Why Your Carrier Vetting Dashboard Won't Survive Discovery

June 19, 2026 — Steven Sprague, CEO, Rootz Corp

Five weeks after Montgomery v. Caribe Transport II, every freight broker in America is being told to "use a vetting tool." Insurance companies are requiring it. Compliance officers are mandating it. The market is responding — a dozen platforms now promise "Montgomery compliance."

But here is the question no one is asking: will that tool's output survive a Rule 30(b)(6) deposition?

The Problem Isn't Whether You Checked. It's Whether You Can Prove It.

Plaintiff attorneys litigating post-Montgomery cases will not accept "we used a vetting platform" as evidence of reasonable care. They will demand the actual data the broker relied on at the specific moment of dispatch. Then they will attack it.

The standard discovery demand in a negligent selection case now looks like this:

  • Produce all carrier vetting records for DOT# [number] from [date range]
  • Produce the complete FMCSA data you reviewed at time of dispatch
  • Identify the specific person who reviewed the data and made the selection decision
  • Produce any monitoring or alert records between initial vetting and the incident
  • Produce the system architecture and security audit for any vetting platform used

    • Item 5 is where most platforms fail.

    Mutable Records Are Not Evidence — They're Testimony

    Most carrier vetting tools work the same way: they query FMCSA, display results in a dashboard, and store the data in a database. Some generate PDF reports. Some send email alerts.

    Every one of these outputs is a mutable record. The database can be edited. The PDF can be regenerated. The email can be forwarded selectively. There is no independent way for opposing counsel to verify that the record produced in discovery is the same data that existed at dispatch time.

    Under the Federal Rules of Evidence, this creates three problems:

    FRE 901 — Authentication. A mutable database record requires testimony to authenticate. Someone must take the stand and say "this is what the system showed." That testimony can be challenged. The witness can be impeached. The platform vendor may not want to testify.

    FRE 803(6) — Business Records Exception. To qualify as a business record, the data must have been "made at or near the time" of the event and "kept in the course of a regularly conducted activity." If the database allows modification, opposing counsel will argue the record could have been altered after the incident — and the hearsay exception collapses.

    FRE 702 — Expert Testimony. If the broker offers the vetting record as evidence, the plaintiff will demand to examine the system that produced it. Who built it? Who audits it? What security controls prevent alteration? If the vendor is a small software company with no SOC 2 audit, no penetration testing, and no chain-of-custody documentation, the expert challenge writes itself.

    The Risk of Non-Audited Security Tools

    This is the scenario that should keep compliance officers awake:

    Your broker uses a carrier vetting tool. The tool queries FMCSA data and stores results. Six months later, there is a fatal accident. Plaintiff counsel demands the vetting records. Your tool produces them.

    Then plaintiff counsel asks:

  • "Who has write access to this database?"
  • "Has this record been modified since the dispatch date?"
  • "How do you know?"
  • "Is there any independent verification that this data existed before the accident?"
  • "Has this platform ever been subjected to a third-party security audit?"

    • If the answer to any of these is "we don't know" or "no," the vetting record becomes a liability, not a defense. Opposing counsel argues: the broker relied on an unverifiable tool to make a life-safety decision, and that reliance itself was unreasonable.

    What Courtroom-Ready Evidence Actually Looks Like

    A vetting record that survives discovery has four properties:

    1. Immutability. The record cannot be altered after creation without detection. This requires cryptographic hashing — not just a database timestamp, but a mathematical fingerprint (SHA-256) of the complete data snapshot that changes if any byte is modified.

    2. Independent Verifiability. Any party — opposing counsel, the court, an expert witness — can verify the record's integrity without trusting the platform that created it. The hash algorithm is a public federal standard (FIPS 180-4). The verification is a computation, not testimony.

    3. External Timestamp. The hash must be anchored to an independent, public, immutable timestamp authority. We use OpenTimestamps, which anchors to a public blockchain — a system that no party controls and that any party can independently query. This proves the record existed before the incident.

    4. Source Provenance. The record must prove where the data came from. Not just "we queried FMCSA" but: which server IP responded, what TLS encryption was used, what was the exact content of the response, and what is the SHA-256 hash of the raw bytes received. This is transport-layer provenance — it proves the data came from the government, not from the broker's imagination.

    What FreightProof Produces

    Every FreightProof vetting record is a Data Wallet — a self-contained, sealed, independently verifiable document containing:

  • The complete FMCSA data snapshot at time of vetting
  • All seven BASIC safety scores with percentiles and thresholds
  • Per-unit crash rate analysis against national averages
  • Source proofs for every API call (server IP, TLS protocol, content hash, HTTP headers)
  • The broker's documented decision and reasoning
  • A SHA-256 hash of the complete snapshot
  • A blockchain timestamp proving when the hash was created
  • Self-verification instructions that any party can follow

    • The broker's legal team does not need to trust FreightProof. They do not need to call a FreightProof employee as a witness. They produce the Data Wallet and say: "Here is the data. Here is the hash. Here is the blockchain timestamp. Verify it yourself."

    That is not testimony. That is mathematics.

    The Question for Your Legal Department

    Montgomery created a new duty. The market is responding with tools. But not all tools create equal evidence.

    Before your compliance officer signs a contract with a carrier vetting platform, your General Counsel should ask:

  • Does the platform produce cryptographically sealed records or mutable database exports?
  • Can opposing counsel independently verify a record without the vendor's cooperation?
  • Is there an external timestamp anchor (blockchain or equivalent) proving when the record was created?
  • Does the platform capture source provenance (IP, TLS, content hash) for government data queries?
  • Has the platform been designed with Federal Rules of Evidence in mind?

    • If the answers are "no," the platform may help your operations team — but it will not help your legal team. And post-Montgomery, your legal team is the customer that matters.

    FreightProof by Rootz Corp — freight.rootz.global — $10 per dispatch. Your defense costs less than your coffee.

    Try it: enter any DOT number at freight.rootz.global. See what courtroom-ready evidence looks like.