CAAF decided United States v. Lubich, No. 12-0555/NA, 72 M.J. 170 (CAAFlog case page) (link to slip op.), on May 3, 2013, rejecting the Appellant’s challenge to the trial judge’s decision overruling foundation and authentication objections to two Government exhibits based on computerized data. Judge Erdmann writes for a unanimous court.
ET2 Lubich was convicted, contrary to her pleas, by a special court-martial composed of members with enlisted representation of one specification of attempted larceny, one specification of wrongfully and knowingly transferring, possessing, or using a means of identification of another person, and one specification of impersonating a commissioned officer with the intent to defraud, in violation of Articles 80 and 134. She was sentenced to confinement for 45 days, forfeiture of $1,300 pay per month for two months, reduction to pay grade E-3, and a bad-conduct discharge.
During the trial, records of internet activity from the Appellant’s Navy-Marine Corps Intranet (NMCI) account were introduced through a Naval Criminal Investigative Service (NCIS) cyber forensics examiner. The NCIS examiner testified that he prepared two reports from six CDs of data provided to him by an unidentified NMCI analyst. The trial defense counsel objected to the introduction of the NCIS examiner’s reports on foundation and confrontation grounds The trial military judge denied the defense objections, and admitted the NCIS examiner’s reports, leading to the conviction.
The NMCCA reviewed the case and rejected the Appellant’s assignments of error on confrontation, hearsay, and authentication grounds. CAAF then granted review to determine:
Whether the military judge erred by overruling defense counsel’s foundation and authentication objections and admitting computerized data evidence gathered by an unnamed Navy-Marine Corps Intranet (NMCI) analyst who used an unidentified process with unknown reliability to collect data related to Appellant’s network user activity.
Judge Erdmann begins his discussion with consideration of the meaning of “authentication”:
“The requirement of authentication or identification as a condition precedent to admissibility is satisfied by evidence sufficient to support a finding that the matter in question is what its proponent claims.” M.R.E. 901(a). Evidence may be authenticated through the testimony of a witness with knowledge “that a matter is what it is claimed to be.” M.R.E. 901(b)(1). M.R.E. 901(b)(9) permits evidence resulting from a “process or system” to be authenticated via “[e]vidence describing [the] process or system used to produce [the] result and showing that the process or system produces an accurate result.”
Lubich, slip op. at 9. But he continues with an important factual issue:
Here the Government claimed that the data contained on the six CD-ROMs was taken from Lubich’s NMCI Internet accounts. During argument on the motion, the military judge invited the defense counsel to elaborate on the authentication objection. Defense counsel responded, “It’s my understanding that the data that Mr. Schmidt analyzed came from Petty Officer Lubich’s computers at NSAWC. I mean, I don’t think there’s any dispute about that.” This is significant as the defense recognized that the data was from Lubich’s Internet accounts, but nevertheless argued that it was necessary to have direct testimony from NMCI personnel as to the process utilized by NMCI to collect the data.
Slip op. at 9 (emphasis added). Oops. Hard to complain about a lack of authentication after you’ve conceded the authenticity… I’ve often been glared at by opposing counsel (and by a few judges) for being unwilling to concede facts during trial (and, for that matter, for filing lengthy briefs in order to establish a record of the facts that I consider important; but that’s gotten me more than mere glares). This is a good example of why I try to avoid concessions.
Judge Erdmann continues with further discussion of authentication and the mere “prima facie showing” needed to prove that “the item is what the proponent claims it to be. . .” Slip op. at 11 (quoting Jack B. Weinstein & Margaret A. Berger, Weinstein’s Federal Evidence § 901.02, at 901-13 to 901-14 (Joseph M. McLaughlin ed., 2d ed. 2003)). Significantly (I think), Judge Erdmann continues with Weinstein’s explanation that “[i]n general, electronic documents or records that are merely stored in a computer raise no computer-specific authentication issues. If a computer processes data rather than merely storing it, authentication issues may arise.” Slip op. at 12 (quoting Weinstein § 900.06, at 900-68). My gut doesn’t agree with this conclusion at all, since data storage and integrity issues are significant considerations when making any conclusions about the identity of the contents of an information system.
However, Judge Erdmann finds that the witness’ testimony was adequate to authenticate the data used to generate the reports. The witness explained how the data was collected (based only on familiarity with the process; someone else did the collection), and he testified that he verified the process with NMCI. So:
The Government therefore made a prima facie showing of authenticity by presenting evidence sufficient to allow a reasonable juror to find that data on the six CD-ROMs was data from Lubich’s Internet accounts. [The witness’] testimony established that NMCI transferred data stored on the computers to the CD-ROMs utilizing an automated process rather than analyzing or manipulating the data.
Slip op. at 13. Judge Erdmann notes that “once this preliminary standard for reliability was established, the defense had the opportunity to attack the perceived weaknesses in the case through cross-examination of [the witness],” and that the Defense did so. Slip op. at 13-14.
Finally, Judge Erdmann explains that the court:
decline[s] to adopt Lubich’s proposal that we develop a detailed authentication analysis for computer data. There are numerous scenarios in which this issue will arise and we see no benefit in attempting to craft a “standard” test to analyze all computer data situations. We will continue to rely on the military judge’s discretion to determine authenticity.
Slip op. at 14. A footnote distinguishes a case relied on by the Appellant, United States v. Harris, 55 M.J. 433 (C.A.A.F. 2001), which utilized the “silent witness” theory to address the authentication of a viodeotape. Judge Erdmann explains that “That situation differs from this case where Lubich concedes that the data was taken from her Internet account.” Slip op. at 14 N.8.
In my argument preview I noted that:
Appellate courts are incredibly lenient when it comes to trial-stage rulings on the admissibility of evidence, and will only reverse where there was an abuse of discretion by the trial judge in the form of clearly erroneous findings of fact or a decision based on an erroneous view of the law. Because of this leniency, and the narrowness of the granted issue, I predict a tough oral argument for the Appellant, followed by a quick affirmation.
I didn’t predict the significance of the Appellant’s trial-stage concession that the data came from the computers she used, but it’s a significant basis for CAAF to find no abuse of discretion.
• NMCCA opinion
• Blog post: Machine generated printouts are not statements
• Blog post: CAAF grant
• Appellant’s brief
• Appellee’s (Government) brief
• Appellant’s reply brief
• Blog post: Argument preview
• Oral argument audio
• CAAF opinion
• Blog post: CAAF affirms in Lubich
• Blog post: Opinion analysis