Happy E-Discovery Day!
Back on December 19, 2016, I noted that amendments to Federal Rule of Evidence 902 would become effective today. As announced by the Federal Judicial Center, FRE 902(13) and 902(14) now allow for electronic evidence to be self-authenticating. Previously FRE 902 allowed for these kinds of documentation to be self-authenticating - (testimony or other extrinsic evidence is not necessary for them to be regarded as authenticate):
1. Public documents under seal.
2. Certified copies of public records.
3. Newspapers and periodicals.
4. Trade inscriptions.
5. Notarized documents.
6. Business records with custodian’s declaration.
FRE 902(13) now provides for the self-authentication of records generated by an electronic process (a print-out of web page or output from a computer like a spreadsheet), and FRE 902(14) for self-authentication of data from electronic media that is digitally identified with hash values. - when certified by a qualified person.
A video posted by the FJC on amendments, notes that self-authentication must meet the procedural requirements of the hearsay exception under FRE 803 for records of a regularly conducted activity. So the record has to be made at or near the time by someone with knowledge, kept in the course of a regularly conducted business activity, and be made as a regular practice.
The certification of the qualified person has to be based on a federal law or Supreme Court rule. If a foreign record is concerned the certifying person must be subject to a criminal penalty in the country where the certification is given for falsifying the record.
The FJC online presentation notes that certification under 902(14) can be done by means other than comparing hash values that 'future technology' will provide.
Written notice of records offered under FRE 902(13) and 902(14) must be given before a trial or hearing, and the records and their accompanying certification should be offered up for inspection.
Today in a webinar hosted by Exterro, "Top 5 E-Discovery Process Improvements Legal Needs to Make (but haven’t made)", former United States Magistrate Judge Facciola discussed the amendment. He gave the example of a certification provided by an expert that a particular web page was accessed on a particular computer as providing for the authentication of the evidence without testimony before the court. Judge Facciola warned that such evidence would still have to be relevant in order to be admissible.
Mary Mack, the head of ACEDS, advised that attorneys should be sure that software used for data collection is generating hash values at the same time collection is performed. Judge Facciola said that he did not think that a person would need to be a certified forensic specialist in order to validate hash values for digital evidence. He thought that the rule would be interpreted reasonably and not require a particular type of expert recognition. He gave the example of how an IT director at Met Life might certify that hash values showed that data was copied from its network correctly. Judge Facciola would not be troubled by the fact that the director lacked a degree in forensic science or another official qualification.
William Hamilton of the University of Florida's School of Law's E-Discovery Project discussed how he teaches his students to use a collection log which shows the data collected, the location it was collected from, and the hash value for the data. The software used for collection generates a hash value for the data both in its original location and for where it is copied to in order to verify that there has been no alteration.