A Potpourri of Evidence Issues: Admissibility of ESI

advertisement
In a time of dramatic change it is the learners
who inherit the future. The learned usually
find themselves equipped to live in a world
that no longer exists.
Eric Hoffer,
American Writer (1920-1983)
2
Takeaway
• ESI raises distinct evidentiary issues (because it can be
altered from its original form)
• Traditional rules of evidence are flexible enough to deal
with ESI
• The evidentiary rules as applied to ESI
• Suggested pre-trial procedures
Metadata can be helpful in determining the authenticity
of ESI
• 11 Step Foundation for Computer Records
• Differences between ESI and EGI and why it matters
3
I. Elements of
E-Discovery
4
Definition
Electronically-stored information (ESI) =
“Information created, manipulated,
communicated, stored, and best utilized in
digital form, requiring the use of computer
hardware and software.”
5
How E-Discovery is Different
1. Volume
2. Variety of sources
3. Dynamic quality
4. Hidden information: Metadata
5. Environment: Dependence and Obsolescence
6. Deleting doesn’t delete it
6
1.ESI Volume is High
95% of the world’s information is generated in
digital format.
79% of American adults used the Internet in 2009.
An employee at a large company will receive and
send 50-100 emails daily.
7
2. Variety of Sources
• Word processing documents, emails, voice
mails, instant message logs, backup tapes,
blogs, database files
• Computer hard drives, network servers,
personal digital assistants
• Magnetic tapes, CD-ROMs, floppy discs, zip
drives, digital phones, iPads and iPods
8
9
9
10
10
2. Variety of Sources
Recent Trend:
Social/Professional
Networking Sites
11
2. Variety of Sources
Facebook
• More than 500 million active users
• 50% of active users log on to Facebook
in any given day
• Users spend over 700 billion minutes
per month on Facebook
• Facebook users upload about 3 billion
photos per month
12
2. Variety of Sources
MySpace
• More than 122 million monthly active users
around the globe (70 million in US)
• 100,000 signups every day
• Processes 46 million activities and
updates daily
13
2. Variety of Sources
LinkedIn
• Professional networking site
• Over 75 million users
• Executives from all Fortune 500
companies are LinkedIn members
14
2. Variety of Sources
Twitter
• Over 100 million users
• 300,000 new users each day
• 65 million “tweets” posted each day
15
3. Dynamic Quality
• Paper documents are in effect immutable once put on
paper, but …
• ESI is not fixed or in a final form
• Modifications can happen without human intervention
and are not easily detectable
• As a result, there is not always a clear original version of
ESI
16
4. Hidden Information:Metadata
• Definition: data about data; not readily apparent on the
screen view of the file.
• Information about the document that is recorded by the
computer to assist in storing and retrieving.
• Usually not created by or easily accessible to the
computer user.
17
5. Environment: Dependence
and Obsolescence
• ESI can often be read only with special software.
• Raw data without the special structure will appear
incomprehensible
• But to make comprehensible, it might lose functionality
• Legacy data might have been retained, but is now
difficult to access
18
6. Deleting
ESI Doesn’t Delete It
• Deleted or backup information may still
be available, just not easily accessible.
• Deleting from a hard drive is like removing a
card from the card catalog – the book (the
information itself) remains until it’s removed
to make room for a new book.
19
II. Evidentiary
Issues raised
by ESI
20
Admissibility of Electronically
Stored Information
• Little has been written about what is
required to ensure that ESI obtained in
discovery will be admitted in trial
• It makes little sense to go to the cost and
effort to obtain ESI in discovery if a
sufficient foundation cannot be
established to get it admitted.
21
No Need For Special ESI
Evidence Rules
“We see no justification for constructing
unique rules for admissibility of electronic
communications such as instant messages;
they are to be evaluated on a case-by-case
basis as any other document to determine
whether or not there has been an adequate
foundational showing of their relevance and
authenticity.”
– In Re F.P., 878 A.2d 91, 96 (Pa. Super. Ct. 2005).
22
“In general, the Federal Rules of Evidence
apply to computerized data as they do to
other types of evidence. Computerized
data, however, raise unique issues
concerning accuracy and authenticity.”
Manual for Complex Litigation (4th) § 11.446
23
“Accuracy may be impaired by
incomplete data entry, mistakes in
output instructions, programming
errors, damage and contamination of
storage media, power outages, and
equipment malfunctions.”
Manual for Complex Litigation (4th) § 11.446
24
Impaired Accuracy of ESI
• Incomplete data entry
• Mistakes in output instructions
• Programming errors
• Damage and contamination
• Power outages
• Equipment malfunctions
25
“The integrity of data may also be
compromised in the course of
discovery by improper search and
retrieval techniques, data conversion,
or mishandling.”
Manual for Complex Litigation (4th) § 11.446
26
“The proponent of computerized evidence has the
burden of laying a proper foundation by
establishing its accuracy. The judge should
therefore consider the accuracy and reliability of
computerized evidence, including any necessary
discovery during pretrial proceedings, so that
challenges to the evidence are not made for the
first time at trial.”
Manual for Complex Litigation (4th) § 11.446
27
The Evidentiary Challenges
Raised by ESI
• The existing rules were adopted before
ESI issues existed
• The forms of digital and electronic
evidence regularly and quickly change
• Evidence can be altered from its
original form
28
Evidentiary Rules Triggered By ESI
• Preliminary and Conditional Rulings
• Relevance
• Authentication
• Hearsay
• Original Writing
• Compare Probative Value and Risk of
Prejudice
29
Evidentiary Rules (Federal)
• F.R.E. 104(a) and (b)
• F.R.E. 401
• F.R.E. 901(a)
• F.R.E. 801, et seq.
• F.R.E. 1000-1008
• F.R.E. 403
30
III. Preliminary
Rulings
31
F.R.E. 104 (a) and (b)
HOW THEY WORK TOGETHER
• RULE 104 – Preliminary Questions
(a) Questions of admissibility generally.
Preliminary questions concerning the qualification
of a person to be a witness, existence of a
privilege, or the admissibility of evidence shall be
determined by the court, subject to the provisions
of subdivision (b). In making its determination it is
not bound by the rules of evidence except those
with respect to privileges.
32
F.R.E. 104(a) and (b)
HOW THEY WORK TOGETHER
RULE 104(a)
• Do facts presented support preliminary
admissibility?
• It’s a preliminary determination of admissibility
• Made by the Court
• Not required to apply rules of evidence (except
privilege)
• Qualified by Rule 104(b)
33
F.R.E. 104 (a) and (b)
HOW THEY WORK TOGETHER
• RULE 104(b) Relevancy conditioned on
fact.
When the relevancy of evidence depends upon
the fulfillment of a condition of fact, the court
shall admit it upon, or subject to, the
introduction of evidence sufficient to support a
finding of the fulfillment of the condition.
34
F.R.E. 104(a) and (b)
HOW THEY WORK TOGETHER
• RULE 104(b):
- Jury makes factual findings necessary to
determine admissibility
- The facts introduced must be admissible under
rules of evidence
35
F.R.E. 104(a) and (b)
HOW THEY WORK TOGETHER
Example – Counsel offers E-mail into
evidence
• 104(a) Judge decides whether e-mail is
: hearsay
: an admission of party opponent
: business record
• 104(b) Jury decides whether e-mail is
: authentic (what it purports to be)
36
IV. Authentication
37
Authenticating ESI
• Arguably the biggest evidentiary
challenge for ESI
- Why?
- Because ESI is easily created, altered, and
manipulated, either accidentally or
intentionally
38
Authenticating ESI
• “[I]t is possible to create a Web page on a
social networking site in another person’s
name or to send an e-mail or post a message
in another’s name. Therefore, it is difficult to
show who actually is responsible for creating
material on the Internet.”
Levine & Swatski-Lebson, "Social Networking
And Litigation," e-Commerce Law & Strategy
(Jan. 2009)
39
Authenticating ESI
• Authentication is a “threshold preliminary
standard to test the reliability of the
evidence, subject to later review by . . .
cross-examination.” Lorraine v. Markel Am. Ins. Co.,
241 F.R.D. 534, 544 (D. Md. 2007)
40
Authenticating ESI
• Fed. R. Evid. 901(a) – proponent must
offer evidence “sufficient to support a
finding that the matter in question is what
the proponent claims.”
41
Authenticating ESI
• It’s a low hurdle
– Could a reasonable juror find in favor of
authenticity? United States v. Gagliardi, 506 F.3d 140, 151
(2d Cir. 2007)
– Is there a rational basis for fact finder to
conclude the matter is authentic? People v.
Downin, 828 N.E.2d 341, 350 (Ill. Ct. App. 2005)
42
Authenticating ESI
• “[T]he inability to get evidence admitted
because of a failure to authenticate it
almost always is a self-inflicted injury
which can be avoided by thoughtful
advance preparation.” Lorraine, 241 F.R.D.
at 542
43
Authenticating ESI
• Courts have wrestled with
authentication of electronic evidence
– Decisions on both sides of almost any
question
44
Authenticating ESI
• Best-case scenario: Stipulation
– Encourage (pressure) parties to stipulate to
authenticity of ESI
– Often no legitimate challenge to authenticity
– Saves time/money for the Court and parties
45
Authenticating ESI
• Next-best alternative: Admission
– Express admission (request for admission, in
deposition, at trial)
– Failure to object (courts generally have
discretion to consider evidence where there is
no objection)
46
Useful ESI Evidentiary Procedures
• All ESI identified pre-trial
• ESI evidence highlighted to opposing side before trial
• Parties directed to stipulate where appropriate
• Pre-trial offers of proof on disputed ESI exhibits
• Foundational witnesses identified on ESI exhibits
• Parties directed to confer to submit joint cautionary jury
instructions
• In camera proceedings during trial
47
ESI – In Camera
1. In camera hearing addressing authenticity does not
replace the presentation of authenticating evidence
before the jury.
2. The Court must revisit the authenticating evidence at
trial.
3. Even though the Court may have ruled in camera
that the proponent has presented sufficient evidence
to support a finding that the evidence is authentic,
that authenticating evidence must be presented
again to the jury before the evidence may be
admitted. United States v. Branch, 970 F.2d 1368
(4th Cir. 1992).
48
Authenticating ESI
E-mail and electronic communication
– Testimony of a witness with knowledge FRE 901(b)(1)
• No special expert or computer knowledge needed
(witness need not have programmed or even
understand technical operation of computer)
• A witness who sent or received an email can identify it
as such
• Other witnesses who have seen the email in electronic
form can testify that it is an accurate reproduction
49
Authenticating ESI
E-mail and electronic communication
Comparison by trier or expert
-FRE 901(b)(3)
• Expert or fact finder may compare the offered
document with one that has been
independently authenticated.
50
Authenticating ESI
E-mail and electronic communication
– Comparison by trier or expert -FRE 901(b)(3)
• E-mail messages “that are not clearly identifiable on
their own can be authenticated . . . by comparison by
the trier of fact (the jury) with . . . those e-mails that
already have been independently authenticated.”
- United States v. Safavian, 435 F. Supp. 2d 36, 40 (D.D.C. 2006)
51
Authenticating ESI
E-mail and electronic communication
– Distinctive Characteristics -FRE 901(b)(4)
• Frequently used to authenticate e-mail.
• Authentication based on “[a]ppearance, contents,
substance, internal patterns, or other distinctive
characteristics, taken in conjunction with
circumstances.”
• Examples: listed as sender/recipient, email
address, information that only the purported
sender would know, use of nicknames, etc.
52
Authenticating ESI
E-mail and electronic communication
– Other approaches
• Technical expert to trace e-mail through servers
that handled it. FRE 901(b)(9)
• Technical expert to explain encryption process for
encrypted emails. FRE 901(b)(9)
• “Reply doctrine” – purported reply to an earlier
email is likely authored by original recipient
• For text messages (Short Message Service or
SMS) – subpoena records kept by transmitting
communications company for comparison
53
Authenticating ESI
Internet Websites (print-outs)
– Three steps (establish with 901(b)(1), (3), or
(4)):
1. Printed page accurately reflects computer image
of the website as of a certain date
2. Website is owned or controlled by a particular
person or entity
3. Authorship is reasonably attributed to that person
or entity
54
Authenticating ESI
Internet Websites (print-outs)
– Whealan v. Hartford Life & Accident Ins.
Co., 2007 WL 1891175 (C.D. Cal. 2007)
(court held that URL address and date
stamp insufficient.)
– Bowers v. Rector and Visitors of Univ. of
Va., 2007 WL 2963818 (W.D. Va. 2007) (court
rejected counsel’s personal affidavit which
attempted to authenticate webpages)
55
Authenticating ESI
Internet Websites (print-outs)
– Corroboration: witness who viewed the
website; internet archive (“wayback machine”)
plus an expert; evidence of party’s similar
postings elsewhere; 901(b)(4) evidence
56
Authenticating ESI
Using the Way-Back Machine , plaintiff wishes to admit
printout of the web pages of a company as they appeared
years earlier.
TM
Ruling: Plaintiff needs an affidavit of www.archive.org
representative with personal knowledge, verifying that the
tendered printouts are accurate copy of Internet Archive’s (IA)
records. A general affidavit of IA works is not enough. St.
Luke’s Cataract & Laser Institute v. Sanderson, 2006 WL
1320242 (M.D. Fla. 2006)
57
Authenticating ESI
Social Networking Sites
– Essentially identical to Web page authentication
– Testimony of witness with knowledge can
authenticate -Adams v. Disbennett 2008 WL 4615623
– Further substantiation with technological markers
(Internet address, date & time stamp, etc.)
– At least one court has quashed subpoenas seeking
private messages from Facebook and MySpace host
companies as protected by Stored Communications
Act, 18 U.S.C. §§ 2701-12. Crispin v. Christian
Audigier Inc., 2010 WL 2293238 (C.D. Cal. May 26,
2010)
58
Issue
Plaintiff attempts to use the metadata on
relevant emails (data about data) to
authenticate the emails.
59
Rule
Metadata, “commonly described as ‘data
about data,’ is defined as ‘information
describing the history, tracking, or
management of an electronic document.’”
Lorraine, 241 F.R.D. at 547.
60
F.R.E. 901(b)(4)
An adequate authentication can be made
through the identification of distinctive
characteristics, such as appearance,
contents, substance, internal patterns, or
other distinctive characteristics, taken in
conjunction with circumstances.
61
Authenticity of Computer-stored Records
(EXAMPLE)
Witness testifies:
1.
That the subject exhibit was printed from the company’s computer system.
2.
That he knows the computer equipment is DELL equipment.
3.
That he knows the name of the computer program used by the company is
MS Office.
4.
That he used the company’s program and the company’s computer to print
out the subject exhibit.
Proponent Moves: for admission of computer printout.
Opponent Objects: hearsay, lack of foundation, lack of authenticity.
62
Voir Dire on Computer-stored Records
It’s true that:
1.
You did not enter any of the data on the printout into the
computer system?
2.
You do not know who did enter the data into the computer
system?
3.
You cannot testify as to the accuracy of the data entered
into the system?
4.
You do not know how the computer program works?
5.
You are not the custodian of the computer records?
63
Voir Dire on Computer-stored Records (2)
6. You do not know the company’s policies or procedures for the use of the
computer?
7. You do not know how access to the computer is controlled?
8. You do not know whether there have been any changes in the database
or whether any such changes are logged or recorded?
9. You do not know whether the company has any type of audit program to
ensure the continuing integrity of the database?
64
Eleven-step Foundation for
Computer Records
(a la Professor Imwinkelried)
1. The business uses a computer.
2. The computer is reliable.
3. The business has developed a procedure for inserting data into the computer.
4. The procedure has built-in safeguards to ensure accuracy and identify errors.
5. The business keeps the computer in a good state of repair.
6. The witness had the computer read out certain data.
7. The witness used the proper procedures to obtain the readout.
8. The computer was in working order at the time the witness obtained the
readout.
9. The witness recognizes the exhibit as the readout.
10. The witness explains how he or she recognizes the readout.
11. If the readout contains strange symbols or terms, the witness explains the
meaning of the symbols or terms for the trier of fact. Imwinkelried,
Evidentiary Foundations § 4.03 [2].
65
V. Hearsay
66
Hearsay
• Four Steps to Evaluating ESI Hearsay
– Is it a “statement” by a “declarant”?
– Is it offered for its truth?
– Is it excluded from hearsay by 801(d)?
• Prior statement of testifying witness
• Admission by party opponent
– Is there an applicable exception?
67
Hearsay - statement by declarant?
• Statement = (1) oral or written assertion or
(2) nonverbal conduct of a person
intended as assertion. Fed. R. Evid. 801(a)
• Declarant – must be a person. Fed. R.
Evid. 801(b)
68
Hearsay - statement by declarant?
• Important distinction: Electronically stored
v. electronically generated information
– Not always recognized by courts
– United States v. Blackburn, 992 F.2d 666 (7th
Cir. 1993) (court assumed computergenerated printout was hearsay but found it
admissible under hearsay exception)
69
Hearsay - statement by declarant?
“[N]othing ‘said’ by a machine . . . is
hearsay.”
United States v. Washington, 498 F.3d 225, 231 (4th
Cir. 2007) (quoting 4 Mueller & Kirkpatrick, Federal
Evidence § 380 (2d ed. 1994)).
70
Hearsay - statement by declarant?
– Electronically stored information = humancreated, stored electronically
• May be hearsay
• Examples:
–
–
–
–
Email text
Letters and other word processing documents
Social network messages or posts
“Facebook messages raises issues of hearsay.”
Maldonado v. Municipality of Barceloneta, 2009 U.S. Dist.
LEXIS 19842 at *2 n.2 (DPR 2009)
– Chat room conversations
– Text messages
71
Hearsay - statement by declarant?
– Electronically generated information = created
by a computer process or system
• Examples:
–
–
–
–
Most metadata
Email headers
GPS data
A fax machine generated report of transmission
A list of calls made from a cellphone showing time of call,
phone number called, length of call.
72
Hearsay - statement by declarant?
– Some electronic information is a mixture of
electronically stored and electronically
generated information
• Spreadsheets with automatic calculations
• Chat room logs
• Emails with content and header
– This “mixed” information implicates hearsay
rules, at least as to the human-generated
statements
73
The Threshold Issue of Admissibility of EGI:
• Is it exempt from the hearsay rule?
• Is it hearsay?
• Does it fall within a hearsay exemption?
74
Argument why EGI is not hearsay:
• It is not a statement of a person
Argument why EGI is hearsay:
• It is an out-of-court statement (of a
machine) being introduced to prove the
matter asserted.
75
Issue
• The theory that EGI is not hearsay is not
based on a notion that it is more reliable than
other types of information.
• In fact, if no person is required to testify to its
creation, who is cross-examined on the broad
issues of reliability?
76
If EGI is Treated as Non-hearsay:
• It is treated as if it is trustworthy, when it may not be.
• It escapes the gate-keeping function of hearsay rules.
• EGI thereby becomes a prime candidate for E-discovery.
• It becomes admissible against a person or corporation that may
not have created it even known or was created.
• Note: Statements must still be reliable under authentication
rules (e.g., product of a system capable of producing reliable
result)
77
Issue
If EGI is treated as hearsay:
• It is the machine that is the Declarant
• Who should be the witness?
• A person knowledgeable about how this computer compiled and
generated this information?
• The software or a software programmer who created the instructions
allegedly followed by the machine?
• A person from the business or home who has
possession of the document?
• “Nobody” treated as hearsay within the business record or treated as a
business record?
78
Problems with Using the Business Records
Exception to Admit EGI Against a Party:
• The party did not create the EGI
• The party may not have even known it was created
• The machine’s programming was created by a non-agent
non-employee not responsible to the party
• The record is often not knowingly kept by the business
• The EGI may serve no business purpose
79
EGI is an Admission Under: Application of 801(d)(2)
• While a party’s e-mail might come in as a
statement against interest, why would that apply to
a computer-generated information?
(A) Not the party’s statement; or
(B) Party has not necessarily adopted it; or
(C) Not made by a person authorized to make
that statement; or
(D) Not made by a party’s agent?
80
If we treat the machine as a Declarant, why should the
machine’s “testimony” be attributed to its owner?
• The owner had virtually zero to do with the
creation of data or software.
• The owner cannot be said to be responsible
for the information – the machine is not his
agent or employee.
• If the computer is not the Declarant of EGI,
there is no statement of a witness. What is
the admissibility based on?
81
Are we ready to call our
computers our agents?
82
Hearsay – ESI Exceptions
• Business Records Exemption
– Fed. R. Evid. 803(6)
– Record must be (1) contemporaneously made and (2)
kept in the normal and ordinary course of business
• Must relate to the business, not the individual’s personal use
– Note: the actual physical printout can be created in
anticipation of litigation; the exemption refers to the
underlying data
83
Hearsay – ESI Exceptions
• Business Records Exemption
– Caveat – “unless the source of the information or the
method or circumstances of preparation indicate lack
of trustworthiness”
• Easily overlooked
• Must show reliability of the system producing the information
84
Issue
E-mail chains as business records.
F.R.E. 803(6)
Plaintiff offers e-mail chain. Witness says its
his regular practice to send an e-mail
summarizing phone calls he receives.
No showing that it was the regular practice of
the employer to require that the employee
make and maintain such e-mails.
No testimony that this was the practice of all
others in the chain.
85
How would you rule?
• What if the source of the original
information was an outsider?
86
New York v. Microsoft Corp., 2002 WL
649951 (D.D.C. 2002)
• Analyzed the admissibility of series of
exhibits including e-mail and e-mail “chains”
under various hearsay exceptions, and ruling
that an e-mail prepared several days after a
telephone call that described the call did not
qualify as a present sense impression under
Rule 803(1) because the requirement of
“contemporaneity” was not met.
87
Rambus, Inc. v. Infineon Techs. AG,
348 F.Supp.2d 698 (E.D. Va. 2004)
(each participant in an e-mail chain
must be acting in the course of
regularly conducted business)
88
In contrast to the demanding approach taken in Rambus and New York v.
Microsoft, the court in United States v. Safavian took a more flexible approach
to the admissibility of e-mail chains. 435 F.Supp.2d 36, 40-41 (D.D.C.2006).
The defendant objected to the admissibility of e-mail chains, arguing that they
were not trustworthy because they contained e-mails embedded within emails. The court overruled this objection, stating:
“[t]he defendant’s argument is more appropriately directed to the weight the
jury should give the evidence, not its authenticity. While the defendant is
correct that earlier e-mails that are included in a chain-either as ones that have
been forwarded or to which another has replied-may be altered, this trait is not
specific to e-mail evidence. It can be true of any piece of documentary
evidence, such as a letter, a contract or an invoice. . . . The possibility of
alteration does not and cannot be the basis for excluding e-mails as
unidentified or unauthenticated as a matter of course. . . . We live in an age of
technology and computer use where e-mail communication now is a normal
and frequent fact for the majority of the nation’s population and is of particular
importance in the professional world. . . . Absent specific evidence showing
alteration, however, the Court will not exclude any embedded e-mails because
of the mere possibility that it can be done.”
89
Hearsay – ESI Exceptions
• Public Records Exemption
– Fed. R. Evid. 803(8)
– Documents prepared by public office or agency
deemed trustworthy
– Particularly important as to information from
government websites
90
Hearsay – ESI Exceptions
• Present Sense Impression, Excited
Utterance, or Then-Existing Condition
– Fed. R. Evid. 803(1), (2), and (3)
– Particularly important as to social networking
messages and text messages
• [We should be able to find some good Facebook or Twitter
examples for this]
91
Summary
• ESI raises distinct evidentiary issues (because it can be
altered from its original form)
• Traditional rules of evidence are flexible enough to deal
with ESI
• The evidentiary rules as applied to ESI
• Suggested pre-trial procedures
Metadata can be helpful in determining the authenticity
of ESI
• 11 Step Foundation for Computer Records
• Differences between ESI and EGI and why it matters
92
Download