Digital content (like web pages, Facebook posts, and tweets) is increasingly being submitted as evidence during legal matters—but it isn’t always being admitted by courts. As with any other form of evidence, digital evidence needs to meet a certain standard in order to be deemed admissible—and in many cases this comes down to how the evidence was collected and authenticated. If the collection and authentication process wasn’t handled correctly—and the method employed didn’t prove authenticity beyond any reasonable doubt—the evidence typically would not be accepted.
We’ve written about this topic before in an article called Legal Lessons Learned: 5 Times Digital Evidence Was Denied in Court. It’s proven to be one of our most popular articles, which is why we’ve created this follow-up blog post. This article will look at seven more instances where digital evidence was denied in court—and will focus specifically on social media content.
Rene v. State of Texas
The defendant in this case argued that the evidence obtained from a MySpace page that was purportedly his was not properly authenticated. He argued that there was no evidence that he had created or posted the pictures, that there was no evidence to prove the pictures hadn’t been altered, and that there was no evidence to prove the photos hadn’t been taken after the conviction. The court ruled against the defendant on the basis of other evidence submitted in the case, but agreed that the pictures would have had to meet a burden of proof to be relied upon.
United States v. Meregildo
As part of a grand jury investigation in the Southern District of New York, the government sought a search warrant for the contents of Defendant’s Facebook account. The court found that probable cause existed to obtain the contents of the account and issued the warrant. Defendant challenged the validity of the Government’s method of collecting evidence to support that probable cause determination. Referencing Katz, 389 U.S. at 351-352, 88 S.Ct 507 (1967), the court decides that “when a social media user disseminates his postings and information to the public, they are not protected by the Fourth Amendment. However, postings using more secure privacy settings reflect the user’s intent to preserve information as private and may be constitutionally protected.” The state viewed the profile through the Facebook account of one of Defendant’s “friends” who was a witness. By that means, the Government learned that Defendant posted messages regarding prior acts of violence, threatened new violence to rival gang members, and sought to maintain the loyalties of other alleged members of Defendant’s gang. Access to the Facebook profile constituted the core of the Government’s evidence of probable cause supporting its application for the search warrant.
This case, which was argued in front of a federal district court, was centered on trademark infringement and unfair competition of the word “Moroccanoil.” Moroccanoil (the company) had registered the word with the United States Patent and Trademark Office (USPTO). Marc Anthony Cosmetics argued that the words “Moroccanoil” and “Moroccan oil” were used interchangeably by consumers as general terms, and Moroccanoil therefore couldn’t trademark it. To support this argument, Marc Anthony submitted screenshots of a Facebook page that illustrated how customers used these words. Unfortunately, the court ruled that the Facebook content could not be entered into evidence, since there was no way to prove that the screenshots were an exact copy of what existed on the live Facebook site. In other words, there was no way to authenticate the screenshots.
The defendant in this case argued that a Facebook conversation proved that the State’s witness had lied about being in contact with him. She (the witness) claimed to have had no contact with the defendant since the incident, yet the Facebook evidence showed that this was not true. Although this lie would not automatically prove the defendant innocent, it could be used to indicate that the witness was unreliable. This Facebook evidence was provided by the defendant, who had printed the conversation on his own computer. The witness, however, claimed that she had not authored the messages—and that her account had in fact been hacked. The court ultimately ruled that there was no way to prove the authenticity of the messages, and the Facebook evidence was deemed inadmissible.
During the trial, a printout of a page on VK.com (a Russian site similar to Facebook) was entered into evidence. The defendant's legal team objected, claiming that the page had not been properly authenticated, and that there was consequently no proof that this was in fact his page. The court agreed and the evidence was deemed inadmissible, but this decision was later overruled by a district court who argued that it was reasonable to assume that the page belonged to the defendant. However, the story didn’t end there. The U.S. Court of Appeals for the Second Circuit again overturned the ruling, arguing that there was no way to prove the authenticity of evidence. The court said that “the mere fact that a page with [the defendant’s] name and photograph happened to exist on the Internet at the time of [the investigator’s] testimony does not permit a reasonable conclusion that this page was created by the defendant or on his behalf.”
During the trial, the State attempted to introduce a screenshot of a Facebook post into evidence. The Massachusetts appellate court ruled that the screenshot alone could not prove anything—without further information or circumstantial evidence, it was impossible to know whether the Facebook evidence was authentic. In making this ruling, the court adhered to the opinion found in Commonwealth Vs. Purdy (discussed in our previous blog post), which stated that “evidence that . . . originates from an e-mail or a social networking Web site such as Facebook or MySpace that bears the defendant’s name is not sufficient alone to authenticate the electronic communication as having been authored or sent by the defendant.”
As is often the case with injury and disability claims, social media content here became central to disproving a claim. The plaintiff, who had been a semi-professional basketball player at one point, stated that a vehicle accident had left him disabled and incapable of playing basketball. To contradict this statement, opposing counsel provided social media evidence of the plaintiff playing basketball with friends after the incident. Crucially, the plaintiff had not uploaded these images himself, but had instead been ‘tagged’ by friends, and he consequently claimed that these were old photos that had been uploaded long after the fact. To disprove this statement, opposing counsel requested that a third-party investigator be given access to the plaintiff’s social media accounts. The request was denied, but the appellate court eventually reversed the decision. In doing so, it pointed to Patterson v Turner Const. Co., which found that social media evidence is relevant and discoverable if it “contradicts or conflicts with a plaintiff’s alleged restrictions, disabilities, and losses, and other claims.”
Social Media Content Is Discoverable
As evidenced by Vasquez-Santos v. Mathew and Patterson v Turner Const. Co., courts are increasingly allowing all parties access to social media accounts. Vasquez-Santos v. Mathew is an important case, because it shows that the entry point can be content posted by a third party (as when friends posted and tagged photos of the plaintiff). In other words, any social media evidence can become relevant, even content posted on a third party’s account—and it could lead directly to a plaintiff or defendant’s own social media accounts becoming relevant to the legal matter.
Collection and Authentication Methods Are Crucial
Cases like Moroccanoil v. Marc Anthony Cosmetics, United States v. Vayner, and Commonwealth v. Banas underscore the importance of proper collection and authentication methods. Simple printouts and screenshots are not good enough. What’s needed is a reliable forensic preservation tool that provides defensible evidence, complete with hash values (digital signatures), timestamps, and associated metadata. Legal teams also need to understand the details of Amendments 13 and 14 of Rule 902 of the Federal Rules of Evidence. They need to be aware of all the nuances and requirements of authentication under FRE 902, and understand the new avenues available for submission of digital evidence.
Rules Around Hearsay and Relevance Still Apply
While social media evidence is often relevant and discoverable, rules around hearsay and relevance still apply. And given the nature of social media, it’s inevitable that objections will be made based on hearsay and relevance. For instance, consider Federal Rule of Evidence 803(2) on “Excited Utterance.” It says that, “a statement relating to a startling event or condition, made while the declarant was under the stress of excitement that it caused” is not excluded by the rule against hearsay. What does that mean for a tweet or post created at the scene of an accident? Similarly, issues of relevance can quickly crop up when you’re dealing with a very active Facebook timeline that stretches over years. Where does the line between “relevant” and “irrelevant” information lie? With this in mind, it’s crucial to carefully consider all possible objections to your digital evidence based on hearsay and relevance.
Authenticity Doesn’t Necessarily Prove Authorship
Cases like United States v. Vayner and State Of Connecticut v. Eleck raise an important issue: regardless of whether or not a piece of social media evidence is deemed authentic, an individual can still claim that an account had been hacked and that a piece of content had consequently been authored by someone else. This can be a hard claim to disprove, but metadata can help.
In Mining Metadata: The Gold Standard for Authenticating Social Media Evidence in Illinois, Linda Greene makes the following argument:
Suppose the Assistant State’s Attorney has found the smoking gun in a murder case: an inculpatory statement posted on what appears to be the defendant’s Facebook profile. The problem is that the defendant denies that she authored the statement—her account must have been hacked. Fortunately, Facebook records reveal the internet protocol (IP) address of the computer used to create the post, which is then linked to a device within the defendant’s exclusive control. In this instance, metadata—the data describing the Facebook transmission—becomes an “elegant weapon” to defeat an otherwise irrebuttable claim. And unlike social media users, metadata does not lie.
From both an offensive and defensive standpoint, ignoring social media content leaves a tremendous blindspot that can harm a case. People share so much on social media these days that an investigation of social media accounts should form part of every early case assessment.
That said, there’s no use in finding a great piece of evidence that is ultimately deemed inadmissible, so legal teams should also understand what is required to ensure that a piece of social media evidence is deemed authentic and admissible. Specifically, they should know how to make use of hashing algorithms and metadata to authenticate digital evidence.
Want to learn more about the authentication of digital evidence? Download our reference guide, Authenticating Digital Evidence Under FRE 902(13) and (14): Using Digital Signatures (Hash Values) and Metadata to Create Self-Authenticating Digital Evidence.