Proof of Compliance – How Reliable is Email as Evidence?

Can Emails Be Used As Evidence in Court

Peter Sweeney – Waterford Technologies

You may think that an email is accepted as a reliable document in court these days and using it would be as simple as printing it off, showing that the contents prove your case and going home with a judgement in your favor.

However, particularly in the UK, things are not so simple. The authenticity and reliability of the document will be subject to scrutiny by the court before it is accepted and may be subject to attack from the other party in the case.

The rules in relation to the admissibility of documents are covered in the Civil Evidence Act 1995 and the use of emails as evidence is treated in the same manner as any other document.

Companies can help themselves by adhering to good industry practice. In the case of electronic documents, and this includes scanned documents as well as emails, there is a code of practice called BS 10008.

The key elements of this practice are as follows:

Authenticity: Processes to be followed at system planning, implementation and the procedures by which the systems should be operated. These steps help to verify and authenticate your digital records and the integrity of your data

Storage and access procedures: Steps to ensure that data is stored correctly and only authorized personnel can input and edit data. Procedures including scanning, indexing, retrieval, system administration, archiving, off-site storage and training

Demonstrability of adherence: A structured audit process resulting in a Certificate of Conformity that displays demonstrability of adherence to the specifications set out in the BS 10008 standard

How to Prove Compliance

The reality is that to prove compliance and admissibility you need a system that captures every email and indexes, archives, compresses and digitally encrypts them at the point of sending and receipt. That means that the veracity of the email can be proved.

Any change to an original email can be seen as the digital signatures would not match the email stored at the point of origin. No emails can be deleted by the users from the archive unless it is part of the company retention policy and well defined as a process. Chains of email can easily be tracked and reported on.

So, hoping that your emails would prove your case just as they are may not have a good outcome.  In addition, the process of email discovery can be hugely time consuming unless all emails are already archived and indexed, when it becomes the work of a few minutes.

It is a potential minefield and without third party applications helping your company you could be very exposed.  If you would like to know more about solutions and procedures that can help with this, contact us at Waterford Technologies and we can help find the best solution for you.