Constantino, Aries: Electronic Data – How Reliable?


Introduction

The electronic records have taken the business and social world. The e-mails have become the preferred method of business communication. In the business world, financial records, legal documents and work assignments, including electronic contracts from of parties from different places, are now kept primarily and sometimes solely in electronic form. Corporate websites also has its advertisements in the electronic forms. Many important documents and objects are now in the electronic form, as well as in the social networking were web linking is a trend. Today, electronic records and e-mails are widely accepted for many important business communications that previously required physical signatures or paper documentation.

Electronic data is now being used widely in the course of the uprising technology. The discussion of electronic data is too broad. Most websites are registered servers, while some personal websites are just temporary. Web linking are also rampant that information over information are passed from one web site to another. Though not all electronic information are true and correct, one may opt to believe the contents of a single website or just a part of it. There is authentication on the accuracy and truthfulness of the information posted such as advertisements and other information that may cause libel to certain persons, whether natural or juridical.

There is no authentication on the accuracy of the electronic information posted in websites. Nevertheless, other electronic data needs authentication, especially its origin, the date and time the electronic data has been made and transmitted over the internet. Its is equally important that the origin, the electronic and digital signatures of each data stored, whether in hard drives or in the internet, can be authenticated.

In the legal profession, authentication of electronic data, particularly electronic evidence play a substantial role in a case. Authentication provides a particular challenge with electronic evidence because they can easily be altered or edited often without leaving a trace. The danger is that the identity of the document’s originator or the contents of the original document may appear to be true and accurate, when in fact it has been altered, making the document impossible to authenticate. Electronic data must be properly authenticated pursuant to the Rules on Evidence. This rule requires that the evidence is sufficient and to prove that the matter in question is what its proponent claims. In other words, the counsel must show that document is true and accurate.

Importance of Electronic Data

Excel spreadsheets, e-mails, and customer database are featuring increasingly in cases of fraud, defamation and information theft, which gives malefactor more reasons to tamper with electronic evidence. Their technical capability gives them access to crimes and other misdeeds. Electronic data are prone to hacking, interferences and alterations. The security and authenticity aspects are often overlooked. Whereas signatures and other paper documents can be examined in court for possible tampering, electronic records like e-mails, instant message logs and Excel spreadsheets can easily be altered without raising red flags. Anyone with minimal tech savvy and access to a company’s computer systems can significantly alter electronic records, potentially changing their meaning and altering the outcome of a critical business deal.

Technology-related fraud has also emerged as the fastest-growing and most pervasive category of fraud in the business world. Data tampering are often done by employees, contractors and other partners who already have access to the organization’s computer network. Those employees with authorized access to the files and records easily can tamper or alter the same. Data alteration whether intentional or not could be happening in the organization everyday without our knowledge. Some organizations are requiring their IT professionals or IT service providers to provide recommendations on the best ways to securely archive and authenticate records.

Electronic Data as Evidence

Electronic data are mainly used as evidence in a legal dispute. High profile cases involving the tampering of electronic records include that of former Asia Pacific Breweries manager Chia Teck Leng, who embezzled over $100million, and that of former National Kidney Foundation head T.T. Durai, who was also accused of destroying electronic documents. In the older times, the person would just delete e-mail correspondence or documents. Now, many persons format their hard disks or use specialized electronic earasing programs to cover their electronic trails.
Often times, technically skilled perpetuators install unsecured wireless network. An unsecured wireless network gives a defendant some ‘plausible deniability’, by giving him room to claim that someone else may have used his network to commit the offence. Some employees steal company files which are prohibited. Companies that lend laptops to its employees can check whether the employee has actually copied restricted files ffrom the laptop to an external media device. There is an evidentiary value of the link files which an can be traced and sourced whether company files were stolen.

The courts are becoming increasingly savvy about electronic records. Whereas there previously were no consistent guidelines on electronic data archiving and retrieval, the rules on evidence and the jurisprudence have the courts recognize the importance and staying power of electronic records. As lawyers and judges around the country debate on the reasonableness, one concept has emerged as a problem area for many: proving the authenticity of electronic records.

As provided under RA8792, Electronic data are recognized as evidence to wit: Sec. 6. Legal Recognition of Data Messages. – Information shall not be denied legal effect, validity or enforceability solely on the grounds that it is in the data message purporting to give rise to such legal effect, or that it is merely referred to in that electronic data message. And in Sec7, Legal Recognition of Electronic Documents. – Electronic documents shall have the legal effect, validity or enforceability as any other document or legal writing.

Also, as stated on the Rules on Electronic Evidence, Rule 3, Sec 1. Electronic documents as functional equivalent of paper-based documents. – Whenever a rule of evidence refers to the term writing, document, record, instrument, memorandum or any other form of writing, such term shall be deemed to include an electronic document as defined in these Rules.

Further, electronic documents can be admitted in court as stated in Rule 3, Sec2. Admissibility. – An electronic document is admissible in evidence if it complies with the rules on admissibility prescribed by the Rules of Court and related laws and is authenticated in the manner prescribed by these Rules.

Authentication of Electronic Data

Admissibility of electronic data are being questioned, especially those that has not been authenticated, or proven to be what it purports t to be. There is nothing about a typical e-mail or electronic record that can help a witness or fact finder tell if the record has not been altered, whereas paper records have signatures or other identifying marks to demonstrate authenticity.

The proliferation of electronic records require companies to know where electronically stored information (ESI) including e-mails, spreadsheets, Word documents, image files and more are kept and make that information available to the other party if reasonably accessible. In addition, the rules set new requirements for the parties to meet and discuss what ESI will be considered during a trial. (http://www.wwpi.com/top-stories/4092-the-e-discovery-conundrum-proving-the-authenticity-of-your-electronic-evidence)

In a US landmark case of Lorraine v. Markel, United States Magistrate Judge Paul W. Grimm would not allow electronic evidence from either party to be admitted because it has not been properly authenticated prior to trial. In order to be admitted, ESI must: be relevant to the issue at hand; be authentic (the evidence is what it purports to be); not be hearsay or if hearsay, able to meet the requirements for an exception; be the original or duplicate of the evidence or able to meet an exception to that rule; and not be unfairly prejudicial to either party in relation to the evidence’s probative value. The most difficult requirements above, is the ability to prove the authenticity of records. Grimm stated, “the inability to get evidence admitted because of a failure to authenticate it almost always is a self-inflicted injury which can be avoided by thoughtful advance preparation. If it is critical to the success of your case to admit into evidence computer stored records, it would be prudent to plan to authenticate the record by the most rigorous standard that may be applied.” Without these electronic records admitted into evidence, the court was unable to issue a ruling in the case and the parties were left to pursue further costly and time-consuming litigation.

Computers systems are usually authenticated by the testimony of the someone who has employed them. The witness typically describes the process or system and the results it produces, and attests to the accuracy of those results.

Authentication of electronic documents is provided under Rule 5 of Rules on Electronic Evidence. It provides in Sec1. Burden of proving authenticity. – The person seeking to introduce an electronic document in any legal proceeding has the burden of proving its authenticity in the manner provided in this Rule. And the means and manner of authentication is provided in Sec2. Manner of authentication. – Before any private electronic document offered as authentic is received in evidence, its authenticity must be proved by any of the following means:

(a) by evidence that it had been digitally signed by the person purported to have signed the same;

(b) by evidence that other appropriate security procedures or devices as may be authorized by the Supreme Court or by law for authentication of electronic documents were applied to the document; or

(c) by other evidence showing its integrity and reliability to the satisfaction of the judge.

Further, the document must be notarized and certified as true and accurate. The burden rests on the counsel who offers the evidence where and that the documents becomes a public document, where Sec3. Proof of electronically notarized document. – A document electronically notarized in accordance with the rules promulgated by the Supreme Court shall be considered as a public document and proved as a notarial document under the Rules of Court.

Common Mistakes in Using Electronic Evidence

There are common mistakes in using electronic evidence. Attorneys do not get it right in offering the electronic evidence. In most common mistake is failing to designate an expert. Occasionally, you will find a judge so eager to hear the expert, he or she will do an end run around procedure and let the expert testify as a fact witness, but that is far and away the exception. Another mistake is a failure to maintain a proper chain of custody. The electronic evidence must be signed in a custody form, and forensically imaged, and then return the original evidence.

Failure to properly authenticate electronic evidence is fatal. The evidentiary weight of the electronic evidence as provided in Rule 7, must also be stated as to the relevance and reliability on the manner of its procurement. The integrity and quality of the evidence must be proven. The method of proof as stated in Rule 9 is provided as such: Section 1. Affidavit evidence. – All matters relating to the admissibility and evidentiary weight of an electronic document may be established by an affidavit stating facts of direct personal knowledge of the affiant or based on authentic records. The affidavit must affirmatively show the competence of the affiant to testify on the matters contained therein. And Section 2. Cross-examination of deponent. – The affiant shall be made to affirm the contents of the affidavit in open court and may be cross-examined as a matter of right by the adverse party.

Ensure Reliability and Accuracy

ESI has been defined by courts to include email messages (including backups and deleted messages), instant messages (IM) and chat logs, web site information whether in textual, graphic or audio format, log files, voicemail messages and logs, data files (documents, spreadsheets, database files, etc.), program files, cache files, cookies and just about any electronically recorded information.

Gathering, managing, preserving and presenting electronic evidence presents some unique problems in comparison with more traditional types of evidence. The biggest issues are the ease with which an electronic document can be tampered with or even fabricated completely and the inability to pinpoint an “original” vs. a “copy” as you can usually do with a paper document or the negative of a photograph.

To be admissible in court, evidence must be relevant, material and authentic. Because of the intangible nature of ESI, proving its authenticity becomes an issue. Unless special precautions have been taken, anyone who has handled it could have made changes to it such as adding or deleting content, making changes to file attributes such as the timestamp, or modifying the metadata that records information such as who authored the file. In court cases such as AmEx v. Vinhnee, Bouriez v. Carnegie Mellon University, and Lorraine v. Market, documents, email or other electronic data were not allowed to be admitted into evidence because they could not be adequately authenticated, even without clear cut proof that the items were not authentic. The point is that digital evidence does not enjoy the same presumption of authenticity as more tangible evidence such as paper documents.

The challenge for data storage and management professionals is to provide an easy and irrefutable proof of the authenticity of all electronic records. Digital signatures provide the “who” aspect of electronic record but lack the necessary “when” aspect to show that a record has not been altered since a specific point in time. Secure hashing provides a means to determine if a record has been altered but it is very susceptible to tampering or alteration by anyone with access to the hash value. Also, PKI-based timestamps bind a time value to a record by hashing the record. There are, however, several setbacks that make this method susceptible to legal questioning, because the binding is dependent on the privacy and the expiration date of the key. Both could easily render the key and its associated documents invalid. To adequately address the authenticity while remaining independent for any bias or compromise is digital time-stamping using hash-chain-link method. Digital stamping provides data professionals with the means necessary to authenticate electronic record. It seals electronic records, making thenm impervious to later tampering or alterations. It ensures that the electronic records are stored in their original condition, free from any changes that could affect a legal outcome.

Conclusion

In the world of information technology, all information are in the electronic form. Electronic data are widely generated and shared. In an increasingly paperless world where data can be so easily manipulated, law firms face a new hurdle: proving the authenticity of the electronic evidence presented in support of their client’s case. The difficulty is in the reliability of the electronic data presented and gathered. Electronic data are prone to hacking, alterations and tampering. Others are done intentionally, while others are altered or destroyed by the introduction of computer virus. Nevertheless, electronic data submitted can be questioned on its authenticity, integrity and quality to be offered as evidence in a dispute. Electronic evidence are now accepted as a primary evidence provided it passes authenticity and the manner it was generated, acquired and presented. A lawyer has to know the methods of properly ensuring the reliability and accuracy of its data, particularly the electronic data.

Electronic evidence shall have the legal effect, validity and enforceability of any other legal document or writing. That is why electronic data when presented as evidence must be convincing as to its authenticity that it is the original data. The burden rests on the parties presenting it. It must follow the rules on electronic evidence and correlate it to RA8792, which the evidentiary value of the data from e-commerce law.

It is as simple as to challenge the effectiveness of a company’s control and processes, and to ensure the authenticity of ESI and cause considerable resources allocated to defend the effectiveness of external controls. Most electronic data of large organizations are reliable, while some are not. In these times, one must ensure that the electronic data are true and accurate especially while engaging in e-commerce. Digital timestamping is the common tool to ensure the security and authenticity of electronic data. Most developers and servers provide a way of tracing the evidentiary values of every link posted and every file generated to ensure traceability.


References:

  1. http://digital.asiaone.com/Digital/News/A1Story20080929-90627.html
  2. http://www.windowsecurity.com/articles/authentication_and_encryption.html
  3. http://www.wwpi.com/top-stories/4092-the-e-discovery-conundrum-proving-the-authenticity-of-your-electronic-evidence
  4. http://www.datatriage.com/dont_let_electronic_evidence_bury_your_firm.php.htm
  5. A.M. No. 01-7-01-SC July 17, 2001 RULES ON ELECTRONIC EVIDENCE
  6. R.A.8792 June 14, 2002


Author licensed this article under Creative Commons Attribution 3.0 Philippine license

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: