As social networking sites (“SNS”) — such as Facebook, MySpace, LinkedIn, and Twitter — become more popular, courts increasingly are faced with challenges surrounding both the discoverability of electrically stored information (“ESI”) on those sites, and the subsequent question of admissibility. As highlighted in the April edition of the Electronic Discovery Update, judicial approaches to the discoverability of SNS evidence are not always predictable. See Is Social Networking a No-Privacy Zone? The Discoverability of “Private” Social Media Data, Electronic Discovery Update, Apr. 2011, available at http://www.kramerlevin.com. As discussed therein, the courts in Romano v. Steelcase, Inc., 907 N.Y.S.2d 650 (N.Y. Sup. Suffolk Cty. 2010), and Crispin v. Audigier, Inc., 717 F. Supp. 2d 965 (C.D. Cal. 2010), considered the Stored Communications Act (the “SCA,” which restricts non-user access to SNS content), and reached differing conclusions regarding discoverability. See 18 U.S.C. §§ 2701 to 2712.
Two recent New York State cases continue this discussion. During discovery in the personal injury case of Progressive Ins. Co. v. Herschberg, 2011 N.Y. Misc. LEXIS 2323 (N.Y. Sup. Queens Cty. Mar. 30, 2011), Progressive Insurance was granted a temporary stay pending a hearing because the respondent’s Facebook posts showed an active lifestyle, belying prior testimony describing the effect of his injuries. The court held that the request for “unlimited access” to the insured’s Facebook account was overly broad, but it did not foreclose the possibility of future discovery, saying only that unlimited access was “unwarranted at this time.” Id. at *4 (emphasis added). Similarly, in Caraballo v. City of New York, the court denied defendant’s motion to compel discovery of SNS data because “digital ‘fishing expeditions’ are no less objectionable than their analog antecedents.” 2011 N.Y. Misc. LEXIS 1038, at *6 (N.Y. Sup. Richmond Cty., Mar. 4, 2011). Thus, courts continue to consider the discoverability of SNS data in a piecemeal fashion, and no clear guidance has yet emerged.
Authenticating SNS Content
Authenticating SNS content offered as evidence presents litigants with a new challenge. Emblematic of this challenge is the case of Griffin v. Maryland, wherein the Court of Appeals of Maryland ordered re-trial of a criminal conviction based solely on the state’s failure to properly authenticate MySpace pages used during trial. 19 A.3d 415 (Md. Apr. 28, 2011). Griffin, and the other cases relied on by the court in reaching its decision, bring attention to the critical issue of the authentication and admissibility of SNS content at trial. These cases also suggest methods that both civil and criminal litigants can use to ensure the validity of proposed social media discovery for evidentiary submission.
The defendant in Griffin was charged with and convicted of second degree murder, assault, and illegal use of a handgun, and was sentenced to fifty years in prison. Griffin v. Maryland, 995 A.2d 791, 794 (Md. Ct. Spec. App. 2010). The defendant appealed his conviction, arguing that the trial court abused its discretion by admitting hard-copy printouts of MySpace pages in evidence without proper authentication. Id. at 799. The pages, allegedly printed from the defendant’s girlfriend’s MySpace profile page, were offered to demonstrate that she had threatened a witness prior to the trial. Id. at 796. The pages were listed under a pseudonym but contained a number of facts identifying the girlfriend, such as her age, hometown and birth date. Id. at 796, 806. The pages also included a photograph next to the user’s description of a couple embracing, which both the court and counsel agreed looked like the defendant and his girlfriend. Id. at 796. A posting on the profile was included among the MySpace pages, in which the author suggested that anyone who “SNITCHES GET STITCHES!! U KNOW WHO YOU ARE!!” Id. at 795. The prosecutors authenticated the pages through the testimony of the lead investigator on the case and did not ask the girlfriend about them. Id. at 796-97.
On appeal, the defendant objected that “the State had not sufficiently established a connection” between the defendant’s girlfriend and the MySpace pages. Id. at 796. The intermediate appellate court disagreed and concluded that the trial court did not abuse its discretion in admitting the MySpace pages because the testimony of the lead investigator and circumstantial evidence, such as content and context of the pictures and postings, properly authenticated the profile as belonging to her. Id. at 806-7.
The Maryland Court of Appeals reversed this holding, finding instead that the trial court had abused its discretion because the picture and personal information used to authenticate the pictures “were not sufficient ‘distinctive characteristics’” to authenticate the pages. 19 A.3d at 424. The court first observed that while MySpace typically requires a unique username and password to establish a profile and access, friends of the user may freely post to the site. Id. at 420. Therefore, the “identity of who generated the profile may be confound[ed], because ‘a person observing the online profile of a user with whom the observer is unacquainted has no idea whether the profile is legitimate.’” Id. at 421.
Secondly, the court noted that, as illustrated by the case of United States v. Drew, fictitious account profiles can be created with the potential for user abuse. Id. at 421-22 (citing United States v. Drew, 259 F.R.D. 449 (C.D. Cal. 2009)). The Drew case highlights the potential for abusive “spoofing,” or creating a fake online persona. The defendant Lori Drew created a fictitious MySpace account and profile with the purpose of harassing her daughter’s former friend, Megan Meier, after the two had a falling out. 259 F.R.D. 449, 452 (C.D. Cal. 2009). Posing as a male teenager, Ms. Drew flirted with Ms. Meier for a few weeks before telling her that “he” was no longer interested in Ms. Meier and that “the world would be a better place without her in it . . . .” Id. Ms. Meier committed suicide, and Ms. Drew was convicted of a misdemeanor violation of the Computer Fraud and Abuse Act (“CFAA”), although the court ultimately found the CFAA provision under which Ms. Drew was convicted to be void for vagueness and set aside her conviction. Id. at 452-53; 464; 468. The Griffin court found this case instructive on the risk of user abuse and manipulation associated with SNS content. These risks mandated a “greater degree of authentication” than mere personal information or pictures to establish the identity of a creator or user of an SNS account. Griffin, 19 A.3d at 424.
In addition to the risk of spoof accounts, the Griffin court also considered other problems associated with the manipulation of SNS evidence. For example, the court noted that (1) the relative ease with which a third party could access an SNS account raised questions as to the source of the information contained on the pages; and (2) a third party easily could use Photoshop to manipulate photographs on SNS sites, undermining their authenticity as well. Id. at 425 (considering United States v. Jackson, 208 F.3d 633 (7th Cir. 2000) (finding website content offered by defendant inadmissible hearsay because defendant did not prove that company maintaining website was source of information posted); Commonwealth v. Williams, 456 Mass. 857, 926 N.E.2d 1162, 1172 (Mass. 2010) (concluding that MySpace pages were not properly authenticated because prosecutors did not provide evidence showing who could access pages or whether third party could have written messages at issue); People v. Lenihan, 911 N.Y.S.2d 588, 592 (N.Y. Sup. Queens Cty. 2010) (precluding photographs because of potential manipulation through Photoshop)).
However, the Griffin court also considered cases in which courts found SNS-evidence to be self-authenticating or allowed the non-proffering party to ratify its admission. The court deciding In the Interest of F.P., for example, compared instant messages to letters and admitted them into evidence because there was “sufficient evidence” linking the defendant to the messages, including his name and allegations that the victim stole from him. 878 A.2d 91, 94-95 (Pa. Super. Ct. 2005). And in State v. Bell, MySpace messages and emails between the defendant and a victim were found properly authenticated because defense counsel had expressly approved their admission. 2009 Ohio App. LEXIS 2112, at **10-11 (Ohio Ct. App. May 18, 2009). The Griffin court held these cases were distinguishable. In Griffin, not only had the defendant explicitly objected to the authenticity of the pages from Ms. Barber’s MySpace account, but the evidence also was not self-authenticating. 19 A.3d at 427.
While the Griffin court’s analysis of the authentication of SNS-based evidence concerned criminal matters, Griffin’s reasoning provides both criminal and civil litigants with important guidance regarding the evidentiary issues surrounding social networking content. The Griffin court outlined three methods by which SNS evidence could be properly authenticated:
- First, deposition testimony from the creator or author which attests to the authenticity of the SNS submissions. Id. Though a criminal defendant would not be obligated to testify pursuant to the Fifth Amendment, civil proceedings provide for the admission of this testimony. Therefore, litigants need to be cognizant of the opportunity to scrutinize the authenticity of SNS evidence in the deposition portion of the proceedings or related proceedings.
- Second, an inspection of computers and cell phones can provide information about the history of internet use as well as an “evidentiary trail” that could be used to determine whether the subject hardware was the actual device used in the origination of the proposed SNS profile and posting. Id. at 427-28. Litigants need to give careful consideration to the types and availability of devices, as well as the distinctive characteristics that associate a party with specific hardware, to ensure that the device and content are properly authenticated.
- Third, a subpoena issued to SNS providers seeking information relating to users’ accounts and profiles provides another critical source for litigants as a means of properly authenticating SNS content submitted as evidence. Id. at 428.
While the case law is still young on the topic of e-discovery and social networking content, Griffin provides important evidentiary guidelines that both civil and criminal litigants should consider. In addition to a direct subpoena issued to SNS provider, litigants may consider depositions as a critical opportunity to challenge or establish the authentication of SNS content evidence. Griffin also demonstrates that litigants need to be conscious of the importance of discovery requests relating to the devices allegedly used in the creation of the subject SNS content, including personal computers and smart phones. As SNS content becomes a greater source of evidence, issues relating to authentication will become a larger part of e-discovery challenges and overall litigation strategy.