Trinidad and Tobago scandal: Could Keith Rowley's emailgate boomerang? - Baltimore Post-ExaminerBaltimore Post-Examiner

Trinidad and Tobago scandal: Could Keith Rowley’s emailgate boomerang?

If Keith Rowley’s email claims against top government officials cannot be digitally proven, then the scandal he unleashed in the parliament May 20 may have a boomerang effect.

Umesh C. Varma, an associate technology professor at Campbell University in North Carolina told the Baltimore Post-Examiner hard copy emails prove nothing except what the email said.

“The point is ‘did the email come from me’ even though it has my name?” Varma asked. “Anyone can spoof the email header and replace with someone else’s name and e-mail address.”

The opposition leader presented hard copies of purported email exchanges between Prime Minister Kamla Persad Bissessar (kamlapb1@gmail.com) her Attorney General, Anand Ramlogan (anan@tstt.net.tt), (anand@gmail.com – invalid address), works and infrastructure and local government minister Suruj Rattan Rambachan (surujrambachan@hotmail.com), national security adviser Captain Gary Griffith (captaingarygriffith@hotmail.com) to substantiate his claims against the mentioned government officials.

Based on the content of the exchanges, criminal allegations were leveled against the parties by the opposition leader. Most damning among the allegations was the intention to cause grievous bodily harm to Guardian journalist Denyse Renne; to bribe the Director of Public Prosecutions Roger Gaspard into accepting a position of judge, and to seek the cooperation of chief justice Ivor Archie in hatching this plan.

Rowley has yet to present electronic proof of those claims.

Varma explained that hard copy emails will have no value in a court of law.

“Since email applications do not normally have built-in authentication service called “non-repudiation” the hardcopy emails have no legal value and cannot be accepted in the court of law.”

The big debate in the media about the purported emails is that they should be a forensic investigation conducted by international investigators, to which both the opposition and the government have agreed.

Varma, told the Batltimore Post-Examiner via email, “the only way to get the facts (and find who actually e-mailed) is to enumerate all the original mail headers and network path with the number of hops that the message took to reach the final destination.”

This same analysis was shared in the media by local Information Technology columnist Mark Lyndersay. He said the burden of proof lay on Rowley and that he will have to present digital proof of his claim.

Varma said such an investigation requiring digital data is a time consuming exercise but is useful to all parties concerned.

“This is how FBI investigates the original sender/computer. We must have the original e-mails with un-tempered email headers. It is a time-consuming task requiring digital forensic techniques, but it can be done with crystal clear results,” Varma said.

Acting Commissioner of Police Stephen Williams said that  it will be useful to have the digital files, they may not necessarily need the electronic proof to investigate the e-mail scandal. But said if it is warranted, they will have to get a court order or warrant to cease the relevant communicative devices (phones and computers) allegedly used in the purported email exchanges between the parties accused.

Varma said no such exercise can be carried out on the basis of purported hard copy e-mails. In other words, investigators cannot ask the parties accused for their phones and computers on the basis of the hard copy emails.

“That demand will be useless. The spoofing is not done on client machines. The whole idea of spoofing is that the sender is unaware of the fact that someone is framing him or her by using his/her e-mail address. It would be dumb for a bad guy to enter into the victim’s machine and change the content of traffic originating from that machine. This will expose the bad guy’s identity. So it is useless to confiscate client machines (which you are referring to). There is no evidence on client machines. It’s the servers that MUST be summoned NOT clients. In this case, all the email servers involved in network path (sender to receiver) must be examined for a fair analysis otherwise any evidence found on client machines alone without server verification/authentication is incomplete since email applications are inherently client-server applications,” explained professor Varma.

Members of the public, through talk show programs had expressed concerns about the purported exchange being deleted from the phones or computers.

Varma was asked if the evidence of such alleged exchanges can be retrieved if deleted.

“Yes, with extra efforts. Today, most of the applications are designed to be server-based. If the client evidence has been destroyed the server could spill residual evidence and sometimes hard-core evidence of all the communications. Sometimes Google cache could be helpful in collecting the evidence. Since servers are normally managed by ISPs (Internet Service Providers) and third-party contractors, the court order is required for this process,” Varma said.

Police are still investigating the incident.

 


About the author

Marcia Braveboy

Marcia Braveboy is a journalist from Grenada based in Trinidad and Tobago. She has over 20 years experience in media; mainly in copy writing, news and broadcast journalism. Braveboy was a senior reporter at Power 102 FM radio, CNC3 television and producer of the investigative Frontline program on CCN’s i95.5 FM talk-radio station. You can follow Marcia on Twitter: @mbraveboy Contact the author.
COMMENT POLICY

HOME / ABOUT / CONTACT / JOIN THE TEAM / TERMS OF SERVICE / PRIVACY POLICY / COMMENT POLICY