Like many people, I make a lot of assumptions.  Lately, I have made a lot of assumptions about people’s level of knowledge when it comes to cyber security and technology.  This is likely due to my background and training.  If you work in the IT or cyber security or related areas chances are you also make a lot of these assumptions as well.

Recently I learned that the level of knowledge regarding cyber security and technology amongst the legal profession is not as high as I had assumed.  This is not a knock on my colleagues in the law profession, but my failure to avoid making assumptions.  For instance, when emails are offered into evidence their authenticity must be established, but does this include whether the email address is genuine and was not spoofed, the content is original and was not altered, the date and time was not altered, the location of where the mail was accessed if webmail; how webmail works, where the servers are located, the meta data of messages, etc.  Example: if one party offers emails to prove a point about their opponent and the offering party had not been given access to the email account, the question should be raised as to where the emails came from and whether they constitute evidence of a crime; e.g. was the email account hacked?

This is not unique to email but would apply to social media accounts as well.  Many people today do not realize how easy it is to fake, alter and manipulate Online or E-accounts.  Certainly the legal profession must be provided the training and information to know the right questions to ask regarding the authenticity of evidence.