9781911507222
9781911507260
Distributed for University of London Press
Electronic Evidence and Electronic Signatures
New edition, Fifth Edition
Two leading authorities address the technical and ethical issues of practicing law in the digital age.
In this updated edition of a well-established practitioner text, Stephen Mason and Daniel Seng have brought together a team of experts in the field to provide an exhaustive treatment of electronic evidence and electronic signatures. This fifth edition continues to follow the tradition in English evidence textbooks by basing the text on the law of England and Wales, with appropriate citations of relevant case law and legislation from other jurisdictions.
In this updated edition of a well-established practitioner text, Stephen Mason and Daniel Seng have brought together a team of experts in the field to provide an exhaustive treatment of electronic evidence and electronic signatures. This fifth edition continues to follow the tradition in English evidence textbooks by basing the text on the law of England and Wales, with appropriate citations of relevant case law and legislation from other jurisdictions.
422 pages | 20 tables | 6.125 x 9.1875 | © 2021
Institute of Advanced Legal Studies
Law and Legal Studies: General Legal Studies
Reviews
Table of Contents
Preface
Acknowledgments
Table of statutes
Table of cases
Steven J. Murdoch, Daniel Seng, Burkhard Schafer and Stephen Mason
Digital devices
Processors
Mobile devices
Embedded devices
Software
Data storage facilities
Data formats
Starting a computer
Networks
Types of network
Cloud computing
The Internet of Things
The Deep Web and the Dark Web
Common network applications
Types of evidence available on a digital device
Files
Metadata
Types of metadata
Social context and metadata
Imaging
System and program logs
Temporary files and cache files
Deleted or ‘lost’ files
Simulations, data visualizations, augmented and virtual reality
Encryption and obfuscated data
Artificial Intelligence and Machine Learning
Simulations, data visualizations, augmented and virtual reality
Transparency and explainability
AI adversarial attacks
Defining electronic evidence
The dependency on machinery and software
The mediation of technology
Speed of change
Volume and replication
Storage and disclosure
Concluding remarks
2 The foundations of evidence in electronic form
Stephen Mason and Daniel Seng
Direct and indirect evidence
Evidence in both digital and analogue form
Metadata and electronic evidence
Means of proof
Testimony and hearsay
Real evidence
Evidence in analogue form
Evidence in digital form
Documents and disclosure or discovery
Visual reading of a document
Authentication
Best evidence
Analogue evidence
Digital evidence
Civil proceedings
Criminal proceedings
Admissibility
Weight
Video and audio evidence
Testimonial use in legal proceedings
Identification and recognition evidence
Computer generated animations and simulations
Computer-generated evidence in England and Wales: civil case
Computer-generated evidence in England and Wales: criminal cases
Issues arising from the use of computer-generated visual images in legal proceedings
3 Hearsay
Daniel Seng and Stephen Mason
The rule of hearsay exclusion and its rationale
The right of confrontation
Hearsay and electronic evidence
Electronic evidence and real evidence
Implied assertions
Civil proceedings and the requirement to give notice
Criminal proceedings
Telephone calls and messages
Representations other than by a person
Body worn camera footage
Business and other documents
Judicial discretion to include hearsay
Judicial discretion to exclude hearsay
Concluding observations
4 Software code as the witness
Stephen Mason
The classification of digital data
Condition 1: Content written by one or more people
Condition 2: Records generated by the software that have not had any input from a human
Condition 3: Records comprising a mix of human input and calculations generated by software
Challenging the code to test the truth of the statement
5 The presumption that computers are ‘reliable’
Stephen Mason
The purpose of a presumption
Presumptions and mechanical instruments
Judicial rationale of the presumption that mechanical instruments are in order when used
Judicial notice
A ‘notorious’ class
Common knowledge
Evidential foundations of the presumption
How judges assess the evidence of devices controlled by software
Mechanical instruments and computer-like devices
The nature of software errors
Why software appears to fail
Classification of software errors
Human errors and biases in the software code
Failure of specification
Unintended software interactions
Input data flows
Operational errors
The development, maintenance and operation of software
Developmental issues and software errors
Increasing the risks of errors through modification of software
Security vulnerabilities
Software testing
Writing software that is free of faults
Software standards
Summary
Challenging ‘reliability’
Aviation
Financial products
Motor vehicles
Emergency services
Medical
The Post Office Horizon scandal
Banking
Interception of Communications
Most computer errors are either immediately detectable or result from input errors
Challenging the authenticity of digital data – trial within a trial
A protocol for challenging software in devices and systems
Re-introduction of the common law presumption
The statutory presumption
Challenging the presumption
‘Working properly’
Concluding remarks
6 Authenticating electronic evidence
Luciana Duranti and Allison Stanfield
Authenticity and authentication
An example: email
Digital evidence compared to past paradigms
Admissibility and authentication
The best evidence rule
Identity and integrity
Reliability
Methods of authentication
Self-authentication
System authentication
Digital certification
Digital forensics
Extrinsic and circumstantial evidence
Judicial notice
Digital evidence in archival systems
Technological authentication
Digital signatures
Blockchain
Challenges to the authenticity of evidence in digital form
The cloud
The Internet of Things
Digital preservation
Migration and format changes
Business records exception to the rule against hearsay
The business records exception
Authentication of digital business records
Evidence in criminal proceedings
Conclusion
7 Electronic signatures
Stephen Mason
The purpose of a signature
What is meant by a signature
Dictionary definitions
The manuscript signature
Statutory definition of signature
The functions of a signature
Disputing a manuscript signature
Defences
Evidence of the manuscript signature
The electronic signature
Forms of electronic signature
Authority, delegation and ratification
Forged signatures
Evidence of intent to sign
The automatic inclusion of the signature
Partial document with separate signature page
The Electronic Communications Act 2000
The definition of an electronic signature
The elements of an electronic signature
Liability of a certification service provider
The power to modify legislation
Regulation of Investigatory Powers Act 2000
Electronic sound
The ‘I accept’ and ‘wrap’ methods of indicating intent
Click wrap
Browse wrap
‘I accept’
Personal Identification Number (PIN) and password
Typing a name into an electronic document
Acts by lawyer as agent
Interest in real property
Loan of money
Employment
Contract
Guarantees and debt
Public administration, judiciary and the police
Statute of Frauds
Wills
Constitution of legal entity
Amending boilerplate contractual terms
The name in an email address
Limitation Act
Statute of Frauds
Legal fees arrangement
Civil Law Act
A manuscript signature that has been scanned
Mortgage redemption
Writing
Employment
Biodynamic version of a manuscript signature
Electoral register
Contract formation
Digital signatures
Technical overview of digital signatures
Algorithms and keys
Control of the key
Disguising the message
An individual creates and controls their own public key
Authenticating a signature using public key cryptography
Public key infrastructure
Difficulties with public key infrastructure
Authenticating the sender
The ideal attributes of a signature in electronic form
Methods of authentication
Types of infrastructure for asymmetric cryptographic systems
Management of the key and certificate
The duties of a user [Heading type B]
Internal management of a certification authority
Barriers to the use of the public key infrastructure
Risks associated with the use of digital signatures
What a public key infrastructure can and cannot do
What a digital signature is capable of doing
What no form electronic signature is capable of doing
The weakest link
The burden of managing the private key
Evidence and digital signatures
The evidence forming a digital signature
‘Non-repudiation’
Certifying certificates
The burden of proof
The recipient’s procedural and due diligence burden
The sending party: the burden of proof of security and integrity
Burden of proof – the Jitsuin
Burden of proof – summary
8 Encrypted data
Alisdair Gillespie, Jessica Shurson and Stephen Mason
Encryption
Methods to obtain decrypted data
Breaking the encryption without obtaining the key
Obtaining the key
Compelling disclosure in England & Wales
Protected information
Notice requiring disclosure
Obligations of secrecy and tipping off
Circumventing the procedure
The privilege against self-incrimination
England & Wales
United States of America
Canada
Belgium
Concluding observations
9 Proof: the technical collection and examination of electronic evidence
Nigel Wilson, Andrew Sheldon, Hein Dries, Burkhard Schafer and Stephen Mason
Accreditation of the digital forensics discipline
Guidelines for handling digital evidence
Handling electronic evidence
Identifying electronic evidence
Gathering electronic evidence
Gathering of data following legal retention or reporting obligations
Copying electronic evidence
Forensic triage
Preserving electronic evidence
Analysis of electronic evidence
Tools
Traces of evidence
Reporting
Analysis of a failure
Anti-forensics and interpretation of evidence
Data destruction
Falsifying data
Hiding data
Attacks against computer forensics
Trail obfuscation
An intellectual framework for analyzing electronic evidence
Conclusions and future considerations
10 Competence of witnesses
Stephen Mason and Lynne Townley
The need for witnesses
Separating data reliability from computer reliability
Lay experts as witnesses
Qualification of witnesses
Appendix 1: Draft Convention on Electronic Evidence
Appendix 2: Cumulative vignettes
Index
Acknowledgments
Table of statutes
Table of cases
Steven J. Murdoch, Daniel Seng, Burkhard Schafer and Stephen Mason
Digital devices
Processors
Mobile devices
Embedded devices
Software
Data storage facilities
Data formats
Starting a computer
Networks
Types of network
Cloud computing
The Internet of Things
The Deep Web and the Dark Web
Common network applications
Types of evidence available on a digital device
Files
Metadata
Types of metadata
Social context and metadata
Imaging
System and program logs
Temporary files and cache files
Deleted or ‘lost’ files
Simulations, data visualizations, augmented and virtual reality
Encryption and obfuscated data
Artificial Intelligence and Machine Learning
Simulations, data visualizations, augmented and virtual reality
Transparency and explainability
AI adversarial attacks
Defining electronic evidence
The dependency on machinery and software
The mediation of technology
Speed of change
Volume and replication
Storage and disclosure
Concluding remarks
2 The foundations of evidence in electronic form
Stephen Mason and Daniel Seng
Direct and indirect evidence
Evidence in both digital and analogue form
Metadata and electronic evidence
Means of proof
Testimony and hearsay
Real evidence
Evidence in analogue form
Evidence in digital form
Documents and disclosure or discovery
Visual reading of a document
Authentication
Best evidence
Analogue evidence
Digital evidence
Civil proceedings
Criminal proceedings
Admissibility
Weight
Video and audio evidence
Testimonial use in legal proceedings
Identification and recognition evidence
Computer generated animations and simulations
Computer-generated evidence in England and Wales: civil case
Computer-generated evidence in England and Wales: criminal cases
Issues arising from the use of computer-generated visual images in legal proceedings
3 Hearsay
Daniel Seng and Stephen Mason
The rule of hearsay exclusion and its rationale
The right of confrontation
Hearsay and electronic evidence
Electronic evidence and real evidence
Implied assertions
Civil proceedings and the requirement to give notice
Criminal proceedings
Telephone calls and messages
Representations other than by a person
Body worn camera footage
Business and other documents
Judicial discretion to include hearsay
Judicial discretion to exclude hearsay
Concluding observations
4 Software code as the witness
Stephen Mason
The classification of digital data
Condition 1: Content written by one or more people
Condition 2: Records generated by the software that have not had any input from a human
Condition 3: Records comprising a mix of human input and calculations generated by software
Challenging the code to test the truth of the statement
5 The presumption that computers are ‘reliable’
Stephen Mason
The purpose of a presumption
Presumptions and mechanical instruments
Judicial rationale of the presumption that mechanical instruments are in order when used
Judicial notice
A ‘notorious’ class
Common knowledge
Evidential foundations of the presumption
How judges assess the evidence of devices controlled by software
Mechanical instruments and computer-like devices
The nature of software errors
Why software appears to fail
Classification of software errors
Human errors and biases in the software code
Failure of specification
Unintended software interactions
Input data flows
Operational errors
The development, maintenance and operation of software
Developmental issues and software errors
Increasing the risks of errors through modification of software
Security vulnerabilities
Software testing
Writing software that is free of faults
Software standards
Summary
Challenging ‘reliability’
Aviation
Financial products
Motor vehicles
Emergency services
Medical
The Post Office Horizon scandal
Banking
Interception of Communications
Most computer errors are either immediately detectable or result from input errors
Challenging the authenticity of digital data – trial within a trial
A protocol for challenging software in devices and systems
Re-introduction of the common law presumption
The statutory presumption
Challenging the presumption
‘Working properly’
Concluding remarks
6 Authenticating electronic evidence
Luciana Duranti and Allison Stanfield
Authenticity and authentication
An example: email
Digital evidence compared to past paradigms
Admissibility and authentication
The best evidence rule
Identity and integrity
Reliability
Methods of authentication
Self-authentication
System authentication
Digital certification
Digital forensics
Extrinsic and circumstantial evidence
Judicial notice
Digital evidence in archival systems
Technological authentication
Digital signatures
Blockchain
Challenges to the authenticity of evidence in digital form
The cloud
The Internet of Things
Digital preservation
Migration and format changes
Business records exception to the rule against hearsay
The business records exception
Authentication of digital business records
Evidence in criminal proceedings
Conclusion
7 Electronic signatures
Stephen Mason
The purpose of a signature
What is meant by a signature
Dictionary definitions
The manuscript signature
Statutory definition of signature
The functions of a signature
Disputing a manuscript signature
Defences
Evidence of the manuscript signature
The electronic signature
Forms of electronic signature
Authority, delegation and ratification
Forged signatures
Evidence of intent to sign
The automatic inclusion of the signature
Partial document with separate signature page
The Electronic Communications Act 2000
The definition of an electronic signature
The elements of an electronic signature
Liability of a certification service provider
The power to modify legislation
Regulation of Investigatory Powers Act 2000
Electronic sound
The ‘I accept’ and ‘wrap’ methods of indicating intent
Click wrap
Browse wrap
‘I accept’
Personal Identification Number (PIN) and password
Typing a name into an electronic document
Acts by lawyer as agent
Interest in real property
Loan of money
Employment
Contract
Guarantees and debt
Public administration, judiciary and the police
Statute of Frauds
Wills
Constitution of legal entity
Amending boilerplate contractual terms
The name in an email address
Limitation Act
Statute of Frauds
Legal fees arrangement
Civil Law Act
A manuscript signature that has been scanned
Mortgage redemption
Writing
Employment
Biodynamic version of a manuscript signature
Electoral register
Contract formation
Digital signatures
Technical overview of digital signatures
Algorithms and keys
Control of the key
Disguising the message
An individual creates and controls their own public key
Authenticating a signature using public key cryptography
Public key infrastructure
Difficulties with public key infrastructure
Authenticating the sender
The ideal attributes of a signature in electronic form
Methods of authentication
Types of infrastructure for asymmetric cryptographic systems
Management of the key and certificate
The duties of a user [Heading type B]
Internal management of a certification authority
Barriers to the use of the public key infrastructure
Risks associated with the use of digital signatures
What a public key infrastructure can and cannot do
What a digital signature is capable of doing
What no form electronic signature is capable of doing
The weakest link
The burden of managing the private key
Evidence and digital signatures
The evidence forming a digital signature
‘Non-repudiation’
Certifying certificates
The burden of proof
The recipient’s procedural and due diligence burden
The sending party: the burden of proof of security and integrity
Burden of proof – the Jitsuin
Burden of proof – summary
8 Encrypted data
Alisdair Gillespie, Jessica Shurson and Stephen Mason
Encryption
Methods to obtain decrypted data
Breaking the encryption without obtaining the key
Obtaining the key
Compelling disclosure in England & Wales
Protected information
Notice requiring disclosure
Obligations of secrecy and tipping off
Circumventing the procedure
The privilege against self-incrimination
England & Wales
United States of America
Canada
Belgium
Concluding observations
9 Proof: the technical collection and examination of electronic evidence
Nigel Wilson, Andrew Sheldon, Hein Dries, Burkhard Schafer and Stephen Mason
Accreditation of the digital forensics discipline
Guidelines for handling digital evidence
Handling electronic evidence
Identifying electronic evidence
Gathering electronic evidence
Gathering of data following legal retention or reporting obligations
Copying electronic evidence
Forensic triage
Preserving electronic evidence
Analysis of electronic evidence
Tools
Traces of evidence
Reporting
Analysis of a failure
Anti-forensics and interpretation of evidence
Data destruction
Falsifying data
Hiding data
Attacks against computer forensics
Trail obfuscation
An intellectual framework for analyzing electronic evidence
Conclusions and future considerations
10 Competence of witnesses
Stephen Mason and Lynne Townley
The need for witnesses
Separating data reliability from computer reliability
Lay experts as witnesses
Qualification of witnesses
Appendix 1: Draft Convention on Electronic Evidence
Appendix 2: Cumulative vignettes
Index