"Electronic banking and how courts approach the burden of proof: a

advertisement
Electronic banking and how courts
approach the burden of proof: a
comparative discussion
Stephen Mason, Barrister
Electronic Evidence in Fraud Cases
European Criminal Law Association and the Institute of
Advanced Legal Studies
5 November 2013
Copyright Stephen Mason, 2013
The challenge
There are three aspects that are important that in turn
illustrate that some judges and lawyers have struggled
with the concept of electronic evidence and continue
to do so:
(i) The burden of proof.
(ii) Attitudes to the evidence: that is, the nature of the
evidence of the customer, and the assertions (usually without
evidence) made by the bank.
(iii) The disclosure of relevant documents, or more accurately,
the difficulty (or failure) to get appropriate disclosure.
Copyright Stephen Mason, 2013
The burden of proof
He who asserts must prove (and now we have the
Payment Services Regulations 2009)
The bank must prove that it acted within the terms of
the mandate
Where it relies on the signature of the customer, the
bank must prove the transaction was authenticated by
the customer’s signature
The PIN is the electronic signature of the customer
Copyright Stephen Mason, 2013
Judicial assumptions
Judges often assume that banks carry on their
business competently
Comments of Assistant Judge Leif O. Østerbø in
Bernt Petter Jørgensen v DnB NOR Bank ASA
(2004)
(Translated into English: Digital Evidence and Electronic Signature Law
Review 9 (2012), 117 – 123)
Copyright Stephen Mason, 2013
Examples
German case of 5 October 2004 before the
Bundesgerichtshof (Federal Court of Justice), XI ZR
210/03, published BGHZ 160, 308-321
(Translated into English: Digital Evidence and Electronic Signature Law
Review 6 (2009), 248 – 254)
Norwegian case of case of Pål-Gunnar Øiestad
(Discussed in Maryke Silalahi Nuth, ‘Unauthorized use of bank cards with
or without the PIN: a lost case for the customer?’, Digital Evidence and
Electronic Signature Law Review 9 (2012), 95 – 101)
Copyright Stephen Mason, 2013
Computers and ‘reliability’
Implicit willingness to assume that banks carry on their
business competently
Failure to grasp that failures in complex networks of
software systems can produce subtle mistakes quite
unlike the obvious errors likely to result when a cog
falls off a spindle in a cash register
The central problem (implicit and explicit):
‘In the absence of evidence to the contrary, the courts will
presume that mechanical instruments were in order at the
material time’ (Law Commission)
Copyright Stephen Mason, 2013
The evidence must be tested
Judges have made mistakes by
refraining from ensuring that the nature and quality of the evidence is properly tested
making erroneous assumptions about the evidence before them that is not warranted
Note the unrealistic comments by Stanley Burnton LJ in O’Shea v R [2010]
EWCA Crim 2879 at [56]:
‘It is also surprising in the extreme that if the supposed fraudulent webmaster was able to
debit the appellant’s credit card account, he did so for such limited amounts and on
relatively few occasions. This, is however, a minor point.’
Currently on-going (next stop – Court of Appeal):
Shojibur Rahman v Barclays Bank PLC (Clerkenwell & Shoreditch County Court, case number
1YE00364), a transcript of the judgment and the first appeal is published in full with a
commentary in Digital Evidence and Electronic Signature Law Review, 10 (2013) 169 – 187
Copyright Stephen Mason, 2013
The correct approach
ŽŠ v Lietuvos taupomasis bankas No. 3K-3390/2002 before the Lietuvos Aukšciausiasis
Teismas (Supreme Court of Lithuania)
(Translated into English by Sergejs Trofimovs, see Digital Evidence and
Electronic Signature Law Review 6 (2009), 255 – 262)
Copyright Stephen Mason, 2013
Some further reading
Noriko Kawawa, ‘The Japanese law on unauthorized on-line credit card and banking transactions:
are current legal principles with respect to unauthorized transactions adequate to protect
consumers against information technology crimes in contemporary society?’, Digital Evidence and
Electronic Signature Law Review, 10 (2013) 71 – 80
Ken Lindup, ‘Technology and banking: lessons from the past’, Digital Evidence and Electronic
Signature Law Review, 9 (2012) 91 – 94
Stephen Mason, ‘Debit cards, ATMs and negligence of the bank and customer’, Butterworths
Journal of International Banking and Financial Law, Volume 27, Number 3, (March 2012), 163 –
173
Stephen Mason, ‘Electronic banking and how courts approach the evidence’ Computer Law and
Security Review, Volume 29, Issue 2, (April 2013), 144 – 251
Wendy Moncur and Dr Grégory Leplâtre, ‘PINs, passwords and human memory’, Digital Evidence
and Electronic Signature Law Review, 6 (2009) 116 – 122
Steven J. Murdoch, ‘Reliability of Chip & PIN evidence in banking disputes‘, Digital Evidence and
Electronic Signature Law Review, 6 (2009) 98 – 115
Copyright Stephen Mason, 2013
Thank you
www.stephenmason.eu
Download