Category Archives: Authentication

Social Media Statements: Key Evidence and Often Exceptions to the Hearsay Rule

By John Patzakis

Here is a quick legal evidence quiz: Identify the three distinct hearsay exceptions in the following Tweet:

Accident 5

 

The first exception would be under Federal Rule of Evidence 803(2):

“Rule 803. Exceptions to the Rule Against Hearsay: . . . (2) Excited Utterance. A statement relating to a startling event or condition, made while the declarant was under the stress of excitement that it caused.”

Pretty clear here. The four OMGs are a good indication. So no one can argue that the phrase “OMG” never has any legal consequence.

The second exception would be under FRE 803(1): “Present Sense Impression. A statement describing or explaining an event or condition, made while or immediately after the declarant perceived it.”

And if the witness some time later did not recall details of the incident (two words: Vegas, hangover), the statement could be introduced as a recorded recollection under 803(5).

Another key hearsay exception are statements offered as evidence of the then state of mind of the declarant. While YouTube is known for cat videos, Twitter and Facebook are in large part a platform for statements like this:

Happy Tweet

 

In other words, to quote FRE 803(3): “Then-Existing Mental, Emotional, or Physical Condition. A statement of the declarant’s then-existing state of mind (such as motive, intent, or plan) or emotional, sensory, or physical condition (such as mental feeling, pain, or bodily health)”

While social media is a great place to find out what Kim Kardashian and Justin Bieber are thinking or feeling on a given day, the state of mind of a party or witness is a common issue in many legal matters. (See Gordon v. T.G.R. Logistics, Inc. (D. Wy. May 10, 2017) (Court orders production of entire Facebook Account history as relevant to mental and emotional state of Plaintiff)).

And finally, arguably the most compelling social media evidence stems from the propensity to self-incriminate oneself on Twitter, otherwise known as a Statement Against Interest under FRE 804(b)(3).  This takes multiple forms, including flat out admissions of liability, or previous statements that contradict or otherwise impugn the integrity of a declarant. For instance:

Trump tweet

 

The bottom line is that social media provides a treasure trove of evidence that also tends to fall under evidentiary hearsay exceptions, unlike other forms of out of court statements.

But if you are offering social media evidence under a hearsay exception in court, that would likely mean you have an uncooperative or otherwise unavailable party who authored the social media statement in question. In such cases, the authenticity of the post must be established through circumstantial evidence since direct testimony is not available, and you will need the right software to both identify such evidence and properly collect it utilizing best practices to ensure its admissibility in court.

Leave a comment

Filed under Authentication, Best Practices, Case Law, Case Study, eDiscovery, Social Media Investigations

Practice Tool: Sample FRE 902(14) Certification to Authenticate Social Media Evidence

Update: Law Firm Baker Hostetler has posted a good 902(14) model certification as well.

As part of our continuing coverage of Federal Rule of Evidence 902(14), which goes into effect on Friday December 1, 2017, we will be making available further resources and analysis over the next few weeks in support of this new and important development. To review, FRE 902(14) provides that electronic data recovered “by a process of digital identification” is to be self-authenticating, thereby not routinely necessitating the trial testimony of a forensic or technical expert where best practices are employed. Instead, such properly collected electronic evidence can be certified through a written declaration by a “qualified person.” This rule will have a significant impact on computer forensics and eDiscovery collection practices. A detailed discussion of Rule 902(14) can be found here.

Today we are providing an example of a Rule 902(14) certification for the authentication of social media evidence collected by X1 Social Discovery. This sample document is for general information purposes only. Your use of this example 902(14) certification is at your own risk, and you should not use this sample documents without first seeking professional legal advice. The provision of this sample document (and the document itself) does not constitute legal advice or opinions of any kind. So with those legal disclaimers, here is the sample 902(14) certification:

Certification under Federal Rule of Evidence 902(14)

(Example Only for demonstration purposes)

 

I, __________________, hereby declare and certify:

 

  1. I am currently a (paralegal) (computer forensic specialist) (electronic discovery specialist) employed by “My Organization” (“My Organization”). My Organization specializes in the discovery, collection, investigation, and production of electronic information for investigating and handling computer-related crimes and misuse as well as for in support of discovery for civil litigation matters. I am responsible for conducting computer forensic investigations and providing electronic discovery and litigation support.

 

  1. I have participated in more than 100 investigations and preservation efforts from social media sites and other Internet websites, and was the lead on approximately 20 of those investigations. These investigations involved finding relevant electronic information in support of internal investigations, civil litigation and criminal matters. In the course of these investigations, I was responsible for performing in-depth analyses and providing documentation and related materials in support of criminal and civil matters for law firms/litigation support consulting firms, (or for law enforcement agencies at the federal and local level)

 

  1. I have accumulated extensive experience in the identification, preservation, retrieval, analysis, and documentation of computer-related information, including both data at rest and social media evidence and other internet based electronic evidence in support of computer investigations and ongoing litigation matters.

 

  1. I am a licensed user of X1 Social Discovery (“X1”), the leading software used by law firms, law enforcement, government regulatory agencies and litigation support consultants world-wide. X1 Social Discovery is available for purchase by the general public and is generally accepted in the eDiscovery and computer investigation industry. X1 Social Discovery aggregates comprehensive social media content and web-based data into a single user interface, while preserving critical metadata not possible through image capture “screenshot”, or simple computer screen printouts.

 

  1. X1 Social Discovery includes an automated function to generate an MD5 “hash value” immediately upon the collection of an item of social media evidence or a webpage. The Committee notes to Federal Rule of Evidence 902(14) define a hash value as follows: “Today, data copied from electronic devices, storage media, and electronic files are ordinarily authenticated by ‘hash value.’ A hash value is a number that is often represented as a sequence of characters and is produced by an algorithm based upon the digital contents of a drive, medium, or file. If the hash values for the original and copy are different, then the copy is not identical to the original. If the hash values for the original and copy are the same, it is highly improbable that the original and copy are not identical. Thus, identical hash values for the original and copy reliably attest to the fact that they are exact duplicates.”

 

  1. X1 Discovery, Inc., the software company that develops X1 Social Discovery, makes freely available a separate hash value verification software utility that will recalculate the hash value of an item of electronic evidence that was previously collected by X1 Social Discovery to verify that the evidence has not changed since it was collected by X1. If the “verification” hash value generated by the verification utility is the same as the hash value originally calculated by X1 Social Discovery at the time of the acquisition of the item of electronic evidence, then the identical hash values reliably attest to the fact that the evidence, and any exact duplicates thereof, have not changed.

 

  1. I was retained by attorneys for Defendants to provide examination, preservation and analysis of social media evidence in the present case. Pursuant to this request I collected numerous social media evidence from Twitter, Instagram, and Facebook using the X1 Social Discovery software. Attached as Exhibit “A” are the following items of social media evidence:

 

  1. A Facebook post that was publicly available on Plaintiff’s Facebook dated July 10, 2017, which was acquired by me on September 3, 2017 at 3:45pm.
  2. A Twitter post (Tweet) that was publicly available on Acme company’s Twitter feed dated July 13, 2017, which was acquired by me on September 3, 2017 at 3:48pm.
  3. An Instagram post that was publicly available on Plaintiff’s spouses’ Instagram feed dated July 18, 2017, which was acquired by me on September 3, 2017 at 3:55pm.

 

  1. When the items described above were acquired by X1 Social Discovery, the software automatically generated and assigned a hash value based upon the contents of the evidence. This is termed the “acquisition hash.” Using the hash value verification software utility, I recalculated the hash value of the 3 items listed above, on 12/4/17, shortly before I prepared this declaration. The verification hash in all instances were the same as the acquisition hash value, as set forth in the following table:

902 Certification Table

  1. The identical hash values reliably attest to the fact that the evidence has not changed.

 

I declare under penalty of perjury under the laws of the United States of America that the foregoing is true and correct. Executed this _th day of December 2017 in Los Angeles, California.

 

 

______________________

Signature of Declarant

 

Download a copy of this example Certification here >

3 Comments

Filed under Authentication, Best Practices, Social Media Investigations, Uncategorized