Social Media and The Law

Social Media and the Law - Computer Forensic Show, SF, CA

Reprinted with permission from the November 1, 2011 issue of The Recorder.
© 2011 ALM Media Properties, LLC. Further duplication without permission is prohibited.  All rights reserved.
Original Article

By: Kevin L. Nichols

Last month I was on a panel at the Computer Forensics Show with Jack Halprin, head of eDiscovery, enterprise at Google; Eric Hunter, director of knowledge management at Bradford & Barthel; and Michael Lackey Jr., partner at Mayer Brown, which addressed the ethical concerns and challenges involving social media. Technology using new media is changing so rapidly that the courts cannot keep up. A common thread that emerged was that social media, in some form, is here to stay; however, no one is convinced that the dominant players, namely Facebook Inc., LinkedIn Inc. and Twitter Inc., will remain at the top five years from now. Some of the presentation’s key takeaways included rules and regulations, court decisions and best practices with regard to social media.

Rules and Regulations

The ABA, state bars and countless government agencies are trying desperately to implement restrictions, polices, procedures and codes of conduct to ensure that companies and law firms monitor their social media sites and their employees’ as well.  For example, the Electronic Communications Privacy Act and Stored Communications Act (18 U.S.C. §§2510-2712) adds the transmission of electronic data from computers to existing government restrictions on wiretapping and disclosure of electronic communications held by third-party Internet service providers. Moreover, SEC Release No. 34-58288 outlines the liability for information posted on companies’ websites; and FINRA Regulatory Notice 10-06 requires financial services firms to monitor and maintain records on social media site usage and interactions. Companies and law firms need to be aware of these changes and can review Federal Judicial Center: Social Networking Guidelines & U.S. District Courts, N.Y. City Bar Op. No. 2010-02 (Sept. 2010), and Philadelphia Bar Op. No. 2009-02 (Mar. 2009) for more guidance on using social media in these areas.

Case Law

There are currently several courts across the country grappling with social media and what is discoverable.

1. The case of Offenback v. L.M. Bowman lays the groundwork that the “scope of discovery into social media sites ‘requires the application of basic discovery principles in a novel context.’” Offenback’s finding states that “public information contained in plaintiff’s account is properly subject to limited discovery in this case.” Thus the court has the right to obtain passwords and access social media sites if there is just cause.

2. In a Central District case of Crispin v. Christian Audigier, the court quashed a subpoena for private messages by finding that the Stored Communications Act was applicable, but clearly distinguished private messages from public posts on social media sites, for which the SCA was inapplicable.

3. In Romano v. Steelcase, the court declared that social media data was “material and necessary to the defense of [the] action,” which included even deleted pages. The Romano court found that “privacy is no longer grounded in reasonable expectations, but rather in some theoretical protocol better known as wishful thinking.”

4. In EEOC v. Simply Storage Mgmt., the court required the plaintiff to produce relevant data from social media sites such as Facebook and MySpace because they were not considered private communications, which expanded the discovery scope from “communications that directly reference the matters alleged.”

These cases illustrate that the “reasonable expectation of privacy” that once existed is diminishing rapidly when individuals willfully choose to share information via social media sites. More and more information is becoming discoverable and produced as evidence. This exposure can be reduced through better practices.

Best Practices

In working with social media, one must use a commonsense approach and a “reasonable person” standard to operating a business or conducting personal interactions. Because many companies and firms are using these sites to interact with customers, market their products and/or services, it is vital to have standard practices, rules of conduct, policies and procedures in place.

Here are some recommendations:

1. Have clear and concise policies, with “do’s and don’ts,” and training available for your organization.

2. When at all possible, restrict use of social media sites for all employees with the exception of marketers and individuals who need to conduct investigations, e.g., for deposition preparation (but remember to include policies about the use of personal hand-held devices while on the company’s clock).

3. Include defensible legal hold and preservation polices in your organization’s governance materials.

4. Attorneys should beware of calling themselves “specialists” or embellishing their biography on the firm website (duty of candor).

5. Be careful whom you “friend,” “connect with,” or “follow.”

6. Keep client names and personal information out of blog posts and articles for privacy and confidentiality concerns.

In summary, much like rock ’n’ roll and even hip-hop, the younger generation has created a new phenomenon that has changed the world. Social media is here to stay and many companies, including law firms, do not want to be left in the dust. There are serious concerns of exposure while participating in social media; thus, participants need to proceed with caution. Attorneys have explicit guidelines and ethics to follow, and should be careful to avoid the existing pitfalls. Develop firm policies and procedures for you and your clients and remember that with social media, everyone’s checking your status.

Disclaimer: The author is not a lawyer, thus the content of this article should not be interpreted as providing legal advice.

Kevin L. Nichols is the Principal of KLN Consulting Group located in San Francisco, which specializes in Litigation, Diversity and Business Development/Social Media consulting. For more information, please visit

E-Discovery Crashes the Computer Forensics Show

Kevin L. Nichols
Principal, KLN Consulting Group

By: Kevin L. Nichols
The Recorder
November 18, 2010



On Nov. 1 and 2, Fort Mason in San Francisco housed a high-profile group of presenters at the Computer Forensics Show. The show’s purpose was to introduce the latest advancements in the forensics marketplace. A broad range of topics was discussed, such as e-discovery cost management, project budgeting, managing the technical aspects of document reviews, and corporate counsel’s perspective of e-discovery; however, two topics stood out at providing cutting-edge trends in the legal industry.

The first presentation was “Avoiding E-Discovery Landmines” by Eric J. Sinrod of Duane Morris in San Francisco. Its general purpose was to provide a comprehensive overview of how failing to effectively respond to electronic discovery can lead to severe monetary sanctions and adverse case results. According to Sinrod, in light of the aftermath of the changes to Federal Rules of Civil Procedure, Rules 16(b) and 26(f), parties are having a difficult time reaching consensus with the required “meet and confer” process as it relates to e-discovery. Failure to adhere to production obligations can lead to serious sanctions, sometimes in the millions of dollars. Moreover, with the broadening of the definition of the terms “documents” and “data compilations,” parties are also having to agree on how to produce such items as voice mail messages, social networking communications, instant messages, blogs, backup tapes, etc., which can be very costly.

To combat these changes, Sinrod offered several strategies that companies can implement to reduce their exposure while complying with the federal rules. The first is implementing strong retention policies and executing them. Under FRCP 37(f), a company will not ordinarily be sanctioned for deleting e-mails if it is done as part of a “routine, good faith, operation.” Thus, if companies create and execute short-term retention policies they can reduce the likelihood of having to produce outdated e-mails and other electronically stored information. However, if a “litigation hold” is put in place, or the company is aware of potential litigation and purposely continues to purge or delete ESI, a firm retention policy may not protect it from charges of spoliation and sanctions.

Unfortunately, neither having a large, robust IT department, nor the cost/complexity of retrieving ESI from backup tapes spare parties from having to produce it. The cost of production is sometimes in the hundreds of thousands of dollars and ESI must oftentimes be produced within 30 days. In certain circumstances, where the cost of complying with e-discovery requests is high, but the results are unlikely to yield relevant or a highly probative evidence, parties are able to shift the cost of e-discovery to the opposing side. This is not the norm, however, and parties are typically expected to bear their own costs.

Sanctions can be costly. By way of example, Sinrod referenced z4 Technologies v. Microsoft Corp., 507 F.3d 1340 (2007) where Microsoft failed to disclose and produce certain e-mails, and the judge ordered it to pay $25 million in additional damages and an extra $2 million in attorneys fees for litigation misconduct. To avoid sanctions for withholding presumably privileged ESI, an attorney can play an integral part of the company’s infrastructure as counsel, but not as a businessperson. Sinrod made a distinction between communications that are truly attorney-client privileged and those where attorneys are merely being copied on, or present at business meetings where they are giving non-legal advice. If ESI is truly privileged, in most cases, it does not have to be produced.

Sinrod explained that most companies are not prepared to handle the obligations required by the FRCP amendments. Thus, he recommended companies establish these five practices:

• client counseling — refining client’s “Record Retention Policy” to address ESI;

• reasonable anticipation of litigation — knowing when to create a “litigation hold” regarding ESI;

• “meet and confer” obligations — developing comprehensive confidentiality agreements that include detailed “clawback” provisions under the Federal Rules of Evidence, Rule 502, which allows the party to retrieve any documents that were inadvertently produced;

• discovery response — developing collection procedures, considering hiring a consultant for guidance, or contracting with outside vendors to assist with collection, processing, review, and production of the ESI;

• avoiding pitfalls — rather than fearing technology, using it to your advantage, trusting and relying on the “experts” on your team, i.e., paralegals who know the facts, the litigation support managers who know the IT of the production, and vendors/consultants who know a combination of both to assist you in your production.

The second notable presentation was given by Herbert Roitblat, Ph.D., chief technology officer at OrcaTec LLC. Titled “Cost Effective E-Discovery Processes,” it was based primarily on a study conducted by the Electronic Discovery Institute and published in the Journal of the American Society for Information Science and Technology.

Roitblat introduced a methodology of “predictive coding” that can reduce the overall cost of e-discovery by 90 percent or more. The study substantiates Roiblat’s claim by comparing the evaluated relative effectiveness of two computer-assisted categorization systems and two human review teams. Specifically, the study compared an original categorization obtained as part of a response to a Department of Justice request and produced by having one or more attorneys review each document and a production by an automated categorization system.

The results illustrated that machine categorization was no less accurate in identifying responsive documents than human reviewers. Roitblat argued that using “predictive coding” based on these intelligent categorizations can remove a tremendous amount of nonresponsive documents just as easily as human reviewers at a fraction of the cost. This would allow legal counsel to spend the time and utilize their most skilled attorneys to conduct the substantive review. He advocates using conventional e-discovery methods such as culling, de-NISTing (getting rid of system files such as “.exe” and other extensions during processing), deduping (getting rid of exact duplicates of documents), near duping (getting rid of near duplicates) and sometimes “key word searching.” He argues, however, that predictive coding is far more reliable than this method. Using the above, in conjunction with predictive coding, can reduce 1.3 terabytes of ESI to 30 gigabytes for review, at a fraction of most “per gigabyte” or other pricing models.

Companies can learn how to empower themselves by avoiding the landmines of e-discovery and by exploring other technologies like predictive coding. At the end of the day, as our world becomes more technological, the need for advanced technologies for effective representation will increase as well, together with legal standards and laws.

Kevin L. Nichols is the principal of KLN Consulting Group located in San Francisco.