As our society continues to trend towards a greater technological and electronic dependence, attorneys can expect to see a rise in the prevalence and importance of electronic data as evidence. Slated to go into effect on December 1, 2017, a new amendment to Federal Rule of Evidence 902 will have strong implications on the importance of proper collection methods of electronic evidence.
The new amendment, known as subsection (14), states that electronic evidence will now be self-authenticated if it is collected properly, able to be digitally verified, and is certified valid by a qualified professional. This new change will make old, less professional methods of collecting electronic evidence obsolete while giving rise to the importance of structured and verifiable collection methods.
The attached Advisory Committee notes address the recommended use of generating a “hash value” for the copied piece of data and comparing it to the “hash value” of the original for authentication. As defined in the Advisory Committee notes:
“A hash value is a number that is often represented as a sequence of characters and is produced by an algorithm based upon the digital contents of a drive, medium, or file. If the hash values for the original and copy are different, then the copy is not identical to the original. If the hash values for the original and copy are the same, it is highly improbable that the original and copy are not identical. Thus, identical hash values for the original and copy reliably attest to the fact that they are exact duplicates.”
What this means for investigators and attorneys is that self-collection methods of electronic data including manual print-screen, drag and drop file copying, or any other simplistic method will not be deemed self-authenticated under the new law. This will most certainly create evidentiary hurdles and headaches. Simply taking a screenshot of emails or social media posts will not provide the necessary hash values for identification. Copying a file or document from a server to yours will alter the meta-data and produce a different hash value from the original flagging the file or document as being altered.
To limit evidentiary issues and remain compliant with the new law changes, your best practice is to hire a professional digital forensics firm that specializes in ESI (Electronically Stored Information) that can certify and generate hash values.
Our firm is licensed to handle sensitive data, we certify our collections, and use the correct digital forensics tools and methodology when processing data into eDiscovery. Our experts are masters in collecting, recovering, searching, and analyzing data and presenting it to you in a professional platform ready for trial. Our firm stands behind our work and if a situation arises, we are ready and willing to testify to support you, back up our findings, and help you win your case.
Evidence is the backbone of any strong legal case. Start the online Case Evaluation to get a quote on our services. We can collect cloud, social media and email data remotely, no travel required and we also have a nationwide network of data collectors in most states. When digital data is required for litigation – make one call to Expert Data Forensics 702.435.8885.
Collect | Recover | Analyze | Store | Report | Certify | eDiscover & Testify – Done!
(c)2017 Expert Data Forensics