top of page

Authentication and Access for Social Media Evidence

By: L. David Russell

Corporate Counsel (April 25, 2013)

In England, a criminal defendant proclaims, “I think I got away with it,” before the close of trial and is forced to take a plea. In Texas, a murder conviction is upheld based on the accused’s knowledge of intimate details about the killing and subsequent investigation. In California and Colorado, employee plaintiffs are required to disclose conversations with other employees related to a suit against the employer. In each of these cases, the crucial evidence was drawn from Facebook and other social networking sites.

Messages and postings on social networks have become a fundamental means of communication. By 2009, more conversations took place over social networks than by email. Lawyers have seized on social networking sites as a deep well of valuable information, resulting in an evidentiary debate in courtrooms nationwide surrounding the admissibility of social media evidence.

Two key issues for courts and attorneys faced with social media evidence have been: (1) proper authentication of the evidence, and (2) access to that evidence in the face of digital privacy laws. As recently as a few years ago, authentication and access each proved to be a substantial hurdle for an attorney seeking to admit social network communications into evidence. Recent decisions, however, reveal a trend toward admission, with the cooperation of social media sites themselves necessary to both authentication and access.


Does a name and photograph on a Facebook page authenticate the identity of the individual associated with the account’s activity? In an instance of what Judge Glenn T. Harrell Jr. of Maryland’s highest court has described as the “technological heebie jeebies,” several recent courts have required more, expressing concern with false profiles, account hacking, and “Photoshopping.”

The ability of technology to deceive, however, is counterbalanced by the indelible digital trail left by users of social media. Accordingly, standards for authentication are emerging. Evidence of a user’s Internet history, gleaned from an examination of their digital devices or obtained directly from the social media provider, now appears sufficient to establish, in the language of Federal Rule of Evidence 901, “that the [social media] item is what the proponent claims it is.”

The paradigmatic case arises from messages or postings whose authenticity is disputed by the apparent account owner. Several decisions of recent years—including Griffin v. State, 19 A.3d 415 (Md. 2011) and State v. Eleck, 23 A.3d 818 (Conn. App. Ct. 2011)—have been sympathetic to claims of falsely created accounts or “hacked” messages. The Griffin court held that “the date of birth of the creator and her visage in a photograph on the site” was insufficient to authenticate the purported owner’s authorship of a message. Similarly, Eleck held that authenticity was not established by “the fact that [the claimed author] held and managed the account.”

Nevertheless, as Eleck noted, “the circumstantial evidence that tends to authenticate a communication is somewhat unique to each medium”; both cases pointed to forensic examination of devices or validation by social media providers as potential means of authenticating such evidence. As use of these methods of authentication becomes more widespread, it seems likely that courts will not look favorably upon evidence put forth without forensic support.

At the same time, traditional means of authentication, such as the distinctive content of a statement, retain force in the world of social media. In Tienda v. State, 358 S.W.3d 633 (Tex. Crim. App. 2012), Texas’s highest criminal court upheld a murder conviction that relied heavily on postings from several MySpace accounts attributed to the defendant—despite the lack of any forensic evidence or outside authentication. After describing in detail several dozen messages, photographs, and other details linking the profiles to the defendant, the court ruled that the remote possibility “that the [defendant] was the victim of some elaborate and ongoing conspiracy” went to the weight of the evidence, not its admissibility.

The Tienda court did cite Griffin, however, for the suggestion that in future cases, proponents of social media evidence would be well advised to include extrinsic proof of authenticity.


If the records held by Facebook and other providers can authenticate a social media item, are these records available in discovery? As recently as five years ago the answer likely would have been “no,” as the Stored Communications Act of 1986 (SCA) was believed to limit the discovery obligations of social media providers. But in a recent case, the California Court of Appeal rejected arguments that courts are powerless to order disclosures from Facebook. In Juror Number One v. Superior Court, 206 Cal. App. 4th 854 (2012), the appellate court upheld the trial court’s order requiring a juror to execute a consent form authorizing Facebook to produce his posts to the court. Because such consent was equivalent to disclosure by the party itself, the court determined that the SCA “has no bearing on this issue.”

Taking an even more direct approach, a District of Colorado magistrate judge recently ordered all class members in an employer sexual-harassment suit to turn over the “necessary information to access any social media websites used by [the class member],” i.e., usernames and passwords. EEOC v. The Original Honeybaked Ham Co., No. 11-2560, 2012 WL 5430947 (D. Colo. Nov. 7, 2012). The issue of access to social media evidence was framed in practical terms: “The fact that [evidence] exists in cyberspace on an electronic device is a logistical and, perhaps, financial problem, but not a circumstance that removes information from accessibility by a party opponent in litigation.” The court recognized the privacy concerns of the social media users, however, and ordered production of usernames and passwords to a special master followed by an in camera review of potentially relevant information before its disclosure.


As courts and counsel become more tech-savvy, discomfort with social media evidence appears to be already fading. In Honeybaked Ham, the court analogized social-media postings to a file folder titled “Everything About Me.” The court reasoned that a hard-copy version of this hypothetical folder would be susceptible to discovery, and that there was “a strong argument that storing such information on Facebook and making it accessible to others presents an even stronger case for production, at least as it concerns any privacy objection.” Similarly, a California magistrate judge recently compelled an employee plaintiff’s production of “all social networking communications” between the plaintiff and other employees that related to the action. Mailhoit v. Home Depot USA, Inc., 285 F.R.D. 566 (C.D. Cal. 2012). The court found that the request was “reasonably calculated to lead to the discovery of admissible evidence.” These cases point to a fast-approaching future where obtaining—or being required to produce—social-media evidence in discovery is neither difficult nor controversial.

And the U.K. defendant who bragged “I think I got away with it”? He simply admitted ownership of the statement after being confronted by the judge. “Man Jailed After Bragging ‘I Think I Got Away With It’ on Facebook,” The Telegraph (June 6, 2012). As Griffin points out, even on the crest of an ever- accelerating technological revolution, “the first, and perhaps most obvious method” for authenticating social media evidence, “would be to ask the purported creator.” Sometimes, that is enough.

—By L. David Russell, Christopher Chiou, and Daniel Welsh, former attorneys at Jenner & Block LLP

Reprinted with permission from the April 25 edition of the Corporate Counsel © 2013 ALM Media Properties, LLC. All rights reserved. Further duplication without permission is prohibited. For information, contact 877-257-3382, or visit

- - - -


bottom of page