Under the revised Federal Rules of Civil Procedure, all electronically stored information is subject to discovery. There may be difficulty in determining who
controls the information, how to retrieve it and how to manage the burdens of discovery, but there is little question that social networking information is important evidence in many cases.
Social Network Discovery Presents Unique Opportunities
The anonymity of the Internet causes many people to post pictures or information they might not reveal in public. People will post almost anything on social networks. Plaintiffs have
posted photos showing their physical prowess despite claiming permanent disabilities (Welding Fume Prods. Liab. Litig.; Ernest Ray v. Lincoln Electric). Threats have been made on Facebook
(Martinez v. Tufano). Jurors have even "friended" witnesses during trial (People v. Rios) and made comments about trials on their status updates (United States v. Fumo).
Additionally, social networks such as Facebook and LinkedIn solicit the user's email ID and password in what appears to be a login sequence. The site then uses this information to scan a
user's email contact lists or address book to invite all of the user's contacts to link on that network, frequently inviting unknown friends of friends to make a connection. A local example of this
was a woman learning she was in a polygamous marriage after Facebook invited her to friend her husband's other wife.
One court has suggested that even when measures, such as password-protecting access to materials placed on the Internet, are taken, the materials are not considered private because
they could be accessed by the public.
In United States v. Gines-Perez, the court held that when evaluating privacy on the Internet, the objective nature of the medium in which information is contained is ultimately dispositive
and will override the subjective intention of a person who places information on the Internet. Even if a user restricts access to their information through the site's privacy settings, most social
networking sites warn users that they cannot control how recipients may distribute their information.
In late 2011, Facebook started notifying users that they were removing privacy settings as part of the process of re-defining their privacy structure. The possibility of inadvertently publicizing “private”
user content on social networking Web sites makes an expectation of privacy unrealistic.
In the case of social networking, several parties may have “possession, custody or control” of the communications and other information.
Social Network Discovery Presents Unique Challenges
The fact that user information is stored remotely on the social networking site rather than on the user’s home computer has led to questions about whether information stored on a third-party server
such as Facebook is subject to federal discovery rules. Hosting services, by contrast, generally have direct control of the information, but they are typically not parties in the disputes in which requests
for such information may arise. Accordingly, requests for such information typically must take the form of subpoenas, directly from the requesting party, to the service.
Congress passed the Stored Communications Act, (SCA) to prohibit a provider of an electronic communication service “from knowingly divulging the contents of any communication while in electronic
storage by that service to any person” other than the addressee or intended recipient. Facebook, Myspace, and Meetup.com have all refused to comply with subpoenas, claiming the SCA prevented them
from complying with the court orders. Under the SCA, information that is “readily accessible to the general public” is not protected from disclosure. Private messages are, by definition, unavailable to the
public and will generally be protected unless a way is found to convince the court the messages are available to a sufficiently large audience to be considered public.
Some of the information (for example, metadata* associated with files) may be available only to the Internet service that hosts the information. Further, the creators of accounts generally have no
assurance that their information will be preserved indefinitely by the service, or any practical ability to impose a “litigation hold” on such information, once litigation arises.
Court opinions vary widely
Several cases demonstrate that courts have not adopted a uniform approach to discovery requests for social network information. Although the court in Crispin v. Christian Audigier, Inc. was the first
to hold that the SCA protects some social network information from subpoenas, the court in Ledbetter v. Wal-Mart Stores, Inc. and Romano v. Steelcase Inc. reached opinions without ruling on the applicability
of the SCA.
Other cases have addressed discovery of social network information more broadly, mostly concluding that social network information is admissible so long as it is relevant to the case. The court ruled in
EEOC v. Simply Storage Management that social networking content is not shielded from discovery merely because it is “locked” or protected as “private”. As one judge observed, “Facebook is not used as a
means by which account holders carry on monologues with themselves.”
The wide array of content available on social-networking sites has likely been a factor in the varying judicial approaches to social networking discovery.
Consider a multi layered approach to discovery
Start with the usual discovery process
Formally request that social networking site information be preserved when the lawsuit commences. Although a preservation order for the opposing party’s computer may be useful, it will not preserve latent data*.
Therefore, as soon as possible, have a forensic copy* made of the adversary’s hard drive(s) for potential later analysis. The information should also be discussed in the Rule 26(f) conference. Interrogatories should
be crafted to discover what sites a party uses or visits, including blogs and forums, what the ISP addresses are, screen names, and what the passwords are. The possibility of posting comments on other users’
sites should not be ignored. Requests for production should seek production of any information – including photographs or videos – of any issue related to the lawsuit.
Pursue low hanging fruit
The first line of exploration should be to determine if opposing parties, witnesses, and potential jurors have public profiles on any social networking site. Screen shots (see tip below) of relevant information should
be printed, and the sites should be periodically checked. Any profile or post from a party, witness or juror that is publicly accessible should be fair game. For example, in Moreno v. Hanford Sentinel, Inc., and Dexter v.
Dexter, the Court found that postings on unrestricted Myspace pages were open "to the public eye" and that there was no reasonable expectation of privacy. Googling screen names may reveal additional postings.
Although attempting to bypass security settings by having an investigator "friend" a party or witness may violate ethical rules, it might be useful to look for any extant “friends” in common with the opposing
party who might be interviewed.
More difficult information
Forensic examination of the opponents’ hard drive(s) will generally be more expensive and less productive than uncontested subpoenas of information on social networking sites and the networking site can’t use the
SCA to deny data if the information owner can be persuaded or compelled to request the records from the site. However, if cooperation isn’t assured, the probability of subpoena success should be weighed against the
expense of conducting a forensic analysis of the opposing party’s hard drive. The forensic analysis is only an option if the forensic copy was made at the beginning of the case. Both approaches could be pursued in
parallel to increase the likelihood of retrieving useful information if time is tight.
Damage control
From the beginning, clients need to be cautioned that what they think is “private" may in fact be public in the court’s eye, and their social network sites scoured for any potentially harmful information, perhaps
delaying case decisions until their public and potentially “public” information has been evaluated. This area is ripe for damage from misunderstandings between counsel and client.
Conclusion
Although information posted on social networking sites can be fair game for discovery, it presents special challenges requiring novel approaches and the courts are just beginning to address the salient issues.
As of June 2010 no published opinion has suggested a workable approach to social-networking discovery requests.
* See the March 2012 Bulletin for a discussion of metadata, latent data and forensic copies of hard drives
Tip
It is easy to make a permanent local copy of what you view on-line by capturing a screen shot. Assuming you are using Windows, hold the Alt key while pressing the Print Screen key. Then switch to an open
Word document and in a similar manner press Ctrl and V to paste a picture of the screen into the document. Image resolution is generally better if the document is setup for landscape format. The word document
with the screen shots can then be saved and printed in the normal manner. Be sure to save the document frequently.
Bill Roberts, PE, CSFA, is a Washington licensed Professional Engineer and CyberSecurity Forensic Analyst ™ with ClearData Forensics LLC in Renton. He also holds a Certificate in Digital Forensics.
Contact him at (206) 799-4592 or bill@cd-f.com with electronic discovery questions. ClearData Forensics LLC’s website is www.cd-f.com.
