory, allows identification of them, is created from data under their exclusive control, and detects any subsequent modification. It offers significantly higher probative value and is suited to the majority of commercial contracts. However, it does not benefit from automatic legal presumption.

Qualified Electronic Signature (QES) is created via a certified device and relies on a qualified certificate issued by a Trust Service Provider (TSP) appearing on the trust list of the Member State (Trust List). It is the only level that benefits from the legal presumption of validity provided for in article 1367 of the Civil Code. For more detail on differences between solutions, our comparison of electronic signature solutions details the offerings available on the market.

What Courts Actually Examine

When electronic signature is contested in court, French judges typically examine five elements:

1. Signatory Identification: by what mechanism was identity verified? A simple SMS OTP, a code sent by email, or biometric verification against identity documents?
2. Informed Consent: did the signatory have knowledge of the document's content at the time of signing?
3. Document Integrity: can the signed file prove it was not modified after signature (cryptographic seal, SHA fingerprint)?
4. Traceability: is there a timestamped audit log, preserved by an independent third party, listing each action?
5. Preservation: are the document and associated proofs archived in conditions allowing their production in court years later?

Decisions issued by commercial courts since 2018 show a clear trend: judges do not reject electronic signature as such, but sanction traceability gaps. A provider unable to produce a complete audit log, or whose timestamps are not certified, sees their document weakened, or even excluded.

The Burden of Proof in Case of Contestation

The question of burden of proof is strategically decisive in any dispute involving electronic signature. The regime differs depending on the signature level used.

Presumption of Reliability and Burden Reversal

With a qualified signature, the law presumes its reliability. Concretely, if one party contests the signature, it is up to that party to demonstrate that the presumption must be set aside — for example by proving the certificate was expired, that the provider was not qualified, or that the signature creation device was compromised. This reversal is considerable: it protects the beneficiary of the signature.

With an advanced or simple signature, the operator invoking the signature must instead positively establish its reliability. They must produce all elements allowing identification of the signatory: connection IP address, certified timestamp, identity verification log, recorded consent. This is why the choice of signature provider and the quality of its audit log are legal variables, not merely technical ones.

French Case Law: Key Trends

Several recent decisions shed light on the position of French courts:

• Paris Court of Appeal, 2021: the court validated an advanced electronic signature in a dispute concerning a distribution contract, noting that the provider produced a complete file of proof including SMS OTP, timestamp, and SHA-256 fingerprint of the document.
• Court of Cassation (Cass. com.), 2022: the Court of Cassation recalled that contestation of an electronic signature must be explicitly motivated by the claimant, and not simply alleged generally.
• Paris District Court, 2023: a district court excluded a simple electronic signature in a labor law dispute, on the grounds that the signatory's identity was established only by an unverified email address, without OTP or two-factor authentication.

These decisions confirm a fundamental rule: it is the robustness of the proof file, more than the document format, that determines the judicial outcome.

Building a Proof File That Can Be Opposed in Court

Anticipating litigation does not mean being pessimistic; it means exercising contractual rigor. Several practices significantly strengthen the probative value of electronic signature.

The Proof File: Essential Components

A solid proof file must contain at minimum:

• The signed file with its cryptographic signature (PAdES format for PDFs, XAdES for XMLs), as defined by standards ETSI EN 319 132 and ETSI EN 319 122.
• The signatory's electronic certificate, with its issue date and validity period.
• The complete audit log: each step of the process (invitation, document opening, OTP verification, signature click) timestamped and certified by a trusted third party.
• Proof of Identity: capture of identification data used (verified email, phone number, scanned identity document if required).
• Qualified Timestamp: a time token issued by a Certification Authority compliant with eIDAS, guaranteeing that the signature was affixed at the declared moment.

This documentary architecture is at the heart of what Certyneo automatically generates with each signature, as part of its compliance with our approach to electronic signature in business.

Preservation of Proofs: Duration and Format

Preservation of proofs is often neglected, yet it determines the defensibility of a contract over time. In commercial law, disputes can arise up to five years after signature (ordinary limitation period, article 2224 of the Civil Code). Some contracts — commercial lease, warranty, contractual liability — expose parties to even longer periods.

One must therefore preserve:

• The signed document in a durable format (PDF/A with embedded signature),
• The complete associated proof file,
• In an archiving system guaranteeing long-term integrity (ideally compliant with NF Z 42-026 or eArchiving).

A SaaS provider that offers no archiving guarantee beyond its commercial lifespan represents a real legal risk: if the company ceases operation, proofs may disappear. Systematically check reversibility and data export clauses in your provider contracts — this is a criterion we detail in our guide for migrating from DocuSign or YouSign to Certyneo.

When to Prioritize Qualified Signature?

Not all contracts require the maximum level. The choice of signature level should be proportionate to the legal and financial stakes:

• Low-value contracts (purchase orders, terms of use, internal confidentiality agreements): advanced signature sufficient.
• Significant commercial contracts (services > €10,000, annual framework agreements, intellectual property transfers): advanced or qualified signature recommended depending on risk level.
• Acts requiring authentic or semi-authentic form (certain notarial acts, personal guarantees): qualified signature mandatory or electronic notarial act.
• Contracts in labor law (employment contract, severance, amendment): the DGEFP recommends advanced signature at minimum, and several decisions from labor courts have sanctioned simple signatures.

For companies handling a large volume of contracts, the Certyneo ROI calculator allows you to evaluate comparative cost depending on chosen signature level, integrating residual legal risk.

Legal Framework Applicable to Proof by Electronic Signature

The legal value of electronic signature in France rests on a stack of texts coherent with each other, the mastery of which is essential for anyone involved in a commercial dispute.

Civil Code, articles 1366 and 1367: these two articles form the foundation of the law of electronic evidence in France. Article 1366 equates electronic writing with paper writing when the person from whom it emanates is identifiable and its integrity is assured. Article 1367 grants a legal presumption of reliability to electronic signature conforming to regulatory requirements, reversing the burden of proof in favor of whoever produces it.

eIDAS Regulation No. 910/2014 (EU): directly applicable in all Member States since July 1, 2016, this regulation defines the three levels of signature (simple, advanced, qualified), technical requirements for each level, and the list of qualified Trust Service Providers (TSPs). It establishes mutual recognition across borders of qualified signatures within the European Union, which is crucial for disputes involving parties from different Member States. The eIDAS 2.0 revision (Regulation 2024/1183) strengthens these requirements and introduces the European digital identity wallet (EUDIW).

Decree No. 2017-1416 of September 28, 2017: this decree clarifies in French law the conditions of the reliability presumption provided for in article 1367 of the Civil Code, explicitly referring to eIDAS requirements for qualified signature.

ETSI EN 319 132 (XAdES) and ETSI EN 319 122 (CAdES), ETSI EN 319 162 (ASiC) Standards: these technical standards define electronic signature formats recognized as compliant with eIDAS. They are enforceable in court as a technical reference framework for evaluating the validity of a signature.

GDPR — Regulation No. 2016/679: the collection and processing of biometric or identity data for purposes of signatory verification must comply with principles of data minimization and purpose. Any signature provider processing identity data must have an explicit legal basis (contract performance, legal obligation, or legitimate interest) and inform the user in accordance with articles 13 and 14 of the GDPR.

NIS2 Directive (2022/2555/EU): qualified Trust Service Providers are now within the scope of essential or important entities under NIS2. They are subject to enhanced obligations regarding information system security, which indirectly strengthens the robustness of the proofs they generate.

Legal Risks in Case of Non-Compliance: using a signature solution that is not compliant with eIDAS exposes you to several risks: rejection of the document by the judge, inability to invoke the presumption of reliability, engagement of contractual liability for lack of due diligence, and in some cases, nullity of the act if form was required under penalty of nullity. In evidentiary matters, the absence of a certified audit log can lead to inequality of arms between parties and irreparably weaken the position of whoever produces the signature.

Usage Scenarios: Electronic Signature Put to the Test of Litigation

Scenario 1 — Law Firm and Contested Engagement Letter

A medium-sized corporate law firm specializing in mergers and acquisitions has been using an advanced electronic signature solution for its engagement letters for two years. One of these engagements, valued at €85,000 for due diligence, becomes subject to contestation: the client disputes having signed the engagement letter under the described conditions, citing lack of informed consent.

The firm produces before the commercial court the complete proof file generated by its platform: certified timestamp of sending, document opening logs, OTP code sent to the phone number provided by the client during onboarding, and cryptographic fingerprint of the file identical between sending and the version produced. The judge upholds the validity of the signature. Since the burden of proof was met by the firm, it is up to the client to demonstrate falsification — which they are unable to do. The firm fully recovers its fee. Key Takeaway: a complete proof file can swing a dispute in a few pages.

Scenario 2 — Small Industrial Company and Supplier Dispute Over Purchase Order

A small industrial company managing approximately 300 supplier contracts annually migrated to simple electronic signature for its purchase orders, without enhanced identity verification. A supplier contests receipt of a purchase order canceled at a later date, claiming never to have signed the modified version.

The company is unable to produce a certified audit log: its solution preserved only an email address as proof of identification. The commercial court, lacking sufficient probative elements, applies ordinary rules of proof and rules in favor of the supplier on the disputed point. The cost of resolving the dispute exceeds €40,000, to which are added attorney fees.

Following this dispute, the company switches to an advanced signature solution with OTP and certified audit log. It reduces its rate of contractual disputes by 60% over the next two fiscal years, according to its internal assessment. Key Takeaway: the cost of a robust signature solution is marginal compared to the cost of a single poorly documented dispute.

Scenario 3 — Health Group and Practitioner Contracts

A hospital group of approximately 600 beds formalizes its contracts with freelance practitioners electronically. One such contract is disputed upon termination: the practitioner alleges not having received special conditions integrated into the signed document, claiming post-signature modification.

The platform used by the group generates signatures in PAdES format (PDF Advanced Electronic Signatures), compliant with standard ETSI EN 319 132. Each document revision creates a new cryptographic fingerprint. The court clerk can verify, via a signature validator online recognized by the European Commission, that the document has not been modified since its signature. The contestation is rejected in preliminary proceedings. Key Takeaway: the technical format of the signature (PAdES, XAdES) directly determines document verifiability in court — a criterion often underestimated when choosing a solution.

Conclusion

Electronic signature is solid legal evidence in case of litigation — provided you choose the right signature level, a reliable provider, and preserve a complete proof file. The legal presumption of reliability offered by qualified signature represents a decisive strategic advantage in court: it reverses the burden of proof to the contester. For contracts with more common stakes, an advanced signature coupled with a certified audit log provides a very satisfactory level of protection before French commercial courts.

Do not leave your contracts exposed to contestation for lack of sufficient proof. Certyneo automatically generates a certified, timestamped, and archived proof file for each signature, in complete compliance with eIDAS and the Civil Code. Create your Certyneo account for free and secure your contractual commitments today.