Skip to Main Content
Augmented Legality
Blogs | May 1, 2011
6 minute read
Augmented Legality

Authenticating Social Media Evidence (Or, "Boozy, His Boo, and What Not to Do")

In prior posts, I've discussed the problem of proving identity online: how do you know that someone is who they say they are online? Anyone using social media asks that question (or ought to) every time they engage in an online conversation. It might be easy to answer that question if we're messaging with a trusted friend through an account used many times before--although the possibility of someone else having accessed or "hacked" the account always exists. Or perhaps the personally identifying information that the person has shared convinces us that they're legit. Whatever it takes in any given circumstance, we need to reach a certain comfort level before deciding to trust the other person with any degree of personal information.

Courts go through a very similar process--called "authentication"--with every piece of evidence submitted in a trial. Before accepting a document as evidence, the party offering it needs to offer a sufficient level of proof that the document is authentic. Federal Rule of Evidence 901 (which serves as a model for many state courts as well) lists several types of ways to authenticate a document, including "testimony of [a] witness with knowledge" and such circumstantial evidence as "appearance, contents, substance, internal patterns, or other distinctive characteristics."

Only recently have courts begun to apply these rules to information gained from social media. What is "the appropriate way to authenticate, for evidential purposes, electronically stored information printed from a social networking website[?]"

That was the question at issue in the April 28 decision of Maryland's highest court in the case of Griffin v. State. Griffin--a.k.a. "Boozy"--had been convicted of a crime. One of the key pieces of evidence against him was a printout of a MySpace page allegedly belonging to his girlfriend, Jessica Barber. The prosecution argued that Boozy and Barber used the page to threaten another witness who had been called to testify at trial. Specifically, as the court put it, the page "contained the following blurb: FREE BOOZY!!!! JUST REMEMBER THAT SNITCHES GET STITCHES!! U KNOW WHO YOU ARE!!"

This rant could easily be read as a threat against the potential "snitch." The question, however, was whether or not the prosecution did enough to prove that Barber was actually the person who made it.

To prove that this was Barber's MySpace page, the prosecution offered the testimony of the police sergeant who printed the page. The page's profile picture showed a couple embracing; the sergeant testified that the people in the photo "looked like" Barber and Boozy. The birthdate and hometown listed on the page were also the same as Barber's. But that was all the prosecution did to authenticate the page. There was no evidence concerning where Barber was when the message was posted, or who might have had access to her page. Most confoundingly, Barber herself was called as a witness, but the prosecution asked her nothing about the MySpace page.

The court held that this was not enough. It began by acknowledging the ease of impersonating another person in social media:

The identity of who generated the profile may be confounding, because a person observing the online profile of a user with whom the observer is unacquainted has no idea whether the profile is legitimate. The concern arises because anyone can create a fictitious account and masquerade under another person's ame or can gain access to another's account by obtaining the user's username and password. [quotes omitted]

For these reasons, the court concluded that information gathered from social media requires more careful scrutiny than other forms of evidence:

The potential for fabricating or tampering with electronically stored information on a social networking site, thus poses significant challenges from the standpoint of authentication of printouts of the site .... [T]he complexity or novelty of electronically stored information, with its potential for manipulation, requires greater scrutiny of the foundational requirements than letters or other paper records, to bolster eliability. [quotations omitted]

The court supported this observation with citations to rulings from several other courts (including one from "Maryland's own [federal] Magistrate Judge Paul W. Grimm, a recognized authority on evidentiary issues concerning electronic evidence, outlined issues regarding authentication of electronically stored information, in e-mail, websites, digital photographs, computer-generated documents, and internet postings") that have come to the same conclusion.

But the court also cautioned that "we should not be heard to suggest that printouts from social networking ites should never be admitted. Possible avenues to explore to properly authenticate a profile or posting printed from a social networking site, will, in all probability, continue to develop as the efforts to evidentially utilize information from the sites increases." Among these "possible avenues," the court suggested, were (1) testimony from the person who created the post; (2) searching the hard drive and internet browsing history of the computer used to create the post to verify when and from where the post was created; and (3) obtaining information directly from the social media site itself to show who created a page or post, and when and from where particular posts were sent. Indeed, another opinion released on April 26, 2011 from a Louisiana appellate court described how the prosecution in that case had called a "manager of safety, security, and compliance for MySpace" to testify as to the user information associated with certain MySpace profiles.

Two judges dissented in the Maryland case. They accused the majority of having the "technological heebie-jeebies," and said that it should have been up to the jury to determine whether Barber really authored the post. The court of appeals that reviewed the case before it got to this court agreed; it had upheld the trial court's decision to admit the evidence.

Although I give the dissenting judges bonus points for their clever turn of phrase, it seems obvious, in my personal view, that the majority got this one right. There will be many close calls in determining whether social media information is sufficiently trustworthy to admit into evidence; this is not one of them. Perhaps there isn't anyone else out there interested in impersonating Barber, but the prosecution did nothing to minimize that possibility, or to offer any circumstantial proof at all that the post came from Barber.

The real kicker, as I said before, is the prosecution's failure to ask Barber anything about the post during her testimony. Of course, they may have had good reason not to. Maybe they knew that Barber would deny having written it. Perhaps they realized only too late that they hadn't done enough investigation to prove that denial wrong, so they decided to wing it and take their chances. If so, they very nearly got away with it. But neither of those reasons would justify admitting the evidence in a criminal case, with someone's liberty on the line. Especially when, in all likelihood, it would have only taken a small amount of extra corroboration to satisfy the court's doubts about the evidence.

The Griffin opinion serves as a useful reminder to courts and attorneys alike that purported online identities cannot be taken at face value. Because the prosecution didn't take that fact seriously enough, Boozy now gets a new trial. Let's hope that his next prosecution will demonstrate how to properly get social media information into evidence.