Over the next several weeks the E-Discovery Alert will focus on the strategy and tactics for handling sixteen specific ESI issues throughout pretrial discovery. Whether it is a "meet and confer" or request for production these are the critical issues to focus in requesting or producing ESI. The legal issue excerpts will be derived from the Best Practices Guide for ESI Pretrial Discovery - Strategy and Tactics (2008-2009). The Guide is cross-referenced and hyperlinked with the Arkfeld on Electronic Discovery and Evidence (2nd ed.) treatise and part of the CD-ROM. ISSUE: IS IT NECESSARY TO MAINTAIN THE CHAIN OF CUSTODY FOR EVIDENTIARY PURPOSES? ANSWER: YES
§ 3.9 CHAIN OF CUSTODY AND EVIDENTIARY ISSUES A. Overview The purpose of testimony concerning chain of custody is to prove that evidence has not been altered or changed from the time it was collected through production in court. Chain of custody testimony would include documentation on how the data was gathered, transported, analyzed, and preserved for production. This information is important to assist in the authentication of electronic data since it can be easily altered if proper precautions are not taken. Depending on the circumstances of the case, a chain of custody foundation will assist in the admission of evidence. When there is a chance of confusion or that data may have been altered or tampered with, evidence establishing a chain of custody is important. Oftentimes, the “chain of custody” for digital information involves the forensic acquisition methodology and its affect on admissibility and reliability. However, the “chain of custody” issue applies to all civil cases from the collection through its admission in the courtroom. A forensic image of a hard drive should be identical to the original. To establish that the “mirror” image is an exact replicate of the original media a “hash algorithm” is generated. During the discovery process, one must always be vigilant about the chain of custody of evidence, especially in criminal cases.
• § 3.5(F), Encryption and Steganography B. Admitting Party Strategy • Request documentation showing that ESI received has the proper chain of custody to ensure its admissibility. C. Objecting Party Strategy • Argue that changes to a file’s metadata, after the ESI was preserved, call its authenticity into question, therefore is unreliable, and should form the basis for precluding its admission.
D. Checklist § 3.9
|