Evidentiary Issues Regarding Electronically Stored Information
Getting It In and Keeping It Out
In Lorraine v. Markel, 241 F.R.D. 534 (D.Md 2007), a case involving litigation over damage to a yacht christened the “Chessie", United States Magistrate Judge Grimm stated; “Be careful what you ask for, the saying goes, because you might actually get it." While the facts of Lorraine are a far cry from anything resembling a criminal case, Judge Grimm’s decision sets out an encyclopedic review of issues regarding the admissibility of electronic evidence. Email, spreadsheets, web pages, computer generated letters and agreements, as well as a plethora of others are the nuts and bolts of communication among people today. Methods of contact and recordation have changed drastically.
While there is no official definition of Electronically Stored Information, it generally refers to all information that is not stored by humans, but by a number of different computer systems.
A . Authenticity
Once electronic evidence is located and properly secured, to be admissible in court the prosecution or defense must, of course, "lay a foundation" for it to be admitted.
In other words, authentication requires that the offering party present some evidence that the exhibit it is seeking to admit is actually what the party claims it to be. In the case of electronically stored evidence, this means that in the first instance the proffering party must offer substantiation that the information presented actually comes from the electronic device in question. This is a threshold requirement. In order for any electronic data to be presented as admissible evidence in court, the proponent of the proof has to provide some preliminary evidentiary basis that the electronic documents in question come from the particular device in question and actually are what the prosecution is claiming them to be.
Because the rules of evidence, including the FRE apply to ESI, the general models for authentication that the applicable rules suggest are still valid. Another way to authenticate ESI under 901(b)(4) is to use metadata, or data about data, to identify the information presented. Metadata is usually discoverable and contains information about the date, time, and creator of electronic information. Revised Federal Rule of Civil Procedure 34 permits a party to discover electronically stored information and to identify the form or forms in which it is to be produced.
Rule 901(b) (9) is also especially useful when dealing with ESI. This Rule authorizes authentication by “evidence describing a process or system used to produce a result and showing that the process or system produces an accurate result."
Of course, the unique nature of ESI gives opposing counsel plenty of room to object to its admission. Issues of alleged alteration or mistaken authorship are common in the wrangling over the admissibility of ESI. Counsel can often mount an argument that the existence of electronic evidence on a technological device, or especially on the internet, does not necessarily mean that the purported author was its actual author.
The argument is that the connection from the electronic evidence to the issue at hand is missing. Someone else could have used the computer. What was security like on the network or workstation? This is akin to shoe prints at a crime scene that match the defendant's shoes. The shoe prints do not necessarily prove the defendant was at the crime scene. However, absent some further proof that the circumstantial link was untenable, these arguments would likely go to the weight accorded the exhibit rather than its ultimate admissibility.
To tie the criminal to the electronic device, one cannot rely on such things as traditional handwriting identification, see Fed. R. Evid. 901 (b )(2) and (3), or voice identification, see Fed. R.Evid. 901(b)(5), except perhaps if a cell phone is involved. These identification methods obviously do not work in a cyberspace/electronic environment. However, Fed.R.Evid. 901 (b)(4) provides guidance: "[a]ppearance, contents, substance, internal patterns, or other distinctive characteristics, taken in conjunction with the circumstances" can all aid the identification process.
ESI is also subject to the various evidentiary rules against hearsay. Again, the Federal Rules of Evidence are not specific when it comes to ESI, but are applied to ESI with the flexibility accorded technological advances. Hearsay is, of course, “a statement, other than one made by the declarant while testifying at the trial or hearing, offered in evidence to prove the truth of the matter asserted." Fed. R. Evid. 801(c) (emphasis added). “A ‘statement’ is (1) an oral or written assertion or (2) nonverbal conduct of a person, if it is intended by the person as an assertion." Fed. R. Evid. 801(a) (emphasis added).
The inquiry into whether electronic information is hearsay at all must begin by deciding whether the piece of ESI is in fact, a statement made by a person. A computer cannot make an assertion. This distinction will dictate whether something is hearsay or not. If information is created by a computer process, it is not a human statement, and is not subject to the hearsay rules. For example, “the report generated when a fax is sent showing the number to which the fax was sent and the time it was received… is not a statement and cannot be hearsay." Lorraine at 564. Similarly, GPS tracking records would not constitute hearsay because they are entirely created by machines. Manual on Electronic Search and Seizure at 192.
On the other hand, when an electronic record is generated by people, the hearsay rules do apply and the evidence must qualify as non-hearsay or fall under one of the hearsay exceptions or exclusions. In the Lorraine opinion, Judge Grimm analyzed the applicability of Fed. R. Evid. 803 to ESI at length. Based on the prevalence of BlackBerries, iPhones and other PDA’s; the ubiquitous and ever growing popularity of Facebook, MySpace, and Twitter; not to mention the prevalence of text messaging; the ability of individuals to share their observations, thoughts and feelings about an event with others while the event is happening or closely after its occurrence has become commonplace.
Of course, the most common way that people-produced ESI is admitted is through Rule 803(6), the Business Records Rule. This is also an area where courts have used a fair amount of creativity in “adapting" the Federal Rules of Evidence to apply in ESI cases. Such records must be: (1) made at or near the time by, or from information transmitted by, a person with knowledge; (2) made pursuant to a regular practice of the business activity; (3) kept in the course of regularly conducted business activity; and (4) the source, method, or circumstances of preparation must not indicate lack of trustworthiness. Fed.R.Evid. 803(6);
Courts have interpreted this rule in ESI cases in various ways ranging from a flexible approach to admitting ESI as business records, to an extremely demanding eleven-step process. In Re Vinhnee, 2005 WL 3609376,06 Cal. Daily Op. Servo 146,2006 Daily Journal D.A.R. 169 (RA.P. 9th Cir. Dec. 16,2005), presents the most challenging approach that a court has taken thus far. In Vinhnee, American Express ("creditor") sought a ruling that the debtor's two credit card debts were non-dischargeable. The debtor neglected to answer the complaint and never appeared for the bench trial. At trial, the judge refused to admit the creditor's electronic business records into the record because of a defective evidentiary foundation.
The trial court, instead of relying on the four-part test for admitting business records under the Fed.R.Evid. 803(6) hearsay exception, relied on a much stricter eleven-part foundational test advanced by Professor Edward Imwinkelried. His eleven-step foundation test for the admission of computer records is as follows:
The business uses a computer.
The computer is reliable.
The business has developed a procedure for inserting data into the computer.
The procedure has built-in safeguards to ensure accuracy and identify errors. 
The business keeps the computer in a good state of repair.
The witness had the computer readout certain data.
The witness used the proper procedures to obtain the readout.
The computer was in working order at the time the witness obtained the readout.
The witness recognizes the exhibit as the readout.
The witness explains how he or she recognizes the readout.
If the readout contains strange symbols or terms, the witness explains the meaning of the symbols or terms for the trier of fact.
It should be noted that this is not the norm, and several courts have been far more lenient in adapting Fed.R.Evid. 803(6) to ESI.
C. Admission of Electronic Evidence and the Best Evidence Rule
The best evidence rule states that to prove the content of a writing, recording, or photograph, the "original" writing, recording, or photograph is ordinarily required. A few federal courts have addressed the use of computer generated summaries under Fed. R. Evid. 1006. The rule provides that the contents of a "voluminous" writing or recording "which cannot conveniently be examined in court may be presented in the form of a chart, summary, or calculation."
Defense counsel should insure that they receive "the original or copies of the summarized writings" -- the third prong of the test set forth in AFD Fund. If not, they can argue that the summaries violate the best evidence rule.
While dealing with electronic evidence may initially seem like daunting task, it should not be much more challenging than dealing with the admission of tangible evidence. There are no new regulations; there are only new adaptations of the same old rules.