Online Email Certification

Email Certification with European Legal Validity

When an email must serve as evidence in judicial or extrajudicial contexts (civil, criminal, employment, family, corporate), it is fundamental to certify its content before it is deleted, altered, or becomes contestable. With forensic email certification, the message and its attachments are acquired through verifiable technical methodologies and transformed into an opposable, intact, and timestamped evidentiary package, compliant with the legal requirements of the European regulatory framework.

The service can be performed remotely via webmail access (Gmail, webmail of personalized domains, providers with web interface) for clients in any European and non-European country. The email account owner provides a digitally signed mandate for temporary webmail access for forensic certification purposes.

Certifiable Content

Forensic email certification can include:

• message body (complete text with formatting);
• attachments of any type: PDF documents, images, Office files, compressed archives, signed contracts;
• visible metadata: sender, recipients (To, CC, BCC visible), subject, date and time of receipt;
• complete email header for advanced forensic analysis (server path, SPF/DKIM/DMARC authentication, origin geolocation);
• complete conversation thread (if requested), including previous emails in the reply chain.

European Legal Framework: eIDAS, CoE Guidelines, and Evidentiary Admissibility

To make digital evidence solid and opposable at the European level, we rely on the main regulatory and technical references:

• • eIDAS Regulation (EU) No. 910/2014: governs electronic identification and trust services for electronic transactions in the internal market. In particular, it establishes that an electronic signature shall not be denied legal effect and admissibility as evidence in legal proceedings solely on the grounds that it is in electronic form (Art. 25). The qualified time stamp enjoys a presumption of accuracy of the date/time indicated and integrity of the associated data, a central element when the opposing party contests the timing and manner of message receipt or sending.
  • Council of Europe Guidelines on Electronic Evidence (adopted on January 30, 2019): the first international instrument providing practical guidance for handling electronic evidence in civil and administrative proceedings. The Guidelines emphasize that electronic evidence cannot be excluded solely because it is in digital form and establish principles on authenticity, integrity, chain of custody, and metadata.
  • Cryptographic Integrity (Hash): we generate digital fingerprints (e.g., SHA-256) of the complete email, attachments, and evidentiary package, allowing any party to mathematically verify whether anything has been modified after acquisition.
  • Certified Timestamping: we apply a time stamp compliant with recognized standards (e.g., RFC 3161, ETSI EN 319 422 standard) to fix in time the existence of the certified content with legal validity.
  • Qualified or Advanced Electronic Signature: delivery documentation and reports are signed with a signature compliant with the eIDAS framework, guaranteeing authenticity, integrity, and non-repudiation of the evidentiary package. Upon request, we can extend the certification level for international uses.
  • FEDIS Declaration (Forensic Evidence Digital Integrity Statement): a document that formally attests to the integrity and authenticity of the evidentiary package according to international digital forensics standards. The FEDIS makes the certification admissible in courts of the European Union, United States, United Kingdom, Canada, Australia, and other jurisdictions with equivalent legal frameworks for electronic evidence.

These technical-legal elements ensure that digital evidence is admissible in European and extra-European judicial proceedings, reducing the risk of formal challenges regarding authenticity, temporal integrity, and chain of custody of the evidentiary material.

Case Law and International Recognition

Operational Modalities: Remote Certification with Digital Mandate

What You Receive After Certification: The “Lawyer-Ready” Evidentiary Package

Upon completion of the acquisition and certification process, we provide a complete and structured documentary package, ready for filing with judicial authorities, lawyers, insurance companies, or extrajudicial use:

• • Certified PDF Report containing the complete email content (sender, recipients, subject, message body, date/time) in readable and citable format;
  • Extracted Attachments organized and referenced, preserved in original format with integrity verification;
  • Complete Email Header in technical format for potential analysis by experts or court-appointed technical consultants;
  • Forensic Header Analysis Report (if requested) with technical evidence on authenticity, path, geolocation, and anomaly detection;
  • Cryptographic Fingerprints (Hash) of the entire evidentiary package (SHA-256 or higher) as provided by the FEDIS protocol, for independent integrity verification by any expert or judicial authority;

• • Qualified Time Stamp compliant with eIDAS/RFC 3161 standards for opposable timestamping;
  • Technical Acquisition Report describing the forensic methodology applied, technical context, digital chain of custody, and acquisition limitations (written in clear language for lawyers and judicial authorities);
  • Copy of Signed Digital Mandate authorizing webmail access;
  • eIDAS Qualified Electronic Signature (standard for the EU);
  • Electronic Signature Compliant with Specific Jurisdiction (optional): upon request, we can apply electronic signatures compliant with the legal requirements of specific countries outside the EU (e.g., digital signature USA/ESIGN Act, electronic signature Canada/PIPEDA, qualified signature Switzerland/ZertES) for cross-border disputes with application of standards recognized in the destination jurisdiction.

GDPR Compliance and Personal Data Protection

Emails frequently contain personal data and sometimes special categories of data (sensitive data under GDPR). We manage the acquisition, processing, and retention of material in full compliance with Regulation (EU) 2016/679 (GDPR), applying the principles of data minimization, purpose limitation (acquisition for documented evidentiary purposes), technical and organizational security, access traceability, and time-limited retention.

Webmail access occurs exclusively following a digitally signed mandate from the account holder. Access credentials are managed in a secure environment and deleted upon completion of certification. Upon request, we can agree on selective redaction procedures for data not relevant to the dispute (e.g., data of uninvolved third parties) for court production, while maintaining the evidentiary integrity of relevant content.

When to Activate Email Certification

• if you have received an email containing threats, defamation, harassment to be used as evidence in a complaint;
• if the email contains admissions, contractual agreements, payment instructions that must be proven in court;
• if you suspect BEC fraud (Business Email Compromise) with sender identity forgery and need technical proof;
• if the email includes fundamental attachments (signed contracts, invoices, evidentiary documents) that could be deleted or modified;
• if you need to demonstrate the certain date and time of receipt or sending of a legally relevant communication;
• if you operate in cross-border contexts and need evidence compliant with European or international standards;
• if you need to verify the actual sender geolocation or unmask an identity impersonation;
• if the email was received on a mailing list or group email and you fear deletion or modification by the administrator.

Technical Note: Email certification requires webmail access via standard web interfaces. We do not certify emails from desktop clients (Outlook, Thunderbird, Apple Mail). The client provides a digitally signed mandate for temporary email account access. Forensic header analysis is an optional service that provides additional technical evidence on message authenticity and origin. During the quote phase, we precisely indicate what information is acquirable, operational limitations, and available options for the specific case.