Colorado Code
Article 71.3 - Uniform Electronic Transactions Act
§ 24-71.3-109. Attribution and Effect of Electronic Record and Electronic Signature

Source: L. 2002: Entire article added, p. 850, § 1, effective May 30.

In each of the following cases, both the electronic record and electronic signature would be attributable to a person under subsection (a):

In each of the above cases, law other than this Act would ascribe both the signature and the action to the person if done in a paper medium. Subsection (a) expressly provides that the same result will occur when an electronic medium is used.
2. Nothing in this section affects the use of a signature as a device for attributing a record to a person. Indeed, a signature is often the primary method for attributing a record to a person. In the foregoing examples, once the electronic signature is attributed to the person, the electronic record would also be attributed to the person, unless the person established fraud, forgery, or other invalidating cause. However, a signature is not the only method for attribution.
3. The use of facsimile transmissions provides a number of examples of attribution using information other than a signature. A facsimile may be attributed to a person because of the information printed across the top of the page that indicates the machine from which it was sent. Similarly, the transmission may contain a letterhead which identifies the sender. Some cases have held that the letterhead actually constituted a signature because it was a symbol adopted by the sender with intent to authenticate the facsimile. However, the signature determination resulted from the necessary finding of intention in that case. Other cases have found facsimile letterheads NOT to be signatures because the requisite intention was not present. The critical point is that with or without a signature, information within the electronic record may well suffice to provide the facts resulting in attribution of an electronic record to a particular party.
In the context of attribution of records, normally the content of the record will provide the necessary information for a finding of attribution. It is also possible that an established course of dealing between parties may result in a finding of attribution Just as with a paper record, evidence of forgery or counterfeiting may be introduced to rebut the evidence of attribution.
4. Certain information may be present in an electronic environment that does not appear to attribute but which clearly links a person to a particular record. Numerical codes, personal identification numbers, public and private key combinations all serve to establish the party to whom an electronic record should be attributed. Of course security procedures will be another piece of evidence available to establish attribution.
The inclusion of a specific reference to security procedures as a means of proving attribution is salutary because of the unique importance of security procedures in the electronic environment. In certain processes, a technical and technological security procedure may be the best way to convince a trier of fact that a particular electronic record or signature was that of a particular person. In certain circumstances, the use of a security procedure to establish that the record and related signature came from the person's business might be necessary to overcome a claim that a hacker intervened. The reference to security procedures is not intended to suggest that other forms of proof of attribution should be accorded less persuasive effect. It is also important to recall that the particular strength of a given procedure does not affect the procedure's status as a security procedure, but only affects the weight to be accorded the evidence of the security procedure as tending to establish attribution.
5. This section does apply in determining the effect of a "click-through" transaction. A "click-through" transaction involves a process which, if executed with an intent to "sign," will be an electronic signature. See definition of Electronic Signature. In the context of an anonymous "click-through," issues of proof will be paramount. This section will be relevant to establish that the resulting electronic record is attributable to a particular person upon the requisite proof, including security procedures which may track the source of the click-through.
6. Once it is established that a record or signature is attributable to a particular party, the effect of a record or signature must be determined in light of the context and surrounding circumstances, including the parties' agreement, if any. Also informing the effect of any attribution will be other legal requirements considered in light of the context. Subsection (b) addresses the effect of the record or signature once attributed to a person.