Recent Additions to FRE Rule 902 Simplify the Use of ESI Discovery at Trial
Mark E. Bale, Esq.
Schwartz Semerdjian Cauley & Moot LLP
Until recently, parties looking to submit certain ESI obtained through discovery as evidence in a federal civil case needed to present live witness testimony to establish foundation and prove the veracity of the ESI. Effective December 1, 2017, the Federal Rules Committee changed this practice by updating the Federal Rules of Evidence (“FRE”) Rule 902 to classify certain types of ESI as eligible for self-authentication. Under the newly added sections, FRE 902(13) and (902)(14), accurate ESI data produced through electronic processes and verified copies of electronic information stored on devices, storage mediums or files are considered authentic without requiring additional substantiating evidence. The new sections should, for the most part, replace in-person testimony to establish ESI authenticity. The new sections read as follows:
Rule 902. Evidence That Is Self-Authenticating
The following items of evidence are self-authenticating; they require no extrinsic evidence of authenticity in order to be admitted:
(13) Certified Records Generated by an Electronic Process or System. A record generated by an electronic process or system that produces an accurate result, as shown by a certification of a qualified person that complies with the certification requirements of Rule 902(11) or (12). The proponent must also meet the notice requirements of Rule 902(11).
(14) Certified Data Copied from an Electronic Device, Storage Medium, or File. Data copied from an electronic device, storage medium, or file, if authenticated by a process of digital identification, as shown by a certification of a qualified person that complies with the certification requirements of Rule 902(11) or (12). The proponent also must meet the notice requirements of Rule 902(11).
A stated purpose of the additions to the rule as set forth in the Advisory Committee notes to FRE Rule 902 is to establish a “procedure in which the parties can determine in advance of trial whether a real challenge to authenticity will be made, and can then plan accordingly.” It is important to note that the opposing party can challenge the sufficiency of the certification affidavit. However, once the proponent gives the proper notice under 902(13) or 902(14), the burden shifts to the opposing party. This is a major change in practice which will force parties to restrict their evidentiary challenges to those records where authentication is truly at issue.
The Advisory Committee found that “[i]t is often the case that a party goes to the expense of producing an authentication witness and then the adversary either stipulates authenticity before the witness is called or fails to challenge the authentication testimony once it is presented.” Thus, instead of calling a live witness, the new Rules 902(13) and 902(14) allow the proponent to provide a certificate by a qualified person to certify the authenticity of the electronic evidence.
The reasoning behind the additions is that electronic data can be quickly verified today using hash value matching or another similar highly-technical process that verifies the integrity and accuracy of any copies made from original ESI sources. A file’s hash value is represented by an alphanumeric sequence of characters unique to that file. In practice, the hash value of a file is a unique “digital fingerprint.” If the contents of a file have been modified in any manner, its calculated hash value will be completely different from the file’s original calculated hash value. This means that a copy of a file that has been appropriately collected and processed will have an identical hash value to that of the original file, allowing the hash value to serve as the proof of authentication required by Rule 902 and verifying that a document an attorney is submitting as evidence is in fact what they say it is. This authentication process also helps ensure that electronically-manipulated documents will not become evidence at trial.
Simply submitting a hash value, however, isn’t enough. Parties need to also submit signed certifications from a “qualified person” confirming that they verified the authenticity of the copy through hash value matching or a similar proven method. They also need to provide reasonable written notice to opposing parties about their intention to introduce the ESI and make both the ESI and certification available for opponents to review.
The types of discoverable ESI that would fall under the new rules could include GPS data, cell phone photos, text messages, data related to use of thumb drives on a particular computer, and records of internet connections made from a particular computer - if the proponent introduced an authentication certificate, pursuant to FRE 902(13), showing that the ESI was obtained from systems that produced reliable results. FRE 902(14) will allow, among other things, self-authentication of forensic copies of web pages, social media pages and posts, text messages, or emails, certifying that they are the same as the originals.
In light of these amendments, it will be important for attorneys to consider what is being requested in discovery, and how it is being requested, in order to collect the appropriate data so they are able to employ the simplified and less costly authentication methods. Collecting and duplicating electronic records in a manner that facilitates authentication under FRE 902(13) or (14) will be increasingly useful. Those that wish to take advantage of the new authentication rules should tailor their discovery to specifically request the necessary data and ensure that electronic discovery is collected in a forensically sound manner with methods used track the hash values of the ESI documents. This will usually require drafting an appropriate ESI collection protocol and negotiating an agreement with opposing counsel for the use of the protocol in the case. Such diligence and care in the discovery process may also require using knowledgeable e-discovery practitioners and forensic professionals to verify that best practices are followed in the collection and duplication of ESI by both clients and opposing parties to preserve the ability to employ the FRE 902(13) or (14) authentication methods.
If the proper approach is used, these amendments should result in smoother trial preparation, fewer witnesses, and shorter trials. The intent of these amendments is to alleviate the need to call a witness at trial, as would otherwise be required by FRE 901, to certify the authenticity of electronic documents. Clients who hire forensic experts to assist in forensic investigations will no longer have to pay for their travel, trial preparation and in-person testimony. Though there will be charges for the certification, it would seem they would be offset by other cost savings. The complications related to coordinating and scheduling expert testimony during the busy days of trial-prep and trial will largely be eliminated. This will result in fewer things for attorneys and judges to worry about during trial.
While the authentication process now permitted by Rule 902 is certainly much easier and less expensive than having IT professionals, consultants or forensic technicians appear in person for trial, the law is still developing on the interpretation of what constitutes a “qualified person” capable of executing the required certification. As outlined in the Advisory Committee notes to FRE Rule 902, a qualified person is defined as someone who would be able to “establish authenticity were that information provided by a witness at trial.” This individual most likely will need to be an information technology practitioner, as only such a person could be qualified to testify as to how data systems operate and whether information was collected through a reliable "process of digital identification."
With strategic planning, thoughtful preparation of discovery requests, and attention to detail in data collection and preservation, amended Rule 902 should bring big benefits to the Federal trial process by streamlining the authentication of increasingly common ESI evidence obtained from clients and through discovery.