chevron-down Created with Sketch Beta.
December 20, 2018 Feature

Clearing the Hurdles of Admissibility for Social Media Evidence

By Amy M. Stewart and Raha Assadi

When analyzing the admissibility of electronically stored information (ESI) such as social media data, practitioners should remember that ESI should be treated like any other evidence. With all evidence, the proponent must clear the evidentiary hurdles: show that the ESI is relevant under Federal Rule of Evidence 401 and similar state evidence rules; establish its authenticity under Federal Rule of Evidence 902; address hearsay issues; resolve issues of unfair prejudice and probative value; and demonstrate that the ESI complies with the best evidence rule.

Authentication is only the first hurdle to admissibility.

Authentication is only the first hurdle to admissibility.

This article will focus on how practitioners can clear the admissibility hurdles for social media data, including the newly amended Federal Rules of Evidence 902(13) and (14) that deal with self-authenticating social media data through digital identification.

The Rules of the E-Evidence Authentication Game

Rule 901(a) of the Federal Rules of Evidence outlines the traditional methodology that required a live witness to authenticate proffered ESI evidence. The Rule states, “The requirement of authentication or identification as a condition precedent to admissibility is satisfied by evidence sufficient to support a finding that the matter in question is what its proponent claims.” The application of the Rule was clarified in United States v. O’Keefe, 537 F. Supp. 2d 14, 20 (D.D.C. 2008): “[A] piece of paper or electronically stored information, without any indication of its creator, source, or custodian may not be authenticated under Federal Rule of Evidence 901.”

Sections (b)1–10 of Rule 901 set forth several illustrations of legitimate methods of authentication. These are: testimony of a witness with knowledge; non-expert opinion on handwriting; comparison by trier of fact or expert witness; distinctive characteristics of the data or thing to be authenticated; voice identification; telephone conversations; public records or reports; ancient documents or data compilation; evidence describing a process or system; and any other method of authentication or identification provided by statute or rules promulgated by the Supreme Court.

However, newly amended Federal Rules of Evidence 902(13) and (14), which are now in effect, provides that electronic data that can be digitally identified is self-authenticating:

Rule 902. Evidence That Is Self-Authenticating.

The following items of evidence are self-authenticating; they require no extrinsic evidence of authenticity in order to be admitted:

. . .

(13) Certified Records Generated by an Electronic Process or System. A record generated by an electronic process or system that produces an accurate result, as shown by a certification of a qualified person that complies with the certification requirements of Rule 902(11) or (12). The proponent must also meet the notice requirements of 902(11).

(14) Certified Data Copied from an Electronic Device, Storage Medium, or File. Data copied from an electronic device, storage medium, or file, if authenticated by a process of digital identification, as shown by a certification of a qualified person that complies with the certification requirements of Rule 902(11) or (12).

The Committee Notes to Federal Rule of Evidence 902(14) offer a methodology to determine the authenticity of the ESI proffered into evidence; the methodology is based on “the hash value,”

a number that is often represented as a sequence of characters and is produced by an algorithm based upon the digital contents of a drive, medium or file. If the hash values for the original and copy are different, then the copy is not identical to the original. If the hash values for the original and copy are the same, it is highly improbable that the original and copy are not identical. Thus, identical hash values for the original and copy reliably attest to the fact that they are exact duplicates.

Additionally, the trial testimony of a forensic or technical expert is no longer necessary where best practices are followed to gather the information. Instead, a “qualified person” can certify through a written declaration and attest that he or she both verified the website’s metadata and confirmed that the proffered evidence is identical to the original. Generally, a “qualified person” would be someone who works in computer forensics, e-discovery, or information technology. The sidebar on page 33 presents the text of a model certification under Rule 902(14).

Accordingly, to authenticate social media data, it must be accompanied by identifying metadata (such as hash value, date posted, account, user, etc.) and other means that can be verified by a “qualified person.” No longer will website screenshots or printouts, which could be altered or Photoshopped, be admissible as evidence.

Best Practices to Capture the Data Necessary to Authenticate Social Media Posts

The following are best practices to capture the data needed to authenticate social media posts, tweets, and blogs:

  • Depending on the website, you may need to hire a web collection expert. It is important to capture the entire web page, website, or social media profile to provide a full context of the page. This may be harder for attorneys to handle when the website has a scrolling mechanism and it is challenging to capture all the data.
  • Be sure to specifically copy and document the website’s name and its HTML address before it is deleted or becomes obsolete as time passes.
  • If the website contains other media, for example, videos, pop-up windows, or hyperlinks, make sure to capture all those items. When authenticating the data, it is imperative that the evidence put before the court is the mirror image of the website.
  • When collecting blog entries, the attorney should capture the entire blog feed so that dates, times, and authors are included. Additionally, make sure to capture the blog’s metadata as most programs will allow the author to revise blog content and even the date of posting. Again, this may be a task for a qualified IT specialist.

In conclusion, while Rule 902 eliminates the need to have a testifying expert authenticate ESI, it may be prudent for litigators to retain a qualified e-discovery collection expert to gather the requisite metadata to establish the ESI’s authenticity.

The Hearsay Hurdle

Establishing the authenticity of the proffered evidence is only the first hurdle to admissibility. As Rule 902 explains, “[a] certification under this Rule can establish only that the proffered item has satisfied the admissibility requirements for authenticity. The opponent remains free to object to admissibility of the proffered item on other grounds—including hearsay, relevance, or in criminal cases the right to confrontation.” State and federal rules of evidence forbid statements offered into evidence to prove the truth of the matter asserted with certain exceptions. Under Federal Rule of Evidence 801, “non-hearsay” exceptions that are useful to authenticate e-evidence are: (1) a statement offered for any relevant purpose other than for the truth of the matter asserted; (2) a declarant’s prior consistent statements in rebuttal to a charge “against the declaration of recent fabrication or improper influence or motive”; and (3) a party-opponent’s admissions.

Normally, a party’s statements made on its own website are admissible pursuant to Federal Rule of Evidence 801(d)(2). However, there is a hearsay hurdle when dealing with the admissibility of statements a witness posts to a social media site that he or she does not own. Unless there is evidence, normally via testimony, that those statements were authored or adopted by the declarant, then they will remain inadmissible.

Additionally, litigators should use the hearsay exceptions to their benefit to argue that a witness’s Facebook check-in at a local restaurant is not hearsay but instead is a “present sense impression.” Additionally, practitioners should argue that tweets or other social media posts are admissible under the “state of mind” hearsay exception. See University of Kansas v. Sinks, 565 F. Supp. 2d 1216 (D. Kan. 2008) (holding that anonymous weblog entries regarding the character of allegedly infringing t-shirts were admissible in a trademark infringement action to show the declarant’s confusion about whether he or she could purchase the shirt and about who produced the shirt, rather than the existence of the shirts, and thus were not inadmissible hearsay).


The Amendments to Federal Rules of Evidence 902(13) and (14) provide a stable and predictable pathway to the authentication of social media posts. However, similar to other proffered evidence, authentication is only the first hurdle to admissibility. Litigators must still overcome objections on other admissibility grounds, such as relevance and hearsay. 

Model Certification under Federal Rule of Evidence 902(14)

I, ______________________, hereby declare and certify:

  1. I am over 18 years of age. I am currently employed by [employer] as a [job title]. [Add description related to qualification to authenticate the data, e.g., specializes in the discovery, collection, investigation, and production of electronic information.] I have participated in more than [number] collections and preservation efforts from [source of data], and I was the lead on approximately [number] of those collections. These investigations involved finding relevant electronic information from [data sources]. I was responsible for performing in-depth analyses and providing documentation and related materials for [employer/law firms/litigation support consulting firms].
  2. I have utilized [describe discovery software used and experience dealing with hash value digital markings].
  3. I was retained by [name of client or law firm or consulting company] to provide examination, preservation, and analysis of [documents, data, social media evidence, web page] in the present case. Pursuant to this request, I collected numerous [documents, data, social media evidence, web page] using [software].
  4. When collecting the [documents, data, social media evidence, web page], the metadata for that information was preserved. After I collected the information, it was sent via [media] to [law firm, vendor; describe chain of custody].
  5. When the items described above were acquired by me, [describe how you analyzed the hash value with the discovery software and provide conclusions].
  6. The identical hash values reliably attest to the fact that the evidence has not changed.
  7. The process described above was used for all the [trial exhibits] listed in the attached Exhibit.

I declare under penalty of perjury under the laws of the United States of America that the foregoing is true and correct. Executed this _____ day of _____ in _____.

___________________________________________ [Name]

Amy M. Stewart has expertise in dealing with contract, business torts, breaches of fiduciary duty, products liability, employment, labor, and personal injury matters. Amy is also a certified arbitrator with the American Arbitration Association, presiding over commercial, construction, and employment matters. A former Division I collegiate athlete and coach, Amy brings an aggressiveness and competitive nature to her legal practice. Clients want her leading and representing their interests, and opposing counsel respect her legal acumen and her tenaciousness.

Raha served as a judicial clerk for Judge Tonya Parker in Dallas County’s 116th Judicial District Court and for Judge Eric V. Moyé in Dallas County’s 14th Judicial District Court. While at Baylor Law School, Raha received several honors, including becoming a member of the Order of the Barristers, the Dean’s List, and a recipient of the Dean’s Academic Excellence Scholarship. She also worked as a legal intern for the Los Angeles Office of the U.S. Equal Employment Opportunity Commission.

The material in all ABA publications is copyrighted and may be reprinted by permission only. Request reprint permission here.