Tag Archives: collect

December 9, 2014 · 8:10 AM

Social Media Evidence Law Update: Numerous Recent Decisions Disallow Social Media Screen Prints as Evidence

by John Patzakis

In recent months, courts in several reported decisions have excluded evidence in the form of screen captures of social media. These court decisions greatly impacted the overall matter, including directly resulting in the overturning of a criminal conviction. scales-justice-no-printThis is a very important trend as many criminal investigators and litigation support practitioners continue to rely on print screen without realizing the now torrent level of case law disallowing such evidence.

In the most recent example, in Moroccanoil vs. Marc Anthony Cosmetics, — F.Supp.3d —- (2014) a federal district court explicitly ruled that Facebook screenshots were inadmissible as the defendant in a trademark infringement action merely offered the screenshots without supporting circumstantial information, which is difficult to obtain when mere screenshots are relied upon. The Moroccanoil court cited Internet Specialties W., Inc. v. ISPWest, 2006 WL 4568796 which in that case ruled: “Defendant’s argument, that [web pages] could be ‘authenticated’ by the person who went to the website and printed out the home page, is unavailing.” The Moroccanoil court applied the same rule to Facebook screenshots.

In the criminal context, in United States vs. Vayner, 2014 WL 4942227 (C.A. 2 (N.Y.)), A US Federal Appellate Court, Second Circuit, recently overturned a criminal conviction upon finding that the lower court erroneously admitted a screenshot of the defendant’s alleged social media profile due to improper authentication. Earlier this year, in Commonwealth v. Banas, 2014 WL 1096140 a Massachusetts Appellate Court also ruled that a screen print of Facebook post submitted by the prosecution in a criminal case to be inadmissible on authentication grounds.

The courts that produced these decisions are very influential and these decisions will impact standards for, and the scrutiny of, all social media evidence collection in criminal and civil matters nationwide.

(As a side note, these recent decisions and other key issues involving social media evidence will be discussed at length in a December 16 webinar featuring computer forensics expert Craig Ball and Reed Smith eDiscovery counsel Patrick Burke: A Practical Approach to Social Media Discovery. The top-line speakers will cover the importance of social media discovery in today’s cases, recent challenges and best practices. The event is one week away as of this writing but — as a testament to this compelling and timely topic — we have nearly 600 registrants and seats are limited, so I encourage you to register now.)

The cases cited above and many others like them illustrate that social media provides torrential amounts of evidence potentially relevant to litigation matters, with courts routinely facing proffers of data preserved from various social media websites. One of the many benefits of X1 Social Discovery is its ability to preserve and display all the available circumstantial evidence in order to present the best case possible for the authenticity of social media evidence collected with the software. This includes collecting all available metadata and generating a MD5 checksum or “hash value” of the preserved data for verification of the integrity of the evidence. It is important to collect and preserve social media posts and general web pages in a thorough manner with best-practices technology specifically designed for litigation purposes.  For instance, there are over twenty unique metadata fields associated with individual Facebook posts and messages. Any one of those entries, or a combination of them contrasted with other entries, can provide unique circumstantial evidence that can establish foundational proof of authorship. (We identify the nearly two dozen fields of unique Twitter metadata in our white paper available here).

Additionally, when an examiner merely relies on print screen, they also severely limit the scope and thoroughness of the social media and internet collection. Employing more automated means, such as X1 Social Discovery, enables the examiner to quickly collect entire web pages and publically available social media accounts, which can be hundreds of pages long. This allows the examiner to build a much stronger case for authentication by building timelines, drawing more connections between witnesses and their various posts, collecting more collaborating metadata, and a litany of other means to build a compelling circumstantial case to authenticate the social media or web page evidence in question.

So in sum, you can either have your cake and eat it too with X1, or incur much higher costs, overlook mountains of potentially case-winning evidence, arguably violate your ethical duty of competence, and face evidentiary challenges in court with print screen. Seems like an easy decision.

Leave a comment

Filed under Best Practices, Case Law, Social Media Investigations, Social Media Metadata

Tagged as , , , , , , , , , , , ,

April 4, 2012 · 2:30 PM

Defining Truly Cloud-Capable eDiscovery Software

Last week we discussed the challenges of searching and collecting data in Infrastructure as a Service (IaaS) cloud deployments (such as the Amazon cloud or Rackspace) for eDiscovery purposes.  Today we discuss what is needed for eDiscovery and enterprise search vendors to provide a truly cloud-capable solution and provide a decoder ring of sorts to cut through the hype.  For there is a lot of hype with the cloud becoming the latest eDiscovery hot button, with vendor marketing claims far surpassing actual capabilities.

In fact, many eDiscovery and enterprise software vendors claim to support the cloud, but are simply re-branding their long-existing SaaS offerings, which really has nothing to do with supporting IaaS. Barry Murphy of the eDiscovery Journal aptly identified this marketing practice as “cloud washing.” Data hosting, especially where the vendor’s manual labor is routinely required to upload and process data, does not meet defined cloud standards. Neither does a process that primarily exports data through APIs or other means out of its resident cloud environment to slowly migrate the cloud data to the vendor tools, instead of deploying the tools (and their processing power) to the data where it resides in the cloud. In order to truly support IaaS cloud deployments, eDiscovery and enterprise search software must meet the following three core requirements:

1.         Automated installation and virtualization:  The eDiscovery and search solution must immediately and rapidly install, execute and efficiently operate in a virtualized environment without rigid hardware requirements or on-site physical access. This is impossible if the solution is fused to hardware appliances or otherwise requires a complex on-site installation process. As hardware appliance solutions by definition are not cloud deployable and with enterprise search installations often requiring many months of man hours to install and configure, whether many of these vendors will be able to support robust IaaS cloud deployments in the reasonably foreseeable future is a significant question.

2.         On-demand self-service: In its definition of cloud computing, The National Institute of Standards and Technology (NIST) identifies on- demand self-service as an essential characteristic of the cloud where a “consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.”

Many hosted eDiscovery services require shipping of data to the provider or extensive behind the scenes manual labor to load and configure the systems for data ingestion. Conversely, solutions that truly support cloud IaaS will spin up, ingest data and fully operate in an automated fashion without the need for manual on-premise labor for configuration or data import.

3.         Rapid elasticity: NIST describes this characteristic as capabilities that “scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time.” This important benefit of cloud computing is accomplished by a parallelized software architecture designed to dynamically scale out over potentially several dozen virtualized servers to enable rapid ingestion, processing and analysis of data sets in that cloud environment. This capability would allow several terabytes of data to be indexed and processed within 2 to 4 hours on a highly automated basis at far less cost than non-cloud eDiscovery efforts.

However, many characteristics of leading eDiscovery solutions fundamentality prevent their ability to support this core cloud requirement. Most eDiscovery early case assessment solutions are developed and configured toward a monolithic processing schema designed to operate on a single expensive hardware apparatus. While recently spawning some bold marketing claims of high speeds and feeds, such architecture is very ill-suited to the cloud, which is powered by highly distributed processing across multitudes of servers. Additionally, many of the leading eDiscovery and enterprise search solutions are tightly integrated with third party databases and other OEM technology that cannot be easily decoupled (and also present possible licensing constraints) making such elasticity physically and even legally impossible.

So is there eDiscovery software that will truly support the IaaS cloud based upon these requirements, and address up to terabytes of data?  Stay tuned….

Leave a comment

Filed under Cloud Data, Enterprise eDiscovery, IaaS

Tagged as , , , , , , , , , , , , , , , ,

February 8, 2012 · 8:50 AM

A Real World Social Media Discovery Case Study From the Trenches

As mentioned in my last post, many law firms and eDiscovery service providers have in recent months extensively discussed social media discovery in a general fashion. Such dialogue is important and educational, but it is  great to see the innovative service firm D4 highlighting their major league, battle tested social media discovery capabilities by outlining a case study where they delivered a huge win for their clients.

D4, experts in computer forensics and eDiscovery consulting, recently tackled a case involving the capture of several dozen Facebook and LinkedIn accounts amounting to over 2 million items. Utilizing X1 Social Discovery, D4 rapidly collected and searched through these items to quickly pare down the item count to roughly 7,000. Once the social media data set was at 7,000 items, D4 exported the data into the review platform Relativity.

In addition to D4’s prowess, three critical factors served as game changers to allow for this exercise that would otherwise have been impossible without best practices technology. First, D4 was able to collect these 2 million items on a highly automated basis with X1 Social Discovery. If screen captures were used instead, it may literally take a year to capture that volume of data. Second, once captured those two million items were indexed at the point of collection and placed within a designated case to allowing for searching, sorting and analysis in a single interface and case-centric workflow. D4’s efforts reveal how X1’s workflow and patented fast-as-you type search enables very effective early case assessment for social media.

Finally, X1 Social Discovery’s unique ability to capture several dozens of metadata fields for social media was extremely important to the case. D4 states:

“We were able to take advantage of the metadata fields captured by D4 during the collection process…The attorneys were able to go through the posts in less than two days and found a dozen or more posts that were critical to the case. In my opinion, without using the tools and expertise offered by D4 they never would have found the evidence.”

We agree.

Law Technology NewsAnd on a related recent development, John Waters of Law Technology News published a review of X1 Social Discovery after his extensive testing, and the results are consistent with the scalable functionality leveraged by D4:

“In my tests, X1 (Social Discovery) was fast and responsive…The interface is clean and simple, with a logical layout. And the feature set is just about everything you could ask for as you dig into the burgeoning mounds of status updates, tweets, digital pictures, hash tags, comments, and links. I was impressed with X1’s ability to search globally across the public feeds of Twitter, Facebook, and LinkedIn with the X1 Search engine’s fast-as-you-type feature. The product’s ability to scale makes it flexible enough to allow e-discovery pros to cope with a massive and rapidly expanding source of potential evidence.”

The broader point in both of these examples is that X1 Social Discovery is enabling technology that allows law firms, consultants, and other practitioners to transition from just talking about social media discovery to winning big league cases with cutting edge technology.

1 Comment

Filed under Best Practices, Preservation & Collection, Social Media Metadata

Tagged as , , , , , , , , , , , , , , , , , , , , ,

December 6, 2011 · 11:25 AM

Producing Facebook and Twitter Evidence in Native Format

Per all recent case law on the subject, including for instance EEOC v. Simply Storage, social media evidence is considered Electronically Stored Information (ESI) on the same par as email and electronic files. This means that the various eDiscovery provisions of The Federal Rules of Civil Procedure (FRCP) apply to social media.  FRCP rule 34(b) requires that ESI be produced pursuant to a discovery request “in a form or forms in which it is ordinarily maintained or in a form or forms that are reasonably usable” unless the requesting party specifies a different format at the time of the request. Parties seeking formal discovery and who invoke the Rule 34(b) specification at the time of the discovery request are typically instructing that the responsive ESI be produced in native format with all metadata intact.

Without the right technology, producing social media evidence in native format with all metadata intact can be a difficult task at best and may lead to spoliation liability as a worst case but not far-fetched scenario. Social media archive solutions typically have very limited export capabilities and do not generally support native file and metadata export directly into review platforms. For this reason, X1 Social Discovery was developed collect and preserve social media in its native format and to integrate with leading attorney review and production platform Concordance. In fact, this Thursday, December 8, LexisNexis will be featuring X1 Social Discovery as part of their CLE webinar outlining best practices process and technology for addressing social media evidence.  The webinar speakers will be expert E-Discovery attorney Shannon Capone Kirk of Ropes & Gray and Don Swanson of Five Star Legal and Compliance Systems, Inc. Shannon will discuss the state of the law and recommended processes and Don will demonstrate a seamless and integrated workflow between X1 Social Discovery and Concordance. You can register for the CLE webinar at this link here.

The LexisNexis webinar will highlight that social media evidence collected, preserved, searched, analyzed and tagged with X1 Social Discovery can be quickly and seamlessly exported into Concordance while maintaining native file format and all metadata. We recently heard from one customer who exported thousands of tagged social media items from X1 Social Discovery into Concordance in a manner of minutes. We believe this functionality regarding scalable native file social media export is one of the many X1 Social Discovery features that are unique to the eDiscovery field. But I invite you to attend the webinar to assess this claim yourself.

1 Comment

Filed under Best Practices, Social Media Metadata

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , ,

November 28, 2011 · 8:21 AM

Can Lawyers Be Disqualified by Merely Viewing a Linkedin Profile? The Implications of Indirect Social Media Communications and Legal Ethics Rules

With attorneys and their hired consultants routinely collecting social media evidence for investigation and eDiscovery purposes, it is important to be aware that such activity can generate various direct and indirect communications to the subject account owners.  Sending a Facebook “friend” or a LinkedIn “connect” request are obvious examples, but there are also less overt means of social media communications. For instance, if a hypothetical law firm named Smith & Wesson were to merely follow a witness on Twitter, the service will automatically email the witness with a notification that Smith & Wesson is now following her. Additionally, it is all too easy when viewing a Facebook page to inadvertently “like” an item or accidentally send a friend request through a single mouse click.  And if you simply view another’s Linkedin profile while logged into your own account, that person will often be notified that you viewed his or her profile page.  Ethical Implication

For lawyers and their hired consultants and investigators, all this can be very problematic considering legal ethics rules that strictly regulate communications with represented parties and even jurors connected to a case. Several local and state bar associations have issued legal ethics opinions discussing this issue specific to collecting social media evidence. On December 6, X1 Discovery hosted a live webinar to delve deeper into this topic with the esteemed Ralph Losey of Jackson Lewis as the featured speaker. Ralph is the lead eDiscovery partner at Jackson Lewis and the author of “The eDiscovery Team,” considered by many to be the best legal eDiscovery blog on the planet. You can register for the recorded version of this webinar at this link here. (One hour of ethics CLE credit will be available to California attorneys).

From our perspective, this critical concern involving indirect social media communications and legal ethics underscores the importance of employing best practices technology to search and collect social media evidence for investigative and eDiscovery purposes.  Collecting evidence in a manner that prevents, or at minimum, does not require that attorneys and their proxies directly or indirectly communicate with the subjects from whom they are collecting social media evidence is a core requirement for solutions that truly address investigative and eDiscovery requirements for social media. If user credentials to the social media account have been properly obtained, that is obviously ideal. However, in many instances lawyers must resort to searching and collecting publicly available information. In such situations, it is crucial that the law firm and/or its hired experts conduct such collections in the proper manner.

For instance, X1 Social Discovery software features public Facebook capture that can search and collect publicly available Facebook pages without directly or indirectly notifying the account holder. This is critical functionality for eDiscovery preservation. Additionally, X1 Social Discovery accesses and displays Facebook pages in read-only mode, preventing metadata alternation, inadvertent friend requests or “like” tagging through a simple slip of the mouse. X1 Social Discovery includes other features concerning Twitter and Linkedin that also prevent indirect communications while effectively collecting data from those sites. We will be highlighting those features in the next few weeks, but in the meantime, we hope you enjoy our webinar.

3 Comments

Filed under Best Practices, Legal Ethics & Social Media

Tagged as , , , , , , , , , , , , , , , , , ,