The key word is going to be "reasonably". The E-SIGN statute requires that the consent method reasonably demonstrates the consumer's ability to receive and read the information in the manner in which it will be electronically delivered. Ideally, including the validation code in a PDF attachment to the email would be the best way since that's how your disclosures will be delivered. If the customer can read and provide the validation code that certainly is reasonable demonstration of their ability to receive and read PDF attachments to email. But you have also laid out a well-articulated case that could support an argument that having a customer demonstrate they could receive an email that had PDF attachments does provide "reasonable" demonstration that they should also be able to receive and read the PDF attachments too since they are pretty well universal now. That's going to have to be a risk decision your institution makes.
E-SIGN's Demonstrable Consent Requirement
We are in the beginning stages of implementing online account opening. We are working with the vendor regarding E-SIGN acknowledgment. Currently, the test environment is configured so that the customer receives a validation code in an email. All of the required disclosures are attached to this email as a pdf. I am of the opinion this does not comply with E-SIGN's demonstrable consent requirement. Their response to my concern is as follows: Our other clients have concluded that by obtaining consumer consent to E-SIGN and confirming the consumer received the email (using the verification code) reasonably demonstrates that the consumer can access the information in the electronic form. The disclosures in the email are PDF files. PDF format is an ISO standard that enable users to exchange and view electronic documents, independent of the environment in which they were created or the environment in which they are viewed or printed, while preserving content and visual appearance. Adobe relinquished control of the PDF format in July 2008 to the International Organization for Standardization to encourage the propagation and dissemination of this common technology. Today all modern operating systems, including mobile, support display of PDF files. Adobe Acrobat Reader is not a requirement to open and view PDF files. Thus, my question is would you deem this configuration to meet E-SIGN consent requirements?
First published on 03/18/2018