An excerpt from the forthcoming paper
E-Mail as Evidence: An Authentication Guide for Attorneys, Judges and Magistrates
by David Bank CNE, CCSE, CCNA

© 2006-2007 David Bank

 [Overview]     [Footnotes]

E-Mail: The New Evidence

Is it real, or is it E-Mail?

Electronic mail, or E-Mail, has grown into an important part of any network infrastructure. From humble beginnings, E-Mail has become a major communications medium. Individuals register vanity Domain Names. Having an address in a cool Domain, like, has become a status symbol.

However, E-Mail is not, and never has been, a secure medium. [1] Electronic mail can be altered, either during transmission, or after receipt. Furthermore, E-Mail is not guaranteed delivery - just because an E-Mail is sent does not mean it was received, or that it was received by the intended recipient. [2]

Despite these limitations, E-Mail is increasingly a factor in legal cases, both civil and criminal. Starting with Iran-Contra, and including the Microsoft anti-trust trials, the Big 6 accounting firm scandals, and high-profile prosecutions like that of Jack Abramoff, civil and criminal trials are including E-Mail as evidence of malfeasance or criminal actions.

More commonly, jilted spouses, ex-friends, former business associates and personal enemies come before magistrates and courts, seeking redress of real or imagined wrongs or torts. Some attempt to use the legal system as a way to exact revenge. [3]

In cases that are emotionally charged, or that are high-stakes for the particular participants, the ease by which electronic evidence may be altered, or fabricated, may prove too tempting for some, or even all, parties. Officers of the court system must be attuned to this possibility when considering E-Mail submitted as evidence by parties. [4]

The purpose of this paper is to offer an appropriate level of technical, as opposed to legal, guidance to attorneys, judges and magistrates in evaluating electronic mail offered as evidence, specifically in the more common cases where the evidence was not gathered forensically. In particular, this paper will look at ways that such evidence may be authenticated or repudiated. Because E-Mail can be faked or altered [5], it is important that such records be corroborated. Without authentication, fraudulent evidence can derail the justice process.

This paper is a guide to looking at E-Mail with an eye towards making sure it is what it purports to be. However, it does not directly address the question of if a particular E-Mail should be admitted as evidence, nor does it cover other issues governing evidence admissibility, such as relevance or circumstance.


[1] See The Digital Lawyer: Paradigm Shifts in the Practice of Law by Alan Gahtan [External Link]

[2] For example, On Time Aviation, Inc. v. Bombardier Capital, Inc. (2006); United States District Court, D. Connecticut, Civil Case No. 3:04CV1765 (JBA) (D. Conn. July 26, 2006); WL 2092075

[3] In People v. Lee, No. C38925 (CA Supr. Ct. Jan. 30, 1997), an employee faked an E-Mail message for use as evidence in obtaining settlement in civil sexual harassment action against a former boss. After the employer paid a settlement, the fraud was uncovered.

[4] As an example, see Inventory Locator Serv. LLC v. Partsbase, Inc. (2006); (W.D. Tenn. June 14, 2006); WL 1646091

[5] See Carnivore: US Government Surveillance of Internet Transmissions by E. Judson Jennings, published in Virginia Journal of Law and Technology, Volume 6, Issue 2 [External Link]

[Return to Top]

© 2006-2007 David Bank