This article walks through the original Decree-Law 16/2010 framework. In February 2025 the CRA issued Decision No. 3 of 2025 establishing a full Trust Service Provider regime, formalising SES/AES/QES classification, and standing up the Qatar Trusted List. For the current operational picture see our updated flagship: Electronic Signatures in Qatar — Law 16/2010, CRA Decision No. 3 of 2025, and the Qatar Trust Service Framework at /blog/electronic-signatures-qatar.
See updated guide → /blog/electronic-signatures-qatar
Qatari businesses still print, sign, scan, and WhatsApp contracts back as if the law required wet ink. It hasn't since 2010. Decree-Law No. 16 of 2010 — the Electronic Commerce and Transactions Law (ECTL) — gave electronic signatures the same evidentiary weight as handwritten ones, on conditions that any properly built signing platform meets. Sixteen years of recognised legal validity, mostly unused.
Here is the law itself, broken into the parts that decide whether your signed PDF holds up in court.
the year Qatar enacted Decree-Law No. 16 — the Electronic Commerce and Transactions Law (ECTL) — establishing the legal foundation for e-signatures
State of Qatar, Al Meezan legal portal
the statutory anchor: an electronic signature has the same evidential weight as handwritten when the four reliability conditions are met
ECTL Article 28(1)–(4)
the exclusion list: wills, real-estate title transfers, AoAs, certain POAs, personal-status documents — these still need wet ink or a notary
ECTL Article 6
The three signature tiers Qatari law recognises
The ECTL distinguishes between three levels of electronic signature. Higher tiers carry higher statutory weight and resist more aggressive evidentiary challenges. Most commercial transactions in Qatar are well-served by the middle tier; routine internal documents by the lower; regulated and government-grade by the highest.
The three signature tiers under Qatari law. Practical equivalence to eIDAS tiers shown for cross-border context. SahlSign's default output sits at the AES level — sufficient for the vast majority of B2B contracts.
| Jurisdiction | Law | Cross-border transfer rule | Intensity |
|---|---|---|---|
| Simple (SES) | ECTL Art. 28 (general) | Identity asserted by email control and OTP. Audit trail captures IP, user agent, timestamp. Admissible as evidence; can be challenged on identity grounds. | Moderate |
| Advanced (AES) | ECTL Art. 28(1)–(4) | Adds a verified second factor (typically SMS OTP to a registered mobile). Higher evidentiary weight; satisfies eIDAS Art. 26 for cross-border recognition. | Restricted |
| Qualified (QES) | ECTL Art. 28 + CRA-accredited TSP | Backed by a certificate from a Communications Regulatory Authority-accredited Trust Service Provider via PKI. Court-equivalent to a notarised handwritten signature. | Strict |
An electronic signature shall have evidential weight where the signature creation data are uniquely linked to the signatory and were under the signatory's sole control at the time of signing, and the signature is linked to the data message in such a way that any subsequent change is detectable.
— Decree-Law No. 16 of 2010, Article 28
What you cannot sign electronically
Article 6 carves out a narrow list of document types where electronic signatures are not legally sufficient. For these, you still need wet ink, notarisation, or a state registry process. Everything outside this list is fair game.
The Article 6 exclusion list
- Wills and testamentary documents
Inheritance instruments require wet-ink execution and witness attestation under Qatari personal-status law.
- Real-property title transfers
Land and property transfers require registration at the Real Estate Registration Department; electronic signing is not a substitute for the registry act.
- Company Articles of Association
Formation documents require physical notarial execution. Amendments through the Ministry of Commerce and Industry have a separate channel.
- Powers of attorney requiring notarisation
General POAs that name a person to act on your behalf in court or government settings require notarisation; SPAs for specific commercial acts are typically electronic-eligible.
- Personal-status documents (marriage, divorce, custody)
Family-law instruments fall under the Sharia courts' jurisdiction and follow their own execution rules.
Which transactions are clearly electronic-eligible
Everything that isn't on the Article 6 list. In practice, this covers the vast majority of business documents an SME or enterprise signs.
Clearly electronic-eligible
Commercial documents that the ECTL fully recognises. AES tier (OTP-verified) is the safest default.
- Employment contracts and offer letters
- Residential and commercial lease agreements (also subject to MME registration)
- NDAs, service agreements, vendor and supplier contracts
- Procurement contracts and purchase orders
- Internal HR policy acknowledgments and compliance attestations
- Loan agreements, term sheets, board resolutions (non-AoA)
Still needs paper or a registry act
Article 6 exclusions plus categories where a state platform owns the canonical record.
- Wills, testamentary trusts
- Real-property title transfers (registry act)
- Company Articles of Association (notarial)
- General POAs for court or government appearances
- Marriage, divorce, custody documents
- Court-filed documents with specific format mandates
What a defensible production signature actually looks like
The ECTL is technology-neutral — it doesn't prescribe a specific cryptographic stack. But Article 28's four conditions translate fairly directly into a checklist that a properly built platform fulfils. If your provider doesn't deliver all four, your signature is weaker than the law permits.
Uniquely linked to the signatory
The signature creation data (typically the OTP-verified session keyed to the signer's email or phone) must be identifiable as belonging to that specific signer and no one else.
Under sole control at the time of signing
The signing event must be authenticated at the moment of signature — not pre-authorised in advance. OTP-at-signing gates this; bulk-pre-signed flows do not.
Linked to the data message
The signature must be cryptographically bound to the document content via a hash (PAdES /ByteRange or equivalent), so the signature is invalid if any byte changes after signing.
Any subsequent change is detectable
Tampering must be mathematically visible to a verifier. Standard PAdES-B-T sealing achieves this; image-overlay or pixel-signature approaches do not.
The Decree-Law in one minute
ECTL is short by statutory standards — 47 articles. The relevant ones for any signing decision:
The ECTL articles every Qatari signing decision touches
- Article 4 — General recognition
Electronic records and signatures shall not be denied legal effect, validity, or enforceability solely because they are in electronic form.
- Article 6 — Exclusions
The five document categories that the ECTL does NOT cover (see list above).
- Article 25 — Evidence of electronic records
Information in data message form shall not be excluded from evidence solely because it is electronic.
- Article 28 — Electronic signature reliability
The four conditions above. This is the bedrock article — every signing platform decision maps back here.
- Articles 29–30 — Signatory obligations
The signer must take reasonable care of their signature creation data and notify counterparts promptly if compromised. Liability for negligent custody falls on the signer.
The takeaway
E-signatures have been legally binding in Qatar for sixteen years. The law is short, technology-neutral, and friendly to digital-first business. The few real exclusions (wills, real-estate transfers, AoAs) are specialised registry processes that no e-signature regime anywhere recognises as a substitute.
For everything else — employment, leases, vendor deals, NDAs, procurement — Article 28 covers you. The question is no longer "is it legal?" but "does my provider actually produce a signature that satisfies the four conditions?" That's an engineering question with a binary answer.
See exactly what SahlSign produces — the PAdES-B-T seal, the RFC 3161 timestamp, the hash-chained audit log — or start a free 14-day trial and inspect a signed PDF yourself.
The four-condition test every defensible electronic signature in Qatar must pass: unique linkage, sole control, document binding, tamper detection. SahlSign meets all four by default — PAdES-B-T sealing, OTP at signing time, hash-chained audit trail.
ECTL Article 28, State of Qatar
Frequently asked questions
Is e-signature legal in Qatar?
+
Will Qatari courts accept an electronically signed document as evidence?
+
What documents cannot be signed electronically in Qatar?
+
Do I need a 'qualified' signature for a normal business contract?
+
What makes an electronic signature defensible if it is challenged?
+
Related reading
- How to Send a Tenancy Contract for E-Signature in Qatar — the most common ECTL-governed contract in the Qatari economy, walked through end to end.
- Five Documents Every Qatar SME Should Digitize First — the priority list for an SME that has just confirmed e-signatures are legal and wants to put the law to work.
- How to Verify a Signed PDF — Article 28's "uniquely linked" and "tamper-detectable" requirements turn into a concrete verification routine here.
Sources
- Decree-Law No. 16 of 2010 — Electronic Commerce and Transactions Law (Al Meezan official portal)
- ECTL — WIPO Lex record
- Communications Regulatory Authority of Qatar — Trust Service Providers
- eIDAS Regulation (EU) 910/2014 — for cross-border comparison
- ETSI EN 319 142-1 — PAdES baseline signature profiles