Justin Leonelli of Meryer Unkovic Scott.

The Judicial Conference of the United States has issued its final approval of two amendments to Federal Rule of Evidence 902. The amendments, which add Rules 902(13) and (14) that become effective on Dec. 1, will drastically change the process for admitting electronically stored information into evidence.

The current version of Rule 902 provides that certain “self-authenticating” documents require no extrinsic evidence of authenticity to be admissible at trial. Together, the amendments to Rule 902 provide two additional categories of self-authenticating evidence: records generated by an electronic process or system, and data copied from an electronic device, storage media, or file. As with other self-authenticating evidence, the amendments will remove the need to present evidence to establish the electronic record's authenticity. Instead, a party will simply submit an affidavit of a “qualified person” who certifies in writing that the electronic document and record was obtained in conformity with the requirements of Rules 902(11) and (12).

The amendments will streamline the authentication process and save clients thousands of dollars in legal fees. Therefore, attorneys should familiarize themselves with the new rules to take full advantage of their benefits come December.

Rule 902(13)

Rule 902(13) will allow self-authentication of machine-generated electronic information that is certified by the affidavit of a “qualified person.” Specifically, the rule defines self-authenticating evidence as “a record generated by an electronic process or system that produces an accurate result, as shown by a certification of a qualified person that complies with the certification requirements of Rule 902(11) or (12).”

To meet the self-authentication standards of Rule 902(13), the advocate must provide an affidavit “containing information that would be sufficient to establish authenticity were that information provided by a witness at trial.” Generally speaking, the certification should be issued by a forensic technician or similar professional and verify that the process recording the information will produce an accurate result, see generally Hon. Paul W. Grimm, et al., “Best Practices for Authenticating Digital Evidence,” 24-25 (West Pub. 2016). Currently, there is no detailed commentary on who is a “qualified person” for purposes of providing a Rule 902(13) affidavit. However, courts will probably use the same framework for Rule 902(13) that they use in determining the authenticity of business records. Thus, under Rule 902(13), individuals familiar with the “electronic process or system that produces an accurate result” used in its collection will likely be considered “qualified persons” capable of providing a Rule 902(13) affidavit.

Rule 902(13)—Example Scenario

Recently dismissed employee, Mary Gilmore, filed a wrongful termination suit against a major corporation (corporation Y) after she allegedly downloaded proprietary business documents from the company server using another employee's login and password. A forensic technician has provided a printout from Mary's computer that provides a complete record of all prior downloads onto her computer. The printed report also includes a history of all username and password actions entered through Mary's device.

Without Rule 902(13), Corporation Y would need to call the forensic technician as a witness to establish the authenticity of the report. This would include questioning to establish the technician's qualifications and the technical process or procedures used to uncover the evidence on Mary's computer.

With Rule 902(13), Corporation Y can obtain an affidavit from the technician explaining this information in writing, and provide reasonable notice of its intent to offer the report as evidence. If the opposing party does not object to the credibility of the technician and process, corporation Y would not need to call the technician as a witness.

Rule 902(14)

Rule 902(14) will allow self-authentication of data copied from an electronic medium, provided such data is recovered using “a process of digital identification” and certified by a “qualified person.” Specifically, the Rule defines evidence that is self-authenticating as “data copied from an electronic device, storage media or electronic file, if authenticated by a process of digital identification, as shown by a certification by a qualified person that complies with the certification requirements of Rule 902(11) or (12).”

Authenticating evidence under Rule 902(14) will be slightly more complicated than authenticating machine-generated electronic evidence under Rule 902(13). First, the information must be recovered from the electronic device, i.e., copied, using a “process of digital identification.” In this regard, the advisory committee recommends parties use “hash values” to authenticate the digital information. A hash value is essentially a digital fingerprint that takes the form of a unique alpha-numeric sequence composed of characters that an algorithm determines based upon the digital contents of a drive, media or file. Thus, identical hash values for the original and copy attest to the fact they are exact duplicates. Although hash values are the preferred method of digital identification, the advisory committee has noted that “the rule is flexible enough to allow certifications through processes other than comparison of hash value, including by other reliable means of identification provided by future technology.”

Second, under Rule 902(14), the proponent of the electronically stored information must present an affidavit from a “qualified person” sufficient to establish the same level of authenticity as information provided by a witness at trial. The “qualified person” would most likely be the computer forensics technician or related professional who collected the evidence and can attest to the process of digital identification used. Essentially, this affidavit must certify that the hash value of the proffered item is identical to the original.

Rule 902(14)—Example Scenario

Jim O'Connor was charged with conspiracy to commit fraud after his email log was subpoenaed in connection with an ongoing investigation into an Alabama-based counterfeiting ring. Jim sells professional-grade printers, which he allegedly sold to the counterfeiters with full knowledge of their intended use (as evidenced in his email records). A technician made a forensic copy of Jim's email history and verified the copy was identical to the original using the aforementioned hash values. The copy was then shared with another technician for a second round of analysis.

Without Rule 902(14), in order to authenticate the original document and the copy, the prosecution would need to call both technicians as witnesses to provide background on the process and methodology used for both electronic documents.

With Rule 902(14), the prosecution would use the technician's verification technique to establish that the copy was an identical match to the original document in advance of a trial.

Conclusion

Today, evidence largely takes the form of electronically stored information. Thus, it is important that attorneys familiarize themselves with the new amendments and their unique authentication process. Removing the need to present live testimony and other evidence to authenticate electronic records will undoubtedly save a substantial amount of time and money for both attorneys and their clients.

Justin N. Leonelli is an attorney at Pittsburgh-based law firm Meyer, Unkovic & Scott. He can be reached at [email protected].