Take web browsers or mailers for example. Each visit of a web page is recorded in the browser history file, complete with the title and URL (address) of the page, and date time of the visit. For emailing, every outgoing message carries with it the time the message is sent and a copy is usually stored in the Sent folder of the mailer.
Some people are afraid that such information might become incriminating, so they deliberately delete such records. For example, a kid who has spent a few hours using family computer visiting sites that parents do not approve may delete the browser history before parents come back from work.
Sometimes, such records can become useful alibi or evidences.
Here is a real example. I received a bill from a consultant, charging me for two hours of meeting time from 3 to 5 on 2009-02-20. I pointed out to the consultant that the meeting took less than an hour, but he insisted that two hours were correct. If there are no records to prove one way or the other, this would be his words against mine. There are many potentially useful records to look into, such as parking records for the meeting, shopping receipt at a Seven-Eleven on my way back from consultant's office, or charge receipt at a gas pump, etc. I found supporting evidence from my office Mac's Firefox browser history file. It showed that
- at 2:43PM, I visited Mapquest for direction to the consultant's office, and
- at 4:45 PM, I was using Gmail in my office
If you need such time records,
- think about things you did that carried a time-stamp such as phone calls, visit to ATM machines, editing a file on your PC, etc.
- Usually, the time records stored on a server that you cannot alter are more trusted than the records in your possession. For example, phone call records provided by the phone company or the access record on a web server that matches your browser history file should be accepted as trustworthy.