CAAF will hear oral argument in United States v. Lubich, No. 12-0555/NA, on Tuesday, February 19, 2013. The court granted review of the following issue:
Whether the military judge erred by overruling defense counsel’s foundation and authentication objections and admitting computerized data evidence gathered by an unnamed Navy-Marine Corps Intranet (NMCI) analyst who used an unidentified process with unknown reliability to collect data related to appellant’s network user activity.
Lawyers and computers mix surprisingly badly (try running a law blog if you don’t believe me). During the special court-martial trial of ET2 Lubich for impersonating her supervisor (a commissioned officer) and submitting fraudulent documents while applying for a $10,000 loan in his name, records of internet activity from her Navy-Marine Corps Intranet (NMCI) account were introduced through a Naval Criminal Investigative Service (NCIS) cyber forensics examiner. The NCIS examiner testified that he prepared two reports from six CDs of data provided to him by an unidentified NMCI analyst. No evidence was introduced to describe how the NMCI analyst gathered the data, to confirm its accuracy, or even to explain how it could logically be tied to the Appellant.
The trial defense counsel objected to the introduction of the NCIS examiner’s reports on foundation and confrontation grounds (though apparently did not make a specific hearsay objection. Additionally, I don’t see any evidence in the briefs or the CCA’s opinion that the NCIS examiner’s testified as an expert witness in an associated field.). The trial military judge denied the defense objections, and admitted the NCIS examiner’s reports as Prosecution Exhibits 19 and 23, ruling:
I believe that argument goes more to the weight of the evidence, and you certainly can explore that in cross-examination. The objection is overruled. I find that both Prosecution Exhibits 19 and 23 for identification have been sufficiently authenticated and that the Confrontation Clause is not implicated because we are dealing with an automated process, no conclusions in these documents themselves and, again, it’s an automated process with very little discretion involved on the part of the person that was obtaining the data.
United States v. Lubich, No. 201100378, slip op. at 3 (N-M.Ct.Crim.App. April 19, 2012) (unpublished) (per curiam). The two reports were admitted, the Trial Counsel made extensive reference to their contents during argument, and ET2 Lubich was convicted by a panel of members with enlisted representation of one specification of violation of Article 80 and two specifications of violation of Article 134, and sentenced to confinement for 45 days, forfeiture of $1,300 pay per month for two months, reduction to pay grade E-3, and a bad-conduct discharge.
The NMCCA reviewed the case and considered the admissibility of the NCIS examiner’s reports on confrontation, hearsay, and authentication grounds. Addressing hearsay and confrontation, the CCA found that because the reports were generated by machines, and because machines are not declarants, the reports are neither hearsay nor testimonial. Lubich, No. 201100378, slip op. at 4 (citing United States v. Sweeney, 70 M.J. 296, 301 (C.A.A.F. 2011) (“machines are not declarants”)). Addressing authentication, the CCA found that, “A review of PE 19 and PE 23 unequivocally establishes that those two exhibits are exactly what the trial counsel claimed them to be: an exhaustive, detailed history of the appellant’s online activities from her NMCI account.” Id. slip op. at 5. The CCA affirmed the findings and sentence, and CAAF granted review to consider the foundation/authentication objection (and presumably denied a request to review the confrontation/hearsay issue).
Because CAAF didn’t grant review of the confrontation/hearsay issue, I won’t discuss it further in this post. But I’ve long thought that the courts have the whole “machine-generated” bit wrong. Machines don’t generate anything without human instruction (the software) and direction (the input). At least, not yet they don’t.
The Appellant’s brief focuses on caselaw that discusses the authentication of computer evidence. Citing bankruptcy proceedings, Imwinkelreid’s Evidentiary Foundations, and various state cases, as well as CAAF’s opinion dealing with the authentication of surveillance footage in United States v. Harris, 55 M.J. 433 (C.A.A.F. 2001), the brief reads like a request for the court to wade into the muddy waters of trial-stage questions of reliability and accuracy. There are a lot of obvious questions that are hard to avoid when considering the NCIS examiner’s reports: how can we know that the Appellant was the one using the computer (and that her account wasn’t compromised), or that the data all came from her account (and there was no spillover), or that the NMCI analyst accurately gathered the data, or that the dataset was complete…
The Government’s response explains why these questions might make the NCIS examiner’s reports bad evidence, but they don’t render them inadmissible (or, as the trial judge noted, why these questions go to the weight of the evidence and not its admissibility). Particularly when considered exclusive of any hearsay issue:
[The examiner] need only be generally familiar with NMCI’s process and not have personal knowledge of the actual evidence collection. Similar to the witnesses in Garces and Dabaneh, [the examiner] offered testimony detailing the automated NMCI process used to retrieve Appellant’s NMCI user data. Although he did not personally initiate NMCI’s automatic data search and verified his understanding of the data collection process through conversations with NMCI, Garces and Debaneh show he is not required to have personally collected the data in order for him to authenticate the data. And as there is no hearsay objection before this Court, there is no need for [the examiner] to lay the additional foundation for the business records hearsay exception.
Gov’t Resp. at 10. Members are instructed that the burden to prove the guilt of the accused is on the Government, and that it never shifts to the accused to establish innocence or to disprove facts necessary to establish each element of each offense. The Defense can – and should – pummel the Government in argument by highlighting every omission and inconsistency in the case (like the uncertain pedigree of the analyst’s reports in this case). This is a compelling reason for the Government to present a strong case free of the kind of questions surrounding these reports, but the Government is perfectly free to present a weak/circumstantial case that makes us bystanders scratch our heads and wonder.
Moreover, I suspect CAAF will focus more on the question of what to authenticate, than on the question of how to authenticate, due to the need to define a limiting principle. For instance, in this case the NCIS examiner authenticated his own reports, not the data given to him. If that’s not enough, and the Government must authenticate the source data, what stops the analysis there? Why not require authentication of the software used by the NMCI analyst (call the programmer), or the operating system (call Bill Gates), or the computer hardware (call the factory assembly-line worker)? Why not call a Cartesian philosopher to authenticate reality? The Government called the NCIS examiner who explained that he generated reports from the data given to him. The risk that the data was garbage may create reasonable doubts about the reports’ conclusions (to be exploited during argument), but it doesn’t make them inadmissible.
In a reply brief, the Appellant highlights the hidden issue in this case: hearsay. “The only evidence at trial regarding the NMCI system and process for collecting data, a phone call from an unnamed NMCI employee, was hearsay evidence.” Reply Br. at 5. This case would be much more interesting if it were about the hearsay in the reports. But CAAF’s granted issue doesn’t include the hearsay question (unless the Appellant can somehow convince the court to subsume “hearsay” within “foundation and authentication”). Moreover, the apparent lack of a clear hearsay objection is problematic from an appellate perspective.
Appellate courts are incredibly lenient when it comes to trial-stage rulings on the admissibility of evidence, and will only reverse where there was an abuse of discretion by the trial judge in the form of clearly erroneous findings of fact or a decision based on an erroneous view of the law. Because of this leniency, and the narrowness of the granted issue, I predict a tough oral argument for the Appellant, followed by a quick affirmation.
• NMCCA opinion
• Blog post: Machine generated printouts are not statements
• Blog post: CAAF grant
• Appellant’s brief
• Appellee’s (Government) brief
• Appellant’s reply brief
• Blog post: Argument preview