Introduction

The electronic records have taken the business and social world. The e-mails have become the preferred method of
business communication. In the business world, financial records, legal documents and work assignments, including
electronic contracts from of parties from different places, are now kept primarily and sometimes solely in electronic
form. Corporate websites also has its advertisements in the electronic forms. Many important documents and objects
are now in the electronic form, as well as in the social networking were web linking is a trend. Today, electronic
records and e-mails are widely accepted for many important business communications that previously required
physical signatures or paper documentation.

Electronic data is now being used widely in the course of the uprising technology. The discussion of electronic data is
too broad. Most websites are registered servers, while some personal websites are just temporary. Web linking are
also rampant that information over information are passed from one web site to another. Though not all electronic
information are true and correct, one may opt to believe the contents of a single website or just a part of it. There is
authentication on the accuracy and truthfulness of the information posted such as advertisements and other
information that may cause libel to certain persons, whether natural or juridical.

There is no authentication on the accuracy of the electronic information posted in websites. Nevertheless, other
electronic data needs authentication, especially its origin, the date and time the electronic data has been made and
transmitted over the internet. It is equally important that the origin, the electronic and digital signatures of each data
stored, whether in hard drives or in the internet, can be authenticated.

In the legal profession, authentication of electronic data, particularly electronic evidence plays a substantial role in a
case. Authentication provides a particular challenge with electronic evidence because they can easily be altered or
edited often without leaving a trace. The danger is that the identity of the document’s originator or the contents of the
original document may appear to be true and accurate, when in fact it has been altered, making the document
impossible to authenticate. Electronic data must be properly authenticated pursuant to the Rules on Evidence. This
rule requires that the evidence is sufficient and to prove that the matter in question is what its proponent claims. In
other words, the counsel must show that document is true and accurate.

Importance of Electronic Data

Excel spreadsheets, e-mails, and customer database are featuring increasingly in cases of fraud, defamation and
information theft, which gives malefactor more reasons to tamper with electronic evidence. Their technical capability
gives them access to crimes and other misdeeds. Electronic data are prone to hacking, interferences and alterations.
The security and authenticity aspects are often overlooked. Whereas signatures and other paper documents can be
examined in court for possible tampering, electronic records like e-mails, instant message logs and Excel
spreadsheets can easily be altered without raising red flags. Anyone with minimal tech savvy and access to a
company’s computer systems can significantly alter electronic records, potentially changing their meaning and
altering the outcome of a critical business deal.

Technology-related fraud has also emerged as the fastest-growing and most pervasive category of fraud in the
business world. Data tampering are often done by employees, contractors and other partners who already have
access to the organization’s computer network. Those employees with authorized access to the files and records
easily can tamper or alter the same. Data alteration whether intentional or not could be happening in the organization
everyday without our knowledge. Some organizations are requiring their IT professionals or IT service providers to
provide recommendations on the best ways to securely archive and authenticate records.

Electronic Data as Evidence

Electronic data are mainly used as evidence in a legal dispute. High profile cases involving the tampering of
electronic records include that of former Asia Pacific Breweries manager Chia Teck Leng, who embezzled over
$100million, and that of former National Kidney Foundation head T.T. Durai, who was also accused of destroying
electronic documents. In the older times, the person would just delete e-mail correspondence or documents. Now,
many persons format their hard disks or use specialized electronic erasing programs to cover their electronic trails.
Often times, technically skilled perpetuators install unsecured wireless network. An unsecured wireless network gives
a defendant some ‘plausible deniability’, by giving him room to claim that someone else may have used his network
to commit the offence. Some employees steal company files which are prohibited. Companies that lend laptops to its
employees can check whether the employee has actually copied restricted files from the laptop to an external media
device. There is an evidentiary value of the link files which an can be traced and sourced whether company files were
stolen.
The courts are becoming increasingly savvy about electronic records. Whereas there previously were no consistent
guidelines on electronic data archiving and retrieval, the rules on evidence and the jurisprudence have the courts
recognize the importance and staying power of electronic records. As lawyers and judges around the country debate
on the reasonableness, one concept has emerged as a problem area for many: proving the authenticity of electronic
records.

As provided under RA 8792, Electronic data are recognized as evidence to wit: Sec. 6. Legal Recognition of Data
Messages. – Information shall not be denied legal effect, validity or enforceability solely on the grounds that it is in the
data message purporting to give rise to such legal effect, or that it is merely referred to in that electronic data
message. And in Sec7, Legal Recognition of Electronic Documents. – Electronic documents shall have the legal
effect, validity or enforceability as any other document or legal writing.

Also, as stated on the Rules on Electronic Evidence, Rule 3, Sec 1. Electronic documents as functional equivalent of
paper-based documents. – Whenever a rule of evidence refers to the term writing, document, record, instrument,
memorandum or any other form of writing, such term shall be deemed to include an electronic document as defined
in these Rules.

Further, electronic documents can be admitted in court as stated in Rule 3, Sec 2. Admissibility. – An electronic
document is admissible in evidence if it complies with the rules on admissibility prescribed by the Rules of Court and
related laws and is authenticated in the manner prescribed by these Rules.

Authentication of Electronic Data

Admissibility of electronic data are being questioned, especially those that has not been authenticated, or proven to
be what it purports t to be. There is nothing about a typical e-mail or electronic record that can help a witness or fact
finder tell if the record has not been altered, whereas paper records have signatures or other identifying marks to
demonstrate authenticity.

The proliferation of electronic records require companies to know where electronically stored information (ESI)
including e-mails, spreadsheets, Word documents, image files and more are kept and make that information available
to the other party if reasonably accessible. In addition, the rules set new requirements for the parties to meet and
discuss what ESI will be considered during a trial. (http://www.wwpi.com/top-stories/4092-the-e-discovery-
conundrum-proving-the-authenticity-of-your-electronic-evidence)

In a US landmark case of Lorraine v. Markel, United States Magistrate Judge Paul W. Grimm would not allow
electronic evidence from either party to be admitted because it has not been properly authenticated prior to trial. In
order to be admitted, ESI must: be relevant to the issue at hand; be authentic (the evidence is what it purports to be);
not be hearsay or if hearsay, able to meet the requirements for an exception; be the original or duplicate of the
evidence or able to meet an exception to that rule; and not be unfairly prejudicial to either party in relation to the
evidence’s probative value. The most difficult requirements above, is the ability to prove the authenticity of records.
Grimm stated, “the inability to get evidence admitted because of a failure to authenticate it almost always is a self-
inflicted injury which can be avoided by thoughtful advance preparation. If it is critical to the success of your case to
admit into evidence computer stored records, it would be prudent to plan to authenticate the record by the most
rigorous standard that may be applied.” Without these electronic records admitted into evidence, the court was
unable to issue a ruling in the case and the parties were left to pursue further costly and time-consuming litigation.

Computers systems are usually authenticated by the testimony of the someone who has employed them. The witness
typically describes the process or system and the results it produces, and attests to the accuracy of those results.

Authentication of electronic documents is provided under Rule 5 of Rules on Electronic Evidence. It provides in Sec1.

Burden of proving authenticity. – The person seeking to introduce an electronic document in any legal proceeding
has the burden of proving its authenticity in the manner provided in this Rule. And the means and manner of
authentication is provided in Sec2. Manner of authentication. – Before any private electronic document offered as
authentic is received in evidence, its authenticity must be proved by any of the following means:

(a) By evidence that it had been digitally signed by the person purported to have signed the same;

(b) by evidence that other appropriate security procedures or devices as may be authorized by the Supreme Court or
by law for authentication of electronic documents were applied to the document; or
(c) By other evidence showing its integrity and reliability to the satisfaction of the judge.

Further, the document must be notarized and certified as true and accurate. The burden rests on the counsel who
offers the evidence where and that the documents becomes a public document, where Sec3. Proof of electronically
notarized document. – A document electronically notarized in accordance with the rules promulgated by the
Supreme Court shall be considered as a public document and proved as a notarial document under the Rules of
Court.

Common Mistakes in Using Electronic Evidence

There are common mistakes in using electronic evidence. Attorneys do not get it right in offering the electronic
evidence. In most common mistake is failing to designate an expert. Occasionally, you will find a judge so eager to
hear the expert, he or she will do an end run around procedure and let the expert testify as a fact witness, but that is
far and away the exception. Another mistake is a failure to maintain a proper chain of custody. The electronic
evidence must be signed in a custody form, and forensically imaged, and then return the original evidence.

Failure to properly authenticate electronic evidence is fatal. The evidentiary weight of the electronic evidence as
provided in Rule 7, must also be stated as to the relevance and reliability on the manner of its procurement. The
integrity and quality of the evidence must be proven. The method of proof as stated in Rule 9 is provided as such:

Section 1. Affidavit evidence. – All matters relating to the admissibility and evidentiary weight of an electronic
document may be established by an affidavit stating facts of direct personal knowledge of the affiant or based on
authentic records. The affidavit must affirmatively show the competence of the affiant to testify on the matters
contained therein. And Section 2. Cross-examination of deponent. – The affiant shall be made to affirm the
contents of the affidavit in open court and may be cross-examined as a matter of right by the adverse party.

Ensure Reliability and Accuracy

ESI has been defined by courts to include email messages (including backups and deleted messages), instant
messages (IM) and chat logs, web site information whether in textual, graphic or audio format, log files, voicemail
messages and logs, data files (documents, spreadsheets, database files, etc.), program files, cache files, cookies and
just about any electronically recorded information.

Gathering, managing, preserving and presenting electronic evidence presents some unique problems in comparison
with more traditional types of evidence. The biggest issues are the ease with which an electronic document can be
tampered with or even fabricated completely and the inability to pinpoint an “original” vs. a “copy” as you can usually
do with a paper document or the negative of a photograph.

To be admissible in court, evidence must be relevant, material and authentic. Because of the intangible nature of
ESI, proving its authenticity becomes an issue. Unless special precautions have been taken, anyone who has
handled it could have made changes to it such as adding or deleting content, making changes to file attributes such
as the timestamp, or modifying the metadata that records information such as who authored the file. In court cases
such as AmEx v. Vinhnee, Bouriez v. Carnegie Mellon University, and Lorraine v. Market, documents, email or other
electronic data were not allowed to be admitted into evidence because they could not be adequately authenticated,
even without clear cut proof that the items were not authentic. The point is that digital evidence does not enjoy the
same presumption of authenticity as more tangible evidence such as paper documents.

The challenge for data storage and management professionals is to provide an easy and irrefutable proof of the
authenticity of all electronic records. Digital signatures provide the “who” aspect of electronic record but lack the
necessary “when” aspect to show that a record has not been altered since a specific point in time. Secure hashing
provides a means to determine if a record has been altered but it is very susceptible to tampering or alteration by
anyone with access to the hash value. Also, PKI-based timestamps bind a time value to a record by hashing the
record. There are, however, several setbacks that make this method susceptible to legal questioning, because the
binding is dependent on the privacy and the expiration date of the key. Both could easily render the key and its
associated documents invalid. To adequately address the authenticity while remaining independent for any bias or
compromise is digital time-stamping using hash-chain-link method. Digital stamping provides data professionals with
the means necessary to authenticate electronic record. It seals electronic records, making them impervious to later
tampering or alterations. It ensures that the electronic records are stored in their original condition, free from any
changes that could affect a legal outcome.
Conclusion

In the world of information technology, all information are in the electronic form. Electronic data are widely generated
and shared. In an increasingly paperless world where data can be so easily manipulated, law firms face a new hurdle:
proving the authenticity of the electronic evidence presented in support of their client’s case. The difficulty is in the
reliability of the electronic data presented and gathered. Electronic data are prone to hacking, alterations and
tampering. Others are done intentionally, while others are altered or destroyed by the introduction of computer virus.
Nevertheless, electronic data submitted can be questioned on its authenticity, integrity and quality to be offered as
evidence in a dispute. Electronic evidence are now accepted as a primary evidence provided it passes authenticity
and the manner it was generated, acquired and presented. A lawyer has to know the methods of properly ensuring
the reliability and accuracy of its data, particularly the electronic data.

Electronic evidence shall have the legal effect, validity and enforceability of any other legal document or writing. That
is why electronic data when presented as evidence must be convincing as to its authenticity that it is the original data.
The burden rests on the parties presenting it. It must follow the rules on electronic evidence and correlate it to
RA8792, which the evidentiary value of the data from e-commerce law.

It is as simple as to challenge the effectiveness of a company’s control and processes, and to ensure the authenticity
of ESI and cause considerable resources allocated to defend the effectiveness of external controls. Most electronic
data of large organizations are reliable, while some are not. In these times, one must ensure that the electronic data
are true and accurate especially while engaging in e-commerce. Digital time stamping is the common tool to ensure
the security and authenticity of electronic data. Most developers and servers provide a way of tracing the evidentiary
values of every link posted and every file generated to ensure traceability.