Skip to main content

Electronic Evidence and Electronic Signatures: Appendix 2

Electronic Evidence and Electronic Signatures
Appendix 2
    • Notifications
    • Privacy
  • Project HomeElectronic Evidence and Electronic Signatures
  • Projects
  • Learn more about Manifold

Notes

Show the following:

  • Annotations
  • Resources
Search within:

Adjust appearance:

  • font
    Font style
  • color scheme
  • Margins
table of contents
  1. Cover
  2. Title Page
  3. Copyright Page
  4. List of Contributors
  5. A note on our Creative Commons licence
  6. Dedication
  7. Contents
  8. Software is reliable and robust
  9. Preface
  10. Acknowledgments
  11. Table of statutes
  12. Table of cases
  13. 1. The sources and characteristics of electronic evidence and artificial intelligence
    1. Digital devices
      1. Processors
      2. Mobile devices
      3. Embedded devices
      4. Software
      5. Data storage facilities
      6. Data formats
      7. Starting a computer
    2. Networks
      1. Types of network
      2. Cloud computing
      3. The Internet of Things
      4. The deep web and the dark web
      5. Common network applications
    3. Types of evidence available on a digital device
      1. Files
      2. Metadata
      3. Imaging
      4. System and program logs
      5. Temporary files and cache files
      6. Deleted or ‘lost’ files
      7. Simulations, data visualizations, augmented and virtual reality
      8. Encryption and obfuscated data
    4. Artificial intelligence and machine learning
      1. Simulations, data visualizations, augmented and virtual reality
      2. Transparency and explainability
      3. AI adversarial attacks
    5. Defining electronic evidence
      1. The dependency on machinery and software
      2. The mediation of technology
      3. Speed of change
      4. Volume and replication
      5. Storage and disclosure
    6. Concluding remarks
  14. 2. The foundations of evidence in electronic form
    1. Direct and indirect evidence
    2. Evidence in both digital and analogue form
    3. Metadata and electronic evidence
    4. Means of proof
      1. Testimony and hearsay
      2. Real evidence
    5. Documents and disclosure or discovery
    6. Visual reading of a document
    7. Authentication
    8. Best evidence
    9. Analogue evidence
    10. Digital evidence
    11. Civil proceedings
    12. Criminal proceedings
    13. Admissibility
    14. Weight
    15. Video and audio evidence
      1. Testimonial use in legal proceedings
      2. Identification and recognition evidence
    16. Computer-generated animations and simulations
      1. Computer-generated evidence in England and Wales: civil proceedings
      2. Computer-generated evidence in England and Wales: criminal proceedings
  15. 3. Hearsay
    1. The rule of hearsay exclusion and its rationale
    2. The right of confrontation
    3. Hearsay and electronic evidence
    4. Electronic evidence and real evidence
    5. Testimonial and non-testimonial use of information
    6. Implied assertions
    7. Civil proceedings and the requirement to give notice
    8. Criminal proceedings
      1. Telephone calls and messages
      2. Representations other than by a person
      3. Body-worn camera footage
      4. Business and other documents
      5. Judicial discretion to include hearsay
      6. Judicial discretion to exclude hearsay
    9. Concluding observations
  16. 4. Software code as the witness
    1. The classification of digital data
      1. Category 1: Content written by one or more people
      2. Category 2: Records generated by the software that have not had any input from a human
      3. Category 3: Records comprising a mix of human input and calculations generated by software
    2. Challenging the code to test the truth of the statement
  17. 5. The presumption that computers are ‘reliable’
    1. The purpose of a presumption
    2. Presumptions and mechanical instruments
    3. Judicial formulations of the presumption that mechanical instruments are in order when used
      1. Judicial notice
      2. A ‘notorious’ class
      3. Common knowledge
    4. Evidential foundations of the presumption
    5. How judges assess the evidence of devices controlled by software
    6. Mechanical instruments and computer-like devices
    7. The nature of software errors
      1. Why software appears to fail
      2. Classification of software errors
    8. The development, maintenance and operation of software
      1. Developmental issues and software errors
      2. Increasing the risk of errors through modification of software
      3. Security vulnerabilities
      4. Software testing
      5. Writing software that is free of faults
      6. Software standards
      7. Summary
    9. Challenging ‘reliability’
      1. Aviation
      2. Financial products
      3. Motor vehicles
      4. Emergency services
      5. Medical
      6. The Post Office Horizon scandal
      7. Banking
      8. Interception of communications
    10. Most computer errors are either immediately detectable or result from input errors
    11. Challenging the authenticity of digital data – trial within a trial
      1. A protocol for challenging software in devices and systems
    12. Reintroduction of the common law presumption
    13. The statutory presumption
    14. Challenging the presumption
      1. ‘Working properly’
    15. Concluding remarks
  18. 6. Authenticating electronic evidence
    1. Authenticity and authentication
      1. An example: email
      2. Digital evidence compared to past paradigms
      3. Admissibility and authentication
      4. The best evidence rule
      5. Identity and integrity
      6. Reliability
    2. Methods of authentication
      1. Self-authentication
      2. System authentication
      3. Digital certification
      4. Digital forensics
      5. Extrinsic and circumstantial evidence
      6. Judicial notice
      7. Digital evidence in archival systems
    3. Technological authentication
      1. Digital signatures
      2. Blockchain
    4. Challenges to the authenticity of evidence in digital form
      1. The cloud
      2. The Internet of Things
      3. Digital preservation
      4. Migration and format changes
    5. The business records exception to the rule against hearsay
      1. The business records exception
      2. Authentication of digital business records
    6. Conclusion
  19. 7. Electronic signatures
    1. The purpose of a signature
    2. Dictionary definitions
    3. The manuscript signature
    4. Statutory definition of signature
    5. The functions of a signature
      1. The primary evidential function
      2. Secondary evidential functions
      3. Cautionary function
      4. Protective function
      5. Channelling function
      6. Record-keeping function
    6. Disputing a manuscript signature
      1. Defences
      2. Evidence of the manuscript signature
      3. Intention to authenticate and adopt the document
    7. The electronic signature
    8. Forms of electronic signature
      1. Authority, delegation and ratification
      2. Forged signatures
    9. Evidence of intent to sign
      1. The automatic inclusion of the signature
      2. Partial document with separate signature page
    10. The Electronic Communications Act 2000
      1. The definition of an electronic signature
      2. The elements of an electronic signature
      3. Liability of a certification service provider
      4. The power to modify legislation
      5. Regulation of Investigatory Powers Act 2000
    11. Electronic sound
    12. The ‘I accept’ and ‘wrap’ methods of indicating intent
      1. Click wrap
      2. Browse wrap
      3. ‘I accept’
    13. Personal Identification Number (PIN) and password
    14. Typing a name into an electronic document
      1. Acts by a lawyer as agent
      2. Interest in real property
      3. Loan of money
      4. Employment
      5. Contract
      6. Guarantees and debt
      7. Public administration, the judiciary and the police
      8. Statute of Frauds
      9. Wills
      10. Constitution of a legal entity
      11. Amending boilerplate contractual terms
    15. The name in an email address
      1. Limitation Act 1969 (NSW)
      2. Statute of Frauds
      3. Legal fees arrangement
      4. Civil Law Act
    16. A manuscript signature that has been scanned
      1. Mortgage redemption
      2. Writing
      3. Employment
    17. Biodynamic version of a manuscript signature
      1. Electoral register
      2. Contract formation
    18. Digital signatures
      1. Technical overview of digital signatures
      2. Algorithms and keys
      3. Control of the key
      4. Disguising the message
      5. Public key infrastructure
      6. Difficulties with public key infrastructure
      7. Authenticating the sender
      8. The ideal attributes of a signature in electronic form
      9. Methods of authentication
      10. Types of infrastructure for asymmetric cryptographic systems
      11. Management of the key and certificate
      12. The duties of a user
      13. Internal management of a certification authority
      14. Barriers to the use of the public key infrastructure
      15. Risks associated with the use of digital signatures
      16. What a digital signature is capable of doing
      17. What no form of electronic signature is capable of doing
      18. The weakest link
      19. The burden of managing the private key
      20. Evidence and digital signatures
      21. ‘Non-repudiation’
      22. Certifying certificates
      23. The burden of proof
      24. The recipient’s procedural and due diligence burden
      25. The sending party: the burden of proof of security and integrity
      26. Burden of proof – the jitsuin
      27. Burden of proof – summary
  20. 8. Encrypted data
    1. Encryption
    2. Methods to obtain encrypted data
      1. Breaking the encryption without obtaining the key
      2. Obtaining the key
    3. Compelling disclosure in England and Wales
      1. Protected information
      2. Notice requiring disclosure
      3. Obligations of secrecy and tipping off
      4. Circumventing the procedure
    4. The privilege against self-incrimination
      1. England and Wales
      2. The USA
      3. Canada
      4. Belgium
    5. Concluding observations
  21. 9. Proof: the technical collection and examination of electronic evidence
    1. Accreditation of the digital forensics discipline
    2. Guidelines for handling digital evidence
    3. Handling electronic evidence
      1. Identifying electronic evidence
      2. Gathering electronic evidence
      3. Gathering of data following legal retention or reporting obligations
      4. Copying electronic evidence
    4. Forensic triage
      1. Preserving electronic evidence
    5. Analysis of electronic evidence
      1. Tools
      2. Traces of evidence
    6. Reporting
    7. Analysis of a failure
    8. Anti-forensics and interpretation of evidence
      1. Data destruction
      2. Falsifying data
      3. Hiding data
      4. Attacks against computer forensics
      5. Trail obfuscation
    9. An intellectual framework for analysing electronic evidence
    10. Conclusions and future considerations
  22. 10. Competence of witnesses
    1. The need for witnesses
    2. Separating data reliability from computer reliability
    3. Lay experts as witnesses
    4. Qualification of witnesses
  23. Appendix 1: Draft Convention on Electronic Evidence
  24. Appendix 2: Cumulative vignettes
  25. Index

Appendix 2

Cumulative vignettes

Each of the vignettes appearing in the first three editions are set out below.

First edition, 2007

The abacus

‘Your honour, I seek to exhibit the abacus.’

The judge looked over his spectacles ‘Which form of abacus is it?’

The barrister looked perplexed and turned to his solicitor and whispered ‘Which form of abacus? How do I know? Are there different types of abacus?’

‘Oh yes’, whispered the solicitor, ‘it’s a Chinese abacus.’ ‘Oh, right. Thanks.’ ‘It’s a Chinese abacus, your honour.’

‘Thank you, Mr Puffington. And what is the purpose of exhibiting the abacus?’

‘Well, your honour, it’s the item upon which the calculations were made to perpetrate the alleged fraud.’

‘Indeed, but that does not mean the abacus ought to be exhibited. Have you a submission on this matter Miss Jawleyford?’

Miss Jawleyford stood as Mr Puffington sat down.

‘Well, your honour, the defence does not seek to argue about an inanimate object.’

‘Quite.’

‘But what we must look to, in my submission, is the reason for admitting the abacus as an exhibit, your honour.’

‘Indeed.’

‘We have already had the opportunity of viewing the abacus, and take no point on the object itself. It is admitted that the defendant used the device. As a material object, it can be admitted into evidence. But the question is, what purpose is served in admitting the device. It is my submission that the presence of the abacus serves no purpose, because the device is merely a device. There is no record of what, if any, calculations might have been made on the device.’

Miss Jawleyford sat down. Mr Puffington stood.

‘Your honour, in our submission, it’s important to exhibit the abacus, because it will serve to make the members of the jury ask themselves why the defendant, a finance director earning over a million-pound salary a year, deliberately used such a device. It is our case that he used the abacus to avoid the creation of records that would implicate him in the alleged fraud. To that end, it’s an important exhibit that ought to be admitted into evidence.’

Second edition, 2010

The ‘forged’ document

‘The problem with the email submitted by the witness, madam, is that the signature cannot be trusted. For this reason, the evidence cannot be admitted.’

Mr Tulkinghorn sat down. Mr Tangle stood up.

‘With the deepest possible respect, madam, my learned friend has let his usual penetrating insight into the analysis of evidence fail him. If this was a letter, for instance, the first question will be “Is the letter genuine?” If the letter is a forgery, then the signature matters not – unless it is genuine and intended to deceive the recipient. If the letter is genuine, then the question arises as to whether the signature is a forgery. Thus it must be with the email. If my learned friend claims that the email is a forgery, the status of the signature is irrelevant. Is my learned friend suggesting that the email is a forgery?’

Mr Tangle sat down.

Her Honour Judge Flite QC looked at Mr Tulkinghorn. ‘Well? It strikes me that this must be correct. Are you suggesting the email is a forgery?’

Mr Tulkinghorn stood up.

‘In this instance, my learned friend has indicated an error of logic on my part, which I concede. The point is, anybody can forge an email and write any name as an electronic signature. If we cannot trust the signature, then we cannot trust the email.’

Her Honour Judge Flite QC continued the questioning, ‘But the authenticity of the email must come before the verification of the signature? Mr Tangle?’

Mr Tulkinghorn sat down. Mr Tangle stood up.

‘Where the authenticity of a document is challenged, a wide range of tests can be made to determine whether it is a forgery. I acknowledge that the contents can help determine whether it is a forgery. But if it was a letter, the paper, ink, and the type face might all be the subject of tests. In the case of an email, the technical information relating to the status of the document is of the utmost relevance. In my submission, determining whether to trust the signature can only follow after it has been established whether the email is genuine or a forgery.’

Third edition, 2012

The ‘competent’ witness

‘My learned friend for the prosecution has established that you are the sub-manager of the hotel, that you are familiar with the functions of the machine that controls the telephone system, and that you know how it works and what it is supposed to do?’

‘Yes.’

‘And the printouts you have brought to court purport to indicate when the telephone was used in room 2820?’

‘Yes.’

‘For this reason, my learned friend considers your evidence is all that is needed to establish the reliability of the telephone system. Let me ask you this, how does the direct inward system access work?’

‘Er, I don’t know.’

‘You don’t know what happens, or you don’t know what the direct inward system access is?’

‘I don’t know what it is.’

‘So, by implication, you don’t know what the password is?’

‘No.’

‘By implication, you won’t know if thieves have used the password to route telephone calls through the hotel telephone system?’

‘No.’

‘Can you tell me the purpose of the latest software update, whether it included a security fix, and when it was downloaded?’

‘Er, no, I don’t know any of that.’

‘Why do you not know?’

‘Well, because the IT people do all of that stuff.’

‘So you are asserting, by bringing along the printouts of the telephone calls, that these telephone calls were actually made, and they were made from room 2820.’

‘Well, yes, if you say so.’

‘I do not say so, you do. You also claim that because none of your customers have ever complained about their bills, it follows that the telephone system is reliable and therefore trustworthy?’

‘Well, I wouldn’t put it quite like that.’

‘Thank you, Mr Prunsquallor.’

Judge Sepulchrave turned to prosecuting counsel, ‘Unless you have any questions in re-examination Mrs Groan?’

Mrs Groan stood up. ‘Your honour, no,’ and sat down.

‘Very well, you may leave the witness stand, Mr Prunsquallor. Yes, Mr Rottcodd?’

‘Thank you, your honour. My learned friend for the prosecution would have us believe that because the information printed on the piece of paper apparently looks sensible, it therefore follows that the contents must not only be reliable, but represent the truth. My learned friend also suggests that because Mr Prunsquallor uses the hotel’s telephone system in the performance of his duties, this is a sufficient foundation as a qualification as a competent witness. With your honour’s leave, I will address the latter point first …’

Fourth edition, 2017

Business records

Judge Nuri Efendi looked over his spectacles. ‘Now we have covered the main matters to be dealt with in this case management conference, you may address the business records point, Mr Ayarcı.’

Mr Halit Ayarcı stood up. ‘Your honour, thank you. My learned friend intends to submit a number of spreadsheets into evidence. There are problems with this. The first of which is that he only intends to submit printouts of the spreadsheet application or program, whatever our technical friends consider a spreadsheet to be. My learned friend has declined to provide copies to the defence in electronic form. My application is for the prosecution to provide copies of the relevant spreadsheets in electronic form.’

Mr Hayri İrdal stood up. Mr Halit Ayarcı sat down.

‘Your honour, I must protest. A printout is real evidence, and is to be received as prima facie evidence of the entries. The defence is attempting to add to the costs in this case by making an unreasonable request.’

Judge Nuri Efendi interjected. ‘Mr Ayarcı, please elaborate your point.’

Mr Hayri İrdal sat down. Mr Halit Ayarcı stood up.

‘My submission is that the technical literature clearly demonstrates that all spreadsheets have significant error rates, and it is our contention that it is obvious that there must be some errors in the documents that affect the figures that my learned friend wishes to have admitted. Indeed, as I have made it clear to my learned friend, the collapse of the banking system in Jamaica in the late 1990s was partly due to the use of spreadsheets and the failure to manage and control them. On this issue alone, I submit that it cannot be right to admit these documents under the bankers’ books exception without the electronic versions of the files being subject to analysis by appropriately qualified digital evidence professionals.’

Mr Halit Ayarcı sat down. Mr Hayri İrdal stood up.

‘Your honour, as my learned friend is only too well aware, the evidence also benefits from the presumption that mechanical instruments were in order at the material time – a presumption which, I do not need to remind your honour, intentionally included computers. I most strongly resist this potentially expensive and unnecessary challenge regarding the authenticity of the spreadsheets on the basis that this presumption applies.’

Mr Hayri İrdal sat down.

Judge Nuri Efendi considered the submission. ‘Mr Ayarcı, notwithstanding the legislative provisions governing business records, the presumption of equipment being properly constructed and operating correctly must be strong, and it is a particularly strong presumption in the case of equipment within the control of the party. Please address this particular issue.’

Mr Halit Ayarcı stood up.

‘I appreciate the nature of the presumption, your honour. The exception permits records to be adduced because, in the past, employees entered information into physical books by hand, and this meant they could be relied upon as a record made at that point in time, and one could ascertain at a glance whether somebody tried to change the entries. The justification was that such records were more reliable than the memory of a witness. This might have been so, but records in electronic form are notorious for being inaccurate for a variety of reasons, and it must be common sense that this rule cannot be relied upon in the twenty-first century.

Let me ask my learned friend what he means that computers are reliable. For instance:

Does my learned friend mean that the spreadsheets are authentic, in that they are the right ones, and they have not been tampered with?

Does he mean that the spreadsheets are valid, in that they contain the information that is claimed of them?

Perhaps he means that the spreadsheets are internally valid, in that the spreadsheets work? If this is the case, what evidence is there that the users of the spreadsheet application checked that the algorithms were correct? My learned friend might also like to confirm if the presumption that computers are reliable includes the maintenance of the spreadsheets and who wrote them, and what qualifications they had to be able to program ‘reliably’.

But perhaps he means that the software code of the operating system is reliable? How does he know? How many updates have there been since the spreadsheets began to operate? Were all updates applied? When updates occurred, how did they affect the application software? What is his measure of reliability?

Does he mean that there are no errors of logic that can lead to an incorrect result? What evidence does he have of this, taking into account the number of software code updates to the spreadsheets? Perhaps my learned friend can kindly indicate the number and purpose of each software update since its inception.

Perhaps he means that the employees who input the figures are always accurate? And I presume the system is so reliable that inaccurate inputs are recognized and corrected, and that these corrections are recorded?

No doubt my learned friend can also confirm, because the spreadsheet programs are deemed to be reliable, that there are no errors of omission where the formula is wrong because one or more of its input cells is blank or otherwise incorrect such as referring to the wrong cells?

I ask my learned friend, which part of this process is reliable? All of it? Parts of it? If part of it, which part and for what reason?

But let me finish with another question on the basis that your honour is against my request for electronic versions of the spreadsheets – perhaps my learned friend can assure the court, if only paper versions of the record are to be admitted, that the full information will be provided. That is, he will provide the respective algorithms that undertake the calculations – after all, one does not admit the body of a motor vehicle on its own into evidence to demonstrate the cause of a collision where it is claimed that the brakes failed – one needs to know how the brakes worked and to view the evidence of the braking system. But that is exactly what my learned friend is asking the court to admit: the unsupported assertions of the truth of the contents of spreadsheet programs in the absence of the mechanism by which the data was created.

Finally, before my learned friend responds, we have to consider the requirement that the book is in the custody or control of the bank. This is a significant issue, because, as we now understand it, the spreadsheets in question are maintained in the cloud …’

Annotate

Next Chapter
Index
PreviousNext
All rights reserved
Powered by Manifold Scholarship. Learn more at
Opens in new tab or windowmanifoldapp.org