Before evidence may be used in court, its authenticity must be established—proof that the evidence is really what the offering party says it is. Authenticating evidence captured from the internet or social media can be tricky. In fact, before they allow it in a courtroom, many judges subject web and social media evidence to closer examination than other evidence because it is believed to be more easily manipulated. As Maryland’s Judge Paul Grimm noted in Lorriane v. Markel American Ins. Co, 241 F.R.D. 534, 542 (D. Md. 2007), “[a]uthentication of ESI [electronically stored information] may require greater scrutiny than that required for the authentication of ‘hard copy’ documents.”Not only is authentication of evidence from a webpage subjected to more scrutiny, it is often a two-part question: 1) Did the information actually appear on the web or social media?; and 2) Was the information posted by the person the party offering says posted it?
Despite increased scrutiny, with some forethought, entering web and social media evidence need not be difficult. Using the right tools or services to capture evidence from the web coupled with the right proof connecting it to the person posting the information will help alleviate authentication issues.
The starting point for authentication of any evidence is Federal Rule of Evidence 901 (or its state counterpart). Pertinent to ESI, rule 901 reads:
(a) In General. To satisfy the requirement of authenticating or identifying an item of evidence, the proponent must produce evidence sufficient to support a finding that the item is what the proponent claims it is.
(b) Examples. The following are examples only — not a complete list — of evidence that satisfies the requirement:
(1) Testimony of a Witness with Knowledge. Testimony that an item is what it is claimed to be.
…
(3) Comparison by an Expert Witness or the Trier of Fact. A comparison with an authenticated specimen by an expert witness or the trier of fact.
(4) Distinctive Characteristics and the Like. The appearance, contents, substance, internal patterns, or other distinctive characteristics of the item, taken together with all the circumstances.
…
(8) Evidence About Ancient Documents or Data Compilations. For a document or data compilation, evidence that it:
(A) is in a condition that creates no suspicion about its authenticity;
(B) was in a place where, if authentic, it would likely be; and
(C) is at least 20 years old when offered.
(9) Evidence About a Process or System. Evidence describing a process or system and showing that it produces an accurate result.
(10) Methods Provided by a Statute or Rule. Any method of authentication or identification allowed by a federal statute or a rule prescribed by the Supreme Court.
Using Rule 901 as a guide, courts often conclude social media and web evidence may be authenticated in a few (non-exclusive) ways: 1) The party offering the evidence may present testimony from a witness with knowledge of the post (i.e. ask the creator it they posted the information); 2) Evidence may be offered from an examination of the computer used to post the information showing relevant entries in the internet history; 3) Information may be presented from the company hosting the information linking the post to the person in question; or 4) Circumstantial information such as distinct characteristics in the post may connect it to the author.
Proof of any of the above must meet the “reasonable juror” standard (Sublet v. Maryland, 442 Md. 632 (Ct. App. 2015)). That is, is there sufficient proof offered so that a reasonable juror could find that the evidence offered is authentic? But, as noted, to establish that a reasonable juror could believe evidence from the web is authentic, there are often two questions to answer. First, is the evidence an accurate depiction of what appeared on the internet or social media? Second, who posted the information?
To answer this question, whether the evidence offered accurately depicts the information as it was presented on the web, the exhibit used should be a recognizable and complete record of the webpage. Additionally, attorneys should be prepared to show a digital chain of custody establishing that the exhibit is an authentic record of the page.
Failure to use proper tools and protocols to capture web page evidence may complicate authentication:
Commonly, attorneys resort to printouts of webpages to use as evidence in court. Unfortunately, printouts from a web browser may not resemble the page exactly as it appeared online. Browsers and their plugins may not render the page as it appeared on the web, and some pages may contain code permitting users to only print certain parts of the page.
As a result, to present webpage evidence in court, attorneys should ensure that their exhibits look professional, are easy-to-read, and are truly representative of the entire webpage.
Unless the digital chain of custody is protected, establishing that a printout is an accurate reproduction of a page that actually appeared online may be a more difficult question to answer.
There are numerous ways to alter webpages, including manipulating the page in a browser before a capture or digitally editing a record once it is captured. This is why courts often subject internet evidence to more scrutiny. As a result, attorneys should plan to establish a digital chain of custody showing no editing of the web entry occurred.
Another common problem establishing a digital chain of custody is verifying the accuracy of webpage metadata. Metadata is “data about data,” and includes information such as the URL (web address) from which the evidence was taken and time of capture. Legal professionals capturing evidence from the internet sometimes neglect to record this data, or may record the wrong data by mistake. In rare cases, parties may intentionally alter metadata.
Attorneys must be able to prove that what is presented in court actually was not altered and appeared at the time and at the URL specified. Simply offering a printout does not lend itself to easily verifying the time and date of the capture. As a result testimony from the person capturing the page may be necessary and might not be optimal. However, using proper tools or services, such as Page Vault, makes it easy to establish the completeness of web-based evidence and to establish chain of custody.
Page Vault’s software and services are designed to help legal professionals capture and print webpages quickly and easily, while maintaining a digital chain of custody. Even the longest social media feeds are captured in seconds with one click, and are presented in easy-to-read PDF files with a cover page that includes all relevant metadata.
Best of all, Page Vault maintains the integrity of the digital chain of custody, and if necessary, Page Vault also provides affidavits describing how its unique patent-pending technology produces accurate results.
However, simply establishing that web or social media evidence actually appeared on the internet is not enough. For the evidence to be used in a legal matter, attorneys will probably also have to establish how the information made it to the webpage in the first place.
If the information is attributed to a particular party, the person offering the evidence must also offer proof that the person did in fact post the information.
As explained in a recent case from the Louisiana Court of Appeal, Louisiana v. Demontre Smith, No. 2015-K-1359, (La. Ct. App. April 20, 2016), because information on the internet may be posted under false names, aliases, or via unauthorized access to another’s account, “electronically stored information is easily susceptible to abuse and manipulation and [authentication of ESI] require[s] greater scrutiny…”
In the Louisiana case, Demontre Smith appealed an assault conviction based largely on threatening social media posts attributed to him. However, prosecutors connected the posts to Smith with testimony from a police officer who admitted he had no direct knowledge that Smith actually posted the threats.
On appeal, the court reversed the conviction finding “that the State failed to present any evidence at all to authenticate the purported social media evidence” to establish that the defendant actually posted the threatening social media posts.
The court noted that “no evidence or testimony was offered as to whether Mr. Smith created the account and/or profile on the social media platform or whether he had ever accessed the platform. Likewise, there is no evidence of whether, assuming he created the online account, Mr. Smith allowed others access using his password or any unique qualities regarding the messages themselves from which one may assert Mr. Smith sent the messages.”
The failure in Smith to properly authenticate evidence from the web is not an isolated incident. For instance, in Griffin v. Maryland, 419 Md. 343 (Ct. App. 2011) the court overturned a conviction because prosecutors failed to properly authenticate evidence taken from a Myspace page after it relied solely on police testimony to authenticate it. Similarly in United States v. Vayner, 769 F.3d 125 (2d Cir. 2014), the court reversed a criminal conviction when prosecutors failed to establish that information on a webpage described as the “Russian Equivalent of Facebook” was actually posted by the defendant.
In these cases, the problem was failing to tie the web and social media posts to the alleged authors. With this in mind, if attorneys plan to use web-based evidence at trial, they must be prepared to not only establish the accuracy of the entry, but they also will likely need to tie the evidence to a witness. As Judge Grimm noted in Lorriane v. Markel American Ins. Co., authentication issues relating to webpage and social media evidence are often caused by lack of planning. “Indeed, the inability to get evidence admitted because of a failure to authenticate it almost always is a self-inflicted injury which can be avoided by thoughtful advance preparation.”
Using a tool or services from a company like Page Vault will go a long way in avoiding the “self inflicted injury” of a court excluding evidence. However, even then, parties offering the evidence must also give some thought to how they will prove that the person really posted the web content. This can be done by asking a person with knowledge (for instance, the person posting the information) or also by circumstantial evidence tying it to the poster–such as knowledge uniquely connected to the person posting the entry.
Chad Main is an attorney and the founder of Percipient, a legal technology and eDiscovery company focusing on managed document review and managed eDiscovery services. Percipient handles all aspects of legal document review projects including collection, review, analysis and production. Prior to founding Percipient, Chad worked as a litigator in Los Angeles and Chicago. He may be reached at cmain@percipient.co. He writes frequently about electronic discovery and litigation on the Percipient E-Discovery Blog.