We’ve blogged several times about discovery issues involving Facebook…not surprisingly, courts across the country continue to discuss the different permutations of social media and electronic discovery. In November, a Pennsylvania Court of Common Pleas issued an opinion in Largent v. Reed, No. 2009-1823 (Pa. Common Pleas Franklin 2011) (slip op.; 11-8-11), a case involving damages for injuries sustained in a case accident. The defendant filed a motion to compel production of the plaintiff’s Facebook login information, asserting that messages and photos on the plaintiff’s Facebook account contradicted her claims of serious injury. The court granted the motion and offered the following reasoning:
The Court holds that no general privacy privilege protects [plaintiff’s] Facebook material from discovery. No court has recognized such privilege, and neither will we. By definition, there can be little privacy on a social networking website. Facebook’s foremost purpose is to “help you connect and share with the people in your life.” That can only be accomplished by sharing information with others. Only the uninitiated or foolish could believe that Facebook is an online lockbox of secrets.
The court further held that individual users are not covered under the Stored Communications Act (SCA); thus, the statute did not prohibit the defendant’s discovery in this case. Andrea Cortland of Cozen O’Connor summarized the case and warned Facebook users: “be careful what you post – it’s not as “private” as you think!” Joe Hodnicki at the Law Librarian Blog also posted about the decision and linked to Orin Kerr’s rebuttal at The Volokh Conspiracy:
While it’s true that neither the plaintiff nor the defendant are regulated entities under the statute, Facebook clearly is. [T]he privacy of Facebook communications are protected by 18 U.S.C. 2701 of the Stored Communications Act, … in addition to 18 U.S.C. 1030, the Computer Fraud and Abuse Act, which protects all computers generally. Both of these statutes prohibit accessing electronic accounts without authorization or in excess of authorization. So while ordering the plaintiff to disclose her password to the defendant doesn’t itself violate the SCA or the CFAA, it’s at least an open question whether the defendant’s future act of accessing the plaintiff’s account might violate those statutes.
As with many questions of the CFAA (and related provisions of the SCA), it hinges on what “authorization” means. Here’s the question: If Facebook says that only the individual account holder can access the account; the individual account holder refuses to voluntarily disclose the password; and someone else accesses the account only because the account holder was forced by a judge to disclose the password, is the “someone else’s” access authorized or not? Put another way, what governs authorization: The views of Facebook and the views of the account holder, or the views of the trial judge who granted the discovery request? It’s not an easy question, creating a significant risk that granting the motion to compel invites the movant to commit a federal crime in the course of discovery.
For more information on motions to compel discovery and electronic discovery, O’Connor’s has you covered in Texas, California, and federal courts.
