COURT FILE NO.: CJ-10009
DATE: 2023-02-03
ONTARIO
SUPERIOR COURT OF JUSTICE
BETWEEN:
HIS MAJESTY THE KING
– and –
Michael Nagtzaam
Abrahan Brito
Defendants
X. Proestos and J. Lynch, for the Crown
J. Greenspan and B. Greenshields, for the Defendant Mr. Nagtzaam
R. Pillay and R. Sehkon, for the Defendant Mr. Brito
HEARD: January 25 – 27, 2023
the honourable justice i.r. smith
ruling on admissibility of web intercept evidence
Introduction
[1] In 2018 and 2019 the Ontario Provincial Police (the “OPP”) obtained judicial authorization to intercept web-browsing activity on the cell phone of the accused Michael Nagtzaam.
[2] The Crown now seeks to lead evidence before the jury of thirteen web-browsing intercepts, each referred to as a session, said to have occurred on the cell phone of Mr. Nagtzaam. Ten of the sessions are said to show a web page accessed through Mr. Nagtzaam’s phone and three are said to be photographs sent by Multimedia Messaging Service (“MMS”) to third parties. With respect to the latter (sessions 120645, 120814, and 173868), in each of the three cases the photograph is what is commonly referred to as a “selfie” of Mr. Nagtzaam.
[3] With respect to the websites said to have been accessed by Mr. Nagtzaam’s phone, they may be summarized as follows, by session number:
i. 172172 – the “Media Room” web page of Canada Border Services Agency (“CBSA”);
ii. 172393 – still photos from surveillance cameras of the Ambassador Bridge, in Windsor, Ontario;
iii. 172400 – a web page bearing the title “Gov.POLiTWiTTER.ca,” and the sub-heading “CBSA (Ambassador Bridge) Twitter”;
iv. 172401 – a list of messages with the hash tag CBSA_ABB respecting traffic flow on the Ambassador Bridge;
v. 172402 – a list of messages, also apparently respecting traffic on the Ambassador Bridge;
vi. 176710 – a web page with the title “Criminal Law Notebook” under which appears an article entitled “Information to Obtain a Search Warrant”;
vii. 177132 – the “News” web page of the Royal Canadian Mounted Police;
viii. 177290 – another web page with the title “Criminal Law Notebook” under which appears an article entitled “Execution of Search Warrants”;
ix. 177498 – the CBSA home page; and,
x. 192054 – a web page with the title “Citizens Advice Bureau” with an article entitled “Police Surveillance.”
[4] The first five of these websites are said to have been accessed by Mr. Nagtzaam’s cell phone on February 19, 2019, the next four on February 21, 2019, and the last on February 28, 2019. It is not disputed for the purposes of this voir dire that the alleged co-conspirator, Slobodan Poznic, was arrested at or near the Ambassador Bridge in Windsor on February 19, 2019, when 55 kg of cocaine was found in the truck he was operating on that date.
[5] On January 30, 2022, I ruled that this evidence was not admissible with written reasons to follow, which reasons I provide now.
The Legal Framework
[6] The admissibility of these electronic documents is governed by sections 31.1 to 31.8 of the Canada Evidence Act, R.S.C. 1985, c. C-5 (the “CEA”). Of particular importance are the following sections:
31.1 Any person seeking to admit an electronic document as evidence has the burden of proving its authenticity by evidence capable of supporting a finding that the electronic document is that which it is purported to be.
31.2 (1) The best evidence rule in respect of an electronic document is satisfied
(a) on proof of the integrity of the electronic documents system by or in which the electronic document was recorded or stored; or
(b) if an evidentiary presumption established under section 31.4 applies.
(2) Despite subsection (1), in the absence of evidence to the contrary, an electronic document in the form of a printout satisfies the best evidence rule if the printout has been manifestly or consistently acted on, relied on or used as a record of the information recorded or stored in the printout.
31.3 For the purposes of subsection 31.2(1), in the absence of evidence to the contrary, the integrity of an electronic documents system by or in which an electronic document is recorded or stored is proven
(a) by evidence capable of supporting a finding that at all material times the computer system or other similar device used by the electronic documents system was operating properly or, if it was not, the fact of its not operating properly did not affect the integrity of the electronic document and there are no other reasonable grounds to doubt the integrity of the electronic documents system;
(b) if it is established that the electronic document was recorded or stored by a party who is adverse in interest to the party seeking to introduce it; or
(c) if it is established that the electronic document was recorded or stored in the usual and ordinary course of business by a person who is not a party and who did not record or store it under the control of the party seeking to introduce it.
[7] These provisions of the CEA codify the rules of evidence respecting the authentication of electronic documents and the best evidence rule for electronic documents. In both cases, the courts have interpreted these provisions as imposing modest burdens on the party tendering the evidence. With respect to authentication, in Regina v. C.B., 2019 ONCA 380, Watt J.A. wrote (at para. 67) that the party tendering the document must lead “evidence […] capable of supporting a finding that the electronic document ‘is that which it is purported to be’” [emphasis in the original]. In Regina v. Donaldson, [2016] O.J. No. 7153 (O.C.J.), Paciocco J., as he then was, noted (at para. 6) that when determining whether an electronic document is authentic, the purpose for which the document is tendered must be “borne in mind” (see also Regina v. A.S., 2020 ONCA 229, at para 28; Regina v. Bulldog, 2015 ABCA 251, at para. 33).
[8] In Donaldson, supra, Paciocco J. also described the best evidence rule set out in sections 31.2 and 31.3, as follows:
First, the best evidence rule can be shown to be complied with by demonstrating that the document in question is a copy of an electronic document. It can be a printout. It need not always be the original.
In addition, there are presumptions relating to when documents are sufficiently quality-controlled to gain admissibility. The Crown can gain admissibility from the documents by proving that the electronic document system was functioning properly. In order to do that, they require questioning of witnesses to show the nature of the electronic document system that was utilised to secure the message, and evidence about the historical successful use of that system.
As a shortcut, there are presumptions allowing the Crown to prove other things, in which case it is presumed that the document satisfies the best evidence rule unless there is evidence to the contrary. Proof that the system on which the documents were received was functioning properly triggers a presumption; so does proving that the documents came from an opposing party's system; so does proof that the documents are third-party business records, for example.
[9] These two preconditions to admissibility, authenticity and the best evidence rule, must be satisfied by evidence. However, as is clear from the sections quoted above, the CEA prescribes no particular kind of evidence, leaving the means by which the evidentiary threshold is met unrestricted. And indeed, the jurisprudence makes clear that evidence sufficient to meet these thresholds may be direct or circumstantial, lay or expert (C.B., supra, at paras 57, 66 – 69, 77). Sometimes, though, it may be that lay evidence of the authenticity or integrity of an electronic document may not be sufficient. Where the technology deployed is not “commonplace,” it may be that expert evidence will be required (Regina v. Ball, 2019 BCCA 32, at para. 69; Regina v. Major, 2022 SKCA 80, at paras 83, 101; Regina v. Nardi, 2012 BCPC 318, at paras. 12, 19, 25, 26; Regina v. Aslami, 2021 ONCA 249, at paras. 20, 24).
[10] Last, where these two pre-conditions to admissibility are met, the party challenging the integrity of the evidence may still attempt to persuade the trier of fact that the document is not what it purports to be, or that it has been tampered with, or that it does not bear the interpretation urged by the party which has tendered the evidence. This evidence goes to the weight to be attributed to the evidence by the trier of fact (C.B., supra, at paras. 76, 78).
The Evidence
[11] In seeking to meet the preconditions to admissibility, the Crown relies on the evidence of Detective Staff Sergeant Melanie Power of the OPP and has introduced through her Exhibit 1 on this voir dire, a USB stick on which appear the 13 sessions along with other information respecting each session. The sessions are viewed in software called Package Explorer, which software is one part of a suite of software products used by the police in electronic intercept cases and provided by a company called JSI.
[12] When Exhibit 1 is opened in Package Explorer, a split screen appears, with the thirteen sessions listed on the left side of the screen with information including the line from which the session was intercepted (Mr. Nagtzaam’s cell phone line) and the date, time, and duration of the session. When one clicks on one of the sessions described on the left side, the image associated with that session appears on the right side of the screen.
[13] Det. S-Sgt. Power testified that she was the technical co-ordinator for Project Tattler, the police operation by which the charges before the court were investigated. In that capacity, Det. S-Sgt. Power was responsible for drafting the informations to obtain authorizations for electronic interception of communications and for overseeing the implementation of those authorizations.
[14] Det. S-Sgt Power testified that the police identified a telephone number for Mr. Nagtzaam and confirmed subscriber information for the number with Mr. Nagtzaam’s cell service provider (Rogers Communications (“Rogers”)). The police sought and obtained prior judicial authorization to intercept Mr. Nagtzaam’s private communications and web browsing activity on that cell phone. The JSI system was used for these interceptions.
[15] Det. S-Sgt. Power said that she has been working with the JSI software since June of 2017, when she spent time in the wire room of another OPP project, learning how the JSI system works and observing the monitors and investigators use it but, as she put it, having no responsibility at that time for doing so herself. This “learning year” ended in September of 2018 when Det. S-Sgt. Power was assigned for the very first time to be the technical co-ordinator of an OPP project case, in this instance, Project Tattler, during which project she worked again with the JSI software. Det. S-Sgt. Power also testified that she has since worked on another project which utilized the JSI software.
[16] As a first step on Project Tattler, Det. S-Sgt. Power said that she submitted Mr. Nagtzaam’s subscriber information from Rogers to the electronic interception support team at the OPP, which made arrangements with Rogers to “hook” Mr. Nagtzaam’s line so that information from it could be fed into the JSI system which was used to intercept and manage that information.
[17] As part of her responsibilities, Det. S-Sgt. Power oversaw the “wire room” where monitors listened to intercepted telephone calls and read intercepts of Short Message Service (“SMS”) text messages. Collectively, these voice and text intercepts were referred to as “telephony.” In addition, monitors reviewed web browsing activity said to be occurring on Mr. Nagtzaam’s phone, including MMS messaging. These interceptions were referred to as “IP data” or just “data.” Throughout her testimony, the witness referred to these two categories respectively as the “telephony side” and the “data side.”
[18] Det. S-Sgt. Power testified that she sometimes listened to telephone calls as they were being intercepted in the wireroom. One of the wire room monitors would put the call on speaker so that she could listen. This was something she did frequently. During some of the intercepted telephone calls, Mr. Nagtzaam identified himself. This satisfied Det. S-Sgt. Power that the OPP had hooked the correct line. Over time, she came to recognize Mr. Nagtzaam’s voice. She said she has never encountered a situation where JSI has intercepted the wrong phone number, and she never listened to an interception of Mr. Nagtzaam’s phone without Mr. Nagtzaam being a party to that call. She also read his telephony side texts from time to time. She further testified that the date, time and duration of the intercepted calls and texts are pieces of information supplied by Rogers and cannot be changed in the JSI software.
[19] On the IP data side, Det. S-Sgt. Power said that different JSI software was used to intercept web browsing and MMS messaging data conducted using Mr. Nagtzaam’s phone. She said that the date and time of the browsing or messaging was created by Mr. Nagtzaam’s device and sent to JSI by the cell phone carrier and could not be changed once received by the OPP. I note both (1) that the project on which Det. S-Sgt. Power was an observer in 2017 and 2018 had intercepted telephony but had not intercepted web activity and (2) that, in fact, Project Tattler was the first time that the OPP had ever employed JSI’s web browsing interception technology. Det. S-Sgt. Power agreed that the technology and the OPP’s use of it was novel, and that there was therefore no “track record” that could demonstrate its accuracy. She said that prior to Project Tattler she received no training on JSI respecting the interception of internet data. Instead, she had an orientation session early on in the life of the first Project Tattler authorization where she sat down with the monitors to see how the IP data appeared in the wire room. She took no notes of this event.
[20] Det. S-Sgt. Power said that what could be seen in the wire room when monitoring the web browsing activity live was the domain name of the web page accessed and, for unencrypted pages, an image of the page that was accessed by the cell phone. Monitors could not see any search terms entered on the device, or how the page was accessed otherwise, nor could they see “the cursor moving around”. All that could be seen were images of the pages visited or loaded using the device, not what was actually happening on the device.
[21] Det. S-Sgt. Power was alerted by monitors who were watching Mr Nagtzaam’s web browsing at about the time of Mr. Poznic’s arrest that there had been activity of interest to the investigation. She reviewed the intercepted pages several days later, on February 25, 2019. This was the second time she had reviewed web browsing intercepts. She agreed that neither her November 2019 orientation nor her February 2020 review of intercepted web activity were conducted with a view to determining whether the technology was working properly.
[22] Det. S-Sgt. Power said that she received instructions from Crown counsel about which sessions they wished to tender in evidence and that she provided that information to a member of the OPP’s electronic intercept support team who prepared Exhibit 1 in her absence.
[23] Det. S-Sgt. Power testified that the MMS messages in Exhibit 1 were sent from Mr. Nagtzaam’s phone, on the date and at the time listed in that exhibit, to the telephone number listed, and that in each case a selfie of Mr. Nagtzaam was sent. With respect to the web pages listed in Exhibit 1, she said that those pages were accessed by Mr. Nagtzaam’s phone on the dates and at the times listed in Exhibit 1.
[24] Initially, Det. S-Sgt. Power testified that she compared data relating to the 13 sessions as it is displayed in the JSI review software called Package Explorer (which, among other things, is used to disclose intercepted data to the defence) to the data for the same 13 sessions as it is displayed in the JSI’s UCM software used by the police in the wireroom (but not available to the defence). In each case, Det. S-Sgt Power said, there were no discrepancies between the data observed on Package Explorer and the data observed on UCM. As I observed in my earlier disclosure ruling, this is not surprising given that all the data is said to come from the same source, i.e., Rogers.
[25] Later, however, Det. S-Sgt. Power advised Crown counsel that there had been a mistake in her evidence that should be corrected. She took the stand again and explained that she had noticed that one of the sessions tendered by the Crown, session number 172393, had three still photographs from surveillance cameras at the Ambassador Bridge. Det. S-Sgt. Power observed that the first two of the three photos contained in session 172393 as displayed on Package Explorer were identical. On further investigation, using the UCM software, Det. S-Sgt. Power was able to see that this particular session had not loaded properly onto Package Explorer and that there were in fact three different photographs, each of a different file size.
[26] She was advised that the problem in exporting the information into Package Explorer was caused by the fact that the first two of the three photos had the same file name, and that in those circumstances – which, she learned, the police have encountered previously – the software recognizes just one of the identically named files and loads it twice into Package Explorer. Det. S-Sgt. Power said that the only “work around” for this problem is to take a “screen capture” of the second photo on the UCM program and to provide that as a separate electronic or printed document. Det. S-Sgt. Power took such a screen capture, which has become Exhibit 2 on this voir dire. Exhibit 2 does show that the two photos have the same file name and that the third photo has a different file name. Det. S-Sgt. Power testified that she believed that the file names were assigned by the website being visited, but that she did not know that for sure.
[27] Det. S-Sgt. Power said that at her direction a search for further anomalies like the one which affected session 172393 was conducted and that no other anomalies were identified. She also said that the photograph which did not appear in the Package Explorer version of session 172393 had been disclosed to the defence in what she called the “TDR Report” although it would not have appeared in the Package Explore disclosure provided to the defence.
[28] With respect to the MMS selfies, Det. S-Sgt. Power testified that she could see that SMS texts on the telephony side were being sent to the same number at about the same time by Mr. Nagtzaam, although I note that none of these SMS texts is in evidence.
[29] With respect to the web pages contained in Exhibit 1, Det. S-Sgt. Power testified that the images displayed in the exhibit are the images that displayed in the web browser on Mr. Nagtzaam’s device. She said that JSI could not tell how long a web page was open, or whether the user actually looked at it or for how long, or whether he or she scrolled up or down on the page.
[30] With respect to session 172393, Det. S-Sgt. Power noted that the third of the three photographs has a date and time stamp which shows the same date as that captured on Exhibit 1 and a time that was 4 minutes earlier than the time displayed in Exhibit 1.
[31] Exhibit 1, in addition to the images I have described, and the basic data like date, time and duration on the left-hand side of the screen, also includes other information, accessible through live links and/or tabs above the image or, as in the case of session 172393 and the MMS sessions, appearing directly above the images on the right-hand side of the screen. I think it is a fair summary of Det. S-Sgt. Power’s evidence that she was able to say what some of this information was, but not all of it, and that much of her evidence respecting it was either information learned from others or educated guesses. She testified that she had never used those tabs, which were not part of the intercepted image.
[32] Moreover, Det. S-Sgt. Power was unable to say how the data came from Mr. Nagtzaam’s phone, through Rogers and to JSI or to the OPP. She testified to some beliefs and understandings on these topics, sometimes inconsistently, but did not have any actual knowledge. Similarly, Det. S-Sgt. Power’s evidence respecting the explanation for the failure of three different photographs to load onto Exhibit 1 was information she relayed from others. In other words, it was hearsay. I do note that Det. S-Sgt. Power did appear to be conversant with some topics related to the means by which images are sent from one device to another. She said that she acquired that knowledge from a course for Digital Technical Investigators at the Canadian Police College at a time when she was assigned to investigate cases of child exploitation.
[33] Det. S-Sgt. Power agreed that the comparison she did between the data as displayed on UCM and as displayed on Package Explorer was a comparison of data that was internal to the wire room. In other words, she was comparing the same data with itself. By contrast, although the police seized Mr. Nagtzaam’s cell phone and extracted information from it, she did not compare that information with the data set out in Exhibit 1.
Positions of the Parties
[34] Ms. Proestos, for the Crown, submits that the low hurdles imposed by the CEA have been surmounted and that there is some evidence that the electronic documents are what the Crown purports that they are.
[35] Mr. Greenshields, for Mr. Nagtzaam, makes a series of attacks on the admissibility of the web browsing evidence. I find it necessary to deal with just one of those attacks: that the Crown has failed to satisfy the CEA preconditions to admissibility of electronic documents because the evidence on the voir dire establishes only that which the OPP was able to see in the wire room, but does not establish that what the OPP saw in the wire room was reflective of what was happening on Mr. Nagtzaam’s phone.
Discussion
[36] I begin the analysis of the issue by noting that it is agreed by all, including Det. S-Sgt. Power, that she is not an expert in JSI’s web browsing software. She has not been qualified to give opinion evidence and the admissible evidence she has offered is based on her own observations and conduct. Those observations have included what she has seen collected by the JSI software designed to intercept web browsing software. As I have said, she twice reviewed some of the results of those intercepts during the life of the judicial authorizations in this case, and she gave directions for the preparation of what is now Exhibit 1.
[37] But Det. S-Sgt Power testified that before Project Tattler she had never been trained on the web browsing intercept technology and had never used it before. She said that there was an orientation session at the outset of the project, when she saw some of the intercepted material, but did not look at it again until after Mr. Poznic was arrested. I have almost no evidence respecting the nature of that orientation session. Moreover, neither then, nor in February 2019 after Mr. Poznic’s arrest, was the officer looking at the intercepted material with a view to determining whether the technology was working properly. Further, not only had Det. S-Sgt. Power never used the web browsing intercept technology before Project Tattler, neither had the OPP. Project Tattler was the OPP’s first experience deploying the technology. Det. S-Sgt. Power agreed with the suggestion that the OPP could not draw on a track record of successful and accurate deployments of the JSI web browsing intercept technology.
[38] In addition, there is no evidence that the OPP took any step whatsoever to test whether the technology works, nor any evidence from someone from JSI, or from some other expert, that the technology works.
[39] As noted above, when determining whether the preconditions to admissibility set out in the CEA have been met, it is important to bear in mind the purpose for which the Crown leads the evidence. Here, the Crown hopes to show that the web pages were accessed by Mr. Nagtzaam’s cell phone with a view to asking the jury to infer that Mr. Nagtzaam was interested in and viewed the websites about the CBSA, the Ambassador Bridge, the RCMP, and police investigative powers and techniques, because Mr. Poznic, his alleged co-conspirator, had been arrested having come across the border at the Ambassador Bridge in possession of a quantity of cocaine.
[40] Although Det. S-Sgt. Power testified that the web pages captured by JSI’s web browsing software were accessed by Mr. Nagtzaam’s cell phone on the dates and at the times set out in Exhibit 1, she actually has no knowledge that this is so. It is no more than a belief that she has done nothing to test. Moreover, she testified that the data captured by the intercept does not reveal how the sites were accessed – whether by search terms being typed into a search engine or by some other means – or how long a web site was open or visible on Mr. Nagtzaam’s phone, whether it was looked at, or whether the user of the phone scrolled up or down to look at the whole page. In my view, there is no evidence in support of the proposition that the electronic documents in question were accessed by, visible on, or reviewed by the user of, Mr. Nagtzaam’s phone.
[41] As I have said, Det. S-Sgt. Power simply does not know whether what is found in Exhibit 1 is reflective of what was happening on Mr. Nagtzaam’s phone. That evidence could have been supplied by someone with greater knowledge and/or by way of expert opinion (see Rex v. Raha, 2023 ONSC 190, at paras. 15 – 16; Nardi, supra, at para. 19). However, I do not want to be taken as having concluded that expert evidence was necessary in this case or will always be necessary to establish the authenticity of such electronic documents.
[42] First, as the cases demonstrate, the courts have become more permissive respecting the admissibility of evidence created by technology as the experience of the courts with that technology grows. As discussed by the Court of Appeal in Regina v. Hamilton, 2011 ONCA 399, at paras. 273 – 279, when evidence derived from cell tower data was first introduced in criminal cases, expert evidence was often required to establish the integrity and meaning of that evidence. Now, however, the courts and counsel have a close familiarity with cell tower evidence, and it may be confidently admitted without the need to tender expert opinion evidence. The experience of the officers who have collected the data can now be enough to establish the admissibility of the evidence and to allow appropriate inferences to be drawn from that evidence with confidence.[^1] Similarly, commonly used technologies like Facebook can also in many cases be admitted on the basis of lay evidence of the account user alone (Ball, supra, at paras. 69, 77, 85; Major, supra, at paras. 83, 101; Regina v. K.M., 2016 NWTSC 36, at paras. 40 – 44)
[43] Given the infancy of the technology used in this case, however, there can be no such confidence based on wide-spread experience here. Indeed, as the witness conceded, the OPP had no experience with the technology, which she agreed was “novel.”[^2] Moreover, counsel have been unable to find any Canadian case which deals with the admissibility of this kind of web browsing intercept evidence. There is quite simply no evidence before me about how or whether the technology is reliable or accurate (see Aslami, supra, at paras. 20, 24; Nardi, supra, at para 12).
[44] Second, the OPP might have tested the technology and reported on the results of those tests to the court. If the OPP had hooked one of its own cell phones to the JSI system, caused that cell phone to access web pages and send photographs by MMS message, and shown how JSI recorded what was done, evidence of that test may have proven the accuracy of the system and authenticated the electronic documents tendered in this case.
[45] Third, the OPP might have made an effort to show that the contents of Mr. Nagtzaam’s later-seized cell phone confirmed that the websites said by JSI to have been accessed by that phone were in fact so accessed. I add here the observation I made above, that the check which Det. S-Sgt. Power did conduct – comparing the Package Explorer data against the MCU data – proved nothing. In that exercise, she was simply viewing the same data in two different kinds of review software. She did nothing to compare the data the OPP had to any other data.
[46] In summary, in this case, none of these routes to proving authenticity is available on the evidence before me: no expert evidence, no evidence of experience, no testing evidence, no confirmation by way of other evidence.[^3]
[47] In the end, all that is available to me are the documents and system-generated evidence itself. To be sure, that evidence is suggestive of the idea that Mr. Nagtzaam’s phone accessed the websites in question on the dates set out in Exhibit 1 and that it sent selfies by MMS text. But to accept that this amounts to some evidence that the documents are what they are purported to be is to engage in circular reasoning whereby the premise urged by the Crown is assumed to be established because the premise itself is accepted. In other words, that the electronic documents captured by JSI and displayed in Exhibit 1 were accessed or sent by Mr. Nagtzaam’s cell phone is said to be established because JSI was deployed to capture electronic documents accessed or sent by Mr. Nagtzaam’s cell phone.
[48] I do not doubt that some connection was made between Mr. Nagtzaam’s phone and the OPP or JSI, and that information was fed from Mr. Nagtzaam’s phone to JSI, but what that information means, when, how or whether it was accessed on Mr. Nagtzaam’s phone, and when, whether and how it was displayed on Mr. Nagtzaam’s phone, is nowhere established on the evidence.
[49] While the circumstances are suspicious given the timing of Mr. Poznic’s arrest, and while I accept that the content of the electronic documents themselves can form part of the body of circumstantial evidence available to me (see C.B., supra, at paras. 58, 76), reasoning from these facts that authentication is established would be to conclude that because the web pages look like web pages in the wireroom and because they fit the Crown’s theory of the case, they must be web pages that were accessed and appeared on Mr. Nagtzaam’s phone and are incriminating of him. The flaw in this reasoning is that, as I have said, there is no evidence about how the documents were accessed or how they appeared on Mr. Nagtzaam’s phone. As Paciocco J. observed in Donaldson, supra (at para. 17), “suspicion is not a replacement for evidence” (see also Aslami, supra, at para. 28; Nardi, supra, at para. 25).
[50] Turning to the selfies sent by MMS, there is similarly insufficient evidence to authenticate these electronic documents. While the photos in question are clearly photos of Mr. Nagtzaam, apparently taken by himself, again there is no evidence of how or, more to the point, whether this novel technology worked and therefore whether the information viewed in the wireroom replicated information viewed on Mr. Nagtzaam’s phone, including whether the messages were sent.
[51] Second, what Det. S-Sgt. Power called the “system-generated” data about the messages, including from whom the message was sent, is internally inconsistent on Exhibit 1. On the left-hand side of the screen when looking at Exhibit 1, the information suggests that the messages were captured from Mr. Nagtzaam’s line. On the right-hand side, the system-generated information appearing above each selfie says that the message was from an “unknown” number. Det. S-Sgt Power testified frankly that she could not explain this inconsistency. On the face of the exhibit itself, one is left to wonder whether the selfie was sent to the third-party line by Mr. Nagtzaam or by some unknown person or line, assuming it was sent at all.
[52] Further, while Det S-Sgt Power testified that there were telephony side SMS text messages which were sent between Mr. Nagtzaam’s phone and the numbers to which the selfies were allegedly sent at times proximate to the sending of the selfies, as I noted above, none of the SMS messages is in evidence and there is no evidence before me that any of those messages constituted a reply to, or confirmation of receipt of, Mr. Nagtzaam’s selfie.[^4]
[53] In all these circumstances and given the purpose for which the evidence is tendered, I am of the view that the Crown has failed to authenticate the electronic documents contained in Exhibit 1 on this voir dire. These are not matters that can be said to go only to the weight to be attributed to the evidence. There is no evidence that the documents are what the Crown purports that they are.
[54] I have also considered whether, if I am wrong about whether the MMS selfies have been authenticated, they offer evidence that could assist in the authentication of the web page evidence. In my view, they do not. While they may offer some evidence, were they authenticated, that the phone line was Mr. Nagtzaam’s, and that he possessed the phone, these conclusions do not overcome the limitations of the web page evidence I described earlier: that there is no evidence of how or whether the websites were accessed on Mr. Nagtzaam’s phone, nor how or whether any of the websites was displayed on Mr. Nagtzaam’s phone.
[55] For all these reasons, the documents found on Exhibit 1 are not admissible.
I.R. Smith J.
Released: February 3, 2023
COURT FILE NO.: CJ-10009
DATE: 2023-02-03
ONTARIO
SUPERIOR COURT OF JUSTICE
HIS MAJESTY THE KING
– and –
Michael Nagtzaam
Abrahan Brito
Defendants
ruling on admissibility of web intercept evidence
I.R. Smith J.
Released: February 3, 2023
[^1]: One of the reasons for confidence discussed in Hamilton, supra, is the fact that the carrier companies base their billing practices on the cell tower data (see para. 277). There is no evidence before me that any of the “system-generated” data set out in Exhibit 1 is used by Rogers for billing purposes respecting IP data. See also Nardi, supra, at para. 13.
[^2]: I note that JSI and the telephony intercept technology it uses are not new or novel to the courts in Ontario, but there was no evidence that the track record of reliability of that technology establishes in any way the reliability of the IP data intercepted in this case.
[^3]: Compare C.B., supra, at paras. 58, 75 and 76, where the alleged sender of the text acknowledged that it came from her phone, explained the content of the message, and a private investigator explained how the evidence had been extracted from the phone of the recipient and linked back to the sender. In Regina v. S.H., 2019 ONCA 669 (see paras. 18 – 27), the Crown called three police officers to establish the authenticity and integrity of text messages. One was a certified operator of the extraction tool used by the police to extract information from cell phones. He certified the contents of the exhibit tendered by the Crown. Another officer testified about the preparation of the extraction report. That report revealed “consistently coherent conversations between the sender and recipient” of the text messages (see para. 22). See also the Facebook cases referred to at para. 42 above, where the users of the technology themselves testified and established the authenticity of the electronic documents.
[^4]: See the discussion of authentication by reply evidence in C.B., supra, at paras. 68 – 69. Compare also S.H., supra, at para. 22.