Are scanned documents legally admissible?
Many organisations view the legal admissibility of scanned documents as a barrier to adopting truly paperless working practices; despite the fact that for the best part of two decades the law in the UK has given evidential weight to electronically stored information, subject to the appropriate authentication standards being met.
In this whitepaper, we will explore why so many British businesses hold onto this preconception, as well as examining how the more forward-thinking among them can digitise their data without worrying that they are compromising it from a legal perspective.
1. Legal admissibility and the paperless office
The idea of a paperless office has been around for decades, but for many organisations, it still seems like a practical impossibility, regardless of how appealing the concept is in principle. This is often frustrating for advocates of the concept, because while some of the barriers that they report are understandable; such as budgetary constraints, others are imaginary.
The latter include the common preconception that scanned documents will not be admissible, or given the same evidential weight in court as physical copies are.
i. Common obstacles to going paperless
In Winning the Paper Wars, a July 2013 report from the Association of Information and Image Management (AIIM), more than 500 information professionals were polled on the factors holding their organisations back from adopting paperless processes.
Some 44 per cent of respondents said they were not scanning documents because “physical signatures on paper are obligatory”, while 34 per cent worried that “legal admissibility will be compromised”. Respectively, these two concerns were the first and third most frequently cited overall, coming ahead of factors like the readability of scanned documents and whether or not electronic storage can be relied on.
This is problematic, because scanned documents have actually carried evidential weight in the UK since the mid- 1990s. Similar legislation has also existed in other territories for many years.
AIIM president John Mancini summarised: “Our research confirms that companies that adopt paper-free business processes benefit by reducing costs, improving customer service, and raising worker productivity. But we’ve also learned that executives are still not comfortable using electronic signatures and electronic documents, even though they are 100 per cent admissible in a court of law.”
Brian Wall, director of BML Solutions and an AIIM-accredited business process management master, agrees this is the case. “Most organisations assume paper is the only reliable source, so imaged copies are not acceptable,” he comments. “However, it is actually the factual content existing on the paper copy that is important – only in a very few cases are the paper and ink themselves challenged.”
ii. Why is legal admissibility an issue?
It is entirely understandable that organisations should be concerned that the authenticity of their data might be challenged if documents are stored in a particular way.
For example; law firms, financial services providers and property professionals (such as chartered surveyors) regularly hold contracts, leases and deeds that might need to be presented in court, and which bear the manuscript ink signatures of parties or witnesses that unequivocally evidence an agreement.
However, this is not the only way in which an agreement can be upheld in court. Michael-Jon Andrews of law firm Barlow Robbins points out: “The courts have always accommodated evidence from the parties to a dispute as to what was agreed between them without the need to see any physical record. Subject to the facts of a case satisfying the legal test for establishing the existence of a contract, verbal agreements are just as legally binding as those written down. One can also demonstrate what has been agreed by a course of conduct.”
It is also worth pointing out that documents and agreements bearing electronic signatures are admissible as evidence, as per the Electronic Communications Act 2000, the Electronic Signatures Regulations 2002 and the Electronic Commerce Directive 2000. In fact, many people sign documents electronically on a day-to-day basis without realising what they are doing. Logging into a bank account online, for instance, is a one-way authentication process that is legally equivalent to signing a piece of paper.
So, why do so many organisations still chase physical signatures when electronic alternatives are available? According to Doug Miles, head of AIIM’s Market Intelligence Division, it could be down to “a lack of trust on the part of legal counsel despite progressive legislation to the contrary” – meaning that decision-makers do not fully understand what the law requires, and do not, therefore, have the confidence to throw their weight behind an electronic signing solution. There are a number of reasons why organisations are widely confused as to the legal admissibility of their documents; both with regard to signatures, and digital reproductions in general. Perhaps the most significant reason is the absence of clear, consistent guidelines that all sectors could follow.
For example; HMRC, says that electronic tax records are acceptable, so long as the scanning process does not obscure any data – and the results can be presented to VAT auditors in a readable format when required.
The Law Society, conversely, noted in 1999 that it felt there was “a dearth of judicial authority on this topic” and recommended that a scanned document should only be considered admissible if there is evidence that the original has been destroyed. More recent practice notes have suggested that electronic information should be treated in the same way as any other material.
Meanwhile, the Financial Conduct Authority (FCA) Handbook says that any medium used to store records is acceptable, so long as those documents are readily accessible if a regulator should need to examine them, and they cannot be manipulated or altered in some way.
In summary, it is reasonable to suggest that while scanned documents are generally accepted by experts and courts, it can be something of a minefield for an organisation to prove that it complies with every possible set of guidelines.
What, then, are the characteristics that ensure a genuinely watertight electronic document storage solution?
2. What the law says
While digitisation is a relatively recent development, the reproduction of documents is not. Long before computers arrived in our offices, paperwork was copied onto microfilm and microfiche for transmission, storage, printing and reading.
The question of a reproduced document’s legal admissibility is by no means a new one. Reproductions have, in fact, been upheld by British courts since the Civil Evidence Act 1968.
Of course, legislators in the mid-1960s did not foresee the technology that we have today. The law was revised three decades later, resulting in the Civil Evidence Act 1995 – a watershed moment for scanned documents.
Below is an extract from sections 8 and 9 of the act.
8. Proof of statements contained in documents
(1) Where a statement contained in a document is admissible as evidence in civil proceedings, it may be proved – (a) by the production of that document, or (b) whether or not that document is still in existence, by the production of a copy of that document or of the material part of it, authenticated in such manner as the court may approve.
(2) It is immaterial for this purpose how many removes there are between a copy and the original.
9. Proof of records of business or public authority
(1) A document which is shown to form part of the records of a business or public authority may be received in evidence in civil proceedings without further proof.
(2) A document shall be taken to form part of the records of a business or public authority if there is produced to the court a certificate to that effect signed by an officer of the business or authority to which the records belong.
At first glance, this legislation seems to confirm that scanned documents are admissible in court, even in cases where the reproduction is several generations apart from the original. However, it is important to note that the Civil Evidence Act 1995 specifies that electronically stored information needs to be “authenticated in such manner as the court may approve.”
In layman’s terms, this means that, although the court cannot reject out of hand a document that has been scanned and digitally reproduced, if it has been handled poorly or tampered with, it might not be possible to demonstrate to the satisfaction of the court that it is an accurate copy of the original, or that it is reliable enough to support the case. This raises a whole new set of concerns. If an organisation stores electronic information adhoc, it might overlook the importance of making sure that these records cannot be manipulated. This makes it impossible to prove in court that the information has not been tampered with.
Mr Andrews reports that, in ten years of practice, he has never encountered problems with digital reproductions of documents being used by courts or tribunals. “If there were a dispute as to the authenticity of a document merely because it was only available as an electronic copy … the party challenging that document would in my view have to present a very compelling and credible reason to the court as to why it should not be accepted,” he comments.
In reality, Mr Andrews adds, challenges to documents’ authenticity would arise long before the parties arrive in court, because preparing for a trial requires an exchange in advance of all documents in their possession or control that are relevant to the case. “By far the greater problem that I find companies face is not being able to find all the relevant documents in the first place,” he comments. “This is far less likely to happen if everything is systematically stored and catalogued electronically. The actual risk of losing a case in the rare event that an electronic document is treated with less evidential weight than a materially different but apparently original document has to be weighed in the balance with the risk of losing the evidence completely.”
It is critical, of course, that the process of digitisation is handled correctly. Mr Wall argues: “If the whole paper document lifecycle – from initial ownership through to final destruction – is not managed well, implementing a scanning regime will provide little positive comfort in terms of legal admissibility. In many instances, it may actually be detrimental to the business believing they can dispose of the paper because they have an image.”
However, several benchmarks have been put forward – and widely adopted by the paperless vanguard – to outline best practices in the handling of scanned documents.
3. Benchmarks for businesses
It is important to note that complying with standards such as those set out by the International Organization for Standardization (ISO) and British Standards Institution (BSI) is voluntary.They are designed to provide clear, consistent and thorough guidelines, so organisations can prove that they are working to the same benchmark.
Whether or not a business adheres to one of these frameworks is entirely their call.
i. BS 10008:2008 Evidential Weight and Legal Admissibility of Electronic Information
The cutting-edge British benchmark for ensuring that scanned documents carry evidential weight is the BS 10008 standard. In the eyes of BSI and its partners, an organisation that implements BS 10008 is a shining example of best practice, and more importantly, their electronically-stored information should prove unassailable in court.
BS 10008 is not the BSI’s first attempt at creating a benchmark for legally admissible scanned documents. The standard builds on earlier guidelines, most importantly BIP 0008, to ensure that they continue to stand up in the 21st century.
“BIP 0008 is all about best practice for the physical-paper-to-image process and the ongoing management of the image file for the rest of its life, alongside that of the paper,” comments Mr Wall. “It also provides guidance for the handling of all electronic information by the organisation – storage, transmission, transfer, security and so on.”
Meanwhile, Mr Wall explains that BS 10008, the successor to the BIP 0008 guidance, comprises “a wider view of how an organisation operates and looks after its information. It covers data management, audit trails, encryption and the authentication of electronic signatures, among other aspects. In short, it offers enough guidance to put to rest the concerns raised by respondents to AIIM’s ‘Winning the Paper Wars’ survey: the preconceptions that physical signatures on paper are obligatory and that the scanning of documents will compromise legal admissibility.”
ii. Other standards that you can use
The BSI is not the only institution to have addressed the evidential weight of electronically stored information in the form of a documented standard.
For instance, the ISO offers a very similar benchmark. It is called ISO/TR 15801:2009 and, in that organisation’s words, describes “the implementation and operation of document management systems that can be considered to store electronic information in a trustworthy and reliable manner” It overlaps fairly substantially with BS 10008.
A recent development also worth mentioning is that the PDF Association (PDF/A) standard, which builds on Adobe’s widely used Portable Document Format (PDF), is increasingly accepted too. Notably, it appears in MoReq 2010, the European Commission’s most recent guidelines on what it calls “model requirements for the management of electronic records”, meaning that it is supported by EU legislators.
Finally, Mr Wall suggests that organisations seeking to satisfy a BS 10008 compliance audit will “naturally be in a better position” should they also be accredited to ISO standards like 9001:2008 (quality management) and 15489-1:2001 (records management).
He offers one caveat, however: “Many of these certifications leave the information management aspects untested or even excluded.”
4. The challenges of best practice
So far, we have discussed the reasons why some organisations worry that their scanned documents are not admissible in court, what the law has to say on the issue, and some of the internationally recognised benchmarks that provide a common ground for best practice.
We have not, however, covered exactly what a business needs to do in order to prove that they are compliant with standards such as BS 10008 and ISO 15081.
Implementing one of these processes can be difficult and costly. Although these standards are designed with clarity and consistency in mind, they are by their very nature rigorous – and therefore taxing to adhere to.
This makes a good business case for the outsourcing of the document scanning process. Instead of attempting to put together a BS 10008 or ISO 15081-compliant electronic document storage solution in-house, an organisation might employ an accredited subcontractor to accomplish much the same thing, without affecting day-to-day productivity.
Drawing on the expertise of a third party who is fluent in these standards is particularly advisable for an organisation that is going paperless for the first time. If there is an extensive amount of paperwork to scan, it is important to get the task right first time around to avoid making costly errors.
Building on three decades of experience in storage and archiving, Dajon Data Management has spent the past few years putting together a portfolio of fully accredited digitisation services. These include document scanning, online backup and a range of cloud and enterprise solutions.
We are confident that, should civil disputes arise, our clients’ electronically stored information will not be successfully challenged as to its authenticity in court – and that they will continue to reap the benefits of having adopted a paperless office.
Sources
AIIM, ‘Winning the Paper Wars – capture the content and mobilize the process troops’ (http://www.aiim.org/Research-and-Publications/Research/Industry-Watch/Paper- Wars-2013)
Electronic Communications Act 2000 (http://www.legislation.gov.uk/ukpga/2000/7/ contents)
Electronic Signatures Regulations 2002 (http://www.legislation.gov.uk/uksi/2002/318/ regulation/2/made)
Electronic Commerce Directive 2000 (http://eur-lex.europa.eu/LexUriServ
LexUriServdo?uri=OJ:L:2000:178:0001:0001:EN:PDF)
AIIM, ‘Digital Signatures – Making the Business Case’ (http://www.aiim.org/Research-and-Publications/Research/AIIM-White-Papers/Digital-Signatures)
HM Revenue and Customs, ‘Keeping records for business – what you need to know’ (http://www.hmrc.gov.uk/factsheet/record-keeping.pdf)
The Law Society, ‘Guidance – ownership, storage and destruction of documents’
FCA Handbook, Record keeping (http://media.fshandbook.info/content/FCA/SYSC/9/1. pdf)
Civil Evidence Act 1968 (http://www.legislation.gov.uk/ukpga/1968/64/contents)
Civil Evidence Act 1995 (http://www.legislation.gov.uk/ukpga/1995/38)
BSI, ‘BS 10008 Evidential Weight and Legal Admissibility of Electronic Information’ (http://www.bsigroup.com/en-GB/bs-10008-legal-admissibility-of-electronic-information/)
BSI, ‘Improved practice for the legal admissibility of information stored electronically’ (http://www.bsigroup.com/en-GB/about-bsi/media-centre/press-releases/2004/3/ Improved-Practice-For-The-Legal-Admissibility-Of-Information-Stored-Electronically/#. UmYmCHA3vXF)
ISO, ‘ISO/TR 15801:2009 Document management – Information stored electronically – Recommendations for trustworthiness and reliability’ (http://www.iso.org/iso/home/ store/catalogue_tc/catalogue_detail.htm?csnumber=50499)
European Commission, ‘MoReq2 – Update and extension of the Model Requirements for the Management of Electronic Records’ (http://ec.europa.eu/archival-policy/moreq/ spec_moreq2_en.htm)
PDF Association (http://www.pdfa.org/p
Contributors
Brian Wall, BML Solutions, www.bmlsolutions.co.uk, Brian@bmlsolutions.co.uk
Michael-Jon Andrews, Barlow Robbins Solicitors, www.BarlowRobbins.com, Michael-JonAndrews@BarlowRobbins.com>