Category Archives: Uncategorized


In response to our post two weeks ago identifying widespread social media abuse by jurors that could quite possibly lead to mistrials, a frightened prosecutor and others have inquired about how exactly juror’s social media data should be collected and what the various techniques are. So this follow-up post discusses the mechanics of proactively monitoring jurors that are both empaneled and potential members of your pool.

First and foremost, it is important to understand what not to do. Do not fire up and start following jurors. They will receive a notice that they’re being followed, which is improper under various legal ethics rules. Also, it is not effective technically, as you cannot access or search past tweets very effectively (which are often just as important as ones in real time), and it is very difficult to monitor up to several dozen jurors in your pool.

The right software will allow you to employ several techniques and methods, which are most effective when used in conjunction to comprehensively and ethically search for all publicly available juror social media.

The first method is to set a geo-fence around the courthouse and immediate area. This will collect tweets and Instagram posts in real time, as well as going back several days if needed, to collect any tweet that is geo-located in that area. Here is an example of such an effort:geo fence

Another advantage of this method is that it will capture any geo-located social media posts by not only jurors at the courthouse but also by opposing counsel or witnesses, which happens more often than you would think. Expert witnesses in particular can be prolific on social media as they promote their services and their personal brand. They also often Tweet and share approvingly links to industry articles and blog articles, which can then be considered to be part of their opinion record.

The second method is to set keywords such as #juryduty or “jury duty” across the public feed of social media sites. This will cast a wider net, returning posts from all over the country if not the world. But with the right tools you can quickly be able to filter out the ones that are within your geographical location. This will also capture posts that are not Geotagged by the user.  If your case has any media attention, even just locally or within industry media verticals, it is a very good idea to set up keywords that can identify any mention of your case in public feeds.

And just for fun, here are the top 5 controversial juror posts from just the past few days:

bad tweets

And finally, once you have identified an impaneled juror or a member of the potential pool, and have their social media profile names,  you can quickly and anonymously collect all their past and ongoing public social media content through special software such as X1 Social Discovery. This also has the advantage of instantaneous and unified search across all available social media streams from multiple jurors. You also can set up email alerts so that if a juror or other person of interest posts anything, you will immediately be alerted to that post. This is also an effective technique when following opposing counsel or key witnesses. And it’s often a good idea to your monitor your own clients as well.

For more information about how to conduct effective social medial investigations, please contact us, or request a free demo version of X1 Social Discovery.

1 Comment

Filed under Best Practices, Case Study, Legal Ethics & Social Media, Social Media Investigations, Uncategorized

Terrorist’s Social Media Postings Overlooked: Greater Diligence is Necessary in the Future

by John Patzakis

One of the shooters in the San Bernardino massacre, Tashfeen Malik, made several posts to her Facebook account in 2012 and 2014 that strongly suggested that she held radical Islamic views, according to a New York Times report. Malik, 29, made the postings before she entered the United States on a K-1 fiancée visa in July 2014, the Times said, citing top federal law enforcement officials.

According law enforcement sources, one of the officials said Malik “expressed her desire” in one of the posts to become an Islamic militant in her own right. U.S. officials have said their investigation has yet to turn up evidence that foreign militants directed Farook or Malik when they stormed a holiday gathering of Farook’s co-workers and opened fire with assault-style rifles. The couple fatally shot 14 people and wounded more than 20 in a rampage the Federal Bureau of Investigation said it was treating as an act of terrorism inspired by Islamist militants.

Malik’s Facebook messages indicate that U.S. law enforcement and intelligence officials missed warnings on social media that she was a potential threat before she applied for her U.S. visa.  While there currently is no explicit order banning visa investigators from trawling applicants’ social media accounts, some agencies have been wary about doing so, the official said.

And the perils of overlooking social media evidence apply to all forms of investigations, whether law enforcement or civil legal matters. As noted by attorney Jennifer Ellis in her presentation at the recent May 2015 national American Bar Association conference, “failure to understand how social media can impact clients’ cases could lead to serious damage to a case which might result in a malpractice complaint.” And as noted by a Maryland Appellate court: “It should now be a matter of professional competence for attorneys to take the time to investigate social networking sites.” Griffin v. Maryland, Case No. 1132, Court of Special Appeals Maryland, May 27, 2010, slip op. at 14

However, the NY Times report cites mistaken law enforcement officials who claim it “is impossible to . . . scour the social media accounts” of all potential immigrants and visa applicants. Nothing could be further from the truth.

When rudimentary tools such as web browsers and print screen are used, social media investigations are indeed burdensome and costly. A single publically available Facebook account may take hours to review manually, and may require over 100 screen captures to collect with manual processes. However, with the right software, such investigations can be foundation of a very scalable, efficient and highly accurate process. Instead of requiring hours to manually review and collect that public Facebook account, the right specially designed software, like X1 Social Discovery, can collect all the data in minutes in an instantly searchable and reviewable format.

So like any form of digital investigation, feasibility (as well as professional competence) often depends on utilizing the right technology for the job.  As agencies and companies work social discovery and investigations into standard operating procedures for common processes (visa applications, insurance claims investigations, etc), it is possible that fewer warning signs will be missed.

Leave a comment

Filed under Uncategorized

Print Screen for Social Media Evidence: Not Defensible and Also Very Expensive

As we often note on this blog, courts continue to routinely find that the testimony of an individual who merely printed a copy of a social media webpage is insufficient to authenticate social media evidence. Notable recent cases with such rulings include Linscheid v. Natus Medical Inc., 2015 WL 1470122, at *5-6 (N.D. Ga. Mar. 30, 2015) (finding LinkedIn profile page not authenticated by declaration from individual who printed the page from the Internet); Monet v. Bank of America, N.A., 2015 WL 1775219, at *8 (Cal Ct. App. Apr. 16, 2015) (memorandum by an unnamed person about representations others made on Facebook is at least double hearsay” and not authenticated), and Moroccanoil vs. Marc Anthony Cosmetics, 57 F.Supp.3d 1203 (2014) (Facebook screenshots inadmissible in a trademark infringement without supporting circumstantial information).

These rulings underscore why best practice technology is essential for gathering social media and other Internet evidence. But while many practitioners understand this in terms of defensibility, many operate under the mistaken assumption that manual print screen efforts are a cost-saving shortcut. Nothing could be further from the truth. Stallings v. City of Johnston, 2014 WL 2061669 (S.D. Ill. May 19, 2014), is very instructive as it clearly illustrates that printing Facebook pages for production in eDiscovery is a really bad (and expensive) idea.  In this case, plaintiff Jayne Stallings brought suit for wrongful employment termination against the City of Johnston, her former employer. And it seems that Stallings, like millions of others, was an avid and highly opinionated Facebook poster.

So to respond to discovery requests, Plaintiff’s counsel and a paralegal spent a full week printing out the contents of Plaintiff’s Facebook account — which amounted to over 500 printed screen captures — manually rearranging them, and then redacting the pages. Plaintiff counsel also claimed that she could not provide the relevant Facebook information on a disk, and thus resorted to inefficient paper production – an obviously costly exercise. A week of paralegal and lawyer time could easily run $25,000 and no client should pay anywhere near that amount for a task that, with the right technology, requires minutes instead of days to perform.

Print screen as a social media evidence collection method only leads to higher costs for many reasons, namely because the resulting output is a truncated, unsearchable, flat image that fails to retain the all-important metadata. As a result, a substantial amount of secondary processing must be done to upload the social media images into a standard attorney review platform. The images must be run through OCR, the various requisite metadata fields must be manually entered, and the truncated screen shots reassembled into context so they appear and read as they did in their original state. All this will typically cost thousands of dollars in additional processing fees.

Additionally, when an examiner merely relies on print screen, the scope and thoroughness of the collected social media and Internet evidence is severely limited. This often results in key evidence being overlooked as well as impacting its evidentiary integrity. Employing more automated means, such as X1 Social Discovery, enables the examiner to quickly collect entire web pages and publically available social media accounts, which can be hundreds of pages long. This comprehensive and thorough collection allows the examiner to collect far more potential evidence, preserving all relevant metadata, and having that evidence be immediately searchable and reviewable in a highly effective integrated review platform.

Further, the examiner can build a much stronger case for authentication by constructing timelines, drawing connections between witnesses and their various posts, collecting more corroborating metadata, and a litany of other information to build a compelling circumstantial case to authenticate the social media or web page evidence in question.

And of course another key benefit of X1 Social Discovery is its ability to preserve and display all the available “circumstantial indicia” or “additional confirming circumstances,” in order to present the best case possible for the authenticity of collected social media evidence. This includes collecting all available metadata and generating a MD5 checksum or “hash value” of the preserved data, for verification of the integrity of the evidence.

It is important to collect and preserve social media posts and general web pages in a thorough manner with best-practices technology specifically designed for litigation purposes.  For instance, there are over twenty unique metadata fields associated with individual Facebook posts and messages. Any one of those entries, or a combination of them contrasted with other entries, can provide unique circumstantial evidence that can establish foundational proof of authorship.

So while it can seem counterintuitive as sometimes there is a tradeoff when it comes to legal technology between best practices and costs, manual print screen efforts for social media are not only very costly, they subject clients to evidentiary challenges that could place an entire case in peril. But you can have the best of all worlds with the scalability, cost-saving and defensibility brought by X1 Social Discovery.

Leave a comment

Filed under Uncategorized

VMworld Recap: Major Disruption in Store for Enterprise Search & eDiscovery

by John Patzakis


Last week we attended and exhibited at VMworld 2014 in San Francisco, VMware’s annual conference that brings together over 25,000 thought leaders, subject matter experts, technology providers and IT professionals to immerse themselves in the latest in virtualization and cloud technology. VMworld is now essentially the modern-day COMDEX, spread out among the sprawling Moscone Center. The difference is that VMworld’s exclusive focus is the enterprise, and more specifically the modern and trending IT enterprise. VMworld is where the forward thinking enterprise CIOs are now, and where everyone else will be in the next 2-4 years.

In the opening keynote, VMware CEO Pat Gelsinger — who recently explained to the Wall Street Journal that “we are in the period of the greatest tectonic shift in the IT industry in the last 30 years” — emphasized the trend of “frictionless IT” running the enterprise where “everything is virtualized” utilizing a hybrid mix of on-premise virtualization, public and private cloud.  Frictionless IT involves a model where pools of virtual machines — comprising virtual desktops and servers running in either the public cloud or a private cloud — are managed by IT administrators enterprise-wide from a single console, without physically touching any hardware. This allows for virtual desktops, servers and supporting applications and software upgrades to be rolled out and managed on a highly automated basis, including having resources moved from private to public clouds and back again, all with a few mouse clicks.

So given the importance of this conference to the present and future of enterprise IT, it was highly notable that X1 was the only enterprise search provider present among more than 400 exhibitors. It is actually surprising that no other search vendors were here given how quickly attendees ‘got it.’  They understood that search is the elephant in the room for VDI and other enterprise-stored data and quickly responded positively to X1’s message. The reason for our competitors’ absence, in my opinion, is that nearly all the current enterprise search software vendors, as well as eDiscovery tools, represent legacy technology that does not support deployment into highly virtualized environments. Traditional enterprise search solutions are limited to either appliances or arduous manual on-site installations, neither of which can operate in true virtual environments. In other words, they represent a very high degree of friction, with entrenched architectures that must be completely re-written in order to support virtualization and the new frictionless IT paradigm.

And the thing about truly supporting cloud and on-premise virtualization is that enterprise software vendors cannot fake it with enterprise CIOs and their staff. For instance, there is a high degree of “cloud-washing” in eDiscovery, where vendors host their own attorney review systems on a SaaS basis, and thereby claim they are cloud innovators. And while there is a legitimate but limited use case there, a complete process baked into the enterprise and its information management DNA needs to encompass integrated preservation, collection and early data assessment — including first pass review. Such an eDiscovery system must be on premise and will not survive unless it truly operates in a virtualized environment, whether in the public or private cloud.

Solutions that truly support virtualization are VMware-ready certified, and can also be quickly and remotely installed into the public cloud through a readily available machine image, such as an Amazon Machine Image (AMI) for the Amazon Web Services cloud. In essence, major enterprise software now has to effectively install almost as easily as a mobile phone app.

As an aside, another notable observation that I believe is highly indicative of this “tectonic shift” was the near complete absence of the major systems integrators, with the exception of Capgemini. Most of the other top 10 SIs were completely absent and the few others there had a very minimal presence. This is, again in my opinion, because most of these systems integrators thrive on a “friction” model (think nine-month enterprise software installation), and are struggling to adapt to the new world order.

In our recent discussions with folks at Amazon Web Services, they recounted amusing stories of companies asking to send hardware appliances or teams of expensive consultants to AWS data centers to index and manage their data for enterprise search and eDiscovery purposes. Both scenarios are non-starters for public cloud architectures. This is where X1 is leading the charge for both enterprise search and eDiscovery.

We are very excited about our partnership with VMware, and the hundreds of contacts and new and existing customers we connected with at the show. And more exciting things are to come. Stay tuned for exciting announcements in the coming months. In the meantime, I recommend you start making plans for VMworld next year.

Leave a comment

Filed under Uncategorized

VMworld 2014 Hot Topics – VDI, Hybrid Cloud & Mobility

VMworldNext week, the VMworld conference kicks off and all of us at X1 are excited.  VMworld gives X1 the opportunity to introduce our newly-minted VMware Ready products – X1 Search 8, X1 Search 8 Virtual Edition, and X1 Rapid Discovery – to VMware users.  Perhaps more importantly, though, the conference is an opportunity to hear where the world is moving with regard to several hot topic areas:  VDI; hybrid cloud; and mobility.

Desktop virtualization promises many benefits: lower IT costs; streamlined administration of IT assets; and end-user flexibility in terms of accessing the desktop from anywhere.  Given the popularity of BYOD, the consumerization of IT, and the need for mobility to support telecommuting, VDI is becoming more and more important.  There look to be some compelling sessions at the show about customer successes using VDI that will show not only that the benefits of VDI are real, but also how others can learn from those successes to continue to drive VDI adoption.  At our booth, X1 will continue to remind folks building unified search into VDI requirements early on can optimize VDI deployments.  At the very least, this will help to ensure that end-users are more receptive to the virtual desktop and allow them to remain productive.  Getting end-users to buy in is often half the battle when deploying new technology.  When it comes to VDI environments, a good search solution must decouple the search UI from the indexing service.  Otherwise, indexing will require virtual desktop computing resources and cut into VDI cost savings.  The goal is to minimize the RAM usage and search client footprint on the virtual desktop.

Hybrid cloud is a combination of a private IT infrastructure and a public cloud.  The public and private cloud infrastructures then communicate over an encrypted connection and can port data and applications back and forth.  Hybrid cloud is hot because it delivers real benefits:  increased speed of access time and reduced latency because of an on-premise, private infrastructure that is accessible directly as opposed to through the internet; more flexibility to have on-premises infrastructure that can support the average workload and to leverage the public cloud when the workload exceeds the power of the private cloud component; and more flexibility in server designs that can lower the costs of storage.  X1 will detail to booth visitors how unified search of information no matter where it lives – cloud, on-premise, hybrid – can make hybrid cloud environments more user-friendly.  Products like X1 Rapid Discovery enable hybrid search that lets IT glean all the benefits of hybrid cloud while ensuring end-users are happy with their ability to find information.

Mobility is an important topic and complementary to both VDI and hybrid cloud.  VDI and hybrid cloud environments will enable business professionals to be mobile and productive.  One of the keys to productivity is fast, easy access to information – and that is exactly what X1 provides.  The architecture for X1 Search 8 Virtual Edition stands to enable better access to information on more and more devices.  We are excited for VMworld because it means the opportunity to meet further with the VMware Airwatch team and understand how X1 can continue to partner with VMware in new and innovative ways.

If you are going to be at VMworld, please come see X1 at Booth #2436.  We would be happy to show you our products and how they can complement existing or planned VMware investments.

Leave a comment

Filed under Corporations, Desktop Search, Enterprise Search, Hybrid Search, Uncategorized