All posts
· 12 min read

What Counts as 'Consent' for an Electronic Signature?

TL;DR “Consent” for an electronic signature covers two different things. One is the agreement between the parties to handle the deal electronically instead of on paper. The other is the signer’s intent that a specific action, like clicking Sign or typing their name, counts as their signature. For business-to-business contracts, consent is usually established by conduct and needs no special checkbox. When the other party is a consumer and a law requires something in writing, the ESIGN Act adds disclosure and confirmation steps before they can be bound electronically.

The short version

When people ask whether they have “consent” for an electronic signature, they are usually mixing up two separate ideas that the law keeps apart.

The first is consent to do business electronically at all. Before an agreement counts as electronic, the parties have to be okay with handling it that way instead of printing and mailing paper. The second is the intent to sign a particular document. The signer has to mean for their action, whatever it is, to be their signature on that specific record.

Both have to be there. A signed document where nobody agreed to go electronic is shaky, and so is one where the person clicked something without intending it as a signature. The good news for most small businesses is that both kinds of consent are easy to establish, and a decent e-signature tool handles the paperwork for you. The rules get stricter in one situation: when you are dealing with a consumer and the law would otherwise require a document on paper.

This post walks through what each kind of consent means, when the strict consumer rules kick in, and what it looks like in practice. It is a companion to our guide on whether electronic signatures are legally binding, which covers the broader legal framework.

The word does double duty, which is where most of the confusion comes from. Here is how the two meanings break down.

Consent to transact electronicallyIntent to sign
What it answers”Did we agree to do this deal electronically?""Did the signer mean to sign this record?”
Whose state of mindBoth parties to the agreementThe individual signer
How it is shownBy agreement or by conduct (emailing, using an e-sign tool)By a deliberate signing action on the document
When it is strictConsumer transactions where a law requires writingAlways required, but rarely disputed
Governing ruleESIGN section 101 and UETA section 5The definition of “electronic signature” in both laws

The two US laws that govern this are the federal ESIGN Act (15 U.S.C. § 7001) and the Uniform Electronic Transactions Act (UETA), which 49 states have adopted in some form. They line up on the basics. An electronic signature is valid when the parties agreed to act electronically and the signer adopted the signature with intent.

What “agreeing to do business electronically” means

UETA puts it plainly in section 5: the act applies only to transactions between parties who have each agreed to conduct the transaction by electronic means, and whether they agreed “is determined from the context and surrounding circumstances, including the parties’ conduct.”

That phrase, “including the parties’ conduct,” is the part small businesses should hold onto. You do not always need a signed statement that says “we agree to do this electronically.” If you negotiated a contract over email and then both sides signed it in an e-signature platform, your behavior already shows the agreement. A court looks at what you actually did, not whether you ticked a particular box.

There are limits. UETA also says that agreeing to one electronic transaction does not lock someone into doing everything electronically forever, and that right cannot be waived by contract. So a client who signs one agreement online can still ask for the next one on paper. For a typical SMB sending NDAs, proposals, and service agreements to other businesses, this rarely comes up, because both sides are choosing the electronic path on purpose.

When the strict consumer rules apply

The careful, checkbox-and-disclosure version of consent comes from one specific corner of the ESIGN Act: section 101(c), the consumer consent provisions. These apply when a law requires information to be given to a consumer “in writing,” and you want to satisfy that requirement electronically instead.

In that situation, before the consumer consents, you have to give them a clear statement covering:

  • Their right to get the record on paper, and any fee for a paper copy.
  • Their right to withdraw consent, and what happens (any conditions or consequences) if they do.
  • Whether their consent applies to one transaction or to a whole category of records.
  • The procedure to withdraw consent and to update their contact information.
  • The hardware and software they need to access and keep the electronic records.

There is one more requirement that trips people up. The consumer has to consent, or confirm their consent, electronically “in a manner that reasonably demonstrates that the consumer can access information in the electronic form that will be used.” In plain terms, if you are going to send PDFs, the consumer should agree in a way that shows they can actually open a PDF. The point is to avoid a situation where someone clicks “I agree” but then cannot read anything you send.

These rules exist to protect individuals signing as consumers: think a customer accepting a financing agreement, a loan disclosure, or an insurance document. They are not written for two companies signing a vendor contract. If your e-signature workflow involves consumers and legally required written notices, this is the part to get right, and most established e-signature platforms have a consumer-consent flow built specifically for it.

For the contracts most small businesses send every week, consent is far simpler than the section above might suggest.

When you email a service agreement to another company and they sign it through an e-signature tool, both sides have agreed to act electronically through their conduct, and the signer has demonstrated intent by completing the signing. That is enough under UETA. There is no statutory requirement to present a consumer-style disclosure between two businesses, because the consumer-protection provisions of ESIGN are aimed at individuals, not commercial counterparties.

This is why a freelancer can send a contract to a client and have it signed in five minutes without a lawyer in the loop. The same logic covers NDAs, statements of work, partnership agreements, and the rest of the ordinary commercial paperwork. As long as nobody is being tricked and both sides chose to sign electronically, the agreement holds. Our post on contracts for co-founder agreements walks through a common version of this.

Plenty of e-signature platforms still show a short electronic-records notice before signing even on business contracts. That is a sensible default, because it documents consent cleanly in the audit trail, and it costs the signer about two seconds.

What actually counts as a signing action

The second kind of consent, intent to sign, hinges on what the signer does. Both ESIGN and UETA define an electronic signature the same way: an electronic sound, symbol, or process attached to or logically associated with a record and “executed or adopted by a person with the intent to sign the record.”

That definition is deliberately broad. Actions that qualify, when done with intent, include:

  • Typing your name into a signature field.
  • Drawing a signature with a mouse, trackpad, or finger on a touchscreen.
  • Clicking a button labeled “Sign,” “Accept,” or “I Agree.”
  • Applying a saved signature image or a stored signature block.
  • Replying to confirm agreement in some documented workflows.

What matters is the intent behind the action, not how fancy the mark looks. A typed name made with the intent to sign is a valid signature. A beautifully drawn cursive signature applied by accident, or by someone who did not realize they were signing, is not. This is why e-signature tools wrap the signing moment in clear language (“By clicking here, you are signing this document”) and record the exact action and timestamp. The audit trail is the evidence that the signer meant it.

In practice, intent-to-sign disputes are rare. When they do come up, the question is usually whether the right person signed, which is an identity and authentication issue, or whether they understood they were signing, which is exactly what the on-screen language and audit trail are there to settle.

Yes, and it is worth understanding what withdrawal does and does not do.

A consumer can withdraw consent to receive records electronically at any time. The ESIGN Act requires you to explain how before they ever agree. Once they withdraw, you go back to delivering records to them in another form, usually paper, from that point forward.

Withdrawing consent is forward-looking. It does not reach back and invalidate documents the person already signed electronically. A contract someone signed online last month stays valid even if they ask to receive future documents on paper. Withdrawal changes the channel for what comes next; it does not unwind what is done.

For business-to-business work, formal withdrawal procedures are not generally required, because the strict consumer-consent rules do not apply. A business counterparty can simply tell you they would rather sign the next agreement on paper, and UETA’s rule against forcing anyone into all-electronic dealing backs them up.

What this looks like in your e-signature tool

You do not have to track any of this by hand. A standard e-signature platform, HoloSign included, builds consent capture into the signing flow:

  1. Before signing, the signer sees an electronic-records and signatures notice and agrees to proceed electronically. The platform timestamps this.
  2. The signer completes a deliberate signing action (typing, drawing, or clicking to sign), which records intent.
  3. Every step lands in an audit trail: who consented, when they consented, what they did, and often the IP address and authentication method.

That audit trail is the artifact you point to if anyone ever questions consent. It shows both kinds at once: the agreement to act electronically, and the intentional signing action on the specific document. Platforms that serve consumer-facing businesses typically add the section 101(c) disclosures (paper-copy rights, withdrawal procedure, and system requirements) to the consent step so those transactions are covered too.

If your signing is strictly business-to-business, the default notice and audit trail are plenty. If you regularly sign documents with consumers where a law requires written notice, look specifically for the consumer-consent disclosure flow when choosing a tool. Not every platform surfaces it the same way.

Common situations, sorted

A few everyday scenarios, and what consent looks like in each:

A freelancer sends a contract to a business client. Both sides choose to sign electronically through the tool. Consent is established by conduct, intent is shown by the signing action, and no special disclosure is required.

A SaaS company has a small-business customer accept its terms during signup by clicking “I Agree.” The click is the signing action. Because the customer is a business, the strict consumer disclosures generally do not apply, though documenting the agreement clearly is still good practice.

A lender sends a consumer a loan agreement and required disclosures electronically. This is the case the strict rules were written for. The consumer must receive the section 101(c) disclosures and consent in a way that shows they can open the electronic format, before they are bound.

Two co-founders sign their operating agreement online. Consent by conduct, intent by signing, done. No witness or notary is required for the agreement itself, as covered in our guide on when you actually need a witness or notary.

A customer who agreed to electronic statements asks to switch back to paper. They are withdrawing consent going forward. Past electronically signed documents remain valid; future records go out on paper.

If a document you are signing falls into the consumer-with-required-writing bucket, slow down and check that the disclosures are in place. For the routine business contracts that make up most of an SMB’s signing, agreeing to go electronic and then signing with intent is all the consent the law asks for.

FAQ

What does consent mean for an electronic signature?

It means two separate things. First, the people involved have agreed to do business electronically rather than on paper. Second, the signer intends a specific action, like typing their name or clicking a button, to count as their signature. Both have to be present for an e-signature to be valid under the US ESIGN Act and the state-level UETA.

Do I need a checkbox that says “I agree to use electronic records”?

For ordinary business-to-business contracts, usually not. Consent to transact electronically can be shown by conduct, such as both companies routinely signing through an e-signature tool. The explicit “I agree to electronic records and signatures” checkbox matters most when you are dealing with a consumer and a law would otherwise require the document to be provided on paper.

What extra rules apply when the other person is a consumer?

The ESIGN Act adds consumer-protection steps in section 101(c). Before a consumer is bound to an electronic record that a law requires in writing, you must disclose their right to a paper copy, their right to withdraw consent, and how to do both. The consumer also has to consent in a way that reasonably demonstrates they can actually open the electronic format you will use.

Can someone withdraw consent after they have agreed?

Yes. A consumer can withdraw consent to receive records electronically at any time, and the law requires you to tell them how before they agree. Withdrawing consent going forward does not undo the legal validity of documents they already signed electronically. It only changes how you deliver records from that point on.

What action actually counts as signing?

Any electronic sound, symbol, or process that the signer attaches to the record and adopts with the intent to sign. Typing your name in a signature field, drawing a signature with a mouse or finger, clicking an “I agree” or “Sign” button, or applying a saved signature image all qualify, as long as the signer meant that action to be their signature on that specific document.

Does an e-signature tool record consent automatically?

Most do. A standard e-signature platform presents an electronic-records consent notice before signing, timestamps the moment the signer agrees, and stores it in the audit trail along with the signer’s actions. That record is what you point to later if anyone questions whether the signer agreed to sign electronically.

Is implied consent enough for a contract between two businesses?

In most cases, yes. UETA says whether parties agreed to transact electronically is judged from context and conduct. When two businesses negotiate by email and sign through an e-signature platform, that behavior generally establishes consent. The explicit disclosure requirements are written for consumer transactions, not routine commercial ones.