In the June 21, 2018 edition of The Legal Intelligencer, Edward Kang, Managing Member of KHF, and Kandis Kovalsky, Associate of KHF, co-authored “Self-Authentication of ESI Under Federal Rule of Evidence 902.”
In a recent annual Federal Bench Bar Conference in Philadelphia, a U.S. District Court judge warned of the perils of allowing clients to perform their own data and document collection.
In a recent annual Federal Bench Bar Conference in Philadelphia, a U.S. District Court judge warned of the perils of allowing clients to perform their own data and document collection. As the judge wisely pointed out, this can be problematic as the lawyers owe a duty to the court to represent truthfully and accurately. If, for example, a client performed the data collection without proper supervision, the lawyer could not accurately represent that all responsive documents have been collected and produced. The 2015 amendments to Federal Rule of Civil Procedure 37 provide dire consequences for failing to preserve electronically stored information (ESI), including monetary sanctions, dismissal of a claim, judgment in favor of the prejudiced party, suppression of evidence and adverse inference instructions. The recent changes to Federal Rule of Evidence 902, which addresses self-authenticating evidence, and is routinely relied on by civil trial lawyers, raises additional concerns with clients performing their own data collection.
Self-authenticating evidence under Rule 902 is evidence that requires no extrinsic evidence to prove that it is what it purports to be. Common examples of self-authenticating evidence include newspapers, periodicals, signed and sealed public documents, and official publications. While the amendments to Rule 902 were created to address the unnecessary expense and inconvenience associated with having live testimony from multiple witnesses solely to authenticate electronic evidence, they also provide guidance on ESI collection and resolving authentication issues relating to ESI before trial.
Amendment to Rule 902
On Dec, 1, 2017, Rule 902 was amended in two important ways that drastically changed the process for both collecting and admitting ESI into evidence. Both amendments now allow for the authentication of electronic evidence by a written affidavit of authentication of a “qualified person.” Subsection (13) covers records “generated by an electronic process or system that produces an accurate result,” such as a system registry (e.g., Windows Registry) report showing that a device was connected to a computer, or showing how smartphone software obtains GPS coordinates. Subsection (14) applies to records “copied from an electronic device, storage medium or file” (e.g., email, hard drive of a computer, cellphone photos, text messages).
Subsections (13) and (14) of Rule 902 are different. The former pertains to computer-generated data, whereas the latter pertains to computer stored data (e.g., user-created data). Subsection (13) is limited to data automatically generated and recorded by electronic processes and systems. The records contain data created by the electronic system. Since there is no human declarant, the only issue is the reliability of the system generating and recording the data. For example, many smartphones contain software that automatically records a log of its user’s text messages. The log containing the date and time of each text, and the number of the other phone involved could be authenticated under Rule 902(13), but the content of the text messages could not. Under Rule 902(13), a party could establish that a smartphone’s software captures the date, time and GPS coordinates of pictures taken, allowing the court to determine that whoever took the picture did so at a certain time and place. Rule 902(13) will be useful in trade secret cases, as it will allow for the authentication of a systems report showing when a party logged into a network and what actions were taken. If a proponent seeks to introduce user-created ESI, such as text messages or emails, that are stored on an electronic device, such as a phone or a computer, they must proceed under Subsection (14).
The advisory committee noted that evidence now covered by 902(13) and (14) was rarely the subject of a legitimate dispute over authenticity. Rather, parties usually wait until their opponent has incurred the significant expense and time of producing an authentication expert before stipulating to authenticity, or deciding not to oppose it. Since Rules 902(13) and (14) both require that the proponent comply with the notice provisions of Rule 902(11), issues relating to the authentication of ESI can now be addressed well before trial removing the unpleasant element of surprise relating to authentication of ESI. To further limit the surprise at trial, the proponent of the ESI can file a motion in limine well before trial for the court to rule on the sufficiency of the authentication and admissibility of electronic records.
The amendments to Rule 902 do away with the requirement that a foundation witness testify to support authentication of electronic documents. Now, if the procedure in Rule 902(13) and (14) is properly followed, the proponent of the ESI need provide only a certification of authentication of the person performing the collection for there to be a foundation for future questioning about the ESI. Before the amendments to Rule 902 were in effect, the data collector would have to first testify about the merits of the collection process before substantive questions relating to the data could be asked.
While the term “qualified person” is not defined under Rule 902, the notes on the amendment clarify that the qualified person must, at a minimum, check the “hash value” (or use another reliable means of identification and verification) of the proffered item and certify that the hash value was identical to the original. As the notes explain, a hash value “is a number that is often represented as a sequence of characters and is produced by an algorithm based upon the digital contents of a drive, medium, or file” and that “if the hash values for the original and copy are different, then the copy is not identical to the original” and vice versa. Hash values are often referred to as “the fingerprint of a file.”
In the absence of a definition of “qualified person,” a safe approach is to look to the standard for qualifying an expert witness, as provided by Federal Rule of Evidence 702. Accordingly, the affidavit should provide information relating to the affiant’s identity and qualification. The affiant should describe their familiarity with the design of the type of phone or computer at issue. The affiant should also provide information about the methodology used to retrieve and copy the data. If the affiant used the hash value method of identification, the proponent attorney could ask the court to take judicial notice of the general reliability of the method under Federal Rule of Evidence 201(b)(2). To satisfy Rule 702(d), the affiant should state that the software they employed is industry standard and that they encountered no problems when they used it to compare the data and that they followed proper procedure in printing out the contents of the copy.
Rules 902(13) and (14) require a certification that complies with Rule 902(11), which has three requirements. First, the record was made at or near the time by, or from information transmitted by, someone with knowledge. Second, the record was kept in the course of a regularly conducted activity of a business, organization, occupation, or calling. Third, making the record was a regular practice of that activity. The affiant must also establish the chain of custody to satisfy Federal Rules of Evidence 401 and 901. To do so, the affiant should include information such as the ESI source (make, model, serial number), identity of who delivered the source, collection dates and the means of transfer for the copy of the data.
Generally, clients, and lawyers alike, are not capable of checking and understanding a hash value or other methodology. Further, most clients will not meet the standard of a “qualified person” as required under Rule 902(13) and (14). As described above, the information required to be included in a certification under Rule 902(13) or (14) is complicated. These amendments to Rule 902 raise the question of whether a client should be self-collecting the data in their case, or whether a third party, such as a forensic collection specialist or service, should be performing the collection.
In general, a practitioner should not allow her client to self-collect data, for it is difficult for a client to qualify as a “qualified person” under Rule 902(13) or (14) or to perform a forensically sound data collection. If inadvertent spoliation occurs, your client will face potential sanctions under Federal Rule of Civil Procedure 37. Collecting data without spoliation involves technical expertise. Certain kinds of data, such as file access related and log file data, easily spoliate, even if collected in good faith. Forensic collection agencies have tools that can help generate logs and other materials that can serve as invaluable support for the affidavit required under Rule 902(13) and (14).
If, despite all the above, you still determine your client is competent to self-collect their own data, at a minimum, they must document the steps they take during the collection process, and information relating to the chain of custody, including the ESI source (make, model, serial number), custodian, collection dates and the means of transfer for the copy of the data. This information will be critical come time for authentication of this data. For larger firms with an in-house IT department, it is critical to use these departments in cases of self-collection.
The December 2017 amendments brought Rule 902 current with the Digital Age. Where there is no legitimate dispute about the authenticity of ESI, even if a party will not stipulate to authenticity in advance, the amendments to Rule 902 should promote greater certainty, save litigants and attorneys time and money, and preserve valuable judicial resources by leading to fewer witnesses, less trial preparation relating to ESI. The amendments to Rule 902 take nothing away, are there to help, and will only hurt those who fail to use a valid process of data collection by a qualified individual. Rule 902 is a welcome and much-needed straight path in a windy world of electronic discovery, which is now a multimillion-dollar industry that dominates litigation and the lives of lawyers alike.
Edward T. Kang is the managing member of Kang Haggerty & Fetbroyt. He devotes the majority of his practice to business litigation and other litigation involving business entities.
Kandis Kovalsky, an associate at the firm, focuses her practice on representing both corporate and individual clients in a broad range of complex commercial litigation matters in Pennsylvania and New Jersey state, federal and bankruptcy courts.
Reprinted with permission from the June 21 edition of “The Legal Intelligencer” © 2018 ALM Media Properties, LLC. All rights reserved. Further duplication without permission is prohibited, contact 877-257-3382 or firstname.lastname@example.org.