By Christina Little
The Federal Rules of Evidence (FRE) outlines the types of self-authenticating evidence in Rule 902[1]. In particular, FRE 902(14) describes the two-step procedure for certified data copied from an electronic device, storage medium, or file[2]. To be self-authenticating, the first requirement is that the data must be offered with a certification by a qualified individual per FRE 902(11) or (12)[3]. The second requirement is that notice of intent to use the data as evidence must be given per FRE 902(11)[4]. In practice, FRE 902(14) can be used to admit inter alia, data[5], texts[6], and recordings[7].
The intent behind requiring a certification is to save costs and time spent on authentication witnesses[8]. The Advisory Committee reasons that often after a party retains a qualified individual, either the parties stipulate as to the evidence’s authenticity or no objection is made to the individual’s authentication testimony[9].
The purpose behind requiring notice of intent[10] to use certified data is that the opposing party will have sufficient time to prepare to challenge the admission or merits of the evidence[11]. Notably, this allows challenges to the authentication to be made before the trial begins[12]. Proper authentication does not prevent the opposing party from objecting to the material on other grounds, such as hearsay, relevance, etc.[13] However, the notice may lead to Motions to Exclude or Suppress Evidence on grounds other than authentication.
Further, the Advisory Committee notes that hash values are commonly used to authenticate data copied from an electronic device, storage, medium, or file[14]. Hash values are a series of numbers that identify data[15]. Hash values can be thought of as a unique fingerprint for data[16]. Accordingly, a qualified individual can authenticate the offered data evidence by certifying that the hash code of the original data and the copy before the court are identical[17]. Likewise, a qualified individual can certify the offered data evidence’s hash code does not match the original’s and that it is an altered copy[18]. Interestingly, the Advisory Committee leaves room in FRE 902(14) for authentication through other means as technology develops[19].
[1] Fed. R. Evid. 902.
[2] Fed. R. Evid. 902(14).
[3] Id.
[4] Id.
[5] United States v. Hagen, No. 3-19-CR-0146-B, slip op. at 9 (N.D. Tex. June 3, 2021).
[6] United States v. Anderson, No. 22-1237, slip op. at 7 (6th Cir. May 12, 2023).
[7] United States v. DeLeon, 428 F. Supp. 3d 716, 749 (D.N.M. 2019).
[8] Fed. R. Evid. 902(14) advisory committee’s note to 2017 amendment.
[9] Id.
[10] Fed. R. Evid. 902(11).
[11] Fed. R. Evid. 902(14) advisory committee’s note to 2017 amendment.
[12] Id.
[13] Id.
[14] Id.
[15] Bill Wagner, et al. Ensuring Data Integrity with Hash Codes, Microsoft, (Jan. 3, 2023), https://learn.microsoft.com/en-us/dotnet/standard/security/ensuring-data-integrity-with-hash-codes.
[16] See id.
[17] Fed. R. Evid. 902(14) advisory committee’s note to 2017 amendment.
[18] Id.
[19] Id.