Skip to content
Menu
Trust but verify, How To Approach Electronic Evidence, Electronic Evidence, Evidence, Fake Evidence, Fake Documents, software stacks, stacks

When word processing and graphic design became desktop tools, there was a concern that bad actors now had the ability to create fake documents. And some did.

But today, even as the world has become more and more digitized, one of the unintended consequences of that interwoven digitalization is the increased difficulty to create fake evidence. This is due to several contributing factors.

4 Reason It’s Harder To Create Fake Evidence

First, our individual documents have become increasing complex. Take email as an example. Originally, emails were simple text communications with limited features. Today, they can be colorful, animated, filled with attachments, broadcast to many recipients, prioritized, rules-driven, automated, and be set up for automatic responses.

All of these aspects rely on a variety of features that, themselves, carry a variety of metadata or tell-tale characteristics, that can easily be overlooked by the average forger, or incorrectly replicated. In one recent case, recently, a plaintiff fabricated a PDF of an alleged email chain. In one of the subject lines, he used mixed Serif and Sans Serif fonts. This cannot happen in a valid email. This was a fatal flaw.

Second, we work with software stacks. A “stack” is a collection of software tools that are combined to provide a collective capability. When you use multiple tools in combination with each other, each is assisting, and recording, the events. Eventually, these recorded stories have to agree. When evidence is faked, they don’t.

Third, our operating systems have become more and more user friendly, which in turn requires a lot more work behind the scenes. This work is facilitated with system handshakes, activity logs, security checks, and other systems that, again, record and document what the system is doing on a high-volume and high-frequency basis.

Finally, thanks to connectivity and mobility, the systems that we use go through a variety of service providers to bring data from point A to point B. Not only does this create a data trail, that trail is often in the hands of multiple systems, belonging to multiple service providers. Even if you knew all the places to create fake data, or falsely change existing data, it’s impossible to gain modification access to all of them.

For all of these reasons, compounded with the need for disaster recovery, data security, and data privacy – all of which result in more tracking, more logs, and more copies of our activities – it has become increasingly impossible to fully fake evidence.

Should You Accept Or Dig? Look For These Red Flags

Instead, forgers can only hope that you do not dig deep enough. The challenge then becomes knowing when to accept, and when to dig. Here are some easy flags to look for to determine if you should accept, or challenge, data:

  • Is it too good to be true? If so, then it might be worth looking into.
  • Is the electronic copy missing? When we see key evidence produced only in paper form, where the original is no longer available, then that raises  a red flag.
  • Are there no other witnesses? When we have cases where other people involved in a document, or an email communication, are not available and only the person proffering the evidence is available to discuss it, or – worse yet – there are others who do not recall the document, or refute it, that is a red flag.

Recently, we had a case where all three red flags came up. That warranted a deeper dive into the evidence (in this case one email, one read receipt, and one picture of the plaintiff’s outbox). That deeper dive revealed over 100 problems in the evidence. It wasn’t just fake, it was really, really fake.

The U.S. legal system relies on the integrity of the parties to allow our system of civil procedure and discovery to work. But, in the words of Ronald Reagan during his administration’s negotiations with our adversaries and our allies, sometimes you need to take a position of “trust but verify.” We promote the same approach with respect to electronic evidence. Especially where red flags start to show.


iDS provides consultative data solutions to corporations and law firms around the world, giving them a decisive advantage  – both in and out of the courtroom. Our subject matter experts and data  strategists specialize in finding solutions to complex data problems – ensuring data can be leveraged as an asset and not a liability.

en_GBEN_GB