Post Process

Everything to do with E-discovery & ESI

Archive for October 17th, 2007

The Challenges in Admitting Computer Records as Evidence

Posted by rjbiii on October 17, 2007

Computer forensics expert Scott Ellis has written an article discussing the changes wrought by the digital age, and some of the barriers to admitting computer data as evidence in court. Mr. Ellis touches on authentication issues:

Recently, a friend forwarded an article published about a case ruling in which a routine e-mail exhibit was found inadmissible because of authenticity and hearsay issues. What we should take away from that ruling is electronically stored information (ESI), just like any other evidence, must clear standard evidentiary hurdles. Whenever ESI is offered as evidence, the following evidence rules must be considered.

An excellent opinion that doubles as a treatise on authentication was written by Judge Paul Grimm, in the case of Lorraine v. Markel Amer. Ins. Co., 241 F.R.D. 534 (D. Md. 2007). The article continues on the subject.

Real evidence must be competent (authenticated), relevant and material. For example, a computer that was involved in a matter would be considered real evidence provided it hasn’t been changed, altered or accessed in a way that destroyed the evidence. The ability to use these items as evidence may be contingent on this and is why preservation of a computer or digital media must be done.

It is true that the manner in which data acquisition occurred can influence the ability to authenticate the evidence, and that a computer forensics expert would naturally focus on that aspect of authentication. We must add, though, that collection is but one part of leaping evidentiary hurdles, and much of the authentication process depends upon the type of digital evidence one is trying to get admitted. Again, read the Lorraine opinion, or look at the case blurbs from the opinion here on Post Process to get an idea how it all works.

Posted in Admissibility of ESI, Articles, Authentication, Magistrate Judge Paul W. Grimm | Tagged: , | Leave a Comment »

Electronic Discovery Burden is hardly new

Posted by rjbiii on October 17, 2007

Duane Morris partner Eric Sinrod writes about the “new burden” of electronic discovery for CNET:

Almost a year ago the Federal Rules of Civil Procedure governing the discovery of electronic data were amended. While the changes were designed to reduce litigation costs, we’ve seen just the opposite.

I think he gets off on the wrong foot immediately with this opening paragraph. The changes were not, in my opinion, primarily designed to reduce litigation costs. Rather, they were meant to give guidance to courts and disputants on handling electronic discovery. Part of the amendments were aimed at reducing the burden of data that isn’t “reasonably accessible,” because of, inter alia, high costs. In fact, his essay goes awry even before the first paragraph. The very headline, “The new e-discovery burden,” is inaccurate, at least with respect to legal obligations. Relevant computer records were, even before the new amendments, considered discoverable. If there is a new burden, it is because of a combination of business practices (we will save everything ever generated) and certain technological developments (cheap and efficient storage devices, advances in collaborative and distributive computing technologies, etc…). But the amendments stay true to traditional legal principles.

He does make a nice point about the expansion of the definition of the term “document:”

The amendments broadened the definition of items subject to legal discovery, ranging from “documents” or “data compilations” to include all electronically stored information. Parties in a lawsuit can now demand from each other word processing documents, e-mails, voice mail and instant messages, blogs, backup tapes and database files.

I would argue, however, that the law is merely responding to technology, and it is technology that has truly expanded the definition, and the law is merely staying true to the goals of the discovery process. The article continues with examples from cases on such topics as retention policies and litigation holds, reasonable accessibility, cost shifting and sanctions. All provided with links to those decision.

Posted in Articles, Cost of Discovery, FRCP, Trends | Tagged: , | 2 Comments »

Where do Deleted Files go?

Posted by rjbiii on October 17, 2007

Most of us know the answer to this: they don’t go anywhere until overwritten. Yahoo! Tech has posted a basic primer going over the process again, but it also discusses tools for retrieving deleting files, and for “permanently” deleting files (so that they can’t be recovered).

These deleted files aren’t accessible via Windows, but data recovery software like File Scavenger can quickly recover most recently-deleted data from your PC as if it had never been deleted at all. If you’re sure you want to delete those files for good so programs like this won’t work, there’s plenty of software for that too.

Interesting piece with a few nice links to tools you might like to have in your arsenal.

Posted in Articles, Tools | Tagged: , , , , , | Leave a Comment »