Forthcoming amendments to the Federal Rules of Evidence directly address the admissibility of electronic evidence through the addition of two new subsections to Rule 902. In a nutshell, the amendments add ESI to the select list of categories of records that are self-authenticating. Now in the home stretch of the approval process, the amended Rule is expected to take effect on the scheduled date of December 1, 2017.
The amendments are expressly designed to streamline authentication of ESI, reduce cost and burden on the parties and eliminate unnecessary evidentiary disputes. Amended Rule 902 creates a mechanism to authenticate qualifying electronic evidence by written certification instead of live testimony, a sea change in evidentiary practice that offers significant benefits to counsel, clients and the court.
The time is now to prepare for amended Rule 902. Although December may seem far away, the extended timetable of civil litigation means that most ESI collected today will not be introduced into evidence until after the effective date, and thus will be subject to the new admissibility requirements. The starting point is to evaluate how data is being collected currently – and whether it will satisfy those requirements. Litigators will also want to consult with their eDiscovery and forensics service providers to create a strategic approach for collections moving forward.
Current Practice for Authenticating Electronic Evidence
Authentication, a critical element of admissibility of evidence at trial and in other evidentiary proceedings, is principally governed by Rule 901. The standard legal definition of “authentic” evidence is evidence that is what it purports to be. In layman’s terms, authentic documents and objects are genuine, not counterfeit or manipulated.
The norm set by Rule 901 is live testimony by a witness who has personal knowledge of the genuineness of the proffered evidence. In the case of an electronic record, a typical example is an email that on its face was sent from Smith to Jones on January 1, 2014. Smith can authenticate the email by testifying that it is an accurate copy of an email he sent to Jones on that date.
Under normal circumstances authentication is seldom contested. Most evidentiary challenges are made on other grounds, such as relevance, hearsay or undue prejudice. However, even though a challenge to authentication is unlikely, the proponent (the party seeking to have the record admitted into evidence) must still be prepared to lay the proper evidentiary foundation just in case.
This can be burdensome or difficult. For example, some witnesses are only needed to testify as to authentication. Calling someone to testify solely to authenticate a record is an inconvenience to the witness and unwelcome expense for the litigant. Even worse from the proponent’s perspective is a situation where there is no witness able or willing to testify; to illustrate using the email example, where Smith is a former employee who is hostile to the company and outside the court’s subpoena power.
Rule 902(13): Machine-Generated Evidence is Self-Authenticating
Rule 902 provides an alternative route to authenticating certain types of evidence. In its current form, the rule enumerates 12 categories of self-authenticating evidence. The classic examples of self-authenticating records are newspapers and government-issued documents, which carry an intrinsic presumption of authenticity. However, the category that is conceptually most similar to the new provisions is qualifying business records under 902(11). Specifically, these may be authenticated by witness certification (affidavit) instead of by live testimony.
Amended Rule 902 adds two new subsections specifically for electronic evidence. The first, 902(13), applies to “a record generated by an electronic process or system that produces an accurate result.” The text further incorporates by reference the procedural requirements of 902(11); this language is repeated verbatim in new subsection 902(14) and will be treated in detail below.
The essence of 902(13) is that it classes machine-generated evidence as self-authenticating. These are three common scenarios illustrating how a proponent could take advantage of the new rule:
- The Windows Registry (part of the Windows operating system) stores data about devices connected to the computer using the USB port. Such data is frequently at issue in employment matters as it is relevant to determining if the employee transferred files from the computer to a USB flash drive or hard drive.
- Many personal injury cases turn on location data. Relevant logs are auto-generated by a GPS device in a car or GPS app on a mobile device.
- In the context of a criminal prosecution, 902(13) covers reports generated by forensic laboratory tests for the presence of illegal substances provided that the test is performed using validated equipment and processes (i.e., “that produces an accurate result”).
For further reading, several specific examples of the applicability of 902(13) are provided in a report by the Advisory Committee on Rules of Evidence (page 276, 303); the article further includes the full text of the amendments and Committee notes.
Rule 902(14): Electronic Evidence Collected in a Forensically Sound Manner is Self-Authenticating
New subsection 902(14) is broader in scope and wider-reaching in its significance for data collection practices. The crux of 902(14) is that electronic evidence that is collected in a forensically sound manner is self-authenticating.
The text in its entirety reads as follows:
Rule 902. The following items of evidence are self-authenticating; they require no extrinsic evidence of authenticity in order to be admitted. …
(14) Certified Data Copied from an Electronic Device, Storage Medium, or File.
Data copied from an electronic device, storage medium, or file, if authenticated by a process of digital identification, as shown by a certification of a qualified person that complies with the certification requirements of Rule 902(11) or (12).
The threshold requirement under 902(14) is that the data must be “authenticated by a process of digital identification.” Notably, the accompanying Advisory Committee notes, which as a practical matter are generally given the same weight as the text in interpreting a rule, provide that hash value verification or “other reliable means of identification” is sufficient to meet this standard.
This statement amounts to an explicit recognition of the reliability of current forensic practice. Hash value verification is an industry-standard forensic method to verify that an original electronic file and its copy are identical. In addition, by expansively defining verification to encompass “other means” comparable in reliability to hash value comparison, the Committee has sensibly left room for technological variety and developments in data sources and forensic acquisition tools.
The certification requirement, which is also found in 902(13), draws on established procedure for authenticating business records under 902(11). This procedure has two components.
First, the authentication by digital identification must be attested to in a certification by a “qualified person.” This term is not defined in the text of Rule 902 or the Committee notes. In the absence of a definition, a safe interpretation is to look to the accepted standard for qualifying a witness as an expert. The affidavit should recite the witness’ relevant education, training and experience. It should also describe the forensically sound collection tools and methodology used to make the ESI collection.
Second, the proponent must provide reasonable written notice before introducing the record into evidence. This includes making the certification affidavit and the record itself available for inspection in order to give the opposing party “a fair opportunity to challenge them.”
Finally, there is an unstated requirement under 902(14) that the collection be thoroughly and accurately documented. In preparing the certification, it will be necessary to refer to the chain of custody documentation. The chain of custody records information about the evidence and the collection process. It will typically include a detailed description of the ESI source, custodian information, who performed the collection, collection date and the storage or transfer means for the copy; it will also identify the copying tools and methods. Additionally, forensic collection tools generate logs and other files that constitute invaluable supporting documentation for the affidavit.
Legal and Practical Implications of Amended Rule 902
A stated purpose of the Advisory Committee is to establish a “procedure in which the parties can determine in advance of trial whether a real challenge to authenticity will be made, and can then plan accordingly.” It’s important to emphasize that the opposing party can challenge the sufficiency of the affidavit (and of course, can always challenge admissibility on other evidentiary grounds). However, once the proponent gives the proper notice under 902(13) or 902(14), the burden shifts to the opposing party. This is a major change in practice designed in large part to force parties to restrict their evidentiary challenges to those records where authentication is truly at issue.
Once the amendments take effect, the new norm for authenticating electronic evidence will be by affidavit instead of live testimony. The proponent is not required to take advantage of 902(13) or 902(14) and can still authenticate evidence in the soon-to-be-old way of offering live testimony by a foundation witness. However, it seems safe to assume most litigants will want to take advantage of the efficiency gains and cost savings offered by the new rule.
To do so they will have to ensure that electronic evidence is collected in a forensically sound manner. The great majority of companies lack the people, processes and forensic copying tools needed to meet the self-authentication requirements. Most litigants will need to bring in an eDiscovery or forensics specialist to make the collection, or at a minimum to appropriately supervise the client’s self-collection (e.g., by designing the collection protocol, providing forensic copying tools and documenting the collection). This carries the added benefit of designating a third party instead of an employee as the witness who will execute the affidavit.
In short, the amendments are an important new factor to consider when making the cost-benefit analysis of whether to rely on the client to self-collect its ESI or to bring in a “qualified person” to make or supervise the collection.
The amended Rule 902, and especially 902(14), will benefit the parties and the court by streamlining and expediting the admission of electronic records into evidence. The party seeking to have the record admitted into evidence in particular will realize meaningful cost and time savings through the use of authentication affidavits instead of live testimony. Moreover the notice requirement, which puts the burden on the opposing party to raise objections ahead of time, removes the always unwelcome element of surprise from the authentication process.
With a little preparation and some strategic planning, amended Rule 902 should bring big benefits. Just don’t wait too long to get started.
Helen Geib is General Counsel and Practice Support Consultant for QDiscovery. Prior to joining QDiscovery, Helen practiced law in the intellectual property litigation department of Barnes and Thornburg’s Indianapolis office where her responsibilities included managing large scale discovery and motion practice. She brings that experience and perspective to her work as an eDiscovery consultant. She also provides trial consulting services in civil and criminal cases. Helen has published articles on topics in eDiscovery and trial technology. She is a member of the bar of the State of Indiana and the US District Court for the Southern District of Indiana and a registered patent attorney.
This post is for general informational and educational purposes only. It is not intended as legal advice or to substitute for legal counsel, and does not create an attorney-client privilege.