Purpose and practical use

An Affidavit for Authentication of Electronic Evidence (often called an Affidavit of Authenticity, Affidavit of Custodian, or Affidavit of Digital/Computer Records) is a sworn statement used to lay the foundation that an electronic item (message, file, log, screenshot, recording, database extract, CCTV footage, social media post, etc.) is what it claims to be, and that it has been preserved with integrity from collection to presentation in court.

In Philippine practice, authentication is commonly established through testimony in open court, but a well-prepared affidavit:

helps the court quickly understand the source, method of capture, and integrity safeguards,
supports pre-marking, motions, and stipulations,
strengthens chain of custody arguments (especially in criminal cases and cybercrime investigations),
reduces vulnerability to objections such as “fabricated,” “edited,” “no proper foundation,” or “hearsay within the electronic record.”

Philippine legal framework you must align with

1) Rules on Electronic Evidence (A.M. No. 01-7-01-SC)

This is the central framework for:

admissibility of electronic documents and electronic data messages,
functional equivalence of electronic documents to paper documents,
authentication methods (including digital signatures and other evidence of integrity),
evidentiary weight (integrity and reliability factors),
special treatment of ephemeral communications (e.g., calls, chats, streaming-type communications, often proven by a witness who participated in or heard/saw them, or by recordings/logs).

2) Rules of Court (including the Revised Rules on Evidence)

Even with electronic evidence, you still pass through the usual gates:

relevance and materiality,
competency,
hearsay analysis (an electronic record can be authentic yet still be hearsay unless it fits an exception),
best evidence principles as adapted to electronic documents (printouts/outputs may be treated as the equivalent of an original if properly shown to accurately reflect the data).

3) E-Commerce Act (R.A. No. 8792) and related issuances

This supports recognition of electronic documents and electronic signatures, and informs arguments about validity, consent, attribution, and integrity.

4) Cybercrime Prevention Act (R.A. No. 10175), when relevant

In cybercrime investigations and prosecutions, you must be especially careful about:

lawful collection (authority, warrants where required),
forensic integrity (hashes, logs, preservation),
service provider records and proper legal process for obtaining them.

5) Data Privacy Act (R.A. No. 10173), when personal data is involved

This matters for:

lawful basis to process/submit data,
proportionality and minimization,
redaction and protective orders where appropriate.

What counts as “electronic evidence” in practice

Common items supported by authentication affidavits:

Emails (with headers, routing info, mailbox exports)
SMS / messaging app chats (Messenger, Viber, WhatsApp, Telegram, iMessage, etc.)
Social media posts (Facebook posts/comments, X/Twitter posts, IG stories, TikTok, YouTube comments)
Screenshots (often attacked unless backed by capture context/metadata)
Audio/video (CCTV, phone recordings, bodycam)
Call logs and cell site/location-related artifacts (subject to proper sourcing and privacy constraints)
Computer system logs (access logs, audit logs, SIEM exports)
Databases / spreadsheets / ERP exports
Website content (HTML snapshots, web archives, server logs)
Cloud records (Google Drive, iCloud, Microsoft 365 exports)
Digital photos (EXIF metadata, device info)

The core legal goal: show authenticity and integrity

Authentication is about proving that the evidence is genuine—not altered, not misattributed, not a random file with a convenient label.

A strong affidavit typically establishes:

What it is

Identify the item precisely: file name, format, size, unique IDs, message ID, conversation ID, URL, account identifiers, timestamps, etc.

Where it came from (source and attribution)

Who created/sent/posted it (if known) and why you can say so.
What device/account/system it came from.

How it was collected

Step-by-step capture method (export vs screenshot vs screen recording vs forensic image).
Tools used (native export tools, forensic tools, phone extraction method, CCTV download method).
Whether the method preserves metadata.

How it was preserved (chain of custody / integrity controls)

Where it was stored.
Who had access.
Whether it was copied, moved, converted, compressed, or edited.
Use of integrity measures: hash values (MD5/SHA), write blockers, read-only media, sealed evidence bags, access logs.

Why it is reliable

Describe the system/process that produced the record (for business/system records).
Explain normal operation, audit logging, time synchronization, access controls.
Confirm the printout/record accurately reflects the data.

Who should sign the affidavit (choose the right affiant)

Pick an affiant whose personal knowledge cleanly supports authenticity:

A) Custodian of records (best for business/system records)

Examples: HR manager for timekeeping logs, bank records custodian, IT/security officer for logs, CCTV custodian, platform administrator.

B) Device owner / participant witness (best for chats, texts, calls)

Someone who:

owns the phone/account, or
participated in the conversation / saw the post in real time.

C) Digital forensic examiner (best for contested or high-stakes evidence)

Use when you need:

forensic extraction,
metadata interpretation,
integrity proof via hashes,
explanation of tampering indicators.

Tip: If you anticipate a serious attack (“deepfake,” “photoshop,” “fabrication”), a custodian affidavit alone may be insufficient—pair it with forensic methods and testimony.

Step-by-step: how to draft the affidavit

Step 1: Title and case caption

Use the proper caption (court/tribunal, parties, docket number if available). Typical titles:

Affidavit for Authentication of Electronic Evidence
Affidavit of Custodian of Electronic Records
Affidavit of Authenticity and Integrity of Electronic Evidence

Step 2: Affiant’s identity and competence

Include:

full name, age, citizenship, address,
position and employer (if custodian),
responsibilities relevant to the record/system,
brief statement establishing personal knowledge and how acquired.

Step 3: Define and enumerate the electronic items (“Exhibits”)

List each item with identifiers:

Exhibit “A” – PDF export of email dated ___ with message-ID ___
Exhibit “B” – USB containing CCTV footage (MP4), camera ___, time range ___
Exhibit “C” – Chat export file (TXT/HTML) with conversation name/ID ___
Exhibit “D” – Printed screenshots from device ___, OS version ___

Be specific enough that the exhibit cannot be swapped without detection.

Step 4: Describe the source environment

Depending on evidence type:

For emails: email provider, mailbox owner, access method, full headers preservation. For chats: app name/version, account identifiers, device details, whether export is native. For CCTV: camera system brand/model, DVR/NVR serial, how footage was retrieved, whether watermarking exists. For logs: system name, logging configuration, retention policy, access controls, time sync (NTP).

Step 5: Describe the collection method (repeatable, defensible)

Write it like a lab protocol:

date/time of collection,
who collected,
from what device/system,
exact steps taken,
settings chosen (e.g., “include media,” “include timestamps,” “export with metadata”).

Avoid vague lines like “I took a screenshot.” Courts and opposing counsel will probe: from what phone, what account, what date/time, what shows the URL, what shows it wasn’t edited?

Step 6: Establish integrity and chain of custody

Include:

where originals reside (device, server, DVR),
whether a forensic image was made,
whether hashes were computed (recommended for files),
storage medium used (write-once, sealed USB, evidence envelope),
access restrictions and logging,
any transfers (and who received it, when).

A simple chain-of-custody table inside the affidavit (or as an annex) is often helpful.

Step 7: Explain any conversions or printouts

If you printed or converted:

confirm that the printout/output accurately reflects the electronic data,
describe the software used and that no edits were made,
specify what metadata is visible/included (timestamps, sender IDs, URLs).

Step 8: Address hearsay and context (when useful)

Authentication ≠ truth of contents. If the record contains statements offered for their truth, anticipate hearsay objections by noting applicable exceptions (commonly:

entries in the regular course of business,
official records,
admissions by a party,
independently relevant statements, etc.). Keep this careful and conservative—don’t over-argue in the affidavit.

Step 9: Close with a clear authentication statement

Example concepts to include:

“The attached electronic records are true and accurate copies/outputs of the data…”
“To the best of my knowledge, the records have not been altered…”
“They were obtained and preserved in a manner that maintains their integrity…”

Step 10: Jurat (notarization block)

Because this is an affidavit, it must be sworn before a notary (or authorized officer), with:

competent evidence of identity,
personal appearance,
date/place of notarization,
notarial details as required under notarial rules.

If executed abroad, follow rules on consular notarization/apostille requirements as applicable.

What to include by evidence type (practical checklists)

A) Screenshots (highly challenged; bolster them)

Include:

device make/model, OS, app name/version,
account name/handle and URL shown on screen,
date/time on device (and time zone) visible if possible,
whether screenshot was immediately transferred, how, and where stored,
whether any cropping/markup occurred (ideally: none; if yes, disclose and explain),
attach uncropped originals and, if possible, a screen recording showing navigation to the content.

B) Chat messages (Messenger/Viber/WhatsApp/etc.)

Prefer:

native exports (where available),
inclusion of participants, timestamps, and media,
description of who controls the account/device,
explanation of how export was generated,
preservation of the original device (or forensic image) if dispute is expected.

C) Emails

Include:

mailbox owner and access authority,
full headers (routing), message-ID, timestamps,
method: direct mailbox export, PST/MBX, printed with headers,
integrity: where stored, hashes for exported file.

D) CCTV / video

Include:

custodian role and system description,
camera location and orientation,
DVR/NVR details (brand/model/serial),
how footage was retrieved (direct export vs screen capture),
whether system applies watermark/hash,
continuity statement (no gaps) or disclosure of gaps with reason.

E) System logs / database exports

Include:

system purpose and normal operation,
how logs are generated (automated), retention policy,
access controls and audit trails,
query used to generate the export,
hashing and read-only preservation of exported file.

Common reasons authentication affidavits fail (and how to avoid them)

Wrong affiant

Someone “told about it” rather than someone who collected, kept, or administers the system.

No integrity story

No mention of preservation, access controls, transfers, or tamper prevention.

Overreliance on screenshots

No URL, no identifiers, no device/account context, no originals.

No precise exhibit identification

“Attached is a screenshot” without file names, dates, hashes, or a way to confirm it’s the same item later.

Concealed edits

Cropping, highlighting, renaming files, re-encoding videos—without disclosure.

Metadata loss

Printing without preserving key details (headers, timestamps, sender IDs).

Suggested affidavit structure (detailed outline)

Caption and Title
Affiant’s Personal Circumstances
Statement of Role and Personal Knowledge
Purpose of Affidavit (authentication of specified electronic evidence)
Definitions (optional) (electronic document/data message; system; custodian)
Description of Each Exhibit (A, B, C…)
Source/System Description
Collection Procedure (dates, steps, tools)
Integrity Measures (hash values, access controls, sealing, logs)
Chain of Custody (narrative + table as annex)
Statement on Printouts/Outputs (accuracy of reflection)
Closing Authentication Statement
Signature
Jurat / Notarial Acknowledgment

Sample template (adapt and tailor)

AFFIDAVIT FOR AUTHENTICATION OF ELECTRONIC EVIDENCE

I, [Name], of legal age, [civil status], [citizenship], and residing at [address], after being duly sworn, depose and state:

I am [position/title] of [company/office], and I have personal knowledge of the matters stated herein based on [my direct participation / my official duties as custodian / my administration of the system].
I execute this Affidavit to authenticate the electronic evidence attached and marked as Exhibits “A” to “__”, consisting of: a. Exhibit “A” – [describe item: type, date/time, identifiers, file name/format/size] b. Exhibit “B” – [...]
Source and context. The above electronic evidence originated from [device/account/system] described as follows: [device model/serial or system name; account identifiers; relevant configuration].
Manner of collection. On [date/time], I/our team collected the evidence from [source] by the following procedure: a. [step-by-step actions] b. [tool/software used and settings] c. [export method; inclusion of timestamps/headers/metadata]
Preservation and integrity. After collection, the electronic evidence was preserved as follows: a. The files were saved to [storage medium/location] with restricted access to [names/roles]. b. [If applicable] The file hash values were computed using [algorithm/tool], yielding: [hash value(s)], and these hashes were recorded on [date/time]. c. Any transfer of custody is reflected in Annex “1” (Chain of Custody).
Accuracy of output/printout (if applicable). The printed/converted copies attached as part of the exhibits accurately reflect the data contained in the original electronic records, and no alterations were made in the process except [state “none” or disclose exactly what was done].
Based on the foregoing, the attached exhibits are authentic electronic records and/or accurate outputs thereof, preserved in a manner that maintains their integrity.

IN WITNESS WHEREOF, I have hereunto set my hand this [date] at [place]. [Signature] [Name]

SUBSCRIBED AND SWORN to before me this [date] at [place], affiant exhibiting to me [competent evidence of identity]. [Notary block]

Courtroom strategy notes (practical, not procedural promises)

Match affidavit statements to testimony. If the affiant will testify, the affidavit should read like a clean preview of what they can personally attest to on the stand.
Pre-mark exhibits with stable identifiers (file hashes, message IDs, device details) to reduce “switching” arguments.
Prepare for cross-exam on tampering: who had access, what edits were possible, whether originals still exist, and whether metadata was preserved.
Consider independent corroboration (provider records, server logs, additional witnesses, forensic extractions) for social media and chats.

Final reminders

Authentication focuses on genuineness and integrity, not automatically on truth or weight.
The “best” affidavit is the one signed by the right person, with repeatable collection steps and a clear integrity trail.
For sensitive personal data, consider redactions and tailored annexes to avoid unnecessary disclosure.

If you want, paste a short description of your evidence type (e.g., “Messenger chat export,” “CCTV from an NVR,” “company access logs,” “screenshots of a Facebook post”), and I’ll provide a tailored affidavit outline with the exact clauses and annexes typically used for that specific kind of electronic evidence in Philippine litigation.