A South African digital forensic expert on Wednesday asked the special court in Juba to allow the transfer of a seized MacBook laptop belonging to opposition leader Dr. Riek Machar to China and his Samsung Galaxy phone to India or Vietnam for advanced data extraction and analysis.
The request came after the expert, Ratlhogo Peter Calvin Rafadi, failed to extract evidence from Machar’s phone and MacBook due to strong security passwords.
Testifying during the 50th session of the court at Freedom Hall in Juba, Calvin said he could unlock the device but warned that doing so would result in the loss of data. He stressed the importance of preserving the integrity of the evidence.
“As I said, my lord, the integrity of this MacBook has to be kept safe and that is why I left it in my safe and sealed it in a plastic bag,” Calvin told the court.
He explained that MacBooks operate with special encryption and warned that if the password is forcibly bypassed, the data may not be recoverable.
“MacBooks operate with special encryption and should one interrogate the password, all the folders are likely to move to this special encrypted disk and as such, all the data is 99 percent not recoverable,” he said.
Calvin stated that only the manufacturer of the MacBook could unlock the password and retrieve the evidence.
“Now such device is very vulnerable to interrogate without password. As such, we looked at the serial number which starts with COZ. It means that the product or the MacBook in question is manufactured in China,” he said.
He recommended that the court send Machar’s device to the original equipment manufacturer in China for evidence extraction.
“The device from Dr. Riek Machar, evidence plastic number FB-100-000-1568, and the Samsung Galaxy S-22, the same are sealed in evidence plastic and kept safely because there was no password provided,” he said.
Calvin also recommended that the court send Machar’s Samsung Galaxy to India or Vietnam, where he said it was manufactured, for evidence extraction.
“My lord, to protect the integrity of those important data, we didn’t want to tamper with them,” he said.
“I know mostly in the public such MacBooks and Samsung phones are stolen. So in the black market, they are able to interrogate passwords and get into the phone and use the phone while all the data of the original owner is lost. But this is the court and evidence must be treated with integrity,” he added.
The 40-year-old expert submitted his report to the court as he completed his testimony in Juba on Wednesday.
Deng John Deng, Machar’s lawyer, said there were discrepancies between the original report and the copies provided.
“On the page of the first accused, we have found out the original report comprises 26 pages while the copy comprises 28 pages and also there is a difference in the content of the two reports,” he said.
“The original report of the second accused comprises 43 pages while the copy comprises 44 pages.”
Presiding judge James Alala Deng said the court would print pages from the original document and provide them to the defence team.
“The court will look into this and ensure that pages which are not there will be made available to both the prosecution and the defence,” Deng said.
The court adjourned the session to Friday, February 13, 2026, when the forensic expert is expected to be cross-examined by the defence team.
Machar and his co-accused face charges including murder, conspiracy, terrorism, treason, destruction of public property and crimes against humanity.
Prosecutors allege that SPLA-IO forces allied with the White Army killed 257 SSPDF soldiers — including commander David Majur Dak — and destroyed or seized military equipment worth about $58 million during a March 2025 attack on the Nasir garrison.