Crossing With Digital Forensic Evidence
Benjamin Dynkin and Barry Dynkin write: We live in a truly digital age, where we fill 250,000 Libraries of Congress per day. Naturally, this data has begun to seep into our legal system, but lawyers and litigants have not paid close enough attention to how that data can be used. With a clever forensic technician, an attorney can request access to and analyze a nigh unlimited amount of data, which can be used to impeach a witness's credibility to devastating effect.
September 06, 2017 at 02:03 PM
11 minute read
We live in a truly digital age. 2.5 exabytes of data are created each day. Mikal Khoso, “How Much Data is Produced Every Day?,” Level Blog (May 13, 2016). Put in other words, we fill 250,000 Libraries of Congress per day. This data comes in all forms, and particularly with the rise of the Internet of Things (IoT), more and more of that data contains information about people, rather than just the systems themselves. Tamara Dull, “Big data and the Internet of Things: Two sides of the same coin?,” SAS Institute. Naturally, this data has begun to seep into our legal system, but lawyers and litigants have not paid close enough attention to how that data can be used to attack witness credibility on the stand. All those who own late model automobiles, computers, smartphones, smartwatches, etc., walk around with a cloud of surrounding data. That cloud is constantly gathering information on where they are, what they are doing, who they are with, and what is happening around them. With a clever forensic technician, an attorney can request access to, and analyze a nigh unlimited amount of data, which can be used to impeach a witness's credibility to devastating effect.
Unlike social media, where individuals know what they put online for public consumption, people are generally unaware of what data they are generating and retaining and how it can be used against them.
What Data Is Being Created
While most litigators are aware of certain common repositories of data, such as emails, digital documents, and text messages, almost every Internet-connected device generates a wealth of data of which most of us remain blissfully, or dangerously, unaware. For example, cellphones, by default in most cases, actively track their owners, and create map overlays showing where someone has been, what routes were taken, and how long they remained in any particular place. Cars, for example, have “black boxes” that are constantly gathering a variety of information about the car. In the event of a crash, it records all of the data for a set period of time leading up to the crash. Data recorded generally includes: vehicle speed, throttle position, airbag deployment times, whether the brakes were applied, if seatbelts were worn, steering angles and more. Some manufacturers may also have additional data points, including GPS location, video and audio of the car cabin. Navigation systems and other on-board computers can record even more data. Fitness trackers, such as the popular Fitbit, store data on an individual's level of activity, location, what he or she was doing, and much more. Putting together the data recorded from any one of these devices or, even more effectively, the data from two or more of these devices, a skilled analyst can decipher almost any detail about the life of the device's owner and compare that evidence against the narratives proffered by parties in a case. Simply put, there is a lot of very specific, very private, and very potentially unfavorable data being created.
Finding Data; Protecting Clients
When considering sources of evidence, creativity—rather than rote and routine—should govern. Digital forensics, though a science, has a substantial degree of artistry to it as well. Lawyers and technical experts must think critically and carefully about what data might exist, where it might be recorded, and how best to collect, preserve, and analyze it. In certain instances, the potential value of the data must be weighed against the monetary costs of obtaining it, and the risk of aiding the claim of the adversary in the matter. With the rapid growth of connected devices, it is impossible to create a comprehensive checklist; rather, carefully interviewing your client and collecting broadly will ensure that as much of the relevant data as possible is captured and preserved. It is important to recognize that all of this data is theoretically subject to preservation obligations and, generally, discoverable unless subject to a particular exception. Unlike other forms of traditional paper discovery, metadata (aka data about data) is relevant and can further complicate and confound considerations related to data preservation and analysis. These are several of the issues that are central to digital forensics in litigation.
Digital forensics is a complex, highly technical discipline that requires not only legal but also substantial technical expertise as well. It is advisable to seek the aid of a forensic expert who can find, collect, preserve, and analyze all relevant data. Importantly, a forensic expert does not merely assist with finding data, but also serves the critically important function of ensuring that no potentially relevant data is destroyed. Digital evidence can, without a careful hand, very easily be altered or deleted. Not only could this compromise the claim of the client, but it could ultimately result in potentially severe liability for the client, the forensic expert, and the attorney.
Metadata: Good, Bad and Ugly
Even with the use of a forensic expert, the sheer quantity, multiplicity, and complexity of metadata make its collection and analysis a particularly complex and confounding matter. Metadata includes everything from timestamps on documents, to prior versions of the document, to the location where the data was generated and everything in between. While this metadata can be extremely valuable for understanding and contextualizing the data being analyzed, in many circumstances metadata can be a difficult thing to preserve, process and interpret, and can also be a potential source of spoliation allegations from opposing counsel. See, e.g., Digital Preservation Metadata Standards, 22 Information Standards Quarterly 5 (2010). Something as simple as copying a file to a new location can irrecoverably alter a file's metadata.
Using Data at Trial
Authenticating Digital Evidence. While using digital evidence can often be essential to a case, there can be many obstacles to its use, most notably, getting the evidence admitted. While there are no definitive cases that discuss the admissibility of IoT digital evidence, there are several well-established standards which broadly govern the admissibility of electronically stored information (ESI) more broadly. These standards generally apply in full force to IoT digital evidence. U.S. District Judge Paul Grimm's opinion in Lorraine v. Markel American Insurance, 241 F.R.D. 534, 538 (D. Md. 2007), set forth a comprehensive guide for admitting ESI into evidence. The Lorraine standard begins with determining the relevance of the data and ends with balancing the probative value of the data with the danger of unfair prejudice. In relevant portion, the court stated:
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All
Decision of the Day: Judge Precludes Ballistics Expert's Opinion on Scene for 2016 Fatal Police Shooting
Authentication and Reliability of AI and Digital Evidence – What Must The Expert Demonstrate
Communications With Non-Retained Experts May Be Subject to Disclosure
8 minute readTrending Stories
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
