Skip to main content

Electronic Evidence and Electronic Signatures: Index

Electronic Evidence and Electronic Signatures
Index
    • Notifications
    • Privacy
  • Project HomeElectronic Evidence and Electronic Signatures
  • Projects
  • Learn more about Manifold

Notes

Show the following:

  • Annotations
  • Resources
Search within:

Adjust appearance:

  • font
    Font style
  • color scheme
  • Margins
table of contents
  1. Cover
  2. Title Page
  3. Copyright Page
  4. List of Contributors
  5. A note on our Creative Commons licence
  6. Dedication
  7. Contents
  8. Software is reliable and robust
  9. Preface
  10. Acknowledgments
  11. Table of statutes
  12. Table of cases
  13. 1. The sources and characteristics of electronic evidence and artificial intelligence
    1. Digital devices
      1. Processors
      2. Mobile devices
      3. Embedded devices
      4. Software
      5. Data storage facilities
      6. Data formats
      7. Starting a computer
    2. Networks
      1. Types of network
      2. Cloud computing
      3. The Internet of Things
      4. The deep web and the dark web
      5. Common network applications
    3. Types of evidence available on a digital device
      1. Files
      2. Metadata
      3. Imaging
      4. System and program logs
      5. Temporary files and cache files
      6. Deleted or ‘lost’ files
      7. Simulations, data visualizations, augmented and virtual reality
      8. Encryption and obfuscated data
    4. Artificial intelligence and machine learning
      1. Simulations, data visualizations, augmented and virtual reality
      2. Transparency and explainability
      3. AI adversarial attacks
    5. Defining electronic evidence
      1. The dependency on machinery and software
      2. The mediation of technology
      3. Speed of change
      4. Volume and replication
      5. Storage and disclosure
    6. Concluding remarks
  14. 2. The foundations of evidence in electronic form
    1. Direct and indirect evidence
    2. Evidence in both digital and analogue form
    3. Metadata and electronic evidence
    4. Means of proof
      1. Testimony and hearsay
      2. Real evidence
    5. Documents and disclosure or discovery
    6. Visual reading of a document
    7. Authentication
    8. Best evidence
    9. Analogue evidence
    10. Digital evidence
    11. Civil proceedings
    12. Criminal proceedings
    13. Admissibility
    14. Weight
    15. Video and audio evidence
      1. Testimonial use in legal proceedings
      2. Identification and recognition evidence
    16. Computer-generated animations and simulations
      1. Computer-generated evidence in England and Wales: civil proceedings
      2. Computer-generated evidence in England and Wales: criminal proceedings
  15. 3. Hearsay
    1. The rule of hearsay exclusion and its rationale
    2. The right of confrontation
    3. Hearsay and electronic evidence
    4. Electronic evidence and real evidence
    5. Testimonial and non-testimonial use of information
    6. Implied assertions
    7. Civil proceedings and the requirement to give notice
    8. Criminal proceedings
      1. Telephone calls and messages
      2. Representations other than by a person
      3. Body-worn camera footage
      4. Business and other documents
      5. Judicial discretion to include hearsay
      6. Judicial discretion to exclude hearsay
    9. Concluding observations
  16. 4. Software code as the witness
    1. The classification of digital data
      1. Category 1: Content written by one or more people
      2. Category 2: Records generated by the software that have not had any input from a human
      3. Category 3: Records comprising a mix of human input and calculations generated by software
    2. Challenging the code to test the truth of the statement
  17. 5. The presumption that computers are ‘reliable’
    1. The purpose of a presumption
    2. Presumptions and mechanical instruments
    3. Judicial formulations of the presumption that mechanical instruments are in order when used
      1. Judicial notice
      2. A ‘notorious’ class
      3. Common knowledge
    4. Evidential foundations of the presumption
    5. How judges assess the evidence of devices controlled by software
    6. Mechanical instruments and computer-like devices
    7. The nature of software errors
      1. Why software appears to fail
      2. Classification of software errors
    8. The development, maintenance and operation of software
      1. Developmental issues and software errors
      2. Increasing the risk of errors through modification of software
      3. Security vulnerabilities
      4. Software testing
      5. Writing software that is free of faults
      6. Software standards
      7. Summary
    9. Challenging ‘reliability’
      1. Aviation
      2. Financial products
      3. Motor vehicles
      4. Emergency services
      5. Medical
      6. The Post Office Horizon scandal
      7. Banking
      8. Interception of communications
    10. Most computer errors are either immediately detectable or result from input errors
    11. Challenging the authenticity of digital data – trial within a trial
      1. A protocol for challenging software in devices and systems
    12. Reintroduction of the common law presumption
    13. The statutory presumption
    14. Challenging the presumption
      1. ‘Working properly’
    15. Concluding remarks
  18. 6. Authenticating electronic evidence
    1. Authenticity and authentication
      1. An example: email
      2. Digital evidence compared to past paradigms
      3. Admissibility and authentication
      4. The best evidence rule
      5. Identity and integrity
      6. Reliability
    2. Methods of authentication
      1. Self-authentication
      2. System authentication
      3. Digital certification
      4. Digital forensics
      5. Extrinsic and circumstantial evidence
      6. Judicial notice
      7. Digital evidence in archival systems
    3. Technological authentication
      1. Digital signatures
      2. Blockchain
    4. Challenges to the authenticity of evidence in digital form
      1. The cloud
      2. The Internet of Things
      3. Digital preservation
      4. Migration and format changes
    5. The business records exception to the rule against hearsay
      1. The business records exception
      2. Authentication of digital business records
    6. Conclusion
  19. 7. Electronic signatures
    1. The purpose of a signature
    2. Dictionary definitions
    3. The manuscript signature
    4. Statutory definition of signature
    5. The functions of a signature
      1. The primary evidential function
      2. Secondary evidential functions
      3. Cautionary function
      4. Protective function
      5. Channelling function
      6. Record-keeping function
    6. Disputing a manuscript signature
      1. Defences
      2. Evidence of the manuscript signature
      3. Intention to authenticate and adopt the document
    7. The electronic signature
    8. Forms of electronic signature
      1. Authority, delegation and ratification
      2. Forged signatures
    9. Evidence of intent to sign
      1. The automatic inclusion of the signature
      2. Partial document with separate signature page
    10. The Electronic Communications Act 2000
      1. The definition of an electronic signature
      2. The elements of an electronic signature
      3. Liability of a certification service provider
      4. The power to modify legislation
      5. Regulation of Investigatory Powers Act 2000
    11. Electronic sound
    12. The ‘I accept’ and ‘wrap’ methods of indicating intent
      1. Click wrap
      2. Browse wrap
      3. ‘I accept’
    13. Personal Identification Number (PIN) and password
    14. Typing a name into an electronic document
      1. Acts by a lawyer as agent
      2. Interest in real property
      3. Loan of money
      4. Employment
      5. Contract
      6. Guarantees and debt
      7. Public administration, the judiciary and the police
      8. Statute of Frauds
      9. Wills
      10. Constitution of a legal entity
      11. Amending boilerplate contractual terms
    15. The name in an email address
      1. Limitation Act 1969 (NSW)
      2. Statute of Frauds
      3. Legal fees arrangement
      4. Civil Law Act
    16. A manuscript signature that has been scanned
      1. Mortgage redemption
      2. Writing
      3. Employment
    17. Biodynamic version of a manuscript signature
      1. Electoral register
      2. Contract formation
    18. Digital signatures
      1. Technical overview of digital signatures
      2. Algorithms and keys
      3. Control of the key
      4. Disguising the message
      5. Public key infrastructure
      6. Difficulties with public key infrastructure
      7. Authenticating the sender
      8. The ideal attributes of a signature in electronic form
      9. Methods of authentication
      10. Types of infrastructure for asymmetric cryptographic systems
      11. Management of the key and certificate
      12. The duties of a user
      13. Internal management of a certification authority
      14. Barriers to the use of the public key infrastructure
      15. Risks associated with the use of digital signatures
      16. What a digital signature is capable of doing
      17. What no form of electronic signature is capable of doing
      18. The weakest link
      19. The burden of managing the private key
      20. Evidence and digital signatures
      21. ‘Non-repudiation’
      22. Certifying certificates
      23. The burden of proof
      24. The recipient’s procedural and due diligence burden
      25. The sending party: the burden of proof of security and integrity
      26. Burden of proof – the jitsuin
      27. Burden of proof – summary
  20. 8. Encrypted data
    1. Encryption
    2. Methods to obtain encrypted data
      1. Breaking the encryption without obtaining the key
      2. Obtaining the key
    3. Compelling disclosure in England and Wales
      1. Protected information
      2. Notice requiring disclosure
      3. Obligations of secrecy and tipping off
      4. Circumventing the procedure
    4. The privilege against self-incrimination
      1. England and Wales
      2. The USA
      3. Canada
      4. Belgium
    5. Concluding observations
  21. 9. Proof: the technical collection and examination of electronic evidence
    1. Accreditation of the digital forensics discipline
    2. Guidelines for handling digital evidence
    3. Handling electronic evidence
      1. Identifying electronic evidence
      2. Gathering electronic evidence
      3. Gathering of data following legal retention or reporting obligations
      4. Copying electronic evidence
    4. Forensic triage
      1. Preserving electronic evidence
    5. Analysis of electronic evidence
      1. Tools
      2. Traces of evidence
    6. Reporting
    7. Analysis of a failure
    8. Anti-forensics and interpretation of evidence
      1. Data destruction
      2. Falsifying data
      3. Hiding data
      4. Attacks against computer forensics
      5. Trail obfuscation
    9. An intellectual framework for analysing electronic evidence
    10. Conclusions and future considerations
  22. 10. Competence of witnesses
    1. The need for witnesses
    2. Separating data reliability from computer reliability
    3. Lay experts as witnesses
    4. Qualification of witnesses
  23. Appendix 1: Draft Convention on Electronic Evidence
  24. Appendix 2: Cumulative vignettes
  25. Index

Index

Admissibility

admitted without discussion 3.29 fn 3,  6.16

authentic document 2.61

authenticity not a ground for admissibility 6.21

authenticity precondition to admissibility 6.31,  6.126

automated film recordings 2.67

complex electronic evidence 2.22

microfilm 2.67,  6.118,  6.119,  6.120

photographs 2.67,  6.19 fn 1

photographs, computer enhanced 2.84 fn 1

photographs, real evidence 2.7

printouts, breath test machine 2.67,  10.12 fn1

printouts, computers 2.67,  3.47,  5.210,  6.17,  6.21,  6.28,  6.115 fn 1

radar 2.67,  4.13,  5.26

relevance 2.6,  6.15

secondary evidence 2.6

tape recordings 2.14,  2.67

telephone records without statement 6.25

video recordings 2.67

Alcotest 4.37,  5.24,  5.219 fn 1

Analogue evidence 2.14,  2.24,  2.49

difference, digital 6.9

photocopying 2.50

tape recording 2.14

Analysis of electronic evidence

generally 9.56

false assumptions 2.37,  9.56

forensic 9.6

Animations, computer-generated 1.104 fn 1,  2.83

authenticity 1.106

juror perception influenced 1.106

seeing is believing 2.85

testimonial evidence 2.85

Anti-computer forensics 9.103,  9.106,  9.124,  9.130,  9.131,  9.135,  9.140

dual use 9.127,  9.135,  9.140

Anti-forensics

attacks against 9.105,  9.130

data destruction 9.107

generally 9.103,  9.106

trail obfuscation 9.106,  9.131

Anti-virus software 5.114,  8.5,  9.135

Application software 1.17,  1.31,  1.32,  1.48,  1.66,  1.68,  1.121,  6.8,  6.92,  7.29,  7.169,  7.273,  9.2,  10.2

Application Transaction Counter 6.18

Archival systems 6.76,  6.77,  6.78,  6.79

Artificial intelligence 1.98

Adversarial attacks 1.108

transparency and explainability 1.107

Assertions about ‘reliable’ computer systems 5.132,  5.125,  6.19

Assessment

absence of illegal activity 9.118

circumstantial evidence 9.35

Assumptions

erroneous 9.97

false 9.56

general 9.3,  9.96

latent assumptions 2.37

hidden errors 2.37

ATMs (automated teller machines)

attacks 10.2

faulty software 5.77,  5.111

security protocol implemented incorrectly 5.111

theft by members of staff 7.108 fn 4

withdrawals, time of 5.172,  6.19

Audit evidence 2.73,  5.124

Augmented reality 1.104,  1.106

Authentication

admissibility 6.15,  6.16

archival systems 6.76,  6.77

assertions of forgery 6.32,  6.123,  6.124

Australia, Uniform Evidence Acts 6.21,  6.35

authenticity, meaning 1.116,  2.36,  2.66,  4.29,  5.189,  5.198,  6.1,  6.2,  6.3

authenticity, prerequisite 6.31,  6.126

authenticity, presumption 6.84

best evidence rule see Best evidence

blockchain 6.86 and following

problem for authentication 6.89

business records see Business records

Canada

admissibility 6.26,  6.27,  6.45,  6.48

best evidence 6.27,  6.41,  6.48,  6.51

Canada Evidence Act 1995 6.26,  6.27,  6.44,  6.47

integrity 6.44,  6.45,  6.49,  6.50,  6.51,  6.52,  6.54

integrity of the system 6.49,  6.50,  6.54,  6.131,  6.133

Uniform Electronic Evidence Act 6.26,  6.41,  6.45,  6.47

Uniform Law Conference 6.26,  6.46

chain of custody 6.40 see also continuity of custody;continuity of evidence

Chain of Preservation Model 6.78

challenging 5.189 and following, 6.91 and following

assert without evidence 6.17

authenticity 6.18,  6.67,  6.91,  6.110

cloud 6.91 and following

formats, verifying 6.110

Internet of Things 6.99

migration, verifying 6.110

protocol 5.198

trial within a trial 5.189

circumstantial evidence 6.68,  6.69,  6.70,  6.98,  6.100,  6.125,  6.135

collection, affect admissibility 6.67

complex systems, five tests for 6.24 fn 4, Appendix 1

components of an electronic record 6.12,  6.34,  6.36,  6.55,  6.90,  6.101,  6.132

continuity of custody 6.31 fn 2,  6.40,  6.60,  6.66,  6.67,  6.107,  6.131,  9.7,  9.45,  9.93

continuity of evidence 5.34,  9.12,  9.14,  9.47,  9.130,  10.7

criminal proceedings

admissible, Canada 6.26

authenticity, England and Wales 6.23

telephone records from another jurisdiction 6.25

database 6.34,  6.38,  6.57,  6.100,  6.102,  9.78,  9.92,  9.96,  9.100,  9.102,  9.113

digital certification 6.65,  6.66

digital signature 6.38,  6.81,  6.82,  6.85,  6.134,  9.43

diplomatics 6.4,  6.5

direct evidence 2.22,  6.68

documentary accuracy 6.43

electronic record 6.27,  6.45,  6.47,  6.48,  6.51,  6.52

Electronic Documents and Records Management Systems 6.62,  6.63,  6.64

England and Wales

Civil Evidence act 1995 6.23,  6.24

Civil Procedure Rules Pt 31 6.16

Civil Procedure Rules Pt 33.19 6.16

Criminal Justice Act 1988 6.24

email 6.6,  6.7,  6.8,  6.13,  6.17,  6.68,  6.70,  6.90,  6.123,  6.124

establishing, standard 6.31,  6.48,  6.55,  6.62,  6.70,  6.97,  6.110,  6.111

first in time version 9.30,  9.31,  9.31,  9.33,  9.43,  9.48,  9.113

see also first instantiation

foundational requirements 6.29

forgery 6.32,  6.123,  6.124

format 6.13,  6.35 fn 1,  6.143

changes 6.109,  6.110,  6.111

circumstantial evidence 6.125

converted 6.41

document 6.12

interoperable 6.97

logical 6.108

native 6.6

pdf 6.103

stability 6.132

guidelines

Council of Europe 6.9,  6.10

judicial 6.28

hash digest 6.66,  6.86,  6.87,  6.89

ignorance of lawyers 1.1

incorrect assumptions 6.72,  6.74

indirect evidence 2.2

insufficient foundation 6.29,  6.131

instant message communications 6.28

instantiation 6.36,  6.102,  6.132

integrity 6.1,  6.16,  6.37,  6.38,  6.44,  6.109,  6.134

Internet, pages from 6.124

Internet of Things 6.99,  6.100

InterPARES 6.80

Judicial see also Presumption of reliability

approaches 6.28,  6.31

notice 6.71,  6.72,  6.73,  6.74

mainframe computers 6.30,  6.123 fn 1,  10.3

methods

digital certification 6.65

self-authentication 6.61

system authentication 6.62, 6.63

metadata 2.8,  6.81,  6.82,  6.83,  6.84,  6.108

migration 6.80,  6.82,  6.88,  6.109,  6.110,  6.111,  6.134

misunderstanding of IT system 6.57

mutability 6.88

object, originally linked to 6.2,  6.3

Open Archival Information System 6.78

original see Original

organizational criteria 6.60,  6.90

photograph 6.21

physical document 6.9 fn 1,  6.11 fn 1

preservation 6.101 and following, 9.5, 9.29

Chain of Preservation 6.80

cloud storage 9.22

continuity 6.84,  9.7

digital 6.107

forensic copy 9.20,  9.49

formats 6.97,  6.110

integrity 6.84

long-term 6.88

manifested record 6.102

method 6.67,  6.84

obsolescence 6.85

permanent 6.134

place 6.77

requirements 6.81

stored record 6.102

system 6.79,  6.88,  6.91,  6.133

traditional 6.107

presumption of authenticity 6.55,  6.84,  6.98

printouts 5.210,  6.17,  6.21,  6.28,  6.115 fn 1

probative value 2.76, 4.33, 9.40

proof see Proof

provenance 5.192,  5.210,  6.60,  6.129

public documents 6.42,  6.61

qualifications of witnesses 6.28

records management 6.47,  6.52,  6.53,  6.54,  6.133

reliability 6.5,  6.17,  6.36,  6.44,  6.46,  6.58,  6.59

authentication, heart of 6.58

behaving consistently 6.93

defined 6.42

documentary 6.42

integrity not reliability 6.50

presumption 6.55

quality 6.50

system, of a 6.47,  6.62

upload of records 6.90

repository 6.63 fn 1,  6.77,  6.78,  6.79,  6.86,  6.108

screenshot 6.21

seals 6.60

security 6.95,  6.98

self-authentication 6.61

social media 6.17,  6.21,  6.68,  6.69,  6.74

standards 6.1,  6.8,  6.46,  6.47,  6.48,  6.49,  6.51,  6.52,  6.62,  6.90,  6.97,  6.133

system authentication 6.62

system integrity 6.49,  6.50,  6.54,  6.93,  6.95,  6.107,  6.131,  6.133,  6.135

tape recordings 5.190,  5.191

tests, authenticity 6.24 fn 4,  6.31

threshold for authentication 6.21

time stamps 6.60

Trusted Digital Repositories 6.77

Trusted Third Party Repository 6.78,  6.79

trustworthiness 1.93,  5.22,  5.61,  5.213,  6.37,  6.77,  6.79,  6.101,  10.9,  10.28, Appendix 1

verifying claims 6.60

weight of evidence 6.15,  6.17,  6.22,  6.24,  6.27,  6.28,  6.67

witness

authenticity first challenged 6.16

original, attest 6.32

Banking systems, security protocol, failure 5.111

Bankers’ books

Bankers’ books rule 6.113

copies of entries 6.115

exception 7.107

microfilm 6.118,  6.119,  6.120

Best evidence 2.41,  6.5,  6.32

application 2.49

authenticity, proof of 2.66,  6.27,  6.5,  6.131,  6.132

civil proceedings 2.46,  2.59,  2.60,  2.64

criminal proceedings 2.46,  2.63,  2.64,  2.65

digital file, reliability 2.66

electronic copy 2.57

forgery, circumvent 6.32

modern application 2.48

original 2.44,  6.33,  6.34,  6.36,  5.190,  6.32

original, failure to produce 2.45,  2.50,  5.190

photocopying 2.50

printout 2.53,  4.10

proof of integrity 6.51

relevancy 2.42,  2.46,  2.60

rule 2.43,  2.44,  6.131

secondary evidence 2.44,  2.45

signature, forgery 7.202

statutory version 2.60

trial by charter 6.32

oral testimony permissible 2.45

Biodynamic version of a manuscript signature, as electronic signature 7.196,  7.197,  7.198,  7.199,  7.200,  7.201,  7.202

Blackberry 1.92,  6.17 fn 1,  9.10,  9.108

Blockchain 1.25,  6.87,  6.88,  6.89,  6.90

Boilerplate contractual terms

amending in light of electronic signatures 7.151

use of electronic signature, ease of amending contract unwittingly 7.152

usual provision for signature 7.150

Breath alcohol devices

clock 2.38,  2.38 fn 3,  5.224,  5.229

evidence rejected 5.22

oral testimony 2.34

presumed reliable 5.31,  5.32

printout 2.22,  2.34,  2.35,  2.38,  2.60,  2.67,  3.33 fn 1

Browse wrap, as electronic signature 7.98,  7.99,  7.100

Bugs, definition of 5.78

Burden of proof 2.72,  5.3,  5.259 fn 2

bank, PIN 7.107

browse wrap 7.100

electronic signature, power of minister 7.72

electronic signatures 7.61,  7.67,  7.302,  7.330

email address, forgery 7.190

encryption foregone conclusion 8.60

evidence electronic signature 7.93

jitsuin 7.320,  7.325

PIN 7.261 fn 1

pleadings 7.296,  7.311

presumptions 7.296

reallocate 5.226

relying party 7.107 fn 1

reversed 5.169,  5.222 fn 3,  6.73

security and integrity 7.311

sending party 7.311

unexplained wealth 9.92

without authority, used 7.36,  7.108

Business records

accurate, should be 6.122

admissible 6.21,  6.114

authenticity 6.123,  6.126,  6.127,  6.128,  6.129,  6.130

Bankers’ Books Evidence Act 1879 2.67 fn 4,  6.113 fn 1,  6.115,  6.116,  6.119,  6.118,  6.119,  6.120

blockchain 6.87

cloud 6.98 fn 1

computer business records trustworthy, assertion 5.128

computer systems exception 6.19

database 2.31

electronic, can be manipulated 6.123

exception to the hearsay rule 6.42,  6.62,  6.112,  6.113,  6.114,  10.16

hotel cards with machine readable code 10.16

inaccuracies, Princess of Wales Hospital, prosecution of nurses 6.57,  9.99,  9.100,  9.101,  9.102

manipulation, subject to 6.122

photographs 6.115,  6.116,  6.117

printout 10.10

public documents reliable, not imply accuracy 6.42

rationale 6.113

telephone calls 10.9

Cache files, legal consequences 9.109

Cell site analysis 1.45 fn 1,  1.123,  4.28 fn 2,  9.25 fn 1,  10.21,  10.21 fn 3

Chain of evidence 6.40, 9.45 see also continuity of custody; continuity of evidence

Chat room 3.20 fn 3

Characteristics of electronic evidence

contamination 1.119

definition 1.110,  1.113

dependency on machinery and software 1.117

distinction between paper and electronic data 1.116

electronic document is a process 1.117

intellectual framework 9.137

jurisdiction 1.25

legal repercussions 1.118

machinery, dependency on 1.117

mediation of technology 1.118

metadata 1.119,  6.81,  6.82

misleading impression between paper and electronic data 1.115

networked environment 1.130

practical problems 1.133

replication 1.125

social context 1.78,  1.84

speed of change 1.121

software, dependency on 1.117

storage media 1.129

technical obsolescence 1.121

translation 1.126

volume 1.125

Circumstantial evidence 2.2,  5.3,  5.5,  6.17,  6.68,  9.35

abusive images of children 9.35

authenticate digital evidence 6.69,  6.125

cloud, stored in 6.98

email 6.70

proof of identity 6.7

Click wrap, as electronic signature 7.90,  7.91,  7.92,  7.93,  7.94,  7.95

Clock

accuracy 1.19,  2.38,  4.11,  5.6 fn 1,  7.247,  9.60,  9.61

altering 1.19,  1.21

component of a digital device 1.18

correctness 5.21 fn 1

facsimile machines, not accurate as a matter of ‘common sense’ 9.60

false assumptions, ATM 5.74

functions 1.18,  1.19

inaccuracy 5.229,  9.60 fn 5

malfunction 5.212

real-time clock 1.18,  1.19,  1.70

system clock 1.20,  1.21

time zones 1.70,  9.62

USNO Master Clock 9.60 fn 1

validate, need to 4.11

video clock 9.58

Cloud computing

co-operating 9.28

copying data 9.27

Council of Europe 9.55

deleted 9.52

forensics 9.7,  9.15,  9.48,  9.49,  9.50,  9.139

forensic triage 9.39

generally 1.45

obtaining access 1.46

preservation 9.22

standards, claimed 6.93

storage 1.24,  9.49

unique problems 9.24

Collection of evidence, Chapter 9 generally, see Forensic investigation

Computer-generated animations and simulations 2.83

admissibility 2.85,  2.92,  2.94

advantageous 2.97

assumptions and premises 2.86,  2.92 fn 1,  2.95,  2.97

authenticity 1.106

Bloody Sunday Inquiry, use of, in 2.95

civil proceedings 2.87

criminal proceedings 2.89,  2.94

forensic reconstructions, probative value 2.93,  2.94

hearsay 4.11,  4.20

inaccuracy 2.92

legal issues 1.104 fn 1

prejudicial effect 2.90,  2.92,  2.93

presenting evidence, methods 1.94,  106 fn 1, fn 3

probative value 2.93

safeguards 2.82

‘seeing is believing’ tendency 2.85

special care warranted 2.85

testimonial evidence 2.85

Constant proportion debt obligations (CPDOs), risk assessment of 5.148

Continuity of custody 6.2,  6.40,  6.60,  9.45,  9.33

Continuity of evidence 5.34,  6.31 fn 2,  6.40,  6.60,  6.66,  6.67,  6.107,  6.131,  9.130,  107

Copy

bitstream copy 9.30

data to be copied 9.54

number of removes 6.24

secondary evidence 6.32,  6.115

Corpus Chronophage 9.60

Council of Europe 2.62 fn1,  6.9,  6.10 fn 1,  9.55

Dark web 1.48

Tor 1.49

virtual private network 1.49

Dangerous driving and text messages 5.227

Data destruction

deletion 1.91,  1.129,  9.103,  9.117,  9.119,  9.129

deletion tools 9.129

physical destruction 9.112,  9.113

obfuscation 1.95,  9.106,  9.131

re-installation 9.109

SMS 6.17 fn 1,  9.108

Data formats 1.27

Data types

cache files 1.88

imaging 1.85,  6.24,  6.60

files 1.66

program logs 1.86

system logs 1.86

temporary files 1.88

Data visualization 1.104

authenticity 1.106

juror perception influenced 1.106

Decryption see Encrypted data

Deep web 1.48

Definition of electronic evidence 1.110,  1.113

Deleted files

deleted 1.91,  9.109

destruction 9.104

overwrite 9.33

reasonable suspicion 9.109,  9.110

reconstruct 9.30

recover 1.9,  9.56,  9.79,  9.93,  9.109

Destruction of evidence

deliberate 1.129,  9.113

inadvertent 2.45,  9.50

prevent 9.50

wiping software 8.35

Digital evidence, see Electronic evidence

Digital evidence professional

analysis 9.56,  9.93,  9.133

assumptions 9.96,  9.97

careless 1.70

civil proceedings, whether to use in 9.10

device, relevant knowledge 1.122

distortion, prevent 1.120

informed decisions 9.53

interpretation 9.95,  9.117,  9.137

investigation, conduct 9.94

investigation, method used 1.93,  9.17,  9.19,  9.35,  9.72

principles, fundamental 9.31

quality of evidence from 9.10

tools, use of 9.40,  9.69,  9.70,  9.88

Digital devices 1.4

digital data formats 1.27,  1.28

embedded devices 1.10

embedded devices in biological bodies 1.11

erasable programmable read-only memory 1.22

memory 1.7,  1.22,  1.26

mobile devices 1.7

processors 1.6

central processing unit 1.6

graphical processing unit 1.6

network interface controller 1.6

trusted platform module 1.6

random access memory 1.22, 1.23

read-only memory 1.22

secondary storage 1.23

starting a device 1.29

Digital forensics

imaging 1.85,  6.60,  9.73,  9.76

judicial failure to understand 9.13

Digital signature 7.203 and following

algorithms and keys 7.204

asymmetric cryptographic systems (public key) 7.219,  7.236

authenticating

biometric measurements 7.231

fingerprints 7.233

secret codes 7.230

sender 7.225

burden of proof 7.302 and following, 7.330

can do 7.258

cannot do 7.259

Certificate Authority 7.119,  7.245

Dutch, issued certificate to impostor 7.254

internal management 7.251

certificate 7.241

certificate revocation list 7.255

certifying 7.298

duties of a user 7.250

individual identity certificate 7.219,  7.220,  7.279 fn 1

internal management 7.251

issuing a certificate to an impostor

DigiNotar B.V. 7.254

VeriSign 7.254,  7.256

managing 7.238,  7.250,  7.272

revocation of certificate 7.246

disguising the message 7.206

duties of user 7.250

evidence 7.278 and following

generally 7.30

jitsuin 7.320 and following

legal presumption 7.325

registering 7.322

rebutting presumption 7.328

Seal Registration Certificate 7.324

keys

control 7.205

denies using 7.102

distributing 7.245

expiry of keys 7.249

generation of key pair 7.243

managing 7.79,  7.238,  7.272

private 7.65,  7.77,  7.213,  7.214,  7.224,  7.259,  7.262

private key, example 7.270

secure 7.203,  7.269

validating path 7.281

validating public key 7.244

weakest link 7.265

liability, monetary value 7.237 fn 2

‘non-repudiation’

analysis 7.292,  7.293,  7.294,  7.295

burden of proof 7.296

cryptographic 7.297

danger 7.286

engineers use of term 7.290

incorrect assertions 7.287,  7.288,  7.289

purpose 7.291

passwords

by-passing 7.273,  7.274

problems, well known 7.260,  7.261,  7.262

quality 7.275

signature 7.111

public key infrastructure (PKI)

barriers 7.252

cannot do 7.257

difficulties 7.222

recipient, procedural and due diligence 7.311

revocation 7.246

certificate revocation list 7.221,  7.247,  7.252,  7.255,  7.256,  7.281,  7.282

reasons for revoking 7.246

risks, imposter 7.254

sending party, security and integrity 7.311 and following

signature not linked to person 7.270

smart cards 7.263

symmetric cryptographic systems 7.207

technical overview 7.203

weakest link 2.265

Digital visual evidence presentation systems 2.83

Direct evidence 2.2,  2.8,  2.17,  2.45,  4.35,  6.68,  9.105,  9.134

Disclosure of digital data 2.26

audio tapes, discoverable 2.28

document, meaning 2.26 fn 1

procedure, proposed approach 5.264

speed camera photographs 2.7

Discovery, see disclosure

Distributed ledgers 1.25

Document

audio tape, discoverable 2.28

authentication 2.36,  2.61

computer database 2.31

current account ledger 2.31

data in digital form 2.8,  2.16

definition 2.32

definition, statutory 2.27

digital, primary evidence 2.53,  2.55,  2.56

facsimile transmissions 2.28

information recorded in an electronic medium 2.31

integrity 6.4,  6.41

medium upon which information is stored 2.32

original 2.42,  2.43,  2.44,  2.45,  2.47,  2.50,  6.36,  6.41

standard, documentary evidence 6.110

tape recording 2.67,  2.14,  2.29

television film 2.28

teletext transmission 2.31

tombstone 2.26

visual reading 2.33

Documentary evidence 2.12 fn 3,  2.34,  2.60,  6.48,  6.76,  6.80,  6.102,  6.106,  6.107,  6.108,  6.110,  6.112

Electronic evidence

ACPO Good Practice Guide for Digital Evidence 9.9 fn 3,  9.17

analysis 1.123,  3.23,  4.33,  4.37,  5.25,  5.61,  5.252,  6.19 fn 1,  6.124,  9.1,  9.56,  9.68

authenticity 2.66

changes to evidence by IT administrators 9.17,  9.101

characteristics, Chapter 1 generally

challenging 4.37

circumstantial 6.98,  6.100,  6.125,  6.135,  9.35 see also Circumstantial evidence

classification 4.9,  4.15,  4.16,  4.18,  4.20,  4.27,  4.29

continuity of custody 3.60 fn 1,  5.243,  6.31 fn 2,  6.40,  6.60,  6.66,  6.67,  6.107,  6.131,  9.12,  9.14,  9.45,  9.130,  10.7

copies, probative value 9.34

copies, quality 9.33,  9.34

disk, copying 9.72

definition

difference

analogue evidence 6.9, 6.14

real evidence and hearsay 2.13

digital form 2.16

evaluating 6.9,  6.10,  6.11,  6.12,  6.13

examination 4.1,  4.24, Chapter 9 generally

files 1.66

first in time evidence 9.30,  9.31,  9.31,  9.33,  9.43,  9.48,  9.113 see also first instantiation

geolocation data 1.12,  1.13

guidelines

Council of Europe 6.9,  6.10

judicial 6.28

hiding data 9.127,  9.128,  9.131

human readable 1.87,  1.117,  1.118,  2.5,  2.8,  2.55

identifying 9.16

integrity 2.36,  2.66,  4.33,  5.242,  5.243,  6.1,  6.16,  6.37,  6.38,  6.109,  6.134,  9.13,  9.40,  9.45,  9.76,  9.81,  9.124,  9.130,  9.134,  9.135,  10.26

interpretation 9.103,  9.106,  9.136

investigation see Investigation and Chapter 9 generally

not conclusive 9.66,  10.27

original 2.52,  2.54,  2.58,  6.36

probative value 2.76,  9.1,  9.23,  9.34,  9.40,  9.56,  9.138

provenance 1.116,  2.66,  3.28,  5.191,  5.196 fn 2,  5.210,  6.60,  6.76,  6.129,  7.7,  9.14,  9.15

quality 9.33,  9.68,  9.106

solid-state drives 1.7,  1.23,  8.5,  9.20

storing 9.46,  9.47

tools 9.69

trail obfuscation 9.106,  9.131

transporting 9.46,  9.47

understanding digital data, need to 9.68

unreliability 5.235,  5.236,  5.251

validating digital data 9.40

video surveillance footage 2.90

volatile evidence 9.12,  9.20,  9.22,  9.51

Electronic signature, Chapter 7 generally

abstract reliability test 7.201

Australia

abstract reliability test 7.201

case law see individual forms of electronic signature

Limitation Act 1969 (NSW) 7.155,  7.156

authenticate and adopt 7.1,  7.3,  7.15,  7.25,  7.30,  7.130,  7.165,  7.177,  7.268,  7.333

authority

agent 7.117

attorney 7.117

bind organization 7.151

cheque 7.1,  7.27

delegation 7.33

email 7.115

promise 7.178

ratify 7.34

without authority 7.22 fn 1,  7.36,  7.318

witness statement, denied 7.38 fn 1

automatic inclusion of signature 7.40

email 7.43 and following

facsimile transmission 7.41

SWIFT communications 7.46

Belgium, case law 7.192 fn 1

Bolero 7.237

burden of proof

allocation of liability

bank 7.107

browse wrap 7.100

certification service provider, burden reversed 7.67

Electronic Communications Act 2000 7.61

Ministers to determine 7.72

digital signature 7.302,  7.330

due diligence, recipient 7.310

private key, denies using 7.296

relying party 7.107 fn 1

sending party, security and integrity of 7.311

weaknesses in PKI infrastructure 7.265

jitsuin

introduction 7.320

legal presumption 7.321

Seal Registration Certificate 7.325

PIN, asserted reversal, incorrect 7.261 fn 1

rubber stamp 7.302

Scotland 7.49 fn 4

Ceremony, importance of signing 7.229

China

name in email, electronic signature 7.115 fn 1

text message, signature in of loan of money 7.115 fn 1,  7.120

cipher (tuğra) of the Ottoman sultans 7.5 fn 1

definition

dictionary definitions 7.4

voice 7.83

Denmark

email 7.115 fn 1

dissolution, request for, sufficiency of electronic signature 7.114 fn 2

mortgage redemption, scanned manuscript signature 7.193

disputing 7.20

document

partial document 7.48,  7.49

Scotland, position in 7.49

separate signature page 7.48,  7.49

England & Wales also see Scotland below

advanced electronic signature 7.67

electronic signature, see individual entries

burden of proof see Burden of proof

Electronic Communications Act 2000 7.51,  7.175

amended 7.51

certification 7.62,  7.65,  7.66

commencement of 7.51

definition of electronic communication 7.55

definition of electronic signature 7.9,  7.59,  7.75

disclosure of key, see Regulation of Investigatory Powers Act 2000

elements of electronic signature 7.58,  7.59

general power 7.69

liability of a certification service provider 7.67

limitation of powers 7.70

modification of legislation 7.71

qualified electronic signature 7.51

Regulation of Investigatory Powers Act 2000

definition of electronic signature for the purposes of the Act

disclosure of key 7.76

exclusion of electronic signatures 7.80

key 7.76

possession of a key 7.78

s 49 notice 7.76,  7.77,  7.79,  7.250

signature, statutory definition 7.9,  7.10

forged 7.20,  7.20 fn 1,  7.22,  7.35,  7.227

burden of proof 7.24

certificate revocation list 7.255

digital signature, should not be capable of being 7.227

electronic signature 7.37

facsimile transmission 7.22 fn 1

jitsuin 7.321,  7.328,  7.332

seal 7.312

forms of electronic signature 7.30 see 7.196

browse wrap 7.98

click wrap 7.90

digital signature 7.203

electronic sound 7.82

‘I accept’ 7.101

name in an email address 7.154

number 7.132

password 7.111

Personal Identification Number (PIN) 7.103

scanned manuscript signature 7.191

typing a name into an electronic document 7.114

France, case law 7.115 fn 1,  7.195

function of signature

cautionary function 7.11 fn 1,  7.16

channelling function 7.18

generally 7.2,  7.3

primary evidential function 7.12

protective function 7.17

record-keeping function 7.19

secondary evidential function 7.15

Germany

email 7.115 fn 1

password 7.102

PIN 7.108

qualified electronic signature, monetary limit 7.237 fn 2

Greece

name in email address 7.168 fn 1,  7.190 fn 1

PIN falling into wrong hands 7.108 fn 7

holograph 7.140,  7.140 fn 2,  7.293

IdenTrust 7.237

intent 7.7,  7.15,  7.28,  7.38,  7.42,  7.90

cheque 7.27

evidence 7.38

Law Commission 7.177

not relevant 7.163

objective test 7.177,  7.178

organizations 7.45

physical position, signature 7.165

pre-printed letterhead 7.180

printed words 7.168

singing party 7.30,  7.66

statement made over telephone 7.86 fn 3,  7.88

subjective test 7.178

technology 7.180

United State of America 7.82.  7.85

Israel

legal fees arrangement 7.182

name in email address 7.126

Italy

European Arrest Warrant 7.132

name in email 7.115 fn 1

summary proceedings 7.190 fn 1

Japan

jitsuin 7.320

Seal Registration Certificate 7.324

ginko-in 7.320

mitome-in 7.320

Law Commission

admissibility of electronic signature 7.68

authenticate 7.177

‘click wrap’ 7.92,  7.173

intent, objective test proposed 7.177

Lithuania, PIN 7.103 fn2

meaning 7.3

confusion with digital signature 7.30,  7.32

social meaning 7.229

symbolic 7.14

stretch 7.86

Netherlands, The, DigiNotar 7.254

New Zealand

email, first name typed, evidence of intent to sign 7.38,  7.131

email, name typed at bottom 7.117

facsimile transmission 7.41

use of electronic without authority 7.33

Nigeria 7.108

Norway, PIN 7.107 fn 2

notary 7.20,  7.222

number, electronic signature

European Arrest Warrant 7.132

unique 7.109

whether signature 7.96,  7.97

Papua New Guinea 7.108

position of name 7.165

purpose of a signature 7.1,  7.8,  7.10,  7.12,  7.41,  7.75

Russian Federation, banking use of digital signatures 7.291 fn 2

Scotland

document, separate signature pages 7.49

electronic facsimile 7.136 fn 1

exchange of emails 7.128

police force, electronic signature 7.134,  7.135

Singapore

name in email address 7.161,  7.173,  7.178,  7.183

SWIFT 7.46

Society for Worldwide Interbank Financial Telecommunication (SWIFT) 7.46,  7.230 fn 3

South Africa

electronic will 7.140 fn 4

name typed in email 7.129,  7.130

objective test 7.178

Statute of Frauds

Canada, electronic signature 7.137

Kansas, electronic signature 7.84,  7.85,  7.86,  7.87

Kentucky, electronic signature 7.88

Statute of Frauds 1677 7.137 and following, 7.157 and following

SWIFT 7.46

Singapore 7.184

Tennessee, electronic signature 7.117

Turkey, PIN 7.107 fn 2

UNCITRAL

Model Law on Electronic Commerce 7.11 fn 1

Model Law on Electronic Signatures 7.11 fn 1,  7.30 fn 1, fn 3

United States of America

‘browse wrap’ method 7.95,  7.98 fn 1

‘click’ method 7.90 fn 3

Electronic Signatures in Global and National Commerce Act

intent 7.82

forgery 7.202

PIN 7.103 fn 1,  7.108 fn 1

proof, importance of 7.93

Uniform Electronic Transactions Act, intent 7.85

Electronic sound, electronic signature 7.82,  7.83,  7.84,  7.85,  7.86,  7.87,  7.88,  7.89

Email

authenticity 6.6,  6.7,  6.13,  6.17,  6.123,  6.124

circumstantial evidence 6.70

common network application 1.53

forged email 2.30 fn 3,  9.120 fn 6

integrity 6.6

truth of content 7.66,  7.285,  9.64

embedded devices 1.10

emojis 1.118

Encrypted data, Chapter 8 generally

Belgium, suspect required to disclose passcode 8.87

brute-force attack 8.6,  8.12,  8.77

burden of proof, not in possession of key 8.39

bypass encryption 8.67

Canada 8.85, 8.86

ciphertext 8.2,  8.19

ciphertext, decrypting 8.12

circumstantial evidence 8.32

circumventing encryption 8.4 fn 2,  8.77

circumventing a notice 8.41

cleartext 8.2

Court of Appeal, wrong basis for plea of guilty 8.35,  8.36

disclosure 8.8,  8.11,  8.13,  8.14

compel 8.44,  8.45

defence 8.28

exception 8.23,  8.24,  8.25

form 8.20

notice 8.12

protected information and keys 8.21

secrecy and tipping off 8.38,  8.39

keylogging software 8.4,  8.5,  8.81 fn 3

deciphering 8.2

decryption 8.2,  8.6,  8.11

electronic signature

definition 8.23

exclusion 8.24

enciphering 8.2

evidential burden 8.27

encryption explained 1.95,  8.2

failure to comply with a notice 8.26

key

the human mind 8.45,  8.50,  8.57,  8.57 fn 4,  8.63

intangible psychological fact 8.52

legal burden, defence 8.27,  8.28,  8.39

possession 8.17,  8.22

presumption of possession 8.28

surrender, compelled 8.6

methods to obtain decrypted data 8.3

National Technical Assistance Centre 8.12

notice

application refused 8.41,  8.42,  8.43,  8.44

requiring disclosure 8.12

passwords 8.3,  8.6,  8.35,  8.48.  8.53,  8.62

plaintext 8.2

protected information

compelling disclosure 8.14

defined 8.9

disclosure 8.21

key to 8.17

powers 8.10

presumption 8.26

requirement to describe 8.20

suspect 8.13

secrecy 8.10,  8.38

self-incrimination, privilege against 8.45 and following, 8.48, 8.52 fn 2, 8.90

sentencing 8.30 and following

standard of proof 8.31

tipping off 8.10,  8.38,  8.40

United Kingdom statutory regime 8.8

United States of America, position in, see United States of America, encrypted data

vulnerability attack 8.4

Enhanced digital imagery 2.77

European Court of Human Rights, extraordinary conclusion 9.12,  9.13

Event data recorder 4.27

Evidence, contamination 1.119

Expert evidence by lay person 9.25 fn 1

Falsifying data see also Authentication

altered payslip 9.123

car parking 9.122

fictitious litigation 9.121

generally 9.120

tape recording 9.120

Faulty ATM software 5.77,  5.111

Fingerprint 7.233

biometric measurement 7.231

deterrence 7.234

secure private key 7.269

undermined 7.233

Firmware 1.14,  1.15,  4.37,  5.24,  5.65,  5.126,  5.134 fn 1,  5.183 fn 3,  5.186

Forensic investigation

access controls 9.47

analysis, judicial failure to understand 1.123

analysis, reliance on complex statistics software 1.100

changes, prevent 9.50

collection of evidence

ACPO guide 9.17,  9.27

cloud 9.7

elements 9.10

empirical law 9.29

interference 9.130

preservation 6.67

principles 9.31

process 5.210

standards 9.8

computer simulation 1.105

copy 6.57,  9.27,  9.34

digital data, validating 9.40

duplication 6.39

handling 9.10

HASH collisions 9.41,  9.42,  9.43

image 6.38,  6.60

interpretation 9.2,  9.3,  9.25,  9.103,  9.106,  9.136,  10.22

Principle of Identifiable Interference 6.39

Principle of Non-interference 6.39

record actions, video 9.19

reporting 9.93

social context 9.104

standards 9.6,  9.9,  9.48,  9.140

tools 9.129

Forensic Science Regulator 9.6,  9.9

Forensic triage 9.17,  9.36,  9.37,  9.38,  9.39,  9.52

Forgery

emails 6.123,  6.124

railway tickets 5.66

Gathering electronic evidence 9.19

Garbage-in-garbage-out 5.91,  5.246

Handling digital evidence 9.8

copying electronic evidence 9.27

empirical laws 9.29

forensic copy 6.38,  6.39,  6.57

forensic triage

ACPO Good Practice Guide for Digital Evidence 9.8

Council of Europe 6.9

guidelines 9.9

gathering 9.19

International Organization on Computer Evidence 9.8

principles 9.7,  9.27,  9.31,  9.34,  9.50,  9.94,  9.140

tools 9.69 fn 4

Hash

blockchain 6.86,  6.89

collisions 9.41,  9.42,  9.43

computed 6.86 fn 1

court, failure to understand 9.13

files, comparison 5.62

implied assertions 3.28

invalidate 9.44

MD5 6.66,  9.41,  9.42,  9.43

National Software Reference Library 9.43

one-way 9.40

purpose, investigations 9.32,  9.50

SHA-1 6.66,  9.42,  9.43

SHA-256 9.43

tools 9.130

Health records 5.164 fn 5

Hearsay see Chapter 3 generally

allocates risk of error 3.9

application 3.17,  3.45

arbitrary nature of distinction 3.38,  3.40,  3.45

assertions 2.13,  3.26,  3.43,  3.44

auto-lab data analyser 4.33

automatic number plate recognition 3.17

blood sample 1.222,  4.33,  5.41,  5.222

business records 3.8

Category 1 3.12,  3.14,  3.15,  3.18,  4.20

Category 2 3.12,  3.16,  3.18,  3.19,  3.22,  3.24,  4.27

Category 3 3.12,  3.18,  3.21,  3.22,  3.26,  4.29

characterizing the evidence

chromotograph 3.23

civil proceedings 3.30,  3.31

computer as a tool 3.22

computer systems and devices as a witness 3.26

confrontation, right to 3.6

criminal proceedings 3.33,  3.34,  3.35

digital data non-testimonial 3.11

direct assertions 3.67

discretion to exclude 3.64,  3.7

exceptions 3.7,  3.8,  3.31,  3.34

exclude 3.64,  3.65

express assertions 3.34

European Convention of Human Rights 3.7

generally inadmissible 2.11

head of a pin 3.43

hearsay statement and evidence of a record of a transaction, difference 2.25

implied assertions 3.27,  3.28,  3.35

indirect assertions 3.67

intention to communicate 3.44,  3.45

justification 3.4,  3.5,  3.7

Law Commission 3.47,  3.65,  4.31,  4.32,  4.25,  4.30

multiple hearsay 3.30,  3.33,  3.60

‘negative hearsay’ 3.32

non-testimonial 3.8,  3.22,  3.23,  3.24,  3.68

notice, requirement to give 3.30

out of court statements 6.112

photographs 3.17

presumption of reliability 3.20

printout, whether hearsay 2.23,  3.47,  4.23,  4.32,  4.33,  4.34

qualifying hearsay statement 3.44

rationale 3.2

recording of a fact 2.23

reliability 3.5,  3.10,  3.64,  3.24,  3.25,  3.29

reliability of the maker of a statement 3.63

representation of fact 3.37,  3.59

right to confront 3.6,  3.7

rule of hearsay exclusion 3.2

second-hand evidence 3.4

testability 3.24

testimonial evidence 3.13,  3.14,  3.18,  3.21,  3.22,  3.23,  3.24,  3.68

traditional definition 3.2

type of device 3.12

use made of the device 3.13

unintended assertions 3.45

United States, waning support 3.8

Video recordings 3.17

weakness of the rule 3.45

Hiding data 9.127,  9.131

cryptography 9.127

steganography 9.127,  9.128

Hidden data 9.128

Human errors

deaths 5.77,  5.94 fn 3,  5.157,  5.158,  5.181,  5.187

deliberate faults 5.98

errors 6.69

faults of omission 5.98

garbage-in-garbage-out 5.91

guileless faults 5.98

input data flaws 6.69

malicious faults 5.98

mistakes 4.14,  5.21 fn 1,  5.74

operational errors 5.92

poor decisions 5.98

user interface errors 5.92

‘I accept’, as electronic signature 7.101,  7.201

Identification evidence

digital imagery, legal guidelines 2.77

facial mapping 2.76

reliability 2.77

surveillance cameras 2.75

underlying scientific techniques 2.76

voice recognition 2.78

Inconsistent positive 6.19

Indirect evidence 2.2

Integrity see Authentication

Interactive virtual simulations 1.94

authenticity 1.106

juror perception influenced 1.106

seeing is believing 2.85

sway juries 2.97

Internet of Bodies 1.11

Internet of Things 1.10,  1.47,  6.99,  6.100

Intoximeter

accuracy 5.218 fn 1

approval 5.219

clock 2.38,  5.212,  5.229

defects, effect 10.19 fn 1

evidence of police officer 2.34,  2.35

presumption in working order 5.31,  5.32

printout

accuracy 5.229 fn 1

admissibility 2.22,  2.24,  2.60

real evidence 2.12,  2.17,  2.22

reliability, challenge 5.224

statutory presumption 5.240,  5.251

Investigation 1.1 fn 1, 1.28, 1.93 Chapter 9 generally

abusive images of children 5.120

artificial intelligence 1.98

attribution of IP address 9.23 fn 2

audit 10.4

challenges 1.12

cloud computing 9.48

failure 9.99

forensic computer simulation software 1.105

forensic triage 9.36

guidelines 9.8

imaging 1.85

informed decisions 9.53

naivety of lawyers 1.123

proprietary tools 9.69

reliability of proof 9.1

reporting 9.93

uncover failure 5.87

Judicial notice 5.1,  5.2,  5.11,  5.14,  5.20,  6.71

accuracy cannot be questioned 5.17

amphometer 5.27

breath analysis devices 5.22,  5.22 fn 3

capacity for accuracy 5.43

criticisms 6.72

Facebook 6.72

incorrect assumptions 6.72

justification 5.18

location of cell phone 5.26 fn 1

maintenance 5.238

manner of programming 5.238

notorious or well-known technology 5.216,  6.71

question justice served if extended 5.19

rebuttal difficult 6.72

restricted 5.13

social media, incorrect generalization 6.74

threshold 5.54,  5.15

Lawyers, requirement to keep up-to-date with technology 1.1

Logs

access logs 6.63,  6.95,  9.22,  9.83,  9.86

activity, recording 1.32,  1.33,  4.27

application log 9.81

audit logs 6.63,  6.95,  9.47,  10.25

authentication, purpose 6.63

change logs 5.35,  5.263

data logs 9.54,  9.81,  9.82

email logs 1.55,  9.16

error logs, known 5.264

event logs 1.20,  9.22

integrity 9.81

network-based logs 9.81

program logs 1.86

purposes 1.42,  6.134,  9.23,  9.56

search logs 6.134

server logs 1.30,  1.55

stored logs 1.39

system logs 1.86,  9.22,  9.81

transaction logs 6.63,  6.108

web logs 1.62,  6.63

wireless networks 1.41

Lost data, recover 9.118

Machine learning 1.98,  1.101

transparency and explainability 1.107

Malfunction, relevance 2.38,  5.56

Malware for investigative purposes

German Constitutional Court 9.135 fn 1

protect users 9.136

Medical devices, Princess of Wales Hospital, prosecution of nurses 9.99

Memomaster 2.32,  8.6 fn 1

Memory 1.22,  1.26,  1.29,  190

Metadata

altering 1.119,  2.56

anti-computer forensics 9.103

application metadata 1.28

archival systems 6.76

authentication 6.81,  6.82,  6.83,  6.84,  6.91,  6.92,  6.93,  6.95,  6.108

best evidence 6.132

blockchain 6.89

Category 2 3.24

change 2.56,  2.66,  6.34

contamination, possibility 1.70

created automatically 1.69

deleting 1.72

description 1.67

direct evidence 2.8

email 1.73,  1.75,  6.124,  7.169

explanation 1.67,  1.68

fallible 1.70

file metadata 1.20

general 1.76,  2.8

hearsay 4.23,  4.31

identity metadata 6.81

IP address 6.7

indirect evidence 2.8

importance demonstrated 1.73

integrity metadata 6.81,  6.82

integrity, demonstrating 6.81, 6.82, 6.83, 6.84

interpretation 1.70

investigation 9.54,  9.82,  9.107,  9.124

manipulate 2.8

preservation 6.101,  6.143

proof 2.9

records 2.56

relevant, indirect or direct 2.2

removal 9.101

social context 1.78

types 1.71

viewing 1.72

Mobile devices

absence switched on 6.18 fn 4

accuracy of location 9.25 fn 1

backups, data retrieved 9.108

forensic download 5.51

identification data 1.43

position tracked 1.44

records admitted 3.29 fn 3

SIM 4.28

telephone, SIM, records, proof of location 1.43,  4.28,  5.26 fn 1

text messages, false claim 2.30 fn 3,  9.120 fn 6

text messages, proof of sending 5.227

Name in an email address, as electronic signature 7.154 and following, 7.182 and following

address 7.168 fn 2,  7.172

automatic inclusion of signature 7.42

identification 7.174

Limitation Act 1969 (NSW) 7.155,  7.156

Statute of Frauds 7.157 and following

National Air Traffic Services 5.129 fn 2

Network applications

email 1.53

instant messaging 1.58

peer-to-peer 1.61

social networking 1.62

Networks 1.30

cellular networks 1.42

corporate intranets 1.40

intranet 1.40

Internet 1.31

Internet protocol address 1.33

wireless networking 1.41

Number, as electronic signature 7.132,  7.133,  7.134

Official websites, reliability of 2.26 fn 2

Operating system 1.16,  1.20,  1.29,  1.117,  5.104,  5.106,  9.69

Original 6.3

Bankers’ books 6.115

best evidence rule 6.32,  6.132

concept 1.25

defined 6.4

diplomatics 6.5,  6.5

electronic data, concept of original 6.33,  6.34,  6.35,  6.36,  6.41,  6.60,  6.132

England and Wales Civil Evidence Act 1995 6.24

first in time version 9.30,  9.32,  9.34,  9.33,  9.43,  9.48,  9.113

integrity 6.36,  6.37,  6.38

multiple 6.4,  6.93,  6.132

secondary evidence 6.32

Password, as electronic signature 7.111, 7.112, 7.113

Personal Identification Number (PIN), as electronic signature 7.103

burden of proof 7.107,  7.108

concept, as signature 7.106

function, banking context 7.103,  7.104,  7.105

Photograph 6.21

document, photograph of 6.115,  6.116,  6.117

secondary evidence 6.115

Prejudicial effect

computer-generated graphical reconstructions 2.90,  2.92,  2.93

Preservation, methods 6.79,  6.80,  6.91,  6.101,  6.107,  6.133

Presumption see Reliability, common law presumption of and Reliability, statutory presumption of and Burden of Proof

Primary evidence

identifying 2.53,  2.54

photograph, negative 2.51

Printouts

admissibility 2.16,  2.24

accuracy 2.38

assumptions 2.53

breath alcohol printout 2.22

disclosure of digital data 2.7

documentary evidence 2.24

evidence to prove a thing was done 2.21

evidence to prove something was recorded as being done 2.25

hearsay 2.17

incomplete data 2.25

real evidence 2.12

reliability 10.10

Processor 1.6

Proof

authenticity 6.84 fn 1,  6.98

banker’s book 6.116

best evidence 6.32

business record 6.128

continuity 4.34

continuity of evidence 6.131

diplomatics 6.5

inconsistent positive 6.19

integrity of a system 6.51

judicial assumptions criticized 6.73

location, of SIM record 1.43,  4.28,  5.26 fn 1

negative 6.19

original 6.32

photograph 6.116

records management 6.53

self-authentication 6.61

system, compliance 6.47

validity of information 6.29

Real evidence

automatic number plate recognition 3.17

description 2.12

definition 2.12

digital photographs

difference between real evidence and hearsay 2.13

material objects 2.12

perception by the court 2.12

printout 2.17,  2.20,  2.21,  2.22,  2.23,  2.24 fn 2

printout, record of a fact 2.24

recording of credits and debits 2.25

things 2.12

Records see Business records

Recognition evidence. 2.75

number plate 1.103 fn 3,  3.17

voice 2.78,  2.79,  2.80,  2.81

Reliability, common law presumption of

accuracy, common experience 5.41

accuracy, condition to be fulfilled 5.43

accuracy, presumptions items accurate without evidence 5.9

accuracy of presumption never correctly tested 5.3,  5.5,  5.6 fn 1

accuracy, never tested 5.7

accuracy, operator of device sufficient to prove 5.46,  5.61

accuracy, scientific instruments 5.21, fn 1

accuracy, testing 5.42

amateur software writers, reliance on 5.99

amphometer 5.27,  5.28

anemometer 5.6 fn 1,  5.21 fn 1

aneroid 5.21 fn 1

assumptions, failure to substantiate 5.181,  5.126,  5.231,  5.242 fn 1

aura of infallibility 5.37

authentication 6.84,  6.98

autopilot 5.143

basic fact, perquisite 5.213,  5.30,  5.23,  5.3

basic fact fails 5.243 fn 3

blood sample testing device 5.41

breath analysis devices 5.22,  5.22 fn 2,  5.125,  5.222,  5.224,  5.226,  5.229

burden of proof, allocation 5.3,  5.226,  5.227

burden of proof, reversed 5.169,  5.222 fn 3,  6.73

Canada, judicial notice 5.14,  5.15,  5.19

challenging 5.226 and following

audits 5.123,  5.124,  5.171,  5.255,  5.132,  5.262

bar for raising 5.254

disclosure of the software code 5.249,  5.259,  5.262

distinguish software and device 5.138

evidential burden 5.230,  5.243,  5.244

lack of foundation 5.228

legal burden 5.226,  5.243

persuasive burden 5.230

reliable enough 5.99

trial within a trial 5.189

well-known software not reliable 5.133

working properly 5.2,  5.7 fn 4,  5.37,  5.50,  5.86 fn 2,  5.130,  5.132,  5.218,  5.232,  5.233,  5.235,  5.242,  5.242 fn 1,  5.245,  5.246,  5.249,  10.12

circumstantial evidence, application of 5.3,  5.5

classification of software errors 5.78

failure of specification 5.83

human errors and biases 5.80

input data flaws 5.91

operational errors 5.92

unintended software interactions 5.85

Colorado Evidentiary Foundations 5.218

common law 5.1,  5.33,  5.48,  5.211,  5.222,  5.239,  5.247

computers reliable erroneous 5.238

confusion between common law and statutory presumption 5.220 fn 2

correct articulation 5.35

demonstrably incorrect 5.2 fn 1,  5.132,  5.142 fn 1,  5.165 fn 2,  5.212 fn 1

devices not permitted to be tested 5.22 fn 6

expediency 5.4

evidential foundation 5.35 and following

blood sample testing device 5.41

conditions that must be fulfilled 5.43,  5.48,  5.49,  5.50

‘correctness’ of the software program 5.42

errors immediately detectable 5.181 and following

failure

‘bug’ 5.78,  5.79,  5.118,  5.153

hardware 5.8,  5.107,  5.108,  5.126,  5.134 fn 1,  5.229

hardware assumed to be at fault 5.181

not understood 5.108

software code 5.65,  5.76,  5.77

specification 5.79,  8.83

test software 5.97,  5.101,  5.116,  5.117

up-dates 5.109

forensic tools

accuracy of, no knowledge required 5.48,  5.51,  5.52,  5.61

not generally accepted 5.64 fn 1

Intoximeter see Intoximeter

judicial assessment of digital devices 5.40 and following

judicial assumptions 5.140

judicial formulations

common knowledge 5.11,  5.27,  5.28,  5.29,  5.30,  5.40,  5.261

common use 5.3,  5.4,  5.244

functioning correctly, inference 5.37

general experience 5.22

general experience, asserted 5.51

general experience, dubious intellectual claim 5.22 fn 2

generally accepted, belief in 5.27,  5.28

generally accepted by experts 5.43

judicial notice 5.11 and following

‘notorious’ class 5.20 and following

scientific or technical instruments 5.22

satellite navigation systems 5.26

software 5.261

notorious instrument 6.72

operating correctly, assertion without evidence 5.33,  5.34,  5.70

ordinary experience 5.3,  5.4

properly constructed 5.33,  5.34,  5.40,  5.70

reliable 5.2,  5.8,  5.26,  5.50

failure to distinguish 5.137,  5.138

failure to establish accuracy of assertion 5.248

lawyer, lack of knowledge 5.249

meaning, failure of judiciary to define 5.235

reliable, asserted without evidence 5.41

reliable, explicit 5.169

reliable, failure to provide meaning 5.36

reliance without mentioning word 5.165 fn 2

software 5.117,  5.252,  5.261

trust experience, judges 5.140,  5.142

trust experience, lay people 5.139

unsubstantiated assertion 5.128

substantial correctness 5.3,  5.4

universally used and accepted 5.140

used correctly 5.8

well known, accuracy of computer devices 5.27,  5.41,  5.61,  5.154,  5.216

working properly 5.2,  5.37,  5.50,  5.130,  5.132,  5.218,  5.232,  5.233,  5.235,  5.242,  5.245,  5.246,  5.249

working order 5.27,  5.29,  5.30,  5.23,  5.33,  5.34,  5.35,  5.39,  5.229

Law Commission

common law presumption 5.1,  5.2,  5.211,  5.214,  5.228,  5.232,  5.224

influence beyond England and Wales 5.1 fn 1

justification 5.212,  5.213

presumption demonstrated to be incorrect, 5.2 fn 1, 5.142 fn 1, 5.212 fn 1

loadometer 5.21

mechanical instruments 5.2,  5.2,  5.6,  5.11,  5.65,  5.216

accuracy 5.5

absence of evidence 5.21 fn 1,  5.32,  5.33,  5.242

correct articulation 5.35

crude assumption 5.214

in order at material time 5.4

justification 5.4

lack of evidence to justify 5.213

maintenance, lack of concern by judges and lawyers 5.27

presumption 5.211

reliance on presumption 5.29,  5.32

miscarriage of justice, reliance on reliability of computer systems 5.169

mobile telephone calls 6.17 fn 1

no requirement to understand software 5.52

pedometer 5.21 fn 1

presumption of innocence, undermined 5.222 fn 3,  5.234

proof of reliability 5.42,  5.241

purpose 5.3

reintroduction 5.221

rationale 5.3,  5.4,  5.222,  5.249,  5.261

reliable, a delusion 5.213

reliable, failure of judicial explanation 5.235

reliance of presumption 5.39

satellite navigation system 5.26

scales 5.9

scientific evidence, lack of 5.4

scientific instruments 5.6,  5.21,  5.43,  5.44,  5.59,  6.72

SMS messages 6.17 fn 1

software code 5.42,  5.61,  5.225,  5.248

discovery failed 5.64

errors through modification 5.102

source code 5.24

unreliable 5.129

well-known not reliable 5.133

speed measuring devices 5.7,  5.215,  5.222,  10.17

statutory presumption 5.219 and following

stopwatch

accuracy 5.7,  5.7 fn 5,  5.8 fn 2,  5.21 fn 1

opinion evidence, whether 5.6

symmetries 5.128

testing 5.7 fn 1

truth 5.6

thermometer 4.12,  4.14,  5.6 fn 1,  5.21 fn 1,  5.22 fn 2

The Science of Judicial Proof 5.58

traffic lights 5.154

trained operator, considered sufficient 5.55

trial by machine 5.36

tyres, pressure 5.8

user sufficient to establish reliability 5.48

watch 5.5,  5.7

weighbridge, accuracy of readings 5.3

Wigmore on Evidence 5.44,  5.59

‘working properly’ 5.232

Reliability, statutory presumption of 5.219

breathalyser devices 5.129,  5.221

confusion with common law presumption 5.220 fn 2

fingerprints, Livescan 5.222,  5.223

satellite navigation system 1.33 fn 1,  5.17,  5.26,  6.16,  7.91,  9.62

scanned manuscript signature, as electronic signature 7.191 and following

Secondary evidence

best evidence 2.42,  2.44,  2.46,  6.32

civil proceedings, admissibility 2.59,  2.61

copy of the original 2.65

criminal proceedings 2.64

differentiation 2.49

exception 6.32

material objects 2.51

metadata 2.56

original, failure to produce 2.45,  2.50

photocopying 2.50

photograph 2.51,  6.115

printout 2.35,  2.57

weight 2.47,  2.48

Signature, what it cannot do 7.259

Silk Road 1.50

Simulations, computer-generated 1.104,  2.83

assumptions and premises 2.86,  2.92 fn 1,  2.95,  2.97

authenticity 1.106

juror perception influenced 1.106

seeing is believing 2.85

testimonial evidence 2.85

Software

application software 1.17

assumption software cannot fail 5.181

backward compatible or ‘downward compatible’ 1.121,  6.62

firmware 1.15

forensic, no error rate 5.63

standards

Common Criteria for Information Technology Security Evaluation 5.121,  5.123

Common Methodology for Information Security Evaluation 5.123

DO-178B, Software Considerations in Airborne Systems and Equipment Certification 5.125

FIPS-140 Information Technology Security Evaluation Criteria 5.121

ISO 13485:2016 Medical devices – Quality management systems – Requirements for regulatory purposes 5.125

symmetry 5.127

system software 1.16

Software code

anti-virus software, limitations 5.114

‘automatic’ correspondence not automatic 4.26

challenging 4.37

changes, affecting code 5.83,  5.102,  5.106,  5.175,  5.215,  5.134 fn 1

components 5.85,  5.87,  5.116

GNU Bash 5.105 fn 1

Heartbleed 5.105

operating system 5.65,  5.106,  5.237

Shellshock vulnerability 5.214

Stuxnet virus 5.115

classification

content written by one or more people 3.14,  4.19,  4.20,  4.23

records generated by the software that have not had any input from a human 3.16,  4.19,  4.27

records comprising a mix of human input and calculations generated by software 3.21,  4.19,  4.29

comments by programmer 4.8

complex software systems 5.99

correct service 5.73

development 5.93, 5.95 and following

errors 5.66 and following

errors, classification 5.78

failure of software, reasons 5.76 and following

fit for purpose, incorrect judicial pronouncement 5.103,  5.104

free of faults 5.120

hearsay Chapter 3 generally; Chapter 4 generally

hidden errors 2.37

imperfect 5.71

inherent design faults 5.138

instructions 2.23 fn 3,  4.5,  4.6,  4.11,  4.21,  4.31,  4.34

joint statement 4.3

judicial assessment

‘correctness’ of the software program 5.21 fn 1,  5.41

fail to distinguish 5.40

limitations 5.67,  5.68

maintenance of software 5.93

modification of software 5.102

nature of software 4.5

nuclear industry, safety and security 5.112

operation of software 5.93

quality control 5.34 fn 1,  5.96

raw data, hearsay 4.31

security patches 5.110,  5.264

security vulnerabilities 5.109,  5.111,  5.112,  5.113,  5.264

software updates 5.243,  5.110

source code 4.4,  4.5,  4.6,  4.7

standards 5.121

testing

inadequate to uncover errors 5.83 fn 3,  5.116

no comprehensive test 5.83 fn 3

solutions 5.94,  5.116

truth, challenging 4.37,  5.24

unreliable, continue to be 5.129,  5.138

user, instructions 7.238

verifiably correct results 5.107,  5.246

vulnerabilities 5.109

well-known not reliable 5.133

witness, as the Chapter 4 generally

zero day exploits 5.109,  5.112

Software errors 5.66 and following

bug 5.78,  5.79

‘bug’ bounty programme 5.118

classification 5.78 and following

common 5.126

complexity 5.85

defect 5.85,  5.86

development process 5.95

deviation 5.73

examples

aviation 5.143

banking 5.171

emergency services 5.161

financial products 5.148

interception of communications 5.178

medical 5.163

motor vehicles 5.154

Post Office Horizon scandal 5.165 and following, 6.55, 6.56

power outage 5.87

stockbrokers 5.151

errors 5.2,  5.23,  5.24,  5.38,  5.64,  5.66,  5.72,  5.84,  5.87,  5.95,  5.213,  5.214

ATM 5.74

classification 5.78

common 5.126

data 5.94

described as deviation 5.73

human 5.80

human factors 5.57

immediately detectable 5.181

increasing the risk 5.102

input data flaws 5.91

interface 5.164

industry knows software is not error free 5.133, 5.136

manipulate 5.104

modification 5.102

operational errors 5.92

primary cause 5.96

programme 5.95 fn 1

programmers 5.107

specification, failure of 5.83

standards 5.125

time 5.86 fn 2

unintended software interactions 5.85

user interface 5.92

failure, discontinuous 5.75

flaw 5.78,  5.79,  5.104,  5.105,  5.107,  5.164 see also errors

functional fault 5.78

immediately detectable 5.181,  5.212,  5.233

inherent problems 5.100

‘legacy’ systems 5.88,  5.173

manipulation 5.154, 5.159

mistake 5.77,  5.79,  5.98,  5.116

modifications 5.93,  5.102

National Aeronautics and Space Administration 5.80 fn 1,  5.183

nature 5.66

personal use assumes reliability 5.99

quality control 5.96

reliability asserted without proof 5.116 fn 1

result from input errors 5.181

specification, failure 5.79,  5.83

Software failure

consequences

air traffic control systems 5.77

baggage handling systems 5.77

death, causing 5.53 fn 1,  5.77,  5.77 fn 7,  5.94 fn 3,  5.155,  5.157,  5.158,  5.259,  5.160 fn 1,  5.181,  5.187

dispensing more cash 5.77

incorrect records 5.77

imprisonment 5.165 fn 2

injury, causing 5.77,  5.94,  5.157,  5.160 fn 1,  5.181,  5.187,  5.259

miscalculating assets 5.77

nuclear war averted twice 5.89

overtime incorrect 5.100

unintended acceleration 5.94,  5.155,  5.181,  5.183,  5.259 fn 2, fn 3

defective seismic programs 5.181

Failure Prediction 5.107

interactions between individual components 5.19,  5.79,  5.85,  5.145

machine-learning systems 5.90

probability of failure 5.102,  5.107,  5.138

proprietary software code 5.96,  5.104

reasons 5.77

security protocol, failure 5.111

Software programmers

amateurs 5.99

lack of knowledge 5.96

programmer errors, causation 5.72

Spreadsheet program

financial sector 4.29

human and software input 4.29

missing data 9.101

Spyware 9.126 fn 1,  9.135,  9.136

Standard of proof, documents

best evidence civil proceedings 2.64

best evidence, criminal proceedings 2.64

Starting a computer 1.29,  1.119

Storage

blockchain 1.25

data storage 1.24,  1.25

distributed storage 1.25

primary 1.22,  1.23,  1.29

secondary 1.22,  1.23,  1.29

Tachographs 3.57

Tanpınar, Ahmet Hamdi 9.60 fn 1

Taylor, Dr John C 9.60 fn 1

Television film 2.28

Testimony

admissibility, electronic document 2.61

calibrated machine 3.22,  3.23

corroborate, device acts to 10.17

declaration 2.10

eyewitness 1.124

hearsay 3.4

machine testimony 4.1 fn 1,  5.245

means of proof 2.10

object tendered 2.36

objection 2.34,  2.35

oral 2.34

photograph 2.67 fn 1

perceptions 2.33

recording erased 2.45

satellite system, accuracy 5.26

video recording 2.76

Testimonial evidence 2.45,  2.60,  2.64,  2.73,  3.6,  3.8,  3.13

Text message, driver causing death 5.227

Thomas, Dylan 9.60 fn 1

Time stamps 1.18,  1.20,  1.57,  6.60,  7.276

Tools, forensic

alter data 9.124

anti-forensic 9.105,  9.106

anonymity protection 9.131

appropriate 9.69

automated 9.70

Cellebrite 5.48,  5.51

common 9.30

copying the hard drive 9.75

criminals using 9.103

cross-examine 9.69

delete data 9.117,  9.129

dual use nature 9.135

encryption 9.20,  9.26,  9.80,  9.89

evidence acquisition boot disk 9.74

fallible 9.71

falsification, challenges 9.126

filesystem encryption keys 9.119

free 9.140

generally 9.77,  9.79,  9.111,  9.130,  9.136,  9.140

hiding data 9.129

imaging 9.76

messages, read 9.88

necessary to investigate devices 9.77

passwords 9.80

privacy protection 9.125

question underlying scientific methodology 9.69

recovering data 9.52 fn 1,  9.78

relevant 9.40

reliability challenged 5.48 and following

software based 9.107

software program, analysis irrelevant in legal 5.52 and following

tested 9.70

training 9.105

viewing the data 9.77

XRY 5.48

Traces of evidence

browser cache 9.84,  9.109

cookies 9.85,  9.86

email 9.10,  9.14,  9.16,  9.88

files 9.82

instant messaging 9.89,  9.90

Internet 9.20,  9.23,  9.28,  9.49,  9.54,  9.81,  9.83,  9.87,  9.90,  9.93,  9.97,  9.131,  9.136,  9.138

logs see Logs

network connections 9.28,  9.81

printing 9.82

private browsing 9.85

social networks 9.90

Tor 9.86,  9.87

VoIP 9.91

VPN proxies 9.86,  9.87,  9.131

Traffic information tickets 2.6

Trail obfuscation 9.106,  9.131

Trial within a trial

authenticity, prima facie case 5.193

balance of probabilities 5.192,  5.193

beyond reasonable proof 5.192 fn 1

challenging authenticity 5.189

rare 5.205

scope, judge to set out 5.207

standard of proof 5.193, 5.197

Trojan horse 5.68,  5.113,  9.131,  9.132,  9.134,  9.135

Trusted Computing 9.136,  9.139

Typing a name into an electronic document, as electronic signature 7.114 and following

email 7.115,  7.117 and following

footer 7.44,  7.138

informal name 7.149

intent 7.38,  7.163

signature 7.149

Statute of Frauds 7.137,  7.138

text message 7.120

wills 7.139 and following

United States of America

Manual for Complex Litigation 5.213

encrypted data 8.55 and following

assist in circumventing encryption 8.77

biometric measurement 8.72

compelled testimonial 8.57,  8.57 fn 4,  8.58

decryption, compelled 8.59,  8.60,  8.66,  8.68,  8.71,  8.71 fn 1,  8.76,  8.81 fn 1,  8.88

Fifth Amendment 8.56,  8.62,  8.63,  8.67,  8.71

forgone conclusion 8.48,  8.60,  8.66,  8.68,  8.69

iPhone protected by passcode 8.76,  8.82

nontestimonial 8.63

privilege against self-incrimination 8.55,  8.57,  8.58,  8.59,  8.72

testimonial communication

biometric measurement 8.73

compelled 8.57

hard drive, decryption and production 8.63

passcode 8.58,  8.75

produce documents 8.59

testimony from the defendant 8.45,  8.63,  8.70

Federal Rules of Evidence 5.123,  6.31,  6.61 fn 2

Manual for Complex Litigation 5.213

self-authentication 6.61, fn 2

trade secret privilege 5.200 fn 1

Unintended software interactions 5.79,  5.85

Video evidence

admissible 2.67,  2.68,  5.194

analysis 9.6

body-worn video camera 1.103,  3.52,  3.55

Category 2 device 3.16,  3.17

clips 1.62

clock gap between ATM 9.58

facial mapping 2.76

general 1.12,  1.222,  2.75

store video recorded, erased 2.45

surveillance footage 2.90,  9.56,  9.57,  9.58,  9.61

testimonial, in lieu 2.73

time stamp 9.59

wills 7.148 fn 2

Virtual reality 1.104

authenticity 1.106

juror perception influenced 1.106

sway juries 2.97

Weight

criminal trial, directions of judge 2.72

no fixed rules 2.71

Wigmore, John Henry, hostility to trade secret privilege 5.200 fn 1

Wills

electronic 4.23

electronic signature 7.139 and following

Witnesses see Chapter 10 generally

assertion of working properly by lay witness 10.20

authentication 6.48,  6.54

competence, knowledge, qualifications 10.1,  10.28

competence of procedures 10.7,  10.20

computer malfunction and touching wood 10.7 fn 1,  10.12

computer reliability, qualified to testify 10.4,  10.4,  10.17

continuity of evidence 10.7

data reliability 1.4

degree of expertise will vary 10.19

forensic examination without relevant knowledge or expertise 10.21

incorrect witness 10.6

inadequate 6.30,  10.9

independence 10.23

knowledge, balance 10.27

knowledge, insufficient 10.22

knowledge with experience 10.21

knowledge, without 6.55,  6.64,  10.1,  10.20,  10.21

lay ‘expert’ 10.8,  10.14

not qualified 9.25 fn 1,  10.20,  10.21

not working properly, declined to hear evidence 10.19

original, attest 6.32

qualifications 6.28,  10.19 and following

qualified without knowledge of software code 5.47

reliability, no knowledge to testify 10.6

reliance on output of computer system 10.8

relevant knowledge, lack of 10.21

using device sufficient expertise 5.24,  5.47

working properly, expert not necessary 10.12,  10.18,  10.20

Annotate

Previous
All rights reserved
Powered by Manifold Scholarship. Learn more at
Opens in new tab or windowmanifoldapp.org