An Early Christmas Present From The Federal Rules Of Evidence
This is another tool in your toolkit on ESI issues, but it will require understanding the rule and planning for it.
The best presents come in small packages, and the FRE have just left something under the tree for you. Effective December 1, 2017, the revisions to FRE 902 went into effect. While the changes are small, the impact could be very important in how you manage collections and the expense you have to go to in authenticating collections of ESI.
FRE 902 already provided for the self-authentication of certain types of records including government documents, certified copies of public records, newspapers, and certified business records. The revised rule adds two paragraphs, both of which are designed to address ESI by allowing parties to skip the step of authenticating evidence in court by simply providing an affidavit from a “qualified professional” who collected it:
The following items of evidence are self-authenticating; they require no extrinsic evidence of authenticity in order to be admitted:
(13) Certified Records Generated by an Electronic Process or System. A record generated by an electronic process or system that produces an accurate result, as shown by a certification of a qualified person that complies with the certification requirements of Rule 902(11) or (12). The proponent must also meet the notice requirements of Rule 902(11).
(14) Certified Data Copied from an Electronic Device, Storage Medium, or File. Data copied from an electronic device, storage medium, or file, if authenticated by a process of digital identification, as shown by a certification of a qualified person that complies with the certification requirements of Rule (902(11) or (12). The proponent also must meet the notice requirements of Rule 902 (11).
Legal AI: 3 Steps Law Firms Should Take Now
The new language is clunky and does not do a particularly good job of helping you understand exactly what can be used to authenticate data. What exactly is a “record generated by an electronic process or system” under paragraph 13? That’s not english to your average lawyer, but it’s not really that complex. Many systems or applications generate reports, audit logs, etc. that detail what activities were taken. Some examples might include a report from Cellebrite or MPE+ from a mobile device image, a systems report showing when a party logged into a network and what actions were taken (stealing trade secrets for example), or a log of backups taken.
Paragraph 14 is a bit easier to understand the value of — if I make a copy of any kind of media such as a hard drive, data set or other electronic copy, I can submit an affidavit to the court authenticating that the copy was legit rather than having to offer testimony. And that works great for litigants who don’t have the ability to hire a forensics professional, or for clients who do much of that work in-house and can provide affidavits as to the authenticity of the copy. The comments to the rule allow for hashing (comparing the hash value of the original to that of the copy to ensure a match) as one method of certifying the copy, but recognizes that other methods may also be available.
Keep in mind that while the additions to FRE 902 mean you need one less witness to authenticate that the ESI was properly collected, you still have to meet the admissibility standards for the evidence under the FRE. FRE 902 does not govern admissibility or authentication of the truth of the information — just that it is in fact what came from the system report or copy you made.
Will the new FRE 902 help? I checked in with a few of my colleagues to gather their thoughts. Tom O’Connor, Director of the Gulf Coast Legal Technology Center and the guy to talk to before you buy your next cigar, says that the rule change is “a good first step. Someone is paying attention and maybe we can get it cleaned up later. Better tools will provide better access to ESI to make using it more affordable in smaller matters.” Tom and I also discussed that if this rule trickles down to the states it could have a significant impact on cost reductions for employment and divorce cases, as well as other small matters.
Sponsored
Navigating Financial Success by Avoiding Common Pitfalls and Maximizing Firm Performance
Is The Future Of Law Distributed? Lessons From The Tech Adoption Curve
The Business Case For AI At Your Law Firm
Early Adopters Of Legal AI Gaining Competitive Edge In Marketplace
Craig Ball, eDiscovery special master, forensic analyst, and author of the famed Ball in Your Court blog, sees the change as codifying the process he already undertakes as a forensic investigator:
I see little direct impact to my clients in terms of how they expect to use FRE 902 versus what it actually does. I see it as eliminating witnesses who must defend the integrity of the intervening chain-of-custody between acquisition and subsequent analysis or introduction.
Craig also shared with me what he believes are the key elements that an affidavit under FRE 902 should include:
- The corpus of data copied from the electronic device, storage medium, or file is clearly and unequivocally identified;
- The witness verifying the hash value is qualified and experienced in the calculation of a hash value;
- The tool and methodology employed to calculate the hash is known by the witness to be reliable;
- The witness attests that the hash values matched using the verified tool/methodology; and
- The hash value is disclosed (to facilitate independent verification). This last may not be an essential element, but I deem it good practice.
Stuart Claire, eDiscovery counsel at Cozen O’Connor, formerly with the DOJ, and a bio more interesting than any lawyer I’ve ever met, believes that the new FRE will help flush out where parties have allowed for self-collection:
Sponsored
Legal AI: 3 Steps Law Firms Should Take Now
Early Adopters Of Legal AI Gaining Competitive Edge In Marketplace
The absence of relying on 902 is a red flag to further investigate how data was harvested. Where self-collection was previously undisclosed, 902 shines a light on those activities when they are not guided by a certified technical professional. Used correctly, it can be an effective offensive tactic.
While I do want to point out that guided self-collection is often necessary to avoid expense and can be done in a defensible manner — Stuart’s thinking makes my next point. This new rule change is further evidence (pun intended) that questions of how evidence is collected are for lawyers, and not ones that can be pushed to litigation support without guidance. Lawyers have to be thinking up front — at the early stages when systems are identified as having responsive data — what kinds of reports can be offered and what those affidavits should include from their client as well as what issues may come up with opposing counsel. I view this as something that may even be necessary to discuss at the meet and confer.
The big elephant in the room over these changes is social media and web based collections. How can those be authenticated under the rule? Take a Facebook profile or a web page — they don’t have hash values. Luckily, the rule allows for other forms of certification. Social media collection companies have thought about this issue and have systems in place to provide the authentication needed.
Andy Adkins, CIO, with Social Evidence LLC, which is launching their collection service this year, told me that Social Evidence has been designed with FRE 902(14) in mind. They plan to follow a two-step process to assist with authentication of a collection that includes creating a hash value for the ESI:
Basically, two things happen: one, we follow a rigid Chain of Custody process that calculates a unique Hash Value associated with that specific post and store it in a secure location. When the user decides to present that particular post to court as evidence, we create an Authenticity report that shows the chain of custody from collection through reporting and recalculate the Hash Value at the time of report to compare with the original hash value, indicating that the evidence has not been altered during storage or transition. In addition, we provide an affidavit of how this process takes place within Social Evidence.
Hanzo Archives, another social media and web based collection company, already had certifications in place prior to the introduction and adoption of FRE 902. Evan Gumz of Hanzo added that he “expects the FRE 902 updates will have a positive impact on our customers because they’re already one step ahead of the new updates.”
But what if you can’t afford to outsource social media and web collections? First, I will tell you that they are remarkably affordable, so make sure you investigate the cost before deciding your case can’t handle it. At least a couple of companies allow for one off collections vs. a monthly subscription for a tool. Especially with the new authentication process, you’ll save several hours of lawyering to negotiate that, and that alone will more than pay for the service generally. Check with your provider too — they may have a subscription that you can leverage for a single collection.
But if you don’t go that route, keep a running affidavit of the steps you take to collect the data and equate them to the available processes. For example, Facebook allows for a download of a profile by the user, but the content is saved as an HTML file and is only useful if you only need one piece of a post. That’s rarely the case, and Facebook will generally only provide information when required under a criminal warrant. I suggest working with opposing counsel to identify a process you can both live with, then documenting it for the court. Even in states without this process, you may be able to get the judge to sign off. It’s just good practice.
So there you have it — your early Christmas/Hannukah/Kwanzaa present from the FRE. This is another tool in your toolkit on ESI issues, but it will require understanding the rule and planning for it. Remember to play nice with the other children — Santa is watching!
Kelly Twigger gave up the golden handcuffs of her Biglaw partnership to start ESI Attorneys, an eDiscovery and information law Firm, in 2009. She is passionate about teaching lawyers and legal professionals how to think about and use ESI to win, and does so regularly for her clients. The Wisconsin State Bar named Kelly a Legal Innovator in 2014 for her development of eDiscovery Assistant— an online research and eDiscovery playbook for lawyers and legal professionals. When she’s not thinking, writing or talking about ESI, Kelly is wandering in the mountains of Colorado, or watching Kentucky basketball. You can reach her by email at Kelly@ediscoveryassistant.com or on Twitter: @kellytwigger.
