Admissibility and Authentication of Electronic Evidence: High Court Ruling in Republic v Mark Lloyd Stephenson
In a recent ruling in the case of Republic v Mark Lloyd Steveson [2016] eKLR, the High Court had to determine whether digital/electronic evidence in the form of an e-mail dated March 9th 2011 together with its attachment were properly excluded by the lower court as inadmissible for lack of authentication. In brief, an Australian man was arraigned in Kiambu Chief Magistrate’s Court and charged with the offence of obtaining by false pretences the sum of $100,000 (Sh10.2 million) from several individuals.
It was alleged that on November 26 and 30, 2010, he obtained $33,000 (Sh3.3 million) from Timothy Nimmo by pretending he could pay the amount back with fifty per cent interest. It is also alleged that he also obtained $33,500 (Sh3.4 million) each from Susan Harris and Charlotte Bilstedfelt, promising to return the money with fifty per cent interest. Stephenson pleaded not guilty to the charges and is out on cash bail of Sh2 million.
The High Court ruled that the email in question and the attached document were properly excluded from evidence by the Magistrate’s Court as they were not properly authenticated. According to the court, authentication is required where any “real” evidence (as opposed to testimonial evidence) is being adduced at trial. Thus, authentication or laying of foundation is required even for testimonial evidence. This applies both to e-evidence as well as other documents or items sought to be admitted into evidence. As a result, authentication of proposed evidence is a crucial step in its admission — one which reliance on section 78A of the Evidence Act (or even section 106B) does not obviate.
The court held that the email and the attached document were not properly authenticated in order for them to be admitted into evidence and for the Court to consider its weight. To demonstrate why this is so, the learned Judge outlines what a proper authentication would have looked like when the proposed tangible evidence is an email printout like in the present case. In this regard, the court stated as follows:
“For email print-outs (as well as other printed electronic messages), the most convenient authentication technique would be circumstantial. Elsewhere, this is defined as “evidence of its distinctive characteristics and the like — including appearance, contents, substance, internal patterns, or other distinctive characteristics, taken in conjunction with circumstances.” (US Federal Rule of Evidence 901(b)(4)). (…) An email may also be authenticated through testimony by the recipient that the sender closed with a nickname known only by the recipient (See, for example, United States v. Siddiqui, 235 F.3d 1318 (11th Cir. 2000). Similarly, an email may be admissible if coupled with testimony that the author of the email called the testifying party to discuss “the same requests that had been made in the email.” As the Siddiqui Court remarked in affirming that the context and contents of emails can be used to authenticate the admission of emails into evidence (…) Emails can also be authenticated through technological footprints such as internet protocol addresses or an IP address. Since an IP address identifies which computer sent an email, the Service Provider can be called to testify that the IP address from where the email was sent is the residence or business premises of the opponent. Similarly, an expert can also testify that a particular email was retrieved from an author’s email hard drive.”
On this last mode of authentication, the court noted that in the present case, a technology (Cyber-crime) expert testified for the Prosecution but he did not testify as to this aspect of the case. The court agreed with the Defence counsel that if the Prosecution wanted to produce the piece of evidence in question, it would have been appropriate for this expert to lay the foundation by authenticating it through the email’s technological footprint.
Originally published at blog.cipit.org on November 1, 2016.
