Electronic Documents and Records

From Criminal Law Notebook
Revision as of 02:43, 2 February 2019 by Admin (talk | contribs) (Text replacement - "'''([a-zA-Z]+ [a-zA-Z]+ [a-zA-Z]+ [a-zA-Z]+ [a-zA-Z]+ [a-zA-Z]+ [a-zA-Z]+)'''<br>" to "; $1")

Introduction

Electronic documents are governed by s.31.1 to 31.8 of the CEA. The provisions are meant to apply "in conjunction with either some common law general rule of admissibility of documents or some other statutory provision". The sections have the effect of deeming electronically produced documents as "best evidence" (see s.31.1 and 31.2).[1]

The CEA must be complied with for all evidence coming from a computer.[2]

In determining the admissibility of electronic documents the court must determine whether the record is authentic and reliable.[3]

Malleabillity of Electronic Records

The fact that records are electronic render them more malleable and so should be considered more closely for authenticity and reliability.[4]

Evidence Act Only Affects Authentication and Best Evidence
These rules, however, are not intended to "not affect any rule of law relating to the admissibility of evidence, except the rules relating to authentication and best evidence."[5]

These provisions are meant to address the fact that "technological change has rendered the former distinction between originals and copies a moot distraction in many areas".[6]

It has been suggested that s. 31 is not designed as an exception to hearsay, instead only provide a process of authentication and admissibility.[7]

In most cases where electronic documents are being tendered as documentary evidence--ie. where the data was inputted by a human--it should be treated as hearsay.[8]

In order to admit electronic documents for the truth of its contents, in the absence of the author, may only be admitted as business records through s. 30 of the CEA or by using one of the hearsay exceptions.[9]

Records of Automated Processes

Records created by an automated process is not hearsay as there is no person behind the records that could potentially be cross-examined on the meaning of the information.[10]

Variable Standard

The admission of electronic documents will vary on the format that the record takes (printout, scanned copy, or native digital format). All cases the documents must be authentic and satisfy the best evidence rule.

  1. R v Morgan, [2002] N.J. No. 15 (QL) (Prov. Ct.)(*no CanLII links) at para 20-21
  2. R v Donaldson, 140 WCB (2d) 513(*no CanLII links) , per Paciocco J, at para 3
  3. R v Nde Soh, 2014 NBQB 20 (CanLII), per Lavigne J, at para 22
  4. Soh, ibid. ("electronic documents are much more malleable than ordinary documents. They give rise to specific problems with respect to authenticity and reliability. It is possible to overcome these problems by applying sections 31.1 to 31.8 of the Act.") see also R v Andalib-Goortani, 2014 ONSC 4690 (CanLII), per Trotter J
  5. See s. 31.7 ("31.7 Sections 31.1 to 31.4 do not affect any rule of law relating to the admissibility of evidence, except the rules relating to authentication and best evidence.") 2000, c. 5, s. 56.
  6. R v Hall, [1998] BCJ No 2515 (BCSC), 1998 CanLII 3955 (BC SC), per Owen-Flood J, at para 52
    See also Desgagne v Yuen et al, 2006 BCSC 955 (CanLII), per Myers J suggesting file copies are sufficient for litigation unless integrity is being challenged
  7. R v Mondor, 2014 ONCJ 135 (CanLII), per Greene J, at para 38
  8. Mondor, ibid., at paras 18 to 19
    Underwood and Penner, Electronic Evidence in Canada (Toronto: Carwell, 2013) at p. 13, 14
  9. Mondor, ibid., at para 38
  10. Saturley v CIBC World Markets, 2012 NSSC 226 (CanLII), per Wood J

Receipt of Electronic Documents

Section 842 permits courts to "create, collect, receive, store, transfer, distribute, publish or otherwise deal with electronic documents" in accordance with the Code or rules of court.

Transfer of data


843. (1) Despite anything in this Act, a court may accept the transfer of data by electronic means if the transfer is made in accordance with the laws of the place where the transfer originates or the laws of the place where the data is received.

Time of filing

(2) If a document is required to be filed in a court and the filing is done by transfer of data by electronic means, the filing is complete when the transfer is accepted by the court.
2002, c. 13, s. 84.

Documents in writing

844. A requirement under this Act that a document be made in writing is satisfied by the making of the document in electronic form in accordance with an Act or the rules of court.
2002, c. 13, s. 84.


CCC

Definition of Electronic Documents

Under s. 31.8 of the CEA, "electronic documents" are defined as:

31.8
...
...data that is recorded or stored on any medium in or by a computer system or other similar device and that can be read or perceived by a person or a computer system or other similar device. It includes a display, printout or other output of that data.


CEA

This definition would include emails, all computer files, meta data associated with computer files, content of websites such as Facebook, Twitter, and chat logs found online.[1]

Similarly, s. 841 of the Code defines "data" and "electronic document":

Electronic Documents
Definitions

841 The definitions in this section apply in this section and in sections 842 to 847. data means representations of information or concepts, in any form. (données) electronic document means data that is recorded or stored on any medium in or by a computer system or other similar device and that can be read or perceived by a person or a computer system or other similar device. It includes a display, print-out or other output of the data and any document, record, order, exhibit, notice or form that contains the data. (document électronique)
R.S., 1985, c. C-46, s. 841; R.S., 1985, c. 31 (4th Supp.), s. 97; 2002, c. 13, s. 84.


CCC

  1. R v Nde Soh, 2014 NBQB 20 (CanLII), per Lavigne J, at para 21
    Desgagne v Yuen et al, 2006 BCSC 955 (CanLII), per Myers J - suggests definition includes metadata

Elements of Admission

The requirements for admission of an electronic document are:

  1. Authenticity
  2. Integrity / Reliability
  3. Not Hearsay
  4. Relevant and Material

The first two steps of authenticity and integrity / reliability are governed exclusively by s. 31.1 to 31.3 of the Canada Evidence Act. Establishing the second step includes the requirement that the form of the evidence satsifies the "best evidence rule" in addition to requiring that the evidence itself is sufficiently reliable. Section 31.3 provides a statutory shortcut to proof of integrity through the proof of integrity of the document system, however, even where the short cut fails, the evidence can still be admited through common law proof of reliability.[1]

  1. R v Hamdan, 2017 BCSC 676 (CanLII), per Butler J

Authentication

The burden is upon the party tendering the electronic document to prove its authenticity:

Authentication of electronic documents

31.1 Any person seeking to admit an electronic document as evidence has the burden of proving its authenticity by evidence capable of supporting a finding that the electronic document is that which it is purported to be.
2000, c. 5, s. 56.


CEA

The proof of authentication is as condition precedent to admission of records.[1]

There is "no objective standard to measure sufficiency"[2]

The standard has been described as simply requiring evidence "capable of supporting a finding that the electronic document is as it claims to be". There must be "some evidence of authenticity".[3] This standard is merely a threshold test that permits the evidence to be considered for "ultimate evaluation" and nothing more.[4]

No Proof of Integrity

At the authentication stage, the judge is not to consider the "integrity" of the evidence, which is the focus of analysis on s. 31.2 relating to the "best evidence rule".[5]

There is some suggestion that the party seeking admission of the record has the burden to establish the absence of any tampering.[6] However, it should not be taken too far when it comes to electronic records, including internet sourced records, since all electronic documents have the potential to be manipulated in some way.[7]

Authentication of Identity Evidence

Where the identity of the accused whose communication is found an electronic document is in dispute, the proof of authenticity requires that the Crown adducing the evidence show:[8]

  1. "a preliminary determination must be made as to whether, on the basis of evidence admissible against the accused, the Crown has established on a balance of probabilities that the statement is that of the accused" and
  2. "If this threshold is met, the trier of fact should then consider the contents of the statement along with other evidence to determine the issue of innocence or guilt."
Authentication of cell phone evidence

In relation to the admission of text messages found on a cell phone, the question of who sent the text messages is an issue of authentication and relevance not hearsay.[9] Where the party adducing the evidence cannot prove who sent the message then they are not reliable".[10]

Proof of identity of the sender which is relevant to authentication and reliability should include elements such as:[11]

  • recorded purchaser and subscriber;
  • usage being consistent with the activities of the alleged user;
  • location where the phone was used
  • observational evidence of "exclusive or non-exclusive use" of the cell phone;
  • contents of the cell phone text messages and telephone calls;
  • patterns in cellphone and text message communications including the messages themselves; and
  • evidence from witnesses who received communications from a cell phone and who can identify the source of those communications.

Linking a facebook account to an email address known to be used by the accused can be sufficient to authenticate facebook chat log.[12]

Authentication of Social Media and Web Evidence

Screenshots of a website are not admissible simply as being forms of photograph and must comply with the s. 31.1 to 31.8 of the Evidence Act.[13] However, it will usually be sufficient to have the account owner, or a party to a chat log, authenticate the records as accurate.[14] This is not always necessary, and it can be authenticated by someone other than the person taking the screenshot as long as they have some first-hand familiarity with the contents of the website.[15]

Even a person with limited technological experience and knowledge can authenticate social media.[16]

  1. R v Avanes, 2015 ONCJ 606 (CanLII), per Band J
  2. FH v McDougall, 2008 SCC 53 (CanLII), per Rothstein J
  3. R v Hirsch, 2017 SKCA 14 (CanLII), per Caldwell JA, at para 18
    R v CL, 2017 ONSC 3583 (CanLII), per Baltman J, at para 21 ("The common law imposes a relatively low standard for authentication; all that is needed is “some evidence” to support the conclusion that the thing is what the party presenting it claims it to be.")
  4. CL, ibid. at para 21 citing Pacioccco
  5. Hirsch, ibid., at para 18
  6. R v Andalib-Goortani, 2014 ONSC 4690 (CanLII), per Trotter J at paras 28 to 29 - photograph inadmissible due to inability to authenticate it where metadata stripped from the file
  7. R v Clarke, 2016 ONSC 575 (CanLII), per Allen J, at para 119
  8. R v Evans, 1993 CanLII 86 (SCC), [1993] 3 SCR 653, per Sopinka J, at para 32
    R v Moazami, 2013 BCSC 2398 (CanLII), per Butler J at para 12 - re admission of facebook messages
  9. R v Vader, 2016 ABQB 287 (CanLII), per Thomas J, at para 14
    R v Serhungo, 2015 ABCA 189 (CanLII), per O'Ferrall JA at para 77 appealed on other issue at 2016 SCC 2 (CanLII), per Moldaver J
  10. Vader, supra, at para 15
    Serhungo, supra, at para 86
  11. Vader, supra, at para 17
  12. R v Harris, 2010 PESC 32 (CanLII), per Mitchell J
  13. R v Bernard, 2016 NSSC 358 (CanLII), per Gogan J, at para 44
    R v Soh, 2014 NBQB 20 (CanLII), per Lavigne J
    R v Moazami, 2013 BCSC 2398 (CanLII), per Butler J
  14. Bernard, supra, at para 49
    Hirsch, supra at para 18 ("Quite simply, to authenticate an electronic document, counsel could present it to a witness for identification and, presumably, the witness would articulate some basis for authenticating it as what it purported to be ... That is, while authentication is required, it is not an onerous requirement.")
  15. e.g. Hirsch, supra - complainant authenticated facebook post despite having seen it only through a friend
  16. R v Lowrey, 2016 ABPC 131 (CanLII), per Rosborough J- mother prints out facebook page of child

Best Evidence Rule

See also: Best Evidence Rule

The "best evidence rule" can be satisfied by establishing either:[1]

  • "the integrity of the electronic documents system" that generated the document (s. 31.2(1)(a)) which is presumed (s. 31.3, see "presumption of integrity" below).
  • in the case of printouts, that the "printout has been manifestly or consistently acted on, relied on or used as a record of the information recorded or stored in the printout" (s. 31.2(2))
  • the presumption relating to electronic signatures (see s. 31.4)

Application of best evidence rule — electronic documents
31.2 (1) The best evidence rule in respect of an electronic document is satisfied

(a) on proof of the integrity of the electronic documents system by or in which the electronic document was recorded or stored; or
(b) if an evidentiary presumption established under section 31.4 applies.
Printouts

(2) Despite subsection (1), in the absence of evidence to the contrary, an electronic document in the form of a printout satisfies the best evidence rule if the printout has been manifestly or consistently acted on, relied on or used as a record of the information recorded or stored in the printout.

2000, c. 5, s. 56.


CEA

It is suggested that the best evidence rule only applies to records being admitted for the truth of its contents and not real evidence.[2]

Social Media Evidence

Given the impermanence of online evidence it can be that screenshots will be found to be the "best evidence" available.[3]

  1. See R v Nde Soh, 2014 NBQB 20 (CanLII), per Lavigne J - admitting facebook chats from testimony of one of the parties to the chat
  2. Saturley v CIBC World Markets, 2012 NSSC 226 (CanLII), per Wood J, at para 13 ("If electronic information is determined to be real evidence, the evidentiary rules relating to documents, such as the best evidence and hearsay rules, will not be applicable.")
  3. R v Hirsch, 2017 SKCA 14 (CanLII), per Caldwell JA, at para 24

Integrity of Electronic Document System

The authenticity and reliability of electronic documents can be established by "proof of the integrity of the electronic documents system rather than that of the specific electronic document".[1]

Proof of integrity is established by factors including the manner of record, compliance with industry standards, business reliance, and security.[2]

The evidence to show integrity of a records keeping system needs only show that the system was secure and that there was no observable evidence of tampering. There is no need to prove that there was reasonable no way by which records can be tampered with.[3]

Problems with the accuracy and integrity of the system will most typically go to weight rather than the admission of electronic evidence.[4]

Evidence of integrity can be from any source including a third party to the creation of the record.[5]

  1. R v Nde Soh, 2014 NBQB 20 (CanLII), per Lavigne J, at para 25
  2. R v Oler, 2014 ABPC 130 (CanLII), per Lamoureux J at para 7
  3. R v Clarke, 2016 ONSC 575 (CanLII), per Allen J
  4. Saturley v CIBC World Markets, 2012 NSSC 226 (CanLII), per Wood J, at paras 22 to 26
  5. R v Hirsch, 2017 SKCA 14 (CanLII), per Caldwell JA
    R v Lowrey, 2016 ABPC 131 (CanLII), per Rosborough J - mother printed screenshots of child's social media account

Presumption of Integrity

Under s. 31.3, in "absence of evidence to the contrary", the integrity of electronic documents are presumed where the is evidence of at least one of the following:

  1. "that at all material times the computer system or other similar device used by the electronic documents system was operating properly" (s. 31.3(a));
  2. if the device was not operating properly at all material times, that the malfunction "did not affect the integrity of the electronic document and there are no other reasonable grounds to doubt the integrity of the electronic documents system" (s. 31.3(a));
  3. that "the electronic document was recorded or stored by a party who is adverse in interest to the party seeking to introduce it";(s. 31.3(b)) or
  4. the document "was recorded or stored in the usual and ordinary course of business by a person who is not a party and who did not record or store it under the control of the party seeking to introduce it." (s. 31.3(c))
Presumption of integrity

31.3 For the purposes of subsection 31.2(1), in the absence of evidence to the contrary, the integrity of an electronic documents system by or in which an electronic document is recorded or stored is proven

(a) by evidence capable of supporting a finding that at all material times the computer system or other similar device used by the electronic documents system was operating properly or, if it was not, the fact of its not operating properly did not affect the integrity of the electronic document and there are no other reasonable grounds to doubt the integrity of the electronic documents system;
(b) if it is established that the electronic document was recorded or stored by a party who is adverse in interest to the party seeking to introduce it; or
(c) if it is established that the electronic document was recorded or stored in the usual and ordinary course of business by a person who is not a party and who did not record or store it under the control of the party seeking to introduce it.

2000, c. 5, s. 56.


CEA

Standard of Proof

The presumption can be invoked where the party adducing the electronic evidence can prove on a standard of balance of probabilities that one of the categories in s. 31.3 applies.[1]

Stored or Recorded by Adverse Party

There should be some evidence as to the "origin" of any "screen shots" and "attempt to access" the social media account.[2]

Lay Evidence

If an operator of a computer device can testify that the device was "working properly at the relevant time", and where no contradictory evidence is found, the Crown can rely on the presumption of integrity.[3]

  1. See R v Avanes, 2015 ONCJ 606 (CanLII), per Band J, at para 63
    R v CL, 2017 ONSC 3583 (CanLII), per Baltman J, at para 24 (Integrity of the storage system can be established "...under s. 31.2(1)(a), by proving the “integrity of the electronic document system” in which the document was stored. Direct or circumstantial evidence that demonstrates, on the balance of probabilities, that the electronic record in question is an accurate reproduction of the document stored on the computer is sufficient.")
  2. R v Bernard, 2016 NSSC 358 (CanLII), per Gogan J, at para 58
  3. R v KM, 2016 NWTSC 36 (CanLII), per Charbonneau J, at paras. 36-60
    R v Burton, 2017 NSSC 3 (CanLII), per Arnold J, at paras. 30-32
    R v MJAH, 2016 ONSC 249 (CanLII), per Fregeau J, at paras. 45-48
    R v Colosie, 2015 ONSC 1708(*no CanLII links) , at paras. 12-27
    R v Ghotra, [2015] OJ No 7253 (QL)(*no CanLII links) , at paras. 148-9
    R v CL, 2017 ONSC 3583 (CanLII), per Baltman J, at paras 26 to 27

Admissibility of Contents of Records

Once a computer record is authenticated, the records will usually be admissible under one of the following methods of admissibility for the truth of their contents:[1]

Where compilation was carried out by automated means, it may be possible to admit them through the common law business record method.[3]

Evidence that is "automatically recorded by any means, other than by human labour, and the evidence so recorded can be reproduced in any form, intelligible to the human mind, the reproduction is admissible as real evidence." However, "The weight to be attached to such evidence will depend on the accuracy and integrity of the process employed."[4]

Admission of Electronic Records under the Principled Approach

The analysis of reliability should "be assessed by focusing on the circumstances in which information was generated, recorded, stored, and reproduced.".[5]

  1. R v CM, 2012 ABPC 139 (CanLII), per Franklin J - review methods of admitting electronic documents, re phone records
  2. see R v McCulloch, [1992] BCJ No. 2282 (BCPC)(*no CanLII links) at para 18 regarding real evidence
    see also Saturley v CIBC World Markets Inc., 2012 NSSC 226 (CanLII), per Wood J - makes distinction between automated generated record which is real evidence, and human-made records which are documentary evidence
    Animal Welfare International Inc. and W3 International Media Ltd., 2013 BCSC 2125 (CanLII), per Ross J - agrees with Saturley
  3. Eg. R v Sunila, (1986) 26 CCC (3d) 331, 1986 CanLII 4619 (NS SC), per MacIntosh J
    R v Rideout, [1996] NJ No 341(*no CanLII links)
    R v Moisan, 1999 ABQB 875 (CanLII), (1999) 141 CCC (3d) 213, per Lee J
    R v Monkhouse, 1987 ABCA 227 (CanLII), per Laycraft CJ
  4. McCulloch, supra, at para 18
  5. R v Nardi, 2012 BCPC 318 (CanLII), per Challenger J, at para 17

Utility of Electronic Evidence

Inferences of Authorship and Account Ownership

The identity of the author of a communication can be inferred from consideration of a number of indicators:[1]

Evidence visible on the social media account can infer account ownership. This can include:[2]

  1. profile and other photographs on the account and its resemblance to the accused
  2. First and last names associated with the account and
  3. location of residence
Inferences of State of Mind

The presence of social media posts suggesting the accused's attitudes that are relevant to the charges will permit the interference of the accused state of mind at the relevant times. [3]

This will be subject to the requisite balancing of probative value against prejudicial effect.[4]

  1. R v JV, 2015 ONCJ 837 (CanLII), per Paciocco J, at para 3
    1. source of the information
    2. access to the relevant email or social media account
    3. disclosure of details known to the proported author
    4. nature of the exchanges, including whether they relate to matters known to the purported parties
    Absent evidence suggesting that the responding party was not the intended communicant, identity will generally be inferred. JV, ibid., at para 3
  2. R v Christhurajah, 2017 BCSC 1355 (CanLII), per Ehrcke J
  3. e.g. R v Bright, 2017 ONSC 377 (CanLII), per Kurke J, at paras 7 and 16
  4. Bright, at paras 26 to 27

Procedure

Dealing with data in court

842 Despite anything in this Act, a court may create, collect, receive, store, transfer, distribute, publish or otherwise deal with electronic documents if it does so in accordance with an Act or with the rules of court.
2002, c. 13, s. 84.


CCC

Proof by Standard, Procedure, Usage or Practice

Standards may be considered

31.5 For the purpose of determining under any rule of law whether an electronic document is admissible, evidence may be presented in respect of any standard, procedure, usage or practice concerning the manner in which electronic documents are to be recorded or stored, having regard to the type of business, enterprise or endeavour that used, recorded or stored the electronic document and the nature and purpose of the electronic document.
2000, c. 5, s. 56.


CEA

Proof by Affidavit

Proof by affidavit

31.6 (1) The matters referred to in subsection 31.2(2) [print-outs] and sections 31.3 [presumption of integrity] and 31.5 [proof by standard, procedure, usage or practice] and in regulations made under section 31.4 [proof of electronic signatures] may be established by affidavit.
Cross-examination
(2) A party may cross-examine a deponent of an affidavit referred to in subsection (1) that has been introduced in evidence

(a) as of right, if the deponent is an adverse party or is under the control of an adverse party; and
(b) with leave of the court, in the case of any other deponent.

2000, c. 5, s. 56.
[annotated added]


CEA

Expert Evidence for Admissibility

See also: Expert Evidence

Where the authenticity and admissibility is not being disputed there it should not be necessary to call any expert evidence in order to admit any digital evidence such as facebook, email or text messages.[1] The trier of fact can assess weight of the evidence without expert evidence, and account for the possibility of fabrication, editing or deletion, based on the testimony of the parties involved in the communication.[2]

It has been suggested that the admission of certain electronic evidence from "mundane" technology (such as social media websites or cell phone text messages) such that the typical user would be well versed in the functionality of the device and meaning of the contents, can be authenticated without expert evidence.[3]

Proof of authenticity of the record and integrity of the system can be proven either by expert evidence or by circumstantial evidence. [4] Expert evidence is preferred when authenticating the results from an extraction of an electronic device.[5]

  1. Ducharme v Borden, 2014 MBCA 5 (CanLII), per Mainella JA, at paras 15 to 17 - re civil proceedings where parties to communication testified, applying The Manitoba Evidence Act
  2. Ducharme v Borden, ibid., at para 17
  3. See Paciocco, "Proof and Progress" Canadian Journal of Law and Technology
    R v Bulldog, 2015 ABCA 251 (CanLII), per curiam
    See also R v Soh, 2014 NBQB 20 (CanLII), per Lavigne J
  4. R v Avanes, 2015 ONCJ 606 (CanLII), per Band J, at para 65
  5. Avanes, ibid., at para 65 -- judge suggests expert evidence could be simply admitted through affidavit.

Definitions

Definitions

31.8 The definitions in this section apply in sections 31.1 to 31.6.
...
“computer system” means a device that, or a group of interconnected or related devices one or more of which,

(a) contains computer programs or other data; and
(b) pursuant to computer programs, performs logic and control, and may perform any other function.


...
“data” means representations of information or of concepts, in any form.


...
“electronic document” means data that is recorded or stored on any medium in or by a computer system or other similar device and that can be read or perceived by a person or a computer system or other similar device. It includes a display, printout or other output of that data.


...
“electronic documents system” includes a computer system or other similar device by or in which data is recorded or stored and any procedures related to the recording or storage of electronic documents.


...
“secure electronic signature” means a secure electronic signature as defined in subsection 31(1) of the Personal Information Protection and Electronic Documents Act.
2000, c. 5, s. 56.


CCC


Section 31(1) of the PIPEDA states:

secure electronic signature means an electronic signature that results from the application of a technology or process prescribed by regulations made under subsection 48(1). (signature électronique sécurisée)


PIPEDA

Receipt of Sworn Documents

Oaths

846. If under this Act an information, an affidavit or a solemn declaration or a statement under oath or solemn affirmation is to be made by a person, the court may accept it in the form of an electronic document if

(a) the person states in the electronic document that all matters contained in the information, affidavit, solemn declaration or statement are true to his or her knowledge and belief;
(b) the person before whom it is made or sworn is authorized to take or receive informations, affidavits, solemn declarations or statements and he or she states in the electronic document that the information, affidavit, solemn declaration or statement was made under oath, solemn declaration or solemn affirmation, as the case may be; and
(c) the electronic document was made in accordance with the laws of the place where it was made.

2002, c. 13, s. 84.

Copies

847. Any person who is entitled to obtain a copy of a document from a court is entitled, in the case of a document in electronic form, to obtain a printed copy of the electronic document from the court on payment of a reasonable fee determined in accordance with a tariff of fees fixed or approved by the Attorney General of the relevant province.
2002, c. 13, s. 84.


CCC


Electronic Signatures

Presumptions regarding secure electronic signatures

31.4 The Governor in Council may make regulations establishing evidentiary presumptions in relation to electronic documents signed with secure electronic signatures, including regulations respecting

(a) the association of secure electronic signatures with persons; and
(b) the integrity of information contained in electronic documents signed with secure electronic signatures.

2000, c. 5, s. 56.


CEA

Sections 2 to 5 of the Secure Electronic Signature Regulations, SOR/2005-30 states that:

Technology or Process

2 For the purposes of the definition secure electronic signature in subsection 31(1) of the Act, a secure electronic signature in respect of data contained in an electronic document is a digital signature that results from completion of the following consecutive operations:

(a) application of the hash function to the data to generate a message digest;
(b) application of a private key to encrypt the message digest;
(c) incorporation in, attachment to, or association with the electronic document of the encrypted message digest;
(d) transmission of the electronic document and encrypted message digest together with either
(i) a digital signature certificate, or
(ii) a means of access to a digital signature certificate; and
(e) after receipt of the electronic document, the encrypted message digest and the digital signature certificate or the means of access to the digital signature certificate,
(i) application of the public key contained in the digital signature certificate to decrypt the encrypted message digest and produce the message digest referred to in paragraph (a),
(ii) application of the hash function to the data contained in the electronic document to generate a new message digest,
(iii) verification that, on comparison, the message digests referred to in paragraph (a) and subparagraph (ii) are identical, and
(iv) verification that the digital signature certificate is valid in accordance with section 3.


3 (1) A digital signature certificate is valid if, at the time when the data contained in an electronic document is digitally signed in accordance with section 2, the certificate

(a) is readable or perceivable by any person or entity who is entitled to have access to the digital signature certificate; and
(b) has not expired or been revoked.

(2) In addition to the requirements for validity set out in subsection (1), when the digital signature certificate is supported by other digital signature certificates, in order for the digital signature certificate to be valid, the supporting certificates must also be valid in accordance with that subsection.
4 (1) Before recognizing a person or entity as a certification authority, the President of the Treasury Board must verify that the person or entity has the capacity to issue digital signature certificates in a secure and reliable manner within the context of these Regulations and paragraphs 48(2)(a) to (d) of the Act.
(2) Every person or entity that is recognized as a certification authority by the President of the Treasury Board shall be listed on the website of the Treasury Board Secretariat.

Presumption

5 When the technology or process set out in section 2 is used in respect of data contained in an electronic document, that data is presumed, in the absence of evidence to the contrary, to have been signed by the person who is identified in, or can be identified through, the digital signature certificate.


Regs


Section 845 also states:

Signatures

845 If this Act requires a document to be signed, the court may accept a signature in an electronic document if the signature is made in accordance with an Act or the rules of court.
2002, c. 13, s. 84.


CCC

See Also