Lowered Standards of Evidence

As we progress through the digital age, courts are addressing questions of whether digital evidence is reliable. Many experts assert that it can be easily planted, manipulated or deleted without a trace.

Despite a previous precedent where a printed copy of a web page was deemed “insufficient evidence,”[1] Judge Forrest allowed the government to rely almost exclusively on digital evidence, none of which was original.

Aside from the Bates testimony, the government’s entire case against Ross relied on the digital evidence from his laptop. (In fact, Bates’s testimony contradicted the government’s narrative because he confirmed that Ross had passed Silk Road on to someone else in 2011[2]).

It was only after combing through thousand pages of trial transcripts and materials that the defense was able to start unveiling the questionable circumstances in which the evidence from the laptop was produced:

  • At the arrest scene, FBI agent Thomas Kiernan was the first to take possession of the laptop and immediately started punching commands into the computer.[3] He plugged his USB drive in and began copying files without producing digital fingerprints to ensure the copies matched the originals.[4][5] By doing so, he overwrote some of the metadata for those files.[6][7]
  • Kiernan “triaged” the laptop in the library for one or three hours (depending on when he was asked at trial)[8][9], he then “transported” it to Ross’s house about eight blocks away.[10] All that time, Kiernan was in sole possession of the laptop with nothing more than a few screenshots and photos to document what he did with it.
  • Eventually, Kiernan “gave it over” to Christopher Beeson of RCFL, a private contractor in San Francisco.[11] Beeson also overwrote metadata by creating tar archives (like zip files) of commonly used directories on the laptop.[12]
  • Beeson later admitted he was not familiar with the Guidelines for Evidence Collection and Archiving which clearly states not to run programs like tar that modify metadata.[13][14] During the tar process, Beeson was stopped by a failure[15] he was never able to determine the cause of, nor could he confirm he had properly copied the files.[16][17]
  • Next, Beeson attempted to make a copy of the unencrypted partition of the laptop’s hard drive using “dd,” a “powerful tool” colloquially referred to as “disk destroyer” because if misused, it can cause irreparable harm to the data being manipulated.[18] While running “dd” several times, Beeson tried to generate a digital fingerprint but it kept failing each time.[19] Eventually, Beeson finished the copy of the hard drive without producing a digital fingerprint.[20]
  • On October 3rd, two days after the laptop was initially seized, Beeson turned his attention to the data in the laptop’s RAM.[21] What happened to the computer over those two days remains unknown, but again there were problems. Kiernan and Beeson had overwritten or modified the data with all they had done up to that point.
  • Beeson wasn’t “quite sure how to do [the] RAM capture” and had to ask for assistance and look up documentation.[22][23] He tried anyway and admittedly “crashed the computer,” losing unknown information and locking the laptop behind encryption.[24]
  • Not one photo taken by Kiernan or Beeson to document their work showed the right time: they were all either three hours ahead, or 40 minutes behind.[25][26]
  • Both agents ignored “order of volatility” guidelines,[27] and used obsolete, unreliable methods.[28]

How true the “copy” Beeson extracted is to the original Kiernan seized from Ross is unknowable. Nor can it be known what exactly Kiernan did with the laptop before handing it over to Beeson, or what data was lost when Beeson crashed the computer. It is indisputable, however, that the laptop was not handled professionally, yet all evidence was admissible at trial.

Beeson eventually sent Kiernan the copy he had made of the laptop’s hard drive and the laptop itself,[29] which Kiernan called a useless “brick.”[30] Kiernan then made another copy of Beeson’s copy[31] and the prosecution used this as the basis for their case against Ross. All evidence from the laptop used against Ross at trial was a screenshot of a copy of a copy.[32][33]

Excerpt [PDF] from Kiernan’s testimony at trial

Not only are the authenticity and reliability of the evidence debatable, but the contents of the evidence itself raise concerns. The government tried to prove that Ross was DPR by using screenshots of online chats authored by anonymous users, or screenshots of text files that could have been created by anyone and placed on a computer in seconds.

“The government did not produce a single witness to testify firsthand that Ross authored any of the communications attributable to DPR.” – Joshua Dratel appealing Ross’s conviction.[34]

This ruling sets a precedent that makes it much easier for the government to convict and imprison people. Now, according to Judge Forrest, provable, tangible evidence is not needed to send a person to prison. Mortgage companies will not accept a screenshot of a copy of a copy of a bank statement, but Judge Forrest does, to put a man away for life.

Consequently, the defense asserts that the standard of evidence has been lowered, and this puts us all in peril.

References