In response to concerns over the ever-increasing costs of electronic discovery, the federal bench and bar have worked over the last several years to adopt sensible amendments to the Federal Rules of Civil Procedure. Proposed amendments to Rule 902 will make it easier to authenticate certain kinds of machine-generated information and data taken from an electronic device, medium or file. The goal of the amendments, which were unanimously adopted by the Rules Committee of the Judicial Conference and are expected to take effect on Dec. 1, 2017, is to allow a witness to certify the authenticity of certain electronic information, thus saving the cost of having to call the witness to testify at a hearing or trial.
The current rules identify a list of types of evidence that are self-authenticating (evidence which fits into one of the enumerated categories is per se authenticated). These include government documents as well as documents developed and maintained in the ordinary course of business. The proposed amendments add to that list, allowing a party to certify that the information was obtained or copied through a reliable and accurate process.
Proposed Rule 902(13) identifies “Certified Records Generated by an Electronic Process or System” as self-authenticating. These records include Windows registry, an internet information services log, a smartphone’s operating system, and phone logs, among others.
Proposed Rule 902(14) identifies “Certified Data Copied from an Electronic Device, Storage Medium or File” as self-authenticating. The committee recognized that this type of data is ordinarily authenticated by a hash value (a unique numerical identifier that is assigned to a file, a group of files or a portion of a file). Identical hash values for the original and the copy provide a high level of reliability regarding the authenticity of the copy. In addition to providing for authenticity through hash values, the rule also allows certifications through other reliable means of identification.
Instead of having to call a witness to testify as to facts which are normally stipulated to, these amendments will allow a party to present a witness’ testimony through an affidavit or certification. The amendments have the potential to save time, fees and expenses in a variety of disputes, including improper use or theft of trade secrets and employment issues centered on text and email conversations.
The following examples illustrate how the amendments can be applied. Envision a situation involving the deposition of a former employee in a claim alleging theft of trade secrets. The former employee has testified that he had only been to the defendant’s business location once for an interview before being hired and never visited his former employer’s office except during regular business hours. As part of discovery, that former employee submits his iPhone for analysis by a forensic expert. GPS data from the phone reveals that two of the most visited locations are the former employer’s business and the defendant’s business. The data, including the Windows registry, shows that the former employee visited the former employer’s facility during nonbusiness hours and downloaded the confidential business information and trade secrets onto a USB from a desktop computer.
Rather than having to incur the cost to call the expert to testify at a preliminary injunction hearing, the former employer need only have the expert offer detailed testimony through a certification as to how the former employee’s iPhone tracked his GPS coordinates and how that data was extracted from the smartphone. The forensic expert can also provide detailed information about the transfer of data from the computer onto the USB.
Let’s say, in the same trade secrets case, the former employee alleges that the trade secrets were actually stolen by a current employee. The current employee is in Europe working on a long-term client project and cannot deliver her laptop to the forensic expert to be examined during discovery. The employer directs the employee to take her laptop to a forensic specialist in Europe, who copies all data from the employee’s laptop and securely forwards a copy to the expert. The foreign specialist verifies that the copy has not been altered by comparing the hash value to the original. The foreign specialist does not need to testify as to the integrity of the copy sent to the expert, but may certify its accuracy. Further, the forensic expert may testify as to the processes by which the laptop collected information from any connected external devices.
These changes to the rules impact not only trials, but also other aspects of litigation where the Federal Rules of Evidence apply. The certification requirement could ease the authentication process for preliminary injunction hearings, where time is critical and scheduling witnesses can be difficult. Certifications may also assist a litigant who appears before an administrative agency or in an arbitration. The certifications can be used to shift the burden of admissibility of evidence in motions for summary judgment, and save the proponent of evidence the expense of having to depose a forensic expert where the amount at issue may not justify the expense. Finally, the new provisions may facilitate greater cooperation from third parties ordered to produce documents via subpoena, and may make the evidence they provide more useful. Rather than require a third party to expend resources working with a forensic expert to authenticate documents they produce, a certification from an IT employee may suffice.
In cases where electronic evidence is plentiful and may derive from multiple sources and in multiple forms, the new authentication provisions will likely reduce the cost of litigation. It’s important to note that these rules address the narrow issue of authentication, and opponents retain all other objections to admissibility (hearsay, etc.).