Posts By :

Allysia Edwards

The Discoverability of IoT Devices

What are IoT Devices

The Internet has transformed the way we conduct daily chores. Simple objects such as fridges, watches, doorbells, and washing machines can now be connected to secure networks. This technology is quick, efficient, and the perfect replacement for manual tasks. Whenever the user is within range and connected to WiFi, IoT devices can be used to turn on the lights, preheat the oven, and more. But what exactly is the definition of an IoT device? IoT is shorthand for the Internet of Things, a term used to describe physical objects that transmit data through wireless networks. [1] Fortunately for legal teams, IoT devices are effective in the courtroom as well as the home.

IoT Devices in Court

  • Four years ago in Arkansas, data from an Amazon Echo was used to investigate the death of Victor Collins. When Collins was found dead in his hot tub, his friend James Bates was charged with first-degree murder and evidence tampering. The charges were later dismissed due to reasonable doubt amongst the court. Unfortunately, news sources haven’t disclosed what the voice recordings revealed. [2]
  • After Timothy Burke was accused of shooting his brother, the prosecutor requested the admittance of audios from a Ring doorbell. The defendant objected to its admittance, claiming that it violated New York’s wiretapping and eavesdropping law. The objection was overruled. [3]
  • In an aggravated arson and insurance fraud case, Ross Compton’s guilt was proven by his pacemaker. The man claimed that he packed up his belongings and threw them out the window after discovering the fire. Medical examiners concluded that the pacemaker’s heart rate and cardiac rhythm data disproved Compton’s claims. [4]
  • In State of Wisconsin v. Burch, the defendant was accused of killing her boyfriend. However, the charges were dropped after Fitbit data revealed that Burch had only taken 12 steps in the hours before the death. [5]

Key Considerations

  • Legal teams should explain the significance of IoT data to their clients and evaluate any IoT devices that might be useful.
  • During (or in the prospect of) litigation, disable auto-deletion features on IoT devices.
  • Investigate the reliability of the device’s data.
  • Assess the accessibility of IoT data and the cost of its production. [6]


IoT devices are too valuable to be overlooked in litigation. As demonstrated by the aforementioned court cases, IoT data is quite useful in criminal cases. However, its utility doesn’t stop there. IoT data can also play a significant part in personal injury claims, family law, IP litigation, and more. It would be remiss of litigants to ignore IoT devices during the discovery process. Instead, litigants should consider the relevance and proportionality of IoT devices when drafting their ESI protocol.


[1] Brian Morrison and Joann Militano, “E-Discovery for IoT Devices: Primer for Representing Individual Clients,” New York Law Journal, February 1, 2021,

[2] Erik De La Garza, “Charges Dropped in Amazon Echo Murder Case,” Courthouse News Service, November 29, 2017,

[3] Kimberley Haas, “Judge: Audio from Ring doorbell can be used as evidence in Rochester shooting case,” New Hampshire Union Leader, March 5, 2020,

[4] Debra Cassens Weiss, “Data on Man’s Pacemaker Led to His Arrest on Arson Charges,” ABA Journal, February 16, 2017,

[5] Greg Goth. “Can Wearables Testify Against Their Owners?” IEEE Spectrum, Sept. 27, 2021,

[6] Briar Morrison and Joann Militano, “E-Discovery for IoT Devices: Primer for Representing Individual Clients.”

The Risks and Benefits of Ephemeral Messages

What are Ephemeral Messages?

In the corporate world, Gmail, Microsoft Teams, and Slack are the most common forms of communication. Though these platforms are traditional and efficient, they create privacy and storage challenges. Ephemeral messages counteract these issues by disappearing shortly after the recipient has read the message. [1]

Platforms with disappearing messages:

  • Snapchat
  • Signal
  • Wickr
  • Cover Me
  • Confide
  • Telegram
  • Hash
  • WhatsApp
  • DingTalk

Court Cases Involving Ephemeral Messaging

  • Waymo, LLC v. Uber Technologies, Inc.: In this trade secrets case, Uber’s usage of Wickr and Telegram became a discovery headache. The judge granted both parties the opportunity to argue for or against the relevance of the messages. Thus, the case’s focus shifted from trade secrets to unrecoverable conversations. [2]
  • WeRide Corp v. Huang: After the defendant was accused of intellectual property theft, they took several measures to destroy communication evidence. One of those measures included communicating through DingTalk after the preliminary injunction. Since the messages were destroyed and post-injunction, terminating sanctions were issued. [3]
  • Herzig v. Arkansas Foundation for Medical Care, Inc.: In this age discrimination case, the plaintiffs started using Signal after receiving preservation orders. The judge noted that the plaintiffs manually configured the deletion settings; thus, the case was dismissed for intentional spoliation. [4]

Weighing the Risks and Benefits

Through automated deletion, ephemeral messaging apps eliminate issues concerning data volume. Smaller amounts of data provide greater security from data leaks and reductions in storage costs. Despite these benefits, ephemeral messages are a risky form of communication because they increase the likelihood of spoliation. [5] Spoliation sanctions can range from monetary payments to case dismissal. [6]

Best Practices for Preservation

  • Automated deletion settings should be shut off as soon as a complaint is filed.
  • Create comprehensive policies on managing ephemeral messages. These policies should outline legitimate reasons for the app’s usage, retention information, and destruction guidelines.
  • Train employees on ephemeral messaging etiquette in the workplace.
  • Monitor and document company usage of ephemeral messaging apps. [7]

[1] Dennis Kiker, “Now you see it, now you don’t: Ephemeral messaging may lead to sanctions,” DLA Piper, June 8, 2020,

[2] Robert M. Wilkins, “Client Litigation Risks When Using Ephemeral Messaging Apps,” Jones Foster, March 5, 2020,

[3] Philip Favro, “INSIGHT: California Case Offers Warnings on Ephemeral Messaging,” Bloomberg Law, June 1, 2020,

[4] Scott Sakiyama, “This Message Will Self-Destruct in 5 Seconds,” Corporate Compliance Insights, March 26, 2020,

[5] Rebecca Cronin, “A Lawyer’s Guide to Ephemeral Messaging,” JD Supra, May 18, 2021,

[6] Michael W. Mitchell and Edward Roche, “Lessons Learned: Destroying Relevant Evidence Can Be Catastrophic in Litigation,” Smith Anderson,

[7] Thomas J. Kelly, “The Rise of Ephemeral Messaging Apps in the Business Word,” National Law Review, April 23, 2019,

Problems and Solutions for Slack Discovery

The Discoverability of Slack

As people turned to remote work in 2020, collaboration apps became a prevalent form of communication. Slack was so popular that some considered it to be the “new email.” Though some legal teams refute its discoverability, the FRCP intentionally established a broad definition of ESI to accommodate new data types. From corporate files to humorous GIFS and standard channel messages, Slack is a medium for large quantities of information. Thus, the application fits the requirements for discoverable digital evidence.[1] Accessing and producing that information, however, can present several challenges.

Production Problems

  1. Hundreds of Slack messages are sent every day.

Medium and large-scale corporations with active Slack users easily send over 100,000 Slack messages per month. Additionally, Slack generates a new file per day for each channel. Examinations of big data are slow and expensive. By proactively identifying specific channels to preserve, litigants can reduce production costs and time.[2]

  1. Slack is only one of many hosts for decentralized communications.

Nowadays, a single conversation can span multiple platforms. For example, if an employee asks their boss a question through email, they may hold a Zoom meeting to discuss it. After the Zoom meeting, they might use Slack to address any follow-up questions. Since the conversation was spread out, the snippet captured on Slack will lack the full context.

  1. Deciphering Slack exports can be difficult.

Slack messages are exported through JSON files, a format that’s a bit hard to understand. Additionally, the files don’t visually display media such as emojis and GIFS. In response to this problem, legal teams may opt to use screenshots as an alternative production method. However, the application only allows users to view and sort through the most recent 10,000 messages.[3]

Tips to Keep in Mind

  • Educate your employees or legal team about Slack’s retention policies.
  • If possible, consider upgrading to Slack’s premium version so that there is no message history limit.
  • Find an eDiscovery solution that will export Slack data in a thorough and understandable format.
  • Avoid preserving unneeded data by identifying which channels are more important than others.[4]


[1] Peter Callaghan, “Is Slack Content Discoverable? Yes It (Definitely) Is,” Pagefreezer,

[2] Matthew Verga, “Discovery from Slack: It’s Complicated,” Xact Data Discovery, June 19, 2020,

[3] James Murphy, “The Shark in the Wave: Revealing the Lurking Danger of Slack Data,” Corporate Compliance Insights, June 17, 2019,

[4] James Murphy, “The Shark in the Wave: Revealing the Lurking Danger of Slack Data.”

Spoliation and Defensible Deletion: What’s the Difference?

Spoliation and Sanctions

Spoliation, the destruction or manipulation of ESI, has become a prevalent issue in e-discovery. As evidenced by Atalian US New England, LLC v. Navarro, spoliation is often done deliberately. In response to allegations of fraud, the defendant deleted mobile device data and replaced it with fabricated evidence. The judge sanctioned the company for intending to deprive the opposing counsel of relevant information.[1] Negligence is another cause for spoliation. In McCoy v. Transdev Svc., Inc., Transdev faced default judgment for “inadvertently” deleting cell phone data. Though the content was unknown, the Court upheld its relevance, maintaining that it could have supported the opposition’s claims.[2] Faulkner v. Aero Fulfillment Services demonstrates that spoliation can also be an accidental offense. Ms. Faulkner initially adhered to production requests and produced her LinkedIn data in the form of an Excel spreadsheet. But when the defendants asked for the evidence in a different format, Ms. Faulkner was unable to comply because she had deactivated her account. The court decided against sanctioning the plaintiff because she had followed the initial production request, and it was the counsel’s responsibility to inform her of preservation obligations.[3]

Per Rule 37(e) of the Federal Rules of Procedure, sanctions for irreversibly deleting ESI include:

  • Court involvement to remedy any prejudices suffered by the opposing counsel
  • Court and jury presumptions that the lost information was unfavorable to the responsible party if the deletion was intentional
  • Dismissal of the action or motion for default judgment[4]


Defining Defensible Deletion

Unlike spoliation, defensible deletion involves the ongoing elimination of unneeded data to reduce the costs of storage and retention. Deletion is permissible by the Federal Rules of Procedure when the ESI isn’t being held for a legal, statutory, or business purpose. Legal teams should carefully design a deletion strategy so that they can decide what to keep, archive, and eliminate.[5]


Things to Keep in Mind for Defensible Deletion

  • Prepare a retention policy and schedule. Defensible deletion is a slow, meticulous process. Take your time, especially when handling large amounts of big data.
  • Establish an inventory of legal preservation obligations. Within the inventory, identify which data types are currently under legal holds (or likely to be held). Proper documentation and classification of your data will simplify the retention process.
  • Properly staff the deletion project with a range of experts in various fields.[6]


[1] R. Thomas Dunn, “Intentional Deletion and Manipulation of Electronic Data Leads to Default Judgement,” JD Supra, August 12, 2021,

[2] Michael Berman, “Defendant Unsuccessfully Argued that Plaintiff Could Not Show That Data on Cell Phone That Defendant Destroyed Was Relevant,” E-Discovery LLC, August 18, 2021,

[3] Brielle A. Basso, “In It for the Long Haul: The Duty to Preserve Social Media Accounts Is Not Terminated Upon an Initial Production,” Gibbons, June 30, 2020,

[4] “Rule 37. Failure to Make Disclosures or to Cooperate in Discovery; Sanction,” Legal Information Institute,

[5] “Defensible Deletion Strategy: Getting Rid of Your Unnecessary Data,” Special Counsel, November 16, 2019,

[6] Andrew J. Peck, Jennifer M. Feldman, Leeanne Sara Mancari, Dennis Kiker, “Defensible deletion: The proof is in the planning,” DLA Piper, February 5, 2021,

Authenticating Communication Screenshots

Text messages and social media evidence can offer a plethora of relevant data. However, screenshots are not a reliable form of authenticating digital communication. Whether its Slack, Facebook Messenger, or email, screenshots of digital evidence can be easily fabricated.

Screenshot Failures in Court

  • Rossbach v. Montefiore Medical Center: To substantiate claims of workplace harassment and wrongful termination, the plaintiff submitted text screenshots from her former employer. The suit was dismissed after the court noticed emojis that an iPhone 5 is unable to depict.[1]
  • Moroccanoil v. Marc Anthony Cosmetics: In this trademark case, the court dismissed Facebook screenshots because of insufficient circumstantial evidence.[2]
  • R v. Martin: Facebook screenshots submitted to the police through an anonymous source were rejected by the court. The judge held that the anonymous source and the police couldn’t validate the authenticity of the evidence.[3]

How to Authenticate a Text Message Screenshot

Rule 901(b) of the Federal Rules of Evidence offers examples of authenticating all forms of digital evidence. The following are examples that are most applicable to screenshots of text messages:

  • Testimony of a Witness with Knowledge
  • Comparison by an Expert Witness or the Trier of Fact
  • Distinctive Characteristics and the Like
  • Evidence About Public Records
  • Methods Provided by a Statute or Rule (e.g. phone company records)[4]

How to Authenticate a Social Media Screenshot

  • Testimony from the alleged poster claiming ownership of the profile in question.
  • Expert testimony validating that the content originated from the alleged creator’s device.
  • Witness testimony confirming that the alleged author was the true creator of the content based on distinct characteristics.[5]
  • Testimony from the social media network stating that the alleged creator of the post(s) had exclusive access to the device in question and social media account.[6]


Though screenshots may seem like an easy ESI production method, it’s best to collect evidence from native files. However, Rene v. State of Texas demonstrates that screenshots can be helpful when utilized correctly. In this case, the defense argued against the admittance of evidence from the defendant’s MySpace account. They maintained there was no evidence of when the pictures were taken, who captured them, or if they were real. Yet, the court approved their admittance because more compelling data supported the evidence in the screenshot.[7] Rene v. State of Texas exemplifies that communication screenshots are best utilized as supporting evidence rather than the foundation of an argument.


[1] Philip Favro, “Fabricated Text Message Case Highlights the Importance of Emojis in E-Discovery,” Legaltech News, August 16, 2021,

[2] “Court Cases Involving Social Media,” Bosco Legal Services, Inc. Accessed August 22, 2021,

[3] Ramna Safeer, “Shedding Light on Screenshots as Electronic Evidence,”, January 18, 2021.

[4] “Rule 901 – Authenticating or Identifying Evidence,” Rules of Evidence, Accessed August 23, 2021,

[5] Denise A. Blake, “Social Media Evidence at Trial,” The People’s Law Library of Maryland, May 19, 2021,

[6] Michaela Battista Sozio, “Authenticating Digital Evidence at Trial,” American Bar Association, April 27, 2017,

[7] “Court Cases Involving Social Media,” Bosco Legal Services, Inc. Accessed August 22, 2021,

  • 1
  • 2