Digital Evidence- Generation, Admissibility and Weight Considerations-An Advanced Course for Sophisticated Litigators
Why Attend?
Now that you have Electronically Stored Information (ESI), what do you do with it? How do you establish that digital evidence is what it purports to be? Has an adequate foundation been laid to authenticate digital evidence? What does it mean for evidence to be (or to be asserted as) forensically sound?
These questions are a direct consequence of the two most significant litigation-related events of the past decade; the emergence of computer information as source, or origination evidence, and the 2006 electronic discovery FRCP amendments. Together, they have fast become a tsunami of a new type of evidence. Digital data forensics also travels in lockstep with digital evidence authentication and admissibility, and accordingly, litigators in all practice areas (as well as in-house counsel) must be immediately prepared to address these emerging issues.
This session will provide new guidance for mounting a successful defense or challenge to digital evidence in today’s court proceedings. George Paul, author of the new ABA book, Foundations of Digital Evidence (August 2008), will address emerging evidentiary issues. Judge Facciola will provide the judicial perspective on emerging trends.
Since plaintiffs and defendants of all stripes are required to produce, defend, and challenge digital evidence, these issues are party-neutral, and litigation-type neutral, and apply to both criminal as well as civil proceedings.
Get the latest answers to today's questions:
• How is the phrase "forensically sound" commonly misapplied to digital
evidence?
• How do claims of forensic soundness accord with assertions of
authenticity?
• How does one properly authenticate digital evidence?
• How might an offer of digital evidence be challenged or defended?
• What new steps must be taken by an attorney to lay a foundation for the
admissibility of digital evidence?
• What does the concept of integrity mean in the digital evidence realm, and
how does it differ from non-digital evidence?
• What is original ESI?
• What admissibility challenge vectors, unique to digital evidence, are
available to the well-informed litigator?
• How can the early participation of an expert add credibility to your stance
in support of or challenging authenticity?
Topics for Forensics and Digital Evidence: A Eunomic Approach
• Traditional Electronic Discovery Reference Model: EDRM
• EDRM and Forensically Sound Digital Evidence
• The Extended EDRM Model
• Where digital forensics really begins
•Forensically Sound Drive Images
• What forensically sound images are, and what they are not
• What they may help establish
• Weaknesses and challenge points to forensically sound images
• Kesterson’s Conundrum, or why forensically sound drive images may not be useful
• About Hashes and Hash Functions
• Definition – what are hashes and hash functions
• Strengths and limitations
• What hashes may help prove
• What hashes do not prove
• Challenge points
• Spoliation issues
• Asserting a global taint
• Avoiding a spoliation claim
• Digital signatures and trusted time stamps
–Uses, strengths and weaknesses
•Discovery – Making Sure You Get Useful Data
• Challenges to discovery protocol efficacy
• Admissibility of Digital Evidence: The ESI Admissibility Logic Tree
• Challenges to Current Admissibility Pathways for Digital Evidence:
• Authentication and FRE 901: Weakening modes for laying foundation for
authentication of digital evidence
• Where Fed. R. Evid. 901(b) foundation requirements fall short
• FRE 901(b)4 - Witness Testimony– Attenuated link to data integrity
• FRE 901(b)9 – System or Process
– Limitations and misperceptions
• Hearsay Doctrine: FRE Rules 801, 802, 803 and 807
• Digital Evidence: Hearsay, non-hearsay, or “other”
• Why the distinction is important for digital evidence
• No decisional authority uniformity
• The Business Records Exception to the Hearsay Rule
• Contemporaneity
• Presumption of trustworthines
• What exactly are Fed.R. Evid. Rule 803(6)’s indicia of
lack of trustworthiness?
• Integrity: The Cornerstone to Digital Evidence Authentication and Admissibility –
• Digital Data Integrity: Origination vs. Original
• Unchanged over time
• The concept of “Reference” and Comparison
• Protecting the Reference
• Objective: Establish forensic soundness: Digital evidence is what it purports to be
• Challenge: Digital evidence is not born with integrity
• Ephemerality by design: The elephant in the digital data integrity
tent
• FRE 901(b)1 Witness corroboration is a poor test for integrity
• FRE 901(b)9 System or Process is inadequate to show data
integrity
• Assertions of Digital Evidence Integrity Must Show Reliability:
• Reliability: Forensic Soundness means reliability
• Integrity Mechanisms: Digital evidence must have an “integrity mechanism” applied at the time relevance is asserted in order to be considered “forensically sound”
• Testability: Both digital data integrity, and the applied integrity mechanism must be testable, not merely asserted
• Digital evidence spoliation is different
• Recent decisional authority
–Degree of culpability required
–Controlling law: state or federal?
–Proving the negative in a digital environment
–Sanctions imposed
• Defending a challenge of spoliation: Forensic soundness at instantiation
What You Will Learn
This advanced level live videocast is for sophisticated in-house counsel, enterprise-retained outside counsel, and litigators who encounter digital evidence in pre-litigation. National faculty will analyze the latest, most pressing challenges faced by litigators, general counsel, and retained counsel in representing enterprises that generate digital evidence.
Planning Chair
Planning Chair & Moderator:
Steven W. Teppler, Esquire
Mr. Teppler is Senior Counsel at KamberEdelson, LLC, a litigation boutique in New York City, and directs the firm’s eDiscovery and electronic litigation activities. Mr. Teppler is a contributor to the ABA hard-cover, “Foundations of Digital Evidence,” (July 2008) and has authored numerous articles on digital evidence authenticity. He is also the co-Vice Chair of the American Bar Association’s Information Security Committee, and the Vice-Chair of the Florida Bar’s Professional Ethics Committee.
Faculty
Hon. John M. Facciola, United States Magistrate Judge for the District of Columbia, was appointed in 1997. He was Assistant District Attorney in Manhattan from 1969-1973, and was in private practice in D.C. from 1974-1982. Judge Facciola joined the U.S. Attorney's Office in 1982 and served as Chief of the Special Proceedings section from 1989 until his appointment as Magistrate Judge. A frequent lecturer and speaker on the topic of electronic discovery. Judge Facciola is a member of the Sedona Conference Advisory Board, the Georgetown Advanced E-Discovery Institute Advisory Board and is also the former Editor in Chief of The Federal Courts Law Review, the electronic law journal of the Federal Magistrate Judges Association. His most recent publication is Sailing on Confused Seas: Privilege Waiver and the New Federal Rules of Civil Procedure, 2006 Fed. Cts. L. Rev. 7 (2006). He received his A.B from the College of the Holy Cross and his J.D. from the Georgetown University Law Center.
George Paul, Esquire, is a partner at Lewis & Roca in Phoenix Arizona, and is the author of Foundations of Digital Evidence (ABA, July 2008), and is the co-author of The Discovery Revolution—E Discovery Amendments to the Federal Rules of Civil Procedure (ABA, 2006).
Hoyt L. Kesterson II, is an Arizona-based technology expert with more than 30 years of experience in the field of information security and related technologies. He chaired the international standards group that created the X.509 certificate. He has been working with the ABA’s Information Security Committee for nearly twenty years on the effects of digital data and electronic signature.
Rebecca Nielsen, Senior Associate, Booz Allen Hamilton, McLean, Virginia, has more than 15 years of experience in information technology and information security consulting. She is a recognized expert on the implementation of Public Key Infrastructure (PKI) within the Department of Defense (DoD). She participates on the DoD’s External Interoperability Working Group and the Federal PKI Certificate Policy Working Group. She has presented at DoD and Federal conferences on PKI and the integration of PKI into business practices, and is a co-author of the draft IETF RFC, “Memorandum for Multi-Domain Public Key Infrastructure Interoperability”. She is a member of the Science and Technology Committee of the American Bar Association. Ms. Nielsen combines a solid knowledge of the technical aspects of public key technology with an understanding of the impact to users and business process owners across functional communities.
Special Offer: Receive a 20% discount on the ABA's Foundations of Digital Evidence by George L. Paul. Use coupon code PAB7EFDE when you check out and the discount will be automatically calculated off the regular price ($119.95). Offer expires September 15, 2008.
Total 60-minute hours of instruction: 3.6 Total 50-minute hours 4.2
Suggested Prerequisite: Significant experience in litigation involving digital evidence.
Educational Objective: To analyze the latest challenges faced by sophisticated litigators as they deal with digital evidence.
Level of Instruction: Advanced.
Times
Eastern 12:00 p.m. – 4:00 p.m.
Central 11:00 a.m. – 3:00 p.m.
Mountain 10:00 a.m. – 2:00 p.m.
Pacific and Arizona 9:00 a.m. – 1:00 p.m.
Alaska 8:00 a.m. – 12:00 noon
Hawaii 6:00 a.m. – 10:00 p.m.
