How to Certify and Admit Digital Evidence Under FRE 902

As the world continues to evolve electronically, it oftentimes seems like the courts take longer to catch up. This past December lawmakers took another step into the digital age by amending Federal Rule of Evidence (“FRE”) 902. This rule makes certain categories of evidence “self-authenticating,” which means that evidence can be admitted at trial without a live witness testifying that it is genuine.

For years, this rule only included hard copy evidence, such as newspapers and certified copies of public records. The December 2017 amendments added certain types of electronic data to the list. Under FRE 902(13) and FRE 902(14), lawyers can now admit the following types of evidence at trial without needing live expert testimony:

  1. Records generated by an electronic process or system that produces an accurate result (such as data from GPS systems, cell phones, and activity trackers)
  2. Data copied from an electronic device, storage medium, or file (such as copied webpages or emails)

Eliminating foundation testimony is a huge time and cost saver that makes trials more efficient. However, this does not mean that lawyers can simply admit self-authenticating evidence without completing additional steps. The rule requires that a qualified person certify the evidence in order for it to be admitted at trial. Since the rule is not clear on what this requirement entails, offering the court a sworn affidavit should suffice. The following information should be included in the affidavit to avoid any issues with getting the evidence admitted:

  1. Background and qualifications of the affiant: The rule does not explicitly state what types of individuals are qualified to certify the evidence. However, it is safe to assume that an individual familiar with data collection techniques would be eligible. The witness that a lawyer would have called to testify at trial before these amendments were enacted should provide the affidavit. This is generally a digital forensic expert who regularly deals with data collection and verification. However, an organization’s IT employees may also qualify if they are familiar with data collection. Regardless, the affiant’s experience will be a key factor the court uses to determine whether the evidence should be admitted. Make sure to include the affiant’s professional background, involvement with the organization, and any other information that would illustrate their competency to certify the evidence in question
  2. Description of the evidence: Provide the court with enough information so it can easily conclude that the proffered evidence falls under the new categories. Make the description detailed and specific. If it is not burdensome to do so, attach the evidence as an exhibit to the affidavit.
  3. Description of collection methods: Include a description of the retrieval process. Also describe the process used to verify that the evidence is genuine. The FRE advisory committee notes state that any “reliable” methods will be accepted. However, the committee specifically goes into detail about a common verification method that involves hash values. A hash value is a unique set of numbers attached to a data source. Duplicated information from electronic devices, storage media, and electronic files will have the same hash value if the copy is identical to the original. If hash values are compared, make sure that the affidavit clearly details the procedure for determining and checking the hash values. To be on the safe side, if the affiant utilizes a less common verification method include an even more detailed background about the collection method in the affidavit.
  4. Certification: While this may seem obvious, the affiant should explicitly certify the evidence. For example, the affidavit could simply state that based on the collection methods used, the affiant certifies that the evidence is genuine and unaltered.
  5. Forensic Reports: Attach any report, screenshot, or other document illustrating that the information provided in the affidavit is accurate. This will act as an extra safeguard against an attack to the affidavit’s validity.
  6. Signature: Include an original signature at the end of the affidavit.

Filed under: big data, compliance, ediscovery, esi