What Makes a Digital Document Real?
How do we authenticate a birth certificate if it’s just ones and zeros?
Hi, this is Steven Cherry for IEEE Spectrum’s “Techwise Conversations.”
I don’t know about you, but in my family, we’ve stopped sending holiday cards at the end of the year, and I think we’re the poorer for it. It was a little ritual that forced us to keep track of one another. Nowadays, it’s easy to lack the exact street address of a sibling or to acquire new in-laws without even knowing their last names. Often, all we have is a Facebook timeline and a telephone number, which we rely on the phone itself to remember.
Nowhere is this new casual attitude toward the forms and formalities of everyday life more evident than when it comes to the documents that since the Romans have provided the concrete—or at least parchment—evidence of our limited time on this mortal coil: deeds, bonds, licenses, wills, and, famously, birth certificates. With computerization, these documents lose their seals, stains, and signatures that we associate with historical legitimacy.
Recently, I had occasion to see the new world of legal documents up close. A life insurance company paid out thousands of dollars on a policy on nothing more than a copy of a copy of a death certificate and one other document—in my case, a marriage license—which were faxed or e-mailed.
My guest today is a legal and information scholar who a few years ago asked himself the question, how can we invest electronic documents with the moral authority that seems to come naturally to our paper-based ones? The outcome of his research is a book, Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents, being published this month by MIT Press.
Its author, Jean-François Blanchette, has a Ph.D. in Science and Technology Studies from Rensselaer Polytechnic Institute. He’s now an associate professor in the department of information studies at the University of California, Los Angeles, and he joins us by phone from there.
Jean-François, welcome to the podcast.
Jean-François Blanchette: Thank you very much.
Steven Cherry: You note in the book that the controversy over Obama’s birth certificate was in part created by the way we electronically store document-based information, which is something that I confess is something that I had not understood. Maybe that’s a good place for us to start.
Jean-François Blanchette: Yes. Well, I was struck by—during the “birthers” controversy, I was very much struck by the fact that the birthers were concerned with the lack of authenticity of the document that was produced—the short-form certificate that was produced by the Obama campaign. And these short-form certificates are not the original documents; they are statements by the records holder that they actually have a copy of the original certificate. But they were all computerized in the ’80s and the ’90s; they are simply printouts of database on official-looking paper. So the birthers were understandably quite unhappy with these documents because they did lack any of the traditional signs we associate with authenticity. So I thought that was quite striking.
Steven Cherry: So the original birth certificate, basically the information on it, was entered into a computer database, and then the so-called short-form certificate was really just a printout of that data record.
Jean-François Blanchette: Correct. And pretty much all over the world, the offices that produce these documents have resorted to these strategies because it’s simply much more efficient and because it allows them to select the minimal amount of information that these certificates include and leave out more controversial information, like epidemiological information and such.
Steven Cherry: Now, you say in the book—and I’m going to quote here—“The moral authority of paper records has diminished.” Is the birth certificate an example of that?
Jean-François Blanchette: Well, I think what was interesting in this case is that they had scanned the record. Nobody could have access to the actual original short-form certificate, which if you have it, it’s actually printed, and if you’ve ever been in the office where they actually produce these things, they’re actually produced under fairly stringent conditions. They’re printed on special paper; they have identification numbers embedded in the paper. So these are documents written on secure paper, and the papers are guarded, etc. So there’s some measures that are taken to ensure their authenticity, but you still have to have access to the original document. So the campaign scanned it, so it demonstrated even less authenticity.
Steven Cherry: You mentioned the numbers, so I wanted to talk about digital signatures. This is a way of using public-key cryptography to be assured of the identity of the signer of a document. You would think, or I would have thought, that when a document goes electronic—a death certificate or a marriage license—there would be some kind of digital signature to it and again when I have to fax it or e-mail it to an insurance company.
Jean-François Blanchette: Yes. Well, this book is really about this specific topic: the absence of a secure mechanism for transmission of electronic documents. And this absence is quite troubling. And the book tells the story of a proposal, that of public-key cryptography, that was actually first published in 1976. So we’re now in the 45-year mark of this invention being disseminated, and we still haven’t seen it realized. There are some elements of it that are embedded in our operating systems, but as an actual widespread technology, it hasn’t really succeeded. So the book is really founded on, Why is that the case? Because it sounds so fantastic in theory, but the realization of it turns out to be much more difficult. So that was an intriguing question: Why do we lack something that seems to be so very much needed and so very useful?
Steven Cherry: And I mean, is it just because it’s too much trouble? Americans are sort of famous for embracing convenience over things like security—and privacy for that matter. Is that what this comes down to?
Jean-François Blanchette: Well, that’s probably one of the things that it comes down to; there are probably multiple factors that we can think of to account for this technology being not as successful as it should be. It sounds very elegant mathematically, and that’s one thing there was a lot of focus on: the fact that it provided for this mathematical security. But it turns out that usability, for example—that’s one of the arguments that the book makes—is that the fact that people need to understand what is it that they’re doing when they’re committing, for example, their obligation. When you’re signing something, part of the security comes from the fact that you’re actually aware of what you’re committing to. So in this case, it’s not so much that paper and ink are incredibly secure technologies, but there is a sense in which you’re committing to something. So those psychological components really are quite important, and one of the arguments of the book is that there wasn’t a lot of attention paid to that. There was a lot of focus on “We have something that’s mathematically impregnable,” but usability didn’t really play a huge factor.
Steven Cherry: Yeah. So when it comes to introducing documents as evidence in a court of law—and lets face it, that’s the ultimate justification for having documents—the key point seems to be that whatever cryptographic or technical means are used, the ultimate authority of a document comes from the social context around it. Is that a fair summation?
Jean-François Blanchette: It’s certainly necessary to take into account, yes, this broad social context of how people understand the technology to work, how, for example, an expert will be able to explain its functioning: the fact that a judge will have to understand, that a jury will have to understand that, and that the parties themselves will have to have some kind of idea of what they’re accomplishing. So actually, the fact that cryptography is such an esoteric field of mathematics actually hasn’t helped very much. The technology needs to be something people can relate to, so the argument that the mathematics were extremely powerful didn’t really translate that well into the court system. It played a role, if you will, as a selling point, as something that industry could say something like, “Look, we have something really strong.” But in terms of really translating into something that the legal system could get a grip onto, it actually didn’t really help that much. So, yes—so the social context becomes really important when you have this process of moving from the mathematician’s chalkboard to a usable product that is usable by the court system.
Steven Cherry: Now, your undergraduate and master’s degrees are in computer science from the University of Montreal, and in 1999, you were invited to France to work on a task force that was intended to reform the rules for what’s admissible in French courts when it comes to documentary evidence. So, did serving on this task force, I don’t know, open your eyes about the nature of documents?
Jean-François Blanchette: Yes, it was a very fascinating opportunity. So this reform of evidence law was actually spurred on in part by cryptographic technology. And at the end of the ’90s, when e-commerce was starting to take off, the governments across the world were looking for ways to promote electronic commerce. And cryptography was there as a potential solution to secure economic exchanges. So there was a sense in which all over the world—and this happened fairly rapidly in the European Union—there were a number of processes that sought to reform evidence laws. And France was actually responding to a European directive that enjoined all member states to admit electronic signatures as having evidential power. They could not discriminate against them; they had to be receivable in courts of law. So I became part of this process. What was interesting was in the French system, there was already a technology that was supposed to provide a higher grade of security than ordinary signatures, which is that of notaries. So notaries are a special—and they’re quite different from American, Anglo-Saxon-style notaries—they are a profession specifically entrusted with the task of providing superdocuments, if you will: documents where parties have been well informed of all their obligations, everybody’s sure they understand what they’re signing, and the notary himself or herself signs the document. And these documents have the highest evidential value in the French system. So the reform of that institution, which dates back to...centuries-old institution, was actually quite complex and very interesting to follow.
Steven Cherry: That’s really interesting. So in the U.S., certainly, a notary merely is an authorized witness to a signature, basically, and it sounds to me like in France, it’s more like the officiant at a wedding signing the marriage license.
Jean-François Blanchette: Correct, yes. They play a much more important role, and that function is also reproduced in other institutions, different systems, and notaries are—pretty much follow Napoleon’s path. They exist in most Latin-law countries, not just France. And there are officers like notaries that operate also in the delivery of birth certificates, also in real estate, in land register. So the documents that are really foundational to the operation of the states, really the documents that certify who individuals are, when they’re getting married, when they own land—very basic operations of the state—all must be certified by these kinds of officers, who are public officers, who really engage a responsibility as public officers.
Steven Cherry: So, I guess in the year 2000, the French updated a law that essentially hadn’t changed since the year 1566. So what was the change, and is it needed in the U.S. as well?
Jean-François Blanchette: Well, the change was that—basically, that contracts could be signed electronically. So the law was interesting because it defined something that had never quite been defined before, which was what was proved by writing and what was a signature. Similar changes have been made in the United States; around the same time, there was a process that resulted in a bill called E-Sign. But in the U.S., they did not embrace—as they did in Europe—cryptographic technology to the same degree.
Steven Cherry: So, how were electronic documents brought under the fold of this French style of notary?
Jean-François Blanchette: Well, the law then did actually eventually embrace cryptographic technology, which was called “advance electronic signature” in the French and European legal language. However, it was one thing to have made the law; it was another thing for the profession to actually embrace the technology and then whether there was a market for this. So the profession has gradually updated its procedures to—first of all, notaries have to be equipped with the technologies, for example. The fact is—so it’s been now about 10, 12 years since these laws were amended—there hasn’t been any actual market that has evolved where people have demanded to be using such things. So although there was a lot of hype, the profession felt very tied to this evolution as something that might renovate its image as something that’s old and dusty. And they thought electronic signature would be something that would look very modern. It doesn’t respond to any particular needs from the market. What has to change, what probably has really changed, is actually pretty much access to databases, is the fact that now, notaries are exchanging documents electronically directly with, for example, cadastres—notaries are responsible for real estate transactions in France. So there’s been computerization, but it hasn’t really hinged on signatures; it has hinged mostly on being able to communicate with each other directly, exchange documents securely—so signatures didn’t really turn out to be the key element in that story.
Steven Cherry: So if I understand you correctly, the original concept might have allowed for parties who never meet in person but maybe come to a contract through e-mail or something, and they would both feed signed electronic documents to a notary, who would then create an electronic notarization of this, and that hasn’t happened. What’s happened is that people are dealing with notaries in the sort of traditional face-to-face world, and then the notary makes the document into an electronic one via the database.
Jean-François Blanchette: Something like that, yeah. There was this sense—I think around 2000 notaries were really thinking that the market might have been indeed parties acquiring properties while not being physically present...one buyer in Paris and a seller in Rome, something like that. And so they came up with this sort of elaborate scenario where there would be some kind of video links between the parties. The problem is that you couldn’t remove the notary. The notary has to be there—it’s really the essence of notary. You have to be there as a privileged witness, as a witness that is authorized by the state to witness the transaction and signs off on it. So they couldn’t really remove the physically present notary. So indeed what has happened is, yes, so people are still meeting with the notaries in person. What has changed is the process of production of the documents.
Steven Cherry: And so what’s going to happen in places like the U.S. that don’t have that sort of system to begin with? What are our electronic documents going to look like 20 years from now?
Jean-François Blanchette: Well, that’s a matter of contention. There are some scholars who believe that we should have gone, actually—that bemoan that fact that we did not embrace a clear technological framework like Europe did, that [feel] we should have actually been more forceful in imposing a technological solution that seemed mature enough and that today we would have a more—a clearer framework. What today we have is we have, then, the process is being much more formed through litigation. So e-discovery right now is really the main area where we are starting to ascertain what will be the evidential value of electronic documents, and that’s a more haphazard process than what was done in Europe, where legislators took the lead and said, “Well, these are the rules that everybody should follow.” It seems unclear to me, however, who is better off at this stage because technological adoption has been much more complicated than anybody foresaw in Europe. There hasn’t really been a market that has emerged. So I think it tells us a cautious tale about that, first of all, that paper is a technology with which we have a very long history, and that we’re quite comfortable with paper. So the idea that—and we’ve heard this story many times—that the paperless office not having quite borne out its promise. So with regard to authenticity as well, we have a long history with paper. We understand its many failures; we understand its many qualities. So this shift is something that we must be careful not simply to think of paper as a relic, as something that is somehow ugly, inefficient, dusty, and electronic as being shiny-convenient.
Steven Cherry: Very good. Well, Jean-François, it’s an interesting and important topic and an interesting and important book. So thanks for writing it, and thanks for joining us today.
Jean-François Blanchette: It’s been a pleasure. Thank you very much.
Steven Cherry: We’ve been speaking with UCLA professor of information studies Jean-François Blanchette about creating trustworthy legal documents out of ones and zeros instead of pen and paper.
For IEEE Spectrum’s “Techwise Conversations,” I’m Steven Cherry.
NOTE: Transcripts are created for the convenience of our readers and listeners and may not perfectly match their associated interviews and narratives. The authoritative record of IEEE Spectrum’s audio programming is the audio version.